Hello I’m pretty new here to this Community. Anyway… After solving some Challenges i want give a try to the maschines.
After Portscanning i always try to exploit the SSH Port. Is this a mistake?
When i see that some people own the System after 20 minutes i could facepalm my face through the next Wall.
To my Person:
-I have experience in CEHv10 but never own a System. (I’m really glad to found this Website)
-I can Coding
-knowing Bind and Reverse Shell
I hope you can give me tipps. Which Ports you are using!
Hey, ippsec’s videos are a great way to get started.
Thanks for the Tipp man. This Site is amazing to learn.
Hi,
juat to answer your question - ssh exploit after nmap isn’t usually the way to get a box. I would say never, but not 100% sure here. However ssh might be used in a later stage sometimes.
Dig deeper and gather more information from other services. As mentioned, Ippsec can show and explain in a great way how you own a box.
Type your comment> @odinshell said:
Hey, ippsec’s videos are a great way to get started.
Watch Ippsec learn the methodology and you will understand how you should search a box etc…
hope that helps
SSH is usually not the way to get initial access. It will usually be a web service and a FTP port that’s vulnerable.