Let us discuss about how we can compromise remote access protocols. There was a time when applications that bypass system protocols to provide remote access were famous. Those applications are presently being replaced with online services like GoToMyPC or LogMeIn, they are still quite common. Examples of such programs include pcAnywhere and VNC. We should note that instances of these applications/tools may be present on the network due to the legitimate actions of a system administrator. Although, they may also be present because the network has been compromised and the attacker wanted a channel to remotely access the network. Securing communication during attack is also a skill you can learn one of them from here
Now we'll compromise remote access protocols (VNC) using the built-in functionality of the Metasploit framework:
1. You need to Locate the remote access software on the target using nmap. following screenshot shows the process, VNC is usually found on TCP port 5900:
2. Now you need to activate the Metasploit framework using the msfconsole command from a Terminal window. From the msfprompt, configure it to compromise VNC, following screenshot explains this:
3. Now time to initiate the run command, as shown in the following screenshot, and watch for a successful run:
4. In the end, once Metasploit has determined the credentials, validate them by logging in to the VNC client using vncviewer. From the Command Prompt in a Terminal window, enter the following:
root@kali:~# vncviewer <Target IP>
Now after entering the above this will connect to the remote host and prompt you to enter the appropriate credentials. When the authentication is successful, a new window will be opened, giving you remote access to the target system. Verify that you are on the target system by issuing the whoami query, as shown in the following screenshot, and request the system's ID or IP address:
That's it. Thanks for reading. you should also learn about how to prevent penetration attacks using Metasploit also and its methodologies.
Now we'll compromise remote access protocols (VNC) using the built-in functionality of the Metasploit framework:
1. You need to Locate the remote access software on the target using nmap. following screenshot shows the process, VNC is usually found on TCP port 5900:
2. Now you need to activate the Metasploit framework using the msfconsole command from a Terminal window. From the msfprompt, configure it to compromise VNC, following screenshot explains this:
3. Now time to initiate the run command, as shown in the following screenshot, and watch for a successful run:
4. In the end, once Metasploit has determined the credentials, validate them by logging in to the VNC client using vncviewer. From the Command Prompt in a Terminal window, enter the following:
root@kali:~# vncviewer <Target IP>
Now after entering the above this will connect to the remote host and prompt you to enter the appropriate credentials. When the authentication is successful, a new window will be opened, giving you remote access to the target system. Verify that you are on the target system by issuing the whoami query, as shown in the following screenshot, and request the system's ID or IP address:
That's it. Thanks for reading. you should also learn about how to prevent penetration attacks using Metasploit also and its methodologies.
COMMENTS