Persecure : my learning archive

Basic Pentesting:1

https://www.vulnhub.com/entry/basic-pentesting-1,216/

Start the VM and use netdiscover to find the victim IP address

Use nmap to scan for open ports
Lets try the FTP server

Use searchsploit to search for ProFTPD exploits

Found a backdoor exploit

Start up metasploit and search for the exploit

Use option 5
Set up RHOSTS and use the payload 3 and remember to set LHOST to your local machine

Once exploit root access is gained

Use python spawn shell

cat etc/shadow file
Copy the hash and paste it to a file on your local machine

Use John the ripper to crack the hash

Password is the same as the username

Gain access to machine