A Guide To Recognising Backdoors using Metasploitable 2

Every now and again when pentesting you come across something that doesn’t quite seem right. You can’t always put your finger on it, it’s just a little… off. Whether it’s a code execution bug that’s a little too easy to exploit, or the demo user account that looks like someone forgot to remove, sometimes vulnerabilities just seem as though they were deliberately placed there, even if it’s for legitimate purposes.

Continue reading