Penetration Testing & Vulnerability Assessment – Bind Shell Backdoor (Port 1524)

Project Overview:

This project demonstrates a full penetration testing and vulnerability assessment conducted on a vulnerable Linux server (Metasploitable lab environment).

Scope of Work:

Network reconnaissance and IP range identification

Host discovery using fping

Port scanning and service enumeration using Nmap

Critical vulnerability detection using Nessus Essentials

Manual exploitation of exposed bind shell (Port 1524)

Root access verification

CVSS scoring analysis

CVE research and security impact assessment

Mitigation and remediation recommendations

Key Findings:

Open TCP Port 1524 running a bind shell backdoor

Unauthenticated remote root access

CVSS v3 Score: 9.8 (Critical)

Full system compromise confirmed

Tools Used:

Nmap

Nessus Essentials

Telnet

Linux CLI

Impact:

Successful exploitation allowed full root-level access, leading to complete loss of confidentiality, integrity, and availability.

Outcome:

The project includes detailed technical documentation, exploitation proof, CVSS scoring analysis, and professional mitigation recommendations.