30 Bird - Brute Forcing a Service (CASP)


NOTE: The Kali and Metasploitable VMs should be running.

For this exercise, you've noticed that the Metasploitable server has an active FTP service. While you could try to sniff for cleartext passwords when other users log in, you'll instead try brute force attacking it with an online credential testing tool.

The xHydra window