Gary Jones
Gary Jones
NessusMetasploitWiresharkVulnerability ExploitationCybersecurity

Nessus Vulnerability Scan and Exploitation

Nessus Vulnerability Scan and Exploitation
0 views
3 min read
#Nessus#Metasploit#Wireshark#Vulnerability Exploitation#Cybersecurity
Table Of Content

Nessus Vulnerability Scan and Exploitation Report

Situation:

The goal of this exercise was to identify and exploit a vulnerability on www.artstailor.com using Nessus and Metasploit. The tasks included conducting a vulnerability scan with Nessus, identifying exploitable services (e.g., vsftpd 2.3.4 backdoor), gaining shell access to the system using Metasploit, and analyzing traffic using Wireshark.

Obstacles:

  1. Limited Privileges: Despite successful exploitation, root access was not granted, restricting full control of the target system.
  2. Exploit Configuration: Careful attention was needed to configure the exploit correctly to interact with the vulnerable service.
  3. Traffic Analysis: Decoding the TCP stream in Wireshark to understand the interaction between the attacker and the target required precise filtering.

Actions Taken:

  1. Nessus Scan:
    • Conducted a Nessus vulnerability scan on www.artstailor.com to identify potential exploits.
    • Focused on the vsftpd 2.3.4 vulnerability, classified as a critical risk and exploitable via Metasploit.
  2. Metasploit Exploitation:
    • Started the Metasploit console and searched for the VSFTPD v2.3.4 Backdoor Command Execution module.
    • Configured the exploit parameters (e.g., target IP and port 21) and launched the exploit.
    • Gained shell access to the system, allowing file system exploration.
  3. Wireshark Analysis:
    • Used Wireshark to capture traffic between the attacker and the target during the exploitation process.
    • Followed the TCP stream to identify the username and password sent during the exploit.
  4. Key Retrieval:
    • Navigated the file system and located the encryption key: KEY008-7pRFQFucThmw16ibIv72EA==.

Results:

  1. Vulnerability Identified:
    • vsftpd 2.3.4 Smiley Face Backdoor:
      • Risk: Critical.
      • Description: A backdoor vulnerability in vsftpd 2.3.4 allows unauthenticated remote attackers to execute arbitrary commands.
      • Exploit: Successfully used Metasploit to gain shell access.
  2. Traffic Observations:
    • Wireshark confirmed the exchange of credentials (username and password) during the exploitation process.
    • Several ports (e.g., 21 for FTP) were involved in the interaction.
  3. Key Found: KEY008-7pRFQFucThmw16ibIv72EA==.
  4. Privilege Limitation:
    • Although the exploit provided shell access, it did not grant root privileges, limiting system control.

Tool Purpose Overview

Nessus:

  • Vulnerability scanning tool used to identify misconfigurations and known vulnerabilities on the target system.

Metasploit:

  • Penetration testing framework used to exploit the vsftpd 2.3.4 backdoor and gain shell access.

Wireshark:

  • Network analysis tool used to monitor and analyze traffic during the exploitation, revealing critical information like credentials.

View PDF Document