* On Metasploitable3, point your browser to http://localhost:4848.
* Login with the above credentials.
### Start/Stop
* Stop: Open task manager and kill the java.exe process running glassfish
* Start: Go to Task Scheduler and find the corresponding task. Right-click and select Run.
### Vulnerability IDs
* CVE-2011-0807
### Modules
* exploits/multi/http/glassfish_deployer
* auxiliary/scanner/http/glassfish_login
# Apache Struts
### Ports
* 8282 - HTTP
### Credentials
* Apache Tomcat Web Application Manager
* U: sploit
* P: sploit
### Access
* To access the vulnerable application, point your browser on Metasploitable3 to http://localhost:8282/struts2-rest-showcase
* To access the Apache Tomcat Manager, point your browser on Metasploitable3 to http://localhost:8282. Login with the above credentials.
### Start/Stop
* Stop: Open services.msc. Stop the Apache Tomcat 8.0 Tomcat8 service.
* Start: Open services.msc. Start the Apache Tomcat 8.0 Tomcat8 service.
### Vulnerability IDs
* CVE-2016-3087
### Modules
* exploit/multi/http/struts_dmi_rest_exec
# Tomcat
### Ports
* 8282 - HTTP
### Credentials
* U: sploit
* P: sploit
### Access
* To access the Apache Tomcat Manager, point your browser on Metasploitable3 to http://localhost:8282. Login with the above credentials.
### Start/Stop
* Stop: Open services.msc. Stop the Apache Tomcat 8.0 Tomcat8 service.
* Start: Open services.msc. Start the Apache Tomcat 8.0 Tomcat8 service.
### Vulnerability IDs
* CVE-2009-3843
* CVE-2009-4189
### Modules
* auxiliary/scanner/http/tomcat_enum
* auxiliary/scanner/http/tomcat_mgr_login
* exploits/multi/http/tomcat_mgr_deploy
* exploits/multi/http/tomcat_mgr_upload
* post/windows/gather/enum_tomcat
# Jenkins
### Ports
* 8484 - HTTP
### Credentials
* None enabled by default
### Access
* Point your browser on Metasploitable3 to http://localhost:8484.
### Start/Stop
* Stop: Open services.msc. Stop the jenkins service.
* Start: Open services.msc. Start the jenkins service.
### Modules
* exploits/multi/http/jenkins_script_console
* auxiliary/scanner/http/jenkins_enum
# IIS - FTP
### Ports
* 21 - FTP
### Credentials
Windows credentials
### Access
Any FTP client should work
### Start/Stop
* Stop: ```net stop msftpsvc```
* Start: ```net start msftpsvc```
### Modules
* auxiliary/scanner/ftp/ftp_login
# IIS - HTTP
### Ports
* 80 - HTTP
### Credentials
* U: vagrant
* P: vagrant
### Access
* Point your browser on Metasploitable3 to http://localhost.
### Start/Stop
* Stop: Open services.msc. Stop the World Wide Web Publishing service.
* Start: Open services.msc. Start the World Wide Web Publishing service.
### Vulnerability IDs
* CVE-2015-1635
### Modules
* auxiliary/dos/http/ms15_034_ulonglongadd
# psexec
### Ports
* 445 - SMB
* 139 - NetBIOS
### Credentials
* Any credentials valid for Metasploitable3 should work. See the list [here](https://github.com/rapid7/metasploitable3/wiki/Configuration#credentials)
### Access
* Use the [psexec tool](https://technet.microsoft.com/en-us/sysinternals/pxexec.aspx) to run commands remotely on the target.
### Start/Stop
* Enabled by default
### Vulnerabilities
* Multiple users with weak passwords exist on the target. Those passwords can be easily cracked and used to run remote code using psexec.
### Modules
* exploits/windows/smb/psexec
* exploits/windows/smb/psexec_psh
# SSH
### Ports
* 22 - SSH
### Credentials
* Any credentials valid for Metasploitable3 should work. See the list [here](https://github.com/rapid7/metasploitable3/wiki/Configuration#credentials)
### Access
* Use an SSH client to connect and run commands remotely on the target.
### Start/Stop
* Enabled by default
### Vulnerabilities
* Multiple users with weak passwords exist on the target. Those passwords can be easily cracked. Once a session is opened, remote code can be executed using SSH.
### Modules
# WinRM
### Ports
* 5985 - HTTPS
### Credentials
* Any credentials valid for Metasploitable3 should work. See the list [here](https://github.com/rapid7/metasploitable3/wiki/Configuration#credentials)
### Access
### Start/Stop
* Stop: Open services.msc. Stop the Windows Remote Management service.
* Start: Open services.msc. Start the Windows Remote Management service.
### Vulnerabilities
* Multiple users with weak passwords exist on the target. Those passwords can be easily cracked and WinRM can be used to run remote code on the target.
### Modules
* auxiliary/scanner/winrm/winrm_cmd
* auxiliary/scanner/winrm/winrm_wql
* auxiliary/scanner/winrm/winrm_login
* auxiliary/scanner/winrm/winrm_auth_methods
* exploits/windows/winrm/winrm_script_exec
# chinese caidao
### Ports
* 80 - HTTP
### Credentials
* Any credentials valid for Metasploitable3 should work. See the list [here](https://github.com/rapid7/metasploitable3/wiki/Configuration#credentials)
### Access
* Point your browser on metasploitable3 to http://localhost/caidao.asp
### Start/Stop
* Stop: Open services.msc. Stop the World Wide Web Publishing service.
* Start: Open services.msc. Start the World Wide Web Publishing service.
### Modules
* auxiliary/scanner/http/caidao_bruteforce_login
# ManageEngine
### Ports
8020 - HTTP
### Credentials
Username: admin
Password: admin
### Access
On Metasploitable3, point your browser to http://localhost:8020.
Login with the above credentials.
### Start/Stop
* Stop: In command prompt, do ```net stop ManageEngine Desktop Central Server```
* Start: In command prompt, do ```net start ManageEngine Desktop Central Server```