Network Services 2

Understanding SMTP

For the understanding part it’s simple, just read the content.

On to enumerating our target

As you can see we used Nmap -T5 (fastest) -v(verbose, to see what’s happening) -allports and we found the common smtp port 25 and common ssh port 22 open

Before you can interact with smtp_versions you do have to select it but using the “use 0” function

This is where I started making mistakes, notice that I am not interacting smtp_enum.

Still haven’t caught it yet.

Hey I caught it but, I also made a mistake setting my user file. It should be set USER_FILE /usr/share/wordlists/SecLists/Usernames/top-usernames-shortlist.txt

Great Its time to exploit smtp!

We just used hydra and rockyou.txt against the username administrator to brute force the password.

Results from Hydra

Understanding, Enumerating and exploiting MySQL

Very basic just read the information carefully.

A quick google search will tell you Facebook uses MySQL

Enumerating MySQL

I ran the -T5 because I wanted fast and since it’s a beginner room I wasn’t concerned about stealth, and -A for all ports, and lastly -v so I could actually see what was happening. Is it the best way? Probably not but it works well for me.

You have to remember to first select USE 0 to select the module.

Exploiting MySQL