So I thought I’d change things up a bit from exploiting services in Metasploitable, and begin doing some vulnerable machines from VulnHub! The first one I’m going to be exploiting is called Basic Pentesting 1. It doesn’t sound too difficult, so let’s get started!
Once both the vulnerable VM and our attacking system are booted up, we need to find the VM on our virtual network. Let’s run netdiscover to see if we can find it.
The VM has an address of 10.10.1.12. Perfect! Now let’s scan it with Nmap.
Hmm. ProFTPD is running on this system! Lucky for us, we just exploited this service in our Metasploitable box. However, we see that it has a different version number! Maybe Metasploit has an exploit for it? Let’s check!
The module exploit/unix/ftp/proftpd_133c_backdoor looks promising.
A show options command doesn’t return much for us to configure, as we only need to set the RHOSTS.
Firing off the exploit results in an immediate root shell! Wow, that was pretty easy! But I wonder if there is another way to exploit this system? There must be, and I’ll tackle that in my next post!
Thanks for reading!