I’m Tareq Ahamed from Knight Squad. Today I’m going to show you how to break into metasploitable2 vulnhub machine using vsftpd. So, let’s get started.
Our target is to get access of the machine.
As I know the default username & password of metasploitable2 is msfadmin, I got the IP address of metasploitable2 by logging into the machine.
After getting the IP address, I scanned for all the ports using Nmap. After running the scan I found that the ftp port was open and was using vsftpd 2.3.4 also there was anonymous FTP login allowed.
Though name of the machine is metasploitable2 so it seems like it can be exploited using Metasploit. I started Metasploit & searched exploit for vsftpd 2.3.4 & found one exploit. So I selected that & set the payload to default. Then I set the RHOSTS to the machine IP address.
Then I just exploited the machine. And BOOM… I got a shell.. Now I can control the metasploitable2 machine.
That’s it. Wasn’t it easy?? Give it a try.
Thank you.. Hope you enjoyed exploiting the machine. Don’t forget to share your thoughts and feedback in the comment section.