It has been rather enjoyable and satisfying hacking my way through Metasploitable 2. The process has consolidated some rather disparate knowledge in my brain and I’ve learned loads. I thoroughly recommend it for us noobies.
Below are links to all of my posts on hacking Metasploitable 2. Most of my endeavours were successful and a few weren’t, but I document the failures as I still gained from the process and perhaps others might have more success and let me know how they cracked it.
Firstly here is the Nmap port scan link that provided my attack vectors:
Secondly, the Nessus scan proved invaluable.
Here are the links:
Metasploitable 2: Exploiting FTP server vsftpd backdoor
Metasploitable 2 – Open SSH: Bruteforcing and Debian OpenSSL Predictable PRNG
Metasploitable 2: Port 23 Open Telnet
Metasploitable 2: Port 25 Open SMTP Postfix SMTPD
Metasploitable 2: Port 53 ISC BIND 9.4.2 – Domain Name Server Cache Poisoning
Metasploitable 2: Apache killer DOS
Metasploitable 2: RPC (Remote Procedure Call) Server
Metasploitable 2: Samba Server
Metasploitable 2: Remote Access Ports 512, 513 & 514
Metasploitable 2: Java RMI (Remote Method Invocation)
Metasploitable 2: Port 1524 ingreslock Backdoor
Metasploitable 2: Port 2121 – ProFTPD 1.3.1
Metasploitable 2: Port 3306 MySQL
Metasploitable 2: Port 3632 distccd Exploit and Privilege Escalation
Metasploitable 2: Port 5432 – PostgreSQL
Metasploitable 2: Port 5900 – VNC
Metaspolitable 2: Port 6000 – X11 Server