Exploiting a Linux server
Linux is one of the most widely used operating systems. In the previous few recipes, we saw how to scan for available services and use vulnerability scanners to find vulnerabilities. In this recipe, we will deal with Linux operating systems. We will be using the Metasploitable 2, for our vulnerable Linux machine in this recipe, but the process will be similar for exploiting any flavor of Linux and Solaris running the Samba service. Let's move ahead with the recipe.
Getting ready
- First, will use the
services
command to display the results from our previousnmap
scan and filter for ports139
and445
:
msf > services -c port,info -p 139,445 192.168.216.129 Services ======== host port info ---- ---- ---- 192.168.216.129 139 Samba smbd 3.X - 4.X workgroup: WORKGROUP 192.168.216.129 445 Samba smbd 3.0.20-Debian workgroup: WORKGROUP msf >
- Now that we know the version of the Samba daemon running, we can search for vulnerabilities and...