A detailed Nmap scan with the “sV” option will reveal that Metasploitable is running Vsftpd 2.3.4. Run the msfconsole by typing “sudo msfconsole”. To be honest, I don’t know if msfconsole has to be run under root, I just do. Once running you can do a “search vsftpd” command and it will return one exploit. In this case I typed “use 0” just to make life easier. You can run “set RHOSTS ipaddress” where ipaddress is the local address for Metasploitable. Enter “exploit” and you should have an open Metasploit shell where you can see the file structures and directories.
There is a super cool website that will teach you the basics of hacking. It does not matter if you are a beginner or more experienced, they seem to have exercises for everyone. The website is called Hack the Box. It seems like the site prefers you to be running these exercises through Linux. Additionally, they want you to connect through their VPN using OpenVPN. Unfortunately, I have had some technical problems with the profile they have created for me, but I will be trying through a different computer. If you want to learn or improve your hacking skills this […]