Summary
- The first step is to download VulnCMS version 1 from VulnHub and import it into VirtualBox.
- VulnCMS and Kali Linux should both use the Bridged Adapter in their network settings.
- In the terminal, use netdiscover to scan the local network and identify live hosts.
- The target IP address of VulnCMS should then be identified.
- Kali Linux is then used to identify services running on the target, which helps to identify potential entry points.
These steps lay the groundwork for the pen testing about to be performed on the VulnCMS instance. Before attempting to exploit any vulnerabilities, it’s critical to first identify the services and open ports to focus your efforts.