💻

Metasploit 2 FTP Vulnerability Exploitation

Sep 24, 2024

Exploiting FTP on Metasploit 2

Introduction

  • Overview of Metasploit 2

    • Intentionally vulnerable Linux virtual machine
    • Used for security training and testing security tools
    • Available for download on SourceForge (865 MB)

  • Reminder: For educational purposes only; do not exploit machines without permission.

Setting Up Environment

  • Running in VMware Workstation 17
  • IP addresses of machines:
    • Kali Linux: 192.168.189.128
    • Metasploitable 2: 192.168.189.134
  • Verify IP addresses with ifconfig command on each machine.

Network Discovery

  • Use net discover to identify machines on the network.
  • Identify target machine (Metasploitable 2).

Scanning the Target

  • Use Nmap to scan the target for open ports:
    • Command: nmap -v -sT -sV -O -p 21 192.168.189.134
    • Results:
      • Port 21 (FTP) is open, using VSFTPD version 2.3.4
      • Operating system details provided

Exploiting FTP Vulnerabilities

  • Nmap script scanning for FTP vulnerabilities:
    • Command: nmap -v -sT --script ftp-* -p 21 192.168.189.134
    • Found vulnerabilities:
      • CVE-2011-2523: FTP backdoor vulnerability
      • Allows anonymous FTP login
      • Brute-force attack success: valid user found (username: user)*

Connecting to FTP

  • Using Netcat to connect:

    • Command: nc -v 192.168.189.134 21
    • Attempt anonymous login:
      • Username: anonymous
      • Password: anonymous
    • Successful login due to exploitation of vulnerabilities.

  • Also, try with valid credentials (user: user, password: user).

Finding Exploits

  • Search for VSFTPD exploits on exploit database
  • Found backdoor command execution exploit
  • Download exploit script for execution on Kali Linux.

Executing the Exploit

  • Open terminal and change to root: sudo su
  • Use Python to execute the exploit:
    • Command: python3 exploit.py 192.168.189.134
    • Successful shell access to Metasploitable 2.

Verifying Access

  • Use ifconfig to confirm access.
  • Example command to demonstrate access: reboot
    • Shows control over the remote machine.

Conclusion

  • Overview of how to exploit FTP vulnerabilities on Metasploitable 2 using Nmap and Python scripts.
  • Reminder of ethical considerations when conducting penetration tests.

Thank you for attending!

Full transcript