Close Menu
    What's Hot

    Ultimate Guide to Attack Surface Scanning

    April 10, 2025

    Recent Trends in Zero Trust Architecture

    March 3, 2025

    Modern Defensive Cybersecurity Services

    December 29, 2024
    Facebook X (Twitter) Instagram LinkedIn WhatsApp
    HITH Blog – HackerinthehouseHITH Blog – Hackerinthehouse
    • Bug Bounty

      A Beginner’s guide to Active Directory Penetration Testing

      June 21, 2023

      Building an XSS Scanner with Python

      February 27, 2023

      Journey to Website Security: Uncovering Hyperlink Injection Dangers

      February 24, 2023

      File Upload XSS | Find XSS in a different way while doing Bug bounty and Pentesting

      January 13, 2023

      How To Find DOM-based XSS Vulnerability

      December 27, 2022
    • Pen Testing

      Privileged Escalation: How Hackers Exploit Permissions to Compromise Your Systems

      March 5, 2024

      The Ultimate Guide to Vulnerability Scanning

      December 13, 2023

      Top 10 Tools for Real World Red Teaming

      November 18, 2023

      Locking Down OAuth 2.0: Critical Steps to Protect User Accounts and Data

      November 10, 2023

      Detailed guide on Password Transmutations

      April 29, 2023
    • Cyber Security

      Ultimate Guide to Attack Surface Scanning

      April 10, 2025

      Recent Trends in Zero Trust Architecture

      March 3, 2025

      Modern Defensive Cybersecurity Services

      December 29, 2024

      A Comprehensive Guide on Cyber Security Services VS Cyber Security Products

      June 14, 2024

      A Comprehensive Guide to Security Compliance

      May 6, 2024
    • Services
    • Product
      • Certifications
    • More
      1. Ethical Hacking
      2. Kali Linux
      3. Write Ups
      4. CTF
      5. Blockchain
      6. Machine Learning
      7. Computer Science
      8. View All

      Journey to Website Security: Uncovering Hyperlink Injection Dangers

      February 24, 2023

      Pentest/VAPT RoE and Best Practices

      February 3, 2023

      Emoji Deploy Attack Chain

      January 24, 2023

      Introduction to Information Security

      January 11, 2023

      Cyber Security Roadmap (Part-2)

      October 25, 2022

      How to install waybacksurls in kali linux (2022)

      September 23, 2022

      How To Find Hidden Parameters

      November 12, 2022

      Top 10 Subdomain Takeover Reports

      November 6, 2022

      Pause DeSync Attack :

      November 3, 2022

      Bypassing OTP Verification Methods

      October 31, 2022

      Tryhackme Vulnversity walkthrough

      September 26, 2022

      Ultimate Guide to Attack Surface Scanning

      April 10, 2025

      Recent Trends in Zero Trust Architecture

      March 3, 2025

      Modern Defensive Cybersecurity Services

      December 29, 2024

      Robotic Process Automation: The Key to Effortless Efficiency

      September 18, 2024

      A Peek into Facial Recognition Technology

      August 21, 2023

      How Data Scientists and Machine Learning Engineers Differs

      November 8, 2022

      Artificial Neural Networks with ML

      November 4, 2022

      INTRODUCTION TO MACHINE LEARNING

      October 20, 2022

      Robotic Process Automation: The Key to Effortless Efficiency

      September 18, 2024

      BCI: Merging Minds With Machines

      August 18, 2023

      Is Quantum Computing the future of Computing?

      August 16, 2023

      Ultimate Guide to Attack Surface Scanning

      April 10, 2025

      Recent Trends in Zero Trust Architecture

      March 3, 2025

      Modern Defensive Cybersecurity Services

      December 29, 2024

      Robotic Process Automation: The Key to Effortless Efficiency

      September 18, 2024
    HITH Blog – HackerinthehouseHITH Blog – Hackerinthehouse
    Home»Cyber Security»HOW TO LEARN SYSTEM HACKING
    Cyber Security

    HOW TO LEARN SYSTEM HACKING

    By KRiPPto99October 11, 2022Updated:November 5, 2022No Comments4 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    This Blog is written for to know the system hacking works, i am explaining how to hack system using Metaspolit, anyone who want learn ethical hacking can read this article

     

    Before get started let me remind you what you need 

    –Kali linux need to be installed

    -Metaspolit framework in kali Linux

    -Have Metasploitable installed in virtual machine

     

    -Requisites

    -Knowledge of using terminal

    -have both Metasploitable and linux operating sytem running

    -have Knowledge about nmap

    Step1: lets start the Metasploitable 2

    lets start the Metasploitable 2 in virtual machine and username and password will be msfadmin  and enter command of ifconfig  you get results like: 192.168.1.3 something below image show

     

     

    Step2 : scanning the target for vulnerabilities

    we have IP address so now we are into kali Linux for scanning system using Nmap tool for the purpose identifying vulnerabilities within our target system now scan the target system using NMAP command

    nmap -sV -O 192.168.1.7 here  -O namp command is to determine the operating system within which has system is operating on  -sV option will help us determine the version of the service running on the ports,

     

    Now we have found the information what required to exploit vulnerable system , First we found FTP Port 21 exploit our 1st vulnerability on FTP runs on port 21

    FTP runs on port 21

    step1: launch metasploit and search for exploit

    lets fireup metasploit using msfconsole

    search vsftpd we have found 1 maching module which is related to vulnerability of vsftd

     

    step -2: type use 0 or type the exploit as in below and type show options to see what required and here RHOST is required so we need to add target IP there

     

    step-3 Checking privileges from the shell Time to add IP Set RHOSTS <IP> after all set fire up with run command and below we see we in target terminal

     

     

    Exploit VNC port 5900 remote view vulnerabilities

    as we saw in scanning time theirs another vulnerability VNC enables a users to control another computer over a network connection . here we are attacking on port 5900 in order to take control over remotely

    step1: Launching Metasploit and searching for exploit

    lets quickly fireup msfconsole and search vnc login after finding related vulnerability quickly select use 0 or exploit name

     

    next step: after selecting command show options and thers need to set RHOSTS so lers quickly select RHOSTS with target ip set RHOSTS <IP>

    and run we found the password here lets quickly checkout then

     

     

    next step: open terminal vncviewer <ip> Now we are into system Having the IP address and VNC login password, we will open another terminal from where we will try to connect remotely to our target system. The password login credentials are “password

    Next step :Gaining remote control of target system via VNC

    as you see we are into system

     

    Exploit samba server vulnerability

    its time for samba we will we exploiting this We will be exploiting this vulnerability on our target machine to gain a TCP shell from which a hacker can be able to perform malicious activity on a vulnerable server since our target system has Samba “username map script” Command Execution.

    step1:  lets quickly fireup terminal with msfconsole and search for usermap script and we can see related exploit type use 0

    set RHOSTS <ip> and exploit

     

     

     

    step2: Checking Privilages of the shell acquired

    We now have a remote shell. We can check our privileges on on the shell established using the command “whoami”

     

    With the help of Metasploit we are able to exploit the vulnerability with more ease as it helps us in searching for the right vulnerability by just a single command.

     

    THANK YOU FOR READING THIS

    Author

    • KRiPPto99

      View all posts

    Cyber-Security Ethical-Hacking ethicalhacking hackingforbegginers HOW TO LEARN SYSTEM HACKING howtolearnsystemhacking network pen testing pen testing pentesting systemhacking
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticlePhases Of Ethical Hacking
    Next Article Awesome Threat Intelligence
    KRiPPto99

    Related Posts

    Cyber Security

    Ultimate Guide to Attack Surface Scanning

    April 10, 2025
    Cyber Security

    Recent Trends in Zero Trust Architecture

    March 3, 2025
    Cyber Security

    Modern Defensive Cybersecurity Services

    December 29, 2024
    Add A Comment
    Leave A Reply Cancel Reply

    Advertisement
    Top Posts

    How to install waybacksurls in kali linux (2022)

    September 23, 20222,488 Views

    File Upload XSS | Find XSS in a different way while doing Bug bounty and Pentesting

    January 13, 2023829 Views

    OSCP Cheat Sheet

    October 16, 2022690 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Advertisement
    X (Twitter) Instagram LinkedIn WhatsApp Telegram
    • About us
    • Contact Us
    • Privacy Policy
    • Terms
    © 2025 HITH Blog. Powered by Hackerinthehouse.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.