Description: Theory and practice on Ethical Hacking, Kali Linux, IT Security
scanning (603) ethical hacking (198) reconnaissance (37) kali linux (20) metasploit (11) maltego (2) recon-ng (2) footprinting (2) metasploitable 2 (1) metasploitable 3 (1)
Advanced ethical hacking, Kali Linux and general security tutorials.
This service was already exploited in Metasploitable 2 . But is it the same version? It is not possible to determine the specific version running on Metasploitable3 but because there is only one exploit available in MSF, we better try it. Like before, this is a very easy exploit: This is a low privilege shell because boba_fett is not part of the sudo group. But he is also part of the docker group…
The Metasploitable 3 VM is running the C Unix Printing System (CUPS) with the web-based interface enabled: A remote attacker can exploit CUPS to execute arbitrary commands via crafted fields during the creation or modification of a printer. The 'PRINTER_INFO' and 'PRINTER_LOCATION' fields can be configured to contain arbitrary commands which will be executed when a print job is submitted, provided the remote host is running a vulnerable version of Bash. Searching in MSF you will find one exploit for this se