Ingreslock Backdoor Vulnerability

Use the Telnet command to connect to the target host's port 1524 to get root privileges directly.

Ingreslock Backdoor monitoring on port 1524, connected to 1524 port can be directly rooted, is often used to invade an exposed server.

First, using the Nmap tool to scan the target host

The 1.1 uses the Nmap command to scan the target host. Click on the left side of the desktop and select "Open in Terminal" in the context menu.

1.2 Enter the command "NMAP–SV 192.168.1.3" in the terminal, the target host for port scanning, found open 1524 port.

650) this.width=650; "src=" http://s1.51cto.com/wyfs02/M02/8D/12/wKiom1iEgefB4PPLAAGye1gg1eQ812.jpg "style=" float: none; "title=" 1.jpg "alt=" Wkiom1iegefb4pplaagye1gg1eq812.jpg "/>

1.3 Enter the command "Telnet 192.168.1.3 1524" in the terminal to connect to the target host 1524 port, first the connection is successful. 3 is shown

1.4 Enter the command "WhoAmI" in the terminal to find the permission to get. 4 is shown

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M02/8D/0F/wKioL1iEgeeiDdy7AAAwx_jxCKc296.jpg "style=" float: none; "title=" 2.jpg "alt=" Wkiol1iegeeiddy7aaawx_jxckc296.jpg "/>

1.5 Enter the command "Ifconfig eth0" in the terminal, view the network card information, enter "CAT/ETC/PASSWD" under terminal to view the remote host's password file.

650) this.width=650; "src=" http://s4.51cto.com/wyfs02/M00/8D/12/wKiom1iEgeeQlJDuAACSCPnrWso647.jpg "style=" float: none; "title=" 3.jpg "alt=" Wkiom1iegeeqljduaacscpnrwso647.jpg "/>

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M02/8D/0F/wKioL1iEgenxikz2AAICxY1LjZ8113.jpg "style=" float: none; "title=" 4.jpg "alt=" Wkiol1iegenxikz2aaicxy1ljz8113.jpg "/>

This article is from the "12377962" blog, please be sure to keep this source http://12387962.blog.51cto.com/12377962/1893770

Ingreslock Backdoor Vulnerability