Friday, September 30, 2016

Pwning Metasploitable 2: Accessing Backdoor on Port 1524 running Root Shell Service

From our previous articles we scanned all 65535 ports on metasploitable 2. And we found that among many open ports, port 1524 was open.

Google search “port 1524 ingreslock” and you see that it is a known backdoor.

Scan the port and service version

Enter the command: nmap -sV -p 1524 <<target IP address>>

Metasplotable root shell is running.

We just simply need to talk to that port via telnet, or netcat or ncat and should be able to gain root access because there is no authentication. 

Telnet to port 1524

Enter the command: telnet <<target IP address>> 1524

Netcat to port 1524

Enter the command: nc <<target IP address>> 1524

We have our root access to our target machine.

'Moral of the article': Scanning is key to pwning the target. You can at times discover useful information that will help you get access to that system without going through much trouble. 

-Jayesh Kerai(@secjay)

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.