![]() Since this was the default page, we had to run some tools to identify the hidden files and directories. After opening the IP address in the browser, we found that there was a default Apache page is opening as follows: We will begin the enumeration by the HTTP port. Let us start by exploring the open port and services on the target machine. In the next step, we will start enumerating the HTTP Service. ![]() The HTTP port 80 is open through which the Apache service is running, and port 22 is being used for SSH. We can see in the results that two ports are shown as open on the target machine. I have also used the -sV option it will enumerate the version of the running service. In the highlighted area of the above screenshot, I used the -p- option, which tells Nmap to conduct the complete port scan. The running command and the output of the Nmap scan can be seen in the following screenshot: This is to find the open ports and services on the target machine and help us proceed further. In this step, we will scan the target machine by using the popular port scanning tool Nmap. The next step is to scan the target machine using the Nmap tool. ![]() Unlike my other CTFs, this time, we do not require running the Netdiscover command to get the target IP address. Note: the target machine IP address may be different in your case, as the network DHCP assigns it. The target machine IP address is 192.168.1.21, and we will be using 192.168.1.26 as an attacker IP address. The target machine’s IP address can be seen in the following screenshot.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |