You can use auxiliary/scanner/smb/smb_login with common wordlists.
To quickly identify local vulnerabilities, download and run auditing scripts like or use Metasploit's built-in local exploit suggester. metasploitable 3 windows walkthrough
# Read Windows config file curl -XGET 'http://192.168.56.105:9200/_search?pretty' -H 'Content-Type: application/json' -d' Vagrant Reload Plugin
| Requirement | Specification | |-------------|---------------| | | Windows 10/11 (64-bit recommended), Linux, or macOS | | Processor | VT-x/AMD-V supported (hardware virtualization enabled) | | RAM | 4.5 GB minimum, 8 GB recommended | | Storage | 50 GB free space minimum | | Network | Stable internet connection for downloads | | Required Software | Packer, Vagrant, Vagrant Reload Plugin, VirtualBox or VMware | metasploitable 3 windows walkthrough
Look at the output. You will likely see vulnerabilities like ms16_032_secondary_logon_handle_privesc or ms16_075_reflection_juicy_potato listed as targets. Step 2: Executing MS16-032