March 25, 2017 Karn Ganeshen

Metasploitable – Exploiting postgres service

root@kali:~# nmap -n -p 5432 192.168.49.201 -sC

Next, let’s use Medusa to run dictionary attack & find postgres account password.

Now, we can use the postgres login to read arbitrary system files.

Or we can use a different exploit to get remote shell.

+++++

Tagged: ,

Leave a Reply

Your email address will not be published. Required fields are marked *