admin, Author at Saiyan Pentesting

13Mar 2019 by admin

VulnHub – Basic Pentesting 1 (alternative exploit)

http, metasploit, privilege escalation, VNC

In my last post, I was able to gain root access the Basic Pentesting 1 virtual machine, downloaded from Vulnhub.com. In today's post, I'll be attempting to exploit the same machine in a different fashion! Let's have a quick reminder of our Nmap scan of the VM, in order to see what services are available. The http service is running! If we were to plug the address 10.10.1.12 into an address bar, we don't really see much. But this doesn't mean we should give up! Let's try brute forcing some directories with DirBuster. Here, I plugged the address of the VM into "target URL", and chose a simple dictionary list to brute force with. After letting DirBuster run for a bit, we start getting some results back: The directory called…

12Mar 2019 by admin

VulnHub – Basic Pentesting 1

ftp, metasploit, vulnhub

So I thought I'd change things up a bit from exploiting services in Metasploitable, and begin doing some vulnerable machines from VulnHub! The first one I'm going to be exploiting is called Basic Pentesting 1. It doesn't sound too difficult, so let's get started! Once both the vulnerable VM and our attacking system are booted up, we need to find the VM on our virtual network. Let's run netdiscover to see if we can find it. The VM has an address of 10.10.1.12. Perfect! Now let's scan it with Nmap. Hmm. ProFTPD is running on this system! Lucky for us, we just exploited this service in our Metasploitable box. However, we see that it has a different version number! Maybe Metasploit has an exploit for it? Let's check! The module…

10Mar 2019 by admin

Metasploitable – Attacking FTP Part 2

ftp, metasploitable, privilege escalation

In an earlier post, we were able to exploit an FTP service (Vsftpd) on our Metasploitable machine. In this post, we'll be attacking another FTP service: ProFTPD. As a refresher of the services running on the Metasploitable machine, let's open up a terminal in Kali and run Nmap against it. As we can see, ProFTPD is an available service, running on port 2121. Let's get right to it, and see if we can exploit it! Open up Metasploit and do a search for ProFTPD. We're going to see if we can brute-force our way into the FTP server with found credentials, so let's select the module "auxiliary/scanner/ftp/ftp_login". Once selected, we'll need to configure the appropriate options for the module. We'll need to set our RHOSTS to the IP Address of…

10Mar 2019 by admin

Metasploitable – VNC

metasploitable, remote access, VNC

Happy Sunday, folks! In today's post, I'll be exploiting VNC in my Metasploitable box to achieve root access. It's another easy exploit, so it's a good one to get the brain juices flowing for the day. VNC (Virtual Network Computing) enables a users to control another computer over a network connection. So in other words, it's a remote-control software. Looking at our previous Nmap scan, we can see that Metasploitable has a VNC server running. VNC is running on port 5900. Cool, let's get to work! We'll fire up Metasploit first and see if we can find any exploits. Once the framework has opened, a simple search for VNC should return results. Hmm. The module auxiliary/scanner/vnc/vnc_login looks promising. Let's give it the old college try and boot it up. A…

09Mar 2019 by admin

Metasploitable – rlogin

metasploitable, remote access

Happy Saturday morning! In this post, I'll be exploiting a service call rlogin (remote login) on my Metasploitable box. This is a nice and easy exploit, so let's get started!Once we have our virtual machines booted up, we can do a quick refresher of what ports and services are open on our Metasploitable machine, by opening up a terminal in Kali and typing nmap -sS -sV -p- 10.10.1.10. Here, we can see that port 513 is open, and the service is called "login". A quick Google search of the port tell us that the service refers to the rlogin service. Essentially rlogin will allow us to remotely access a system and execute commands on it. According to https://linoxide.com/how-tos/howto-enable-rshrlogin-on-linux-server/, " Rlogin uses a hidden file called .rhosts that is present on…

08Mar 2019 by admin

Metasploitable – Attacking FTP

ftp, metasploitable

Seeing as how this is my first actual post on attacking a service, I wanted to keep it pretty simple. I'm still getting used to this whole blogging thing after all, and I didn't want to bite off more than I could chew with this post. The machine I'll be hacking for these first few posts is called Metasploitable. For those of you who may not know, Metasploitable is an intentionally vulnerable virtual machine developed by Rapid7. It is a great system to get your feet wet in the world of hacking and penetration testing! For my attacking system, I'll be using Kali Linux. Let's begin! First, I need to boot up both the Metasploitable and the Kali virtual machines. When Metasploitable boots up, you can login with the default…

07Mar 2019 by admin

Welcome!

Intro

Hey there! I guess an introduction is in order, so here it is! My name is Jay, and I am an enthusiast of many geeky things. As you may or may not tell from the name of my blog, two of those geeky things include Dragon Ball and penetration testing. This blog will be dedicated to the latter!I would consider myself a novice when it comes to penetration testing, but my goal is to eventually make a career out of it. The idea behind this blog is to document my experiences with various hacking exercises. This will include attacking services in Metasploitable, doing walkthroughs (at least attempting to!) of machines downloaded from vulnhub.com, tutorials/information on various hacking tools, and hopefully other exciting topics! Thanks for reading, and hopefully you enjoy…

Author: admin