We covered the solution walkthrough of Basic pentesting 1 Vulnhub by introducing the basic steps and methodology involved in a penetration test.

Get OSCP Study Notes

The Complete Practical Web Application Penetration Testing Course

Highlights

Both numerous remote vulnerabilities and several avenues for privilege escalation are present on this machine. Since VirtualBox is what I used for all of my testing, that is the suggested platform. It is said to work with VMware as well, but I haven’t personally tested this.

This virtual machine is designed with novice penetration testers in mind. The VM should, ideally, have the ideal level of complexity for beginners.

Open Ports

21/tcp open ftp ProFTPD 1.3.3c
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2
80/tcp open http Apache httpd 2.4.18 (Ubuntu)

We used searchsploit commond to search ProFTPD 1.3.3c on ExploitDB.

And for that, we discovered two exploits. There was a backdoor in ProFTPD 1.3.3c. A backdoor is a malicious code hidden in the source code. Furthermore, Metasploit-framework is capable of exploiting this Backdoor Command Execution vulnerability.

Video Walkthrough

, , ,
Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles