Basic pentesting 1~Vulnhub( Complete walkthrough)
What is penetration testing?
A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system.
Today we are going to do penetration testing on ubuntu, there are vulnerable ports which we will be learning in detail. Let’s start
Firstly download the ova file from this location https://drive.google.com/file/d/1tqTjRCAzUN7nyyN8gpJ61SyJPEf4MHDO/view?usp=sharing
and upload the ova into the virtual machine. After this process, the first task that we need to complete is finding the IP address of the vulnerable systems. There are a lot of techniques and tools that can be used in order to find the IP address.
Today we are going to use the Netdiscover. It is used to find the live hosts which are present in our network. This is the first phase of the pen-testing.
Now we can see different IP addresses in the kali terminal we need to select the IP in which the vulnerability exists so, here we need to perform the Nmap scanning, Sometimes you can also see Hostname as Virtual box as we are running UNIX os Virtual box.
Let us perform active scanning for 192.168.2.54 (this is IP address of the ubuntu)
Here you can find there are 3 open ports
Port 21 which is FTP
Port 22 ssh
Port 80 HTTP
In this blog, I’ll explain how to exploit the port 21 and port 80.Let’s start with port 21. As you can see in the Nmap scan the version of FTP is (ProFTPD 1.3.3c).
Let us Search for ProFtpd in Metasploit
1)Go to Terminal type #msfconsole
2)search for Proftpd
If you remember the Nmap scan the version of Proftpd was 1.3.3c You can see a similar version of
Proftpd 1.3.3c in the 4 row copy it
5)set Rhosts <victim ip>
Now we have successfully added exploit, now its time to add the payload ( It is a piece of code to be executed in the victim system) you can select the payload manually or you can just type run in the Terminal, Here the kali will take a payload by default which has a good rank with the exploit that we have selected above.
As you can see there is session that has been opened ,now you can perform the commands and try to create a directory in unix.
As you can see we have successfully created a directory.
As you can see there Is a port the HTTP server is open go to the browser and type the IP.
Now let us find the directories in this page, we are going to use dirbuster (
This will brute force the directories and file names on the web servers.)
Here we can see a directory with name secret let’s go to that location and dig deep more about the Web application.
But when to try to access other links its redirecting to other web page and when we try to find the IP of that website it is the same as the Unix IP, So we can edit in the host’s location to view the web page and we can observe that the page links are redirecting to vtcsec so add it in host file to view the page.
For this, we need to edit in etc/hosts file and add the IP and its corresponding location
Now try to visit the webpage again, you can see the difference.
Let us now try to login to the admin panel.
You can use the wpscan to retrieve the username and passwords or you can use the msfconsole
And use enumeration methods to retrieve the ids
wpscan — url http://192.168.1.111/secret/ — enumerate u
Now, we have a username and password use these credentials to login into the WordPress account and play with it.
Please subscribe for Cybersecurity Content, programming, and Cloud(AWS, AZURE, GCP) updates. https://youtube.com/c/RaviTejaMureboina