Gaining Remote Access (Demo)
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
Hey, everyone, welcome back to the course. So in this video, we're gonna attempt Thio do remote access to our target device.
So first things first, we're gonna go ahead and just do a quick head map sentence can. So this one just sends a syn packet of the TCP through a handshake. We're gonna do that against our target, i p but we're going to specify that it's a sub net for this target I p address.
All right, so now we see the services that are running on the ports. Three of those should stand out to you, Uh, port number 5, 12, 13 and 14. So these air, all potential ways that we can gain remote access to this target.
So by seeing these, we have a good idea of saying Okay, well, we might be able to use something like our log in and gain access to our target machine.
All right, so let's go ahead and try to run our log in here,
and it's gonna ask us, Do we want to try to make this connection? We're gonna say yes here, and we're gonna try to enter in the password of our target machine
you notice we get a permission denied message here. It's because we haven't established ssh on this machine. So we need to do apt get install and just make sure we go ahead and install. That might take a minute or so to get the installed done. And then if we try our log and again, we should have success connecting to that target.
All right, so we're just gonna clear our screen here to make it a little cleaner. Now, let's try to run our log in again and see if we're able to connect to that target machine.
All right, So once we connect, let's just do I f config. And that will show us that Yes, we're able to see the I. P. Address of that target machine is 10.0 dot 2.7. So we do have access to that target machine,
and we have root access on that target machine.
So let's go ahead and just close this particular connection to the target.
Next, we're gonna try to connect via FTP, so we're just gonna navigate the ftp, and then we're gonna do the open command to that target machine
and you see were able to establish a connection to the target. So let's go ahead and log in with the user name the default user name of FTP, which is anonymous and same thing for the possible as well. And you see, now we are on that target machine Were able to connect via FTP so we could steal files from that target machine or add files like malicious files to the target.
And to prove that we have that access, we could do something like type in the word help and were able to see the information on the target for the help file of FTP.
And this is something we would put in the report for the client. Just let them know. Hey, this is proof that we have. So we would screenshot this and say This is proof we were able to gain access to that target
Penetration Testing & Ethical Hacking - Study Break!
Web Server Attack Methodology
Types of Web Server Attacks and Countermeasures
Compromising Web Servers
Web Application Threats