Telnet is a network protocol that allows users to access and use a remote computer as if they were directly connected to it.
As telnet is a weak mechanism for connecting the system, leaving the telnet port open may allow an unauthorized user to target week services and able to directly connect to the tenet service without a password.
Below is an example of a system with a tenet port open. To confirm this, we will perform an enumeration using nmap to identify the open ports and services using the following command:
nmap <IP ADDRESS>
Once the service has been identified, we can connect to the system using the telnet command. This system does not have password protection, so the user can connect to the system with its higher-privileged user “root” without entering the credentials.
Below is the screenshot show user able to login root user account.
0 Comments