30 Bird - Brute Forcing a Service (CASP)

Overview

NOTE: The Kali and Metasploitable VMs should be running.

For this exercise, you've noticed that the Metasploitable server has an active FTP service. While you could try to sniff for cleartext passwords when other users log in, you'll instead try brute force attacking it with an online credential testing tool.

The xHydra window

Courses

30 Bird - CompTIA CASP+ CAS-004

CompTIA Advanced Security Practitioner (CASP+) w/Cert Prep