Is SSH Exploit a mistake?

Hello I’m pretty new here to this Community. Anyway… After solving some Challenges i want give a try to the maschines.

After Portscanning i always try to exploit the SSH Port. Is this a mistake?

When i see that some people own the System after 20 minutes i could facepalm my face through the next Wall.

To my Person:
-I have experience in CEHv10 but never own a System. (I’m really glad to found this Website)
-I can Coding
-knowing Bind and Reverse Shell

I hope you can give me tipps. Which Ports you are using!

Hey, ippsec’s videos are a great way to get started.

Thanks for the Tipp man. This Site is amazing to learn.

Hi,

juat to answer your question - ssh exploit after nmap isn’t usually the way to get a box. I would say never, but not 100% sure here. However ssh might be used in a later stage sometimes.

Dig deeper and gather more information from other services. As mentioned, Ippsec can show and explain in a great way how you own a box.

Type your comment> @odinshell said:

Hey, ippsec’s videos are a great way to get started.

Watch Ippsec learn the methodology and you will understand how you should search a box etc…

hope that helps

SSH is usually not the way to get initial access. It will usually be a web service and a FTP port that’s vulnerable.