10Mar 2019 by admin

Metasploitable – Attacking FTP Part 2

ftp, metasploitable, privilege escalation
In an earlier post, we were able to exploit an FTP service (Vsftpd) on our Metasploitable machine. In this post, we'll be attacking another FTP service: ProFTPD. As a refresher of the services running on the Metasploitable machine, let's open up a terminal in Kali and run Nmap against it. As we can see, ProFTPD is an available service, running on port 2121. Let's get right to it, and see if we can exploit it! Open up Metasploit and do a search for ProFTPD. We're going to see if we can brute-force our way into the FTP server with found credentials, so let's select the module "auxiliary/scanner/ftp/ftp_login". Once selected, we'll need to configure the appropriate options for the module. We'll need to set our RHOSTS to the IP Address of…
Read More
10Mar 2019 by admin

Metasploitable – VNC

metasploitable, remote access, VNC
Happy Sunday, folks! In today's post, I'll be exploiting VNC in my Metasploitable box to achieve root access. It's another easy exploit, so it's a good one to get the brain juices flowing for the day. VNC (Virtual Network Computing) enables a users to control another computer over a network connection. So in other words, it's a remote-control software. Looking at our previous Nmap scan, we can see that Metasploitable has a VNC server running. VNC is running on port 5900. Cool, let's get to work! We'll fire up Metasploit first and see if we can find any exploits. Once the framework has opened, a simple search for VNC should return results. Hmm. The module auxiliary/scanner/vnc/vnc_login looks promising. Let's give it the old college try and boot it up. A…
Read More
09Mar 2019 by admin

Metasploitable – rlogin

metasploitable, remote access
Happy Saturday morning! In this post, I'll be exploiting a service call rlogin (remote login) on my Metasploitable box. This is a nice and easy exploit, so let's get started!Once we have our virtual machines booted up, we can do a quick refresher of what ports and services are open on our Metasploitable machine, by opening up a terminal in Kali and typing nmap -sS -sV -p- 10.10.1.10. Here, we can see that port 513 is open, and the service is called "login". A quick Google search of the port tell us that the service refers to the rlogin service. Essentially rlogin will allow us to remotely access a system and execute commands on it. According to https://linoxide.com/how-tos/howto-enable-rshrlogin-on-linux-server/, " Rlogin uses a hidden file called .rhosts that is present on…
Read More
08Mar 2019 by admin

Metasploitable – Attacking FTP

ftp, metasploitable
Seeing as how this is my first actual post on attacking a service, I wanted to keep it pretty simple. I'm still getting used to this whole blogging thing after all, and I didn't want to bite off more than I could chew with this post. The machine I'll be hacking for these first few posts is called Metasploitable. For those of you who may not know, Metasploitable is an intentionally vulnerable virtual machine developed by Rapid7. It is a great system to get your feet wet in the world of hacking and penetration testing! For my attacking system, I'll be using Kali Linux. Let's begin! First, I need to boot up both the Metasploitable and the Kali virtual machines. When Metasploitable boots up, you can login with the default…
Read More