Professional Documents
Culture Documents
3.2 Run nmap to detect opening ports and running services on the target machine.
1
3.3 Network Scan
The first step towards doing what we want to achieve is a service scan that looks at all the 65535 ports of
Metasploitable 2 to see what’s running where and with what version. You will notice the result in the
image below.
2
4.2 Exploiting VSFTPD 2.3.4
3
4.3 Exploiting Port 22 SSH
4
4.6 Exploiting TELNET
5
4.9 Exploiting Port 80 (PHP_CGI)
.
6
4.11 Exploiting Port 8080 (Java)
7
4.14 Exploiting Port 6667 (UnrealIRCD)
8
4.17 Remote Login Exploitation
9
4.19 Exploiting Distributed Ruby Remote Code Execution (8787) - Ruby DRb RMI (port
8787)
10
4.22 Access Port 2121 (ProFTPD)
11
4.24 Exploiting Port 8180 (Apache Tomcat)
12
4.25 Privilege Escalation via Port 2049: NFS
Part 2:
Scanning for Network Services with Metasploit
13
14
>>
Part 3: Gaining Root from a Vulnerable Service
15