Skip to main content

Explot Metasploitable Root shell

                             Metasploitable Root shell 1524/tcp             open                 shell              Metasploitable root shell This was a curiousity… My first attempt was to attempt using rlogin to connect to the port, which did not appear to work correctly, though did seem to work enough to return part of a prompt to the user: root@kali:~# rlogin -p 1524 target oot@metasploitable:/# My next approach was to attempt a simple netcat connection to the host, which ended up being successful: root@kali:~# nc -v target 1524 root@metasploitable:/# id              ...
1 comment

How To find out password hash file and how to decrypt it

                        How To find out password hash file and how to decrypt it 
  • First Open terminal and type 
  1. cat /etc/shadow  or
  2. more /etc/shadow or
  3. less /etc/shadow   













    •

  •    by above commands, you can see all list of user and those accounts hash password in md5     format

    • we have two tool inbuild in kali Linux System 
    1. john
    2. johnny


          when you are using john simply type 
                    john <location of file>

                    so i typed john /etc/shadow
                     "/etc/shadow is  location of shadow file of all users "
             



    1.      just john cracked 3 user account password 
    2.      i am using easy password so john cracked easily 
      1.     

          3.  if you are using advance password then it would take hour

    • now i am using johnny to crack password



    • johnny is gui based tool to crack passwords in Kali linux 

    •              first copy users account and password and paste it into a txt folder and save it
      •             and open johnny 
      •    









      •              
      •                                                                                            
                                                                                                                     Written By Sanjay Kumar
                                      
                                                                                                           https://www.instagram.com/sanjayer111/
                                                                                                           https://www.facebook.com/mang786
                                                                                                          https://www.linkedin.com/in/sanjaykumar111/

    Comments

    Post a Comment

    Popular posts from this blog

    Exploit and connect to port 512 ,513, and 514

                   Exploit and connect to port 512 ,513, and 514 ༄ Unix Basics      TCP ports 512, 513, and 514 are known as "r" services, and have been misconfigured       to allow remote access from any host (a standard ".rhosts + +" situation).       To take advantage of this, make sure the "rsh-client" client is installed (on Ubuntu), and      run the following command as your local root user. If you are prompted for an SSH key,      this means the rsh-client tools have not been installed and Ubuntu is defaulting to       using  SSH. 🔂 Step-1:               First type "nmap -v <victim ip>" 🔄 Step-2:               type "rlogin  -...
    Post a Comment
    Read more

    exploit rpcbind

                                exploit rpcbind with nfs What is nfs?     Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems in 1984,allowing a user on a client computer to access files over a network in a manner similar to how local storage is accessed. NFS, like many other protocols, builds on the Open Network Computing Remote Procedure Call (ONC RPC) system. The Network File System is an open standard defined in RFCs, allowing anyone to implement the protocol. What is rpcbind?     The rpcbind utility maps RPC services to the ports on which they listen. RPC processes notify rpcbind when they start, registering the ports they are listening on and the RPC program numbers they expect to serve. The client system then contacts rpcbind on the server with a particular...
    Post a Comment
    Read more

    Explot Metasploitable Root shell

                                 Metasploitable Root shell 1524/tcp             open                 shell              Metasploitable root shell This was a curiousity… My first attempt was to attempt using rlogin to connect to the port, which did not appear to work correctly, though did seem to work enough to return part of a prompt to the user: root@kali:~# rlogin -p 1524 target oot@metasploitable:/# My next approach was to attempt a simple netcat connection to the host, which ended up being successful: root@kali:~# nc -v target 1524 root@metasploitable:/# id              ...
    1 comment
    Read more