What is Metasploitable 2?
Metasploitable 2 is known as a test environment that provides a secure place to perform penetration testing. For this test environment, you need an instance (Kali, ParrotSec, or any) that can access a vulnerable target.
This blog is for those who want to gain their knowledge on bug bounty.
Note: Hacking without permission is forbidden or illegal, you may jail or get a penalty or both.
What are you going to Learn?
Table of Contents
Analyze the Server and Discover Vulnerabilities
Mastering OpenVAS: Scanning Vulnerable Web Applications
Mastering OpenVAS: Scanning Vulnerable Web Applications
Exploit vsFTP 2.3.4
Generate Target Based WordList (CeWL)
Try Brute-forcing Manually
Try a Brute-forcing SSH session using MSF Console
Exploiting SMB Samba port 139 and port 445
Exploit PHP_CGI_Argument Injection
Exploiting java_rmi (Java Remote Method Invocation)
Gaining rootshell from bindshell service
Exploiting a Misconfigured NFS Share
Capture VNC session
Exploit Apache Tomcat/Coyote JSP engine 1.1
Generate Target Based WordList (CeWL)
Try Brute-forcing Manually
Try a Brute-forcing SSH session using MSF Console
Exploiting SMB Samba port 139 and port 445
Exploit PHP_CGI_Argument Injection
Exploiting java_rmi (Java Remote Method Invocation)
Gaining rootshell from bindshell service
Exploiting a Misconfigured NFS Share
Capture VNC session
Exploit Apache Tomcat/Coyote JSP engine 1.1
