Network Services 2

NFS: Network File System

Understanding NFS

Enumerating NFS

Lets run nmap scans to get information on the machine

Lets mount the file

Exploiting NFS

Lets follow these steps

Now login through ssh and run the command "bash -p" in the home directory

We are root

Lets read the flag

SMTP: Simple Mail Transfer Protocol

Understanding SMTP

Enumerating SMTP

Lets run nmap scans to get information about the open ports on the machine

Lets start Metasploit and look for the module they mentioned and then set the options

Lets search for what MTA is running the SMTP server

This can also be seen in the output after we ran the enumeration module

Lets do the next steps

Lets run the exploit

Exploiting SMTP

Lets use hydra to crack the password

Lets login through ssh and read the flag

MySQL: Structured Query Language

Understanding MySQL

Enumerating MySQL

Lets run a nmap port scan

Lets login into MySQL as root

Lets launch Metasploit and search for the module and look at what options we have to set

Lets set the options

Now lets run the module

Lets set the SQL parameter to show databases and run the exploit

Exploiting MySQL

Lets follow the steps they have given

Lets do the next step

Lets save the username and hash into a file called hash.txt

Now lets crack it with John The Ripper

Lets now login through ssh and get the flag