4

I'm new to pen-testing world. I'm trying to learn how to gain access through telnet service opened on port 23.

I'm using Metasploit. The first approach I'm trying is using the telnet_login module to try a dictionary attack on the target. I've seen that I should set USER_FILE and PASS_FILE.

Does Kali have sample user.txt and pass.txt files? Are there better approaches to attack telnet service?

stefan
  • 1
  • 8
Maicake
  • 497
  • 1
  • 3
  • 13
  • 1
    Kali is very well documented and every tool has its own documentation. https://tools.kali.org/password-attacks/wordlists – schroeder Oct 13 '18 at 21:29
  • 1
    Also note that there is a difference between Kali and Metasploit. Kali is just a Linux distribution. The tools that come bundled with Kali are the ones that you use. – schroeder Oct 13 '18 at 21:30
  • Anyway what about the second question? Are there other way to take advantages of telnet other than enforce the login? – Maicake Oct 14 '18 at 09:38

1 Answers1

3

Kali contains built in password word lists. They are compressed and can be found at:

/usr/share/wordlists/

I'm unaware of username lists, since usernames are usually pretty dependent on the format the service uses, and are typically fairly unique.

You can put together a simple non-exhaustive word lists for the users yourself containing obvious potential names such as:

  • admin
  • local
  • root
  • user
  • remote

Since you're using this to attack your own system though, you should already know what the username is, so you can just list that.

A brief reminder that you shouldn't use a tool like this to attack a system you don't have explicit permission to access. That would be a crime.

stefan
  • 1
  • 8
Daisetsu
  • 5,110
  • 1
  • 14
  • 24