Metasploitable 2 – Compromise: Root Shell

Remember our Nmap results? (

One of the entries in there was listed as follows:

1524/tcp  open  shell       Metasploitable root shell

This is probably one of the simplest Metasploitable vulns. There is a root shell open on the box, lets see if we can connect to it with telnet

telnet 1524

  • Telnet <dest_IP> <dest_Port>


Metasploitable root login

Surprisingly we are connected to the shell without being prompted for credentials.

A quick check with ‘whoami’ and ‘hostname’ commands confirms we are root and on the metasploitable box.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s