Kernel exploitation with Metasploit
We can begin the kernel exploitation process by taking a look at how to use kernel exploits with the Metasploit framework. The Metasploit framework offers an automated and modularized solution and streamlines the exploitation process.
For this section, our target system will be the Ubuntu 16.04 virtual machine. As a prerequisite, ensure that you have gained your initial foothold on the system and have a meterpreter session:
- The first step involves scanning the target for potential exploits. For this, we will be using the
local_exploit_suggester
module. This process was covered in depth in the previous chapter. - We can load the module in Metasploit by running the following command:
use post/multi/recon/local_exploit_suggester
- After loading the module, you will need to set the
SESSION
option for the module. TheSESSION
option requires the session ID of your meterpreter session. This can be done by running the following command:set...