Our target IP is [Target IP] , which I have provided.
Before that , IP?
An IP (Internet Protocol) address is a numerical label assigned to every device connected to a computer network that uses the Internet Protocol for communication. It serves two main functions: identifying the host or network interface and providing the location of the host in the network. IP addresses can be either static (permanent) or dynamic (temporary) and are used by devices to communicate with other devices on the same network or on the internet.
For the initial stage of reconnaissance,I used nmap Whatever you need, just Google it!ere ,
Wait , What is nmap?
Nmap is a free and open-source tool used to discover and map hosts and services on a computer network. It helps network administrators and security professionals identify vulnerabilities and test the security of network systems. Nmap works by scanning the target network using various techniques to gather information about hosts and services.
sudo nmap -sC -sV [Target IP]
nmap scan was performed to identify the open ports and service running on the target machine.
The scan revealed three open ports and service running along with its version:
port 21 for FTP service using ProFTPD 1.3.3c,
port 22 for SSH service using OpenSSH 7.2p2 Ubuntu and
port 80 for HTTP service using Apache httpd 2.4.18.
Here I planned to enumerate with FTP service ProFTPD 1.3.3c,
But don’t forget to Google about these services and their purposes. This will help you gain a better understanding of each service and its potential vulnerabilities, which can be useful in identifying and exploiting weaknesses in the target system.
Port 21: This port is used for FTP (File Transfer Protocol) service using ProFTPD 1.3.3c. ProFTPD is a popular and highly configurable FTP server for Unix and Linux-based systems. The version 1.3.3c was released in 2010 and has several known vulnerabilities that could be exploited by attackers to gain unauthorized access to the system.
Port 22: This port is used for SSH (Secure Shell) service using OpenSSH 7.2p2 Ubuntu. OpenSSH is a widely-used implementation of the SSH protocol and is used for secure remote access to systems. The version 7.2p2 was released in 2016 and has several security enhancements compared to previous versions.
Port 80: This port is used for HTTP (Hypertext Transfer Protocol) service using Apache httpd 2.4.18. Apache httpd is a popular and widely-used open-source web server software that runs on Unix and Linux-based systems. The version 2.4.18 was released in 2016 and has several security enhancements compared to previous versions.
I googled……Here i can see some exploits.!
Exploits were found, one for a backdoor command execution vulnerability that could be exploited using the Metasploit-framework
What is Metasploit?
Metasploit Framework is a free and open-source penetration testing tool used for developing and executing exploit code against remote targets. It provides various tools and modules to help security professionals and ethical hackers automate and streamline the process of identifying and exploiting vulnerabilities in computer systems. Metasploit Framework can be used to test the security of network systems and identify weaknesses that can be exploited by attackers. It is widely used in the security industry and is continuously updated with new exploits and features.
Open Metasploit by executing the below command in the terminal,
sudo msfconsole
Later, follow the instructions as shown in the image.
search ProFTPD 1.3.3c
set RHOSTS [Target IP]Here ,
RHOST — Target machine IP
Here it is asking us to set payload..! So , set payload..!!
Execute it by run command
After that , Finally Boom..!!!We got the shell..!!
Conclusion:
We were able to gain full access to a computer system by exploiting a weakness in its outdated software. This shows how important it is to keep your software up-to-date and regularly check for vulnerabilities in your own systems. Neglecting security measures can lead to serious consequences for your data and overall system security. So, always prioritize security to keep your systems safe.
Like this machine, you can try out many other machines that you can download from the website: https://www.vulnhub.com/.
By downloading machine , you can create your own lab and try out each one, as each machine contains a different vulnerability.
You can also find many video tutorials for setting up labs and working with Vulnhub machines.
Whatever you need, just Google it!
If you have any queries or need to get in touch, you can reach me at the following links:
LinkedIn: https://www.linkedin.com/in/mr-g0d-hacktivist/
Email: mlvishal.2002@gmail.com
Feel free to contact me through either of these channels. Looking forward to hearing from you!
