O'Reilly logo

Metasploit Revealed: Secrets of the Expert Pentester by Nipun Jaswal, Sagar Rahalkar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Exploiting Desktop Central 9 with Metasploit

We saw in the previous section that we discovered ManageEngine's Desktop Central 9 software running on port 8022 of the server. Let's find a matching module in Metasploit to check whether we have any exploit module or an auxiliary module that can help us break into the application, as shown in the following screenshot:

Plenty of modules listed! Let's use the simplest one first, which is auxiliary/scanner/http/manageengine_desktop_central_login. This auxiliary module allows us to brute force credentials for Desktop Central. Let's put it to use by issuing a use command followed by auxiliary/scanner/http/manageengine_desktop_central_login ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required