Is SSH Exploit a mistake?

Hello I'm pretty new here to this Community. Anyway.. After solving some Challenges i want give a try to the maschines.

After Portscanning i always try to exploit the SSH Port. Is this a mistake?

When i see that some people own the System after 20 minutes i could facepalm my face through the next Wall.

To my Person:
-I have experience in CEHv10 but never own a System. (I'm really glad to found this Website)
-I can Coding
-knowing Bind and Reverse Shell

I hope you can give me tipps. Which Ports you are using!

Comments

  • Hey, ippsec's videos are a great way to get started.

  • Thanks for the Tipp man. This Site is amazing to learn.

  • Hi,

    juat to answer your question - ssh exploit after nmap isn't usually the way to get a box. I would say never, but not 100% sure here. However ssh might be used in a later stage sometimes.

    Dig deeper and gather more information from other services. As mentioned, Ippsec can show and explain in a great way how you own a box.
  • Type your comment> @odinshell said:

    Hey, ippsec's videos are a great way to get started.

    Watch Ippsec learn the methodology and you will understand how you should search a box etc..

    hope that helps

    Arrexel
    OSCP | OSCE half way!

  • SSH is usually not the way to get initial access. It will usually be a web service and a FTP port that's vulnerable.

Sign In to comment.