![]() ![]() ![]() Then you will be find username and password see below image.īut in real life passive reconnaissance is not working for all time that time you need to do brute force attack. Metasploitable 2 vulnerable machine potential vulnerable so you need to copy IP Address then paste any web browser. Step 2 Do Passive Reconnaissance Using Port 80 Output:- port 22 open with SSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) in Linux OS Nmap done: 1 IP address (1 host up) scanned in 2.06 seconds Service Info: OS: Linux CPE: cpe:/o:linux:linux_kernel Nmap scan report for ta (192.xx.xx.xx)Ģ2/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) 192.xx.xx.xx (target IP Addres or web host name).-A for (-A: Enable OS detection, version detection, script scanning, and traceroute).-T4 for (-T: Set timing (higher is faster).Step 1 nmap run below command Information Gathering Purpose Step 4 Using SSH tool exploit port 22 or ssh.Step 3 Brute Force Attack With hydra tool for ssh password.Step 2 Do Passive Reconnaissance Using Port 80. ![]()
0 Comments
Leave a Reply. |