.png)
2 months ago
46 BOOK THIS SPACE FOR AD
ARTICLE AD
👋 Hello guys, I’m Taahir Mujawarr and I’m back with anoter interesting article. I’m a cybersecurity enthusiast with expertise in ethical hacking and bug bounty hunting. Passionate about finding vulnerabilities, I share insights to help others learn and improve their security skills.
Before proceeding, please ensure you have reviewed my previous articles, where I provided detailed instructions on downloading and setting up Metasploitable 2 in VMware, as well as guides on exploiting ports 21 and 22.
In the world of ethical hacking, one of the most vulnerable points to attack is the infamous Telnet service on port 23. For this article, I’ll walk you through how I successfully exploited Telnet on a vulnerable machine — Metasploitable 2 — and gained root access. Let’s dive into the process of exploiting this open door in a controlled environment.
1. Scanning for Open Ports
To begin the exploit, I launched an Nmap scan to identify open ports on the Metasploitable 2 machine:
nmap -sV 192.168.35.129The scan revealed the following:
21/tcp open ftp vsftpd 2.3.4
22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
23/tcp open telnet Linux telnetd
Among other open services, port 23 (Telnet) caught my attention, primarily because Telnet is known for its lack of security and plain-text communication.
2. Connecting to Telnet
With Telnet open, I used a basic Telnet connection to access the machine:
telnet 192.168.35.129Almost instantly, I was greeted by the system’s login prompt:
Connected to 192.168.35.129.
Escape character is '^]'.
Metasploitable 2 login
We can clearly see credentials msfadmin/msfadmin, so simply I entered login and password as mentioned and yeyyy I’m in hackers ...😜
3. Accessing the Shell
After logging in, I confirmed my user privileges and system information with some simple commands:
idifconfig
Output:
inet addr:192.168.35.129
I had successfully gained shell access to the Metasploitable 2 machine via Telnet. At this point, I could run commands as the msfadmin user and navigate the system.
4. Moving Toward Privilege Escalation
Although having access as the msfadmin user is useful, gaining root privileges is the ultimate goal. Metasploitable 2 is designed to be vulnerable, and by exploring the system further, it’s possible to elevate privileges and eventually gain root access.
One of the ways to achieve this is by exploiting known vulnerabilities within the system, either through manual commands or using tools like Metasploit.
Don’t hesitate to connect with me on … 👇🏻
👨🏻💻 Github 🔗 LinkedIn 🐦 thefellowhacker 🅾 thefellowhacker
If you found this story helpful, don’t forget to follow, clap, and share it with others! Save it for later.
Conclusion
Exploiting Telnet on Metasploitable 2 highlights the risks of leaving outdated services and default credentials exposed, which can lead to severe security breaches. This exercise serves as a valuable learning experience for beginners, demonstrating how easily vulnerable systems can be compromised.
Bengali (Bangladesh) · 
English (United States) ·