0

I just found out a bindshell backdoor, but I don't know how to access/connect to it using Metasploit.

bindshell

I'm a beginner with exploiting; is there a way to access the backdoor? I tried to search for "bindshell" on Metasploit but I didn't find anything. I also searched "shell" and it displayed a bunch of reverse shell exploits. I don't know which one to use or if I used the right exploit.

Fire Quacker
  • 2,432
  • 1
  • 19
  • 29
Tenchu
  • 5
  • 1
  • 3
  • Are you running this on your own machine? That means anyone can connect to your machine as root. –  Apr 24 '20 at 12:55
  • its not on my own machine, its for a school project, i have been given 4 unknown machines that i have to run on VMWare. The picture above is me doing a scan on one of my targets (unknown machine). can you tell me how can i connect to the machine as root using metasploit? – Tenchu Apr 24 '20 at 14:00

1 Answers1

3

That's simply a Bash shell that is bind to port 1524/tcp. It will run everything sent to that port on Bash and reply with the output. You don't need tools like Metasploit for that; a simple Netcat or Telnet will do.

Isn't it just amazing how a simple Google search can reveal the target of your homework is Metasploitable 2 (spoiler alert)!

Bindshell Exploitation

Metasploitable 2 comes with an open bindshell service running on port 1524. We will be using Netcat to connect to it.

Esa Jokinen
  • 16,100
  • 5
  • 50
  • 55
  • i actually went on google and didn't find any results on what i was looking at, but thank you for the explanation. i barely know about netcat since i only know a few commands and none of them actually tell me how i can launch backdoor shells and i googled it. You sir, have led me to the straight path, thank you! – Tenchu Apr 24 '20 at 18:08
  • Also, if you dont mind can you explain how would you connect to it using Netcat? – Tenchu Apr 24 '20 at 18:23
  • i couldnt edit my last comment, but i gained access to the machine using this Netcat command: nc -nv ip-address 1524. but i dont really know what does every command i typed did – Tenchu Apr 24 '20 at 18:49
  • 3
    Why's everybody rushing into "hacking" before they learn the basics on how operating systems work, how they are used and configured, programming & all the other stuff required to know before thinking of how they could become vulnerable? – Esa Jokinen Apr 25 '20 at 06:32
  • i did not rush into "hacking" i have been taught the basics of linux (how to make an ftp server,etc.) like a little over a year ago in school, and now after the epidemic that happened we switched to online classes and trying to understand the teacher is kinda difficult, all we learned so far is about netdiscover, nmap , PING sweep, metasploit (how to find exploits), and Nessus, and we barely learned about the basics of all of the things i mentioned, i literally know one command line of nmap, and PING sweep, metasploit is really self explanatory. Anything out of that is new to me. – Tenchu Apr 26 '20 at 04:20
  • 1
    @Tenchu "I dont really know what does every command i typed did" paints the picture of you just copy-pasting commands until something works. This is quite the opposite of understanding what you are doing. –  Apr 27 '20 at 12:12
  • @MechMK1 you're right, because i have not been taught about netcat, its new to me. i tried to look at man netcat to see what does -nv does but i still did not understand what does it actually do. – Tenchu Apr 28 '20 at 06:00
  • The netcat manpage has a description section that tells what it is, with examples of common uses. If you don't understand what TCP and UDP connections are, then you need to study some basic networking, instead. Textbooks are filled with explanation, illustrations and examples; that's something that can't be replaced with a short answer on a Q/A site. In short, netcat enables you to work on *application layer* protocols by providing raw *transport layer* connections. – Esa Jokinen Apr 28 '20 at 06:59
  • @EsaJokinen ah, that explains it, i lack networking knowledge. Thank you for your help. – Tenchu Apr 28 '20 at 16:23