6

I'm trying to pivot using a metasploitable2 system, which has a shell port open in a scan:

port status service 1524/tcp open shell

Accessing the root shell is easy enough in telnet, or even using connect in msfconsole but this does not create a session which i can use with meterpreter or routing options.

Does anybody know any options such as metasploit modules that exploit an open shell port? A seemingly trivial "exploit" but hard to find one..

Pixel
  • 63
  • 1
  • 4

1 Answers1

6

If you have root on the server (or any kind of shell access), generate a payload on Metasploit, copy it to the server, and execute.

You don't turn telnet into meterpreter, you start another connection.

ThoriumBR
  • 50,648
  • 13
  • 127
  • 142
  • thanks for your answer! how would i generate such a payload for a linux system? would i use msfvenom? – Pixel Aug 28 '18 at 13:57
  • 1
    Yes, `msfvenom` is the tool you need. On https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom you can have some examples. – ThoriumBR Aug 28 '18 at 14:02