11 April 2021

Pentesting Fun Stuff

following the cyber security path…


This is another VM from Vulnhub (https://www.vulnhub.com/entry/basic-pentesting-1), created by Josiah Pierce.
It should be quit simple but maybe there are some tricks I can learn from.
As usual I start with Red Team Kit (RTK) for my initial scan.

Looks like a FTP server, SSH server and a webserver is running.
First thing I noticed is the version number of the FTP server which has a known hard coded backdoor.

The webserver has a default page which has as content a notification that it works.
I have started a dirSearch in the background and fired up metasploit.

Well….the description stated it was for newcomers. The description states there are other ways to get in.
But I think I’m gonna put some effort in another VM.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.