Tools Used Nmap Virtualised Android Machine Burp Suite linpeas CVE-2021-3156 Proof of Concept script User Enumeration Nmap scan report for 10.10.11.148 Host is up (0.063s latency). Not shown: 65533 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 22/tcp open ssh (protocol 2.0) 80/tcp open http |_http-title: RouterSpace | fingerprint-strings: | FourOhFourRequest: | HTTP/1.1 200 OK | X-Powered-By: RouterSpace | X-Cdn: RouterSpace-9802 | Content-Type: text/html; charset=utf-8 | Content-Length: 65 | ETag: W/"41-HxO0Q/PimO73JhQv5GJkuRap/30" | Date: Sun, 06 Mar 2022 05:33:50 GMT | Connection: close | Suspicious activity detected !...
Tools Used Nmap git apport-unpack User Enumeration Nmap scan report for secret (10.10.11.120) Host is up (0.060s latency). Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 97:af:61:44:10:89:b9:53:f0:80:3f:d7:19:b1:e2:9c (RSA) | 256 95:ed:65:8d:cd:08:2b:55:dd:17:51:31:1e:3e:18:12 (ECDSA) |_ 256 33:7b:c1:71:d3:33:0f:92:4e:83:5a:1f:52:02:93:5e (ED25519) 80/tcp open http nginx 1.18.0 (Ubuntu) |_http-title: DUMB Docs | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx/1....
Tools Used Nmap Hashcat Responder Evil-WinRM Print Nightmare Foothold Enumeration # Nmap 7.92 scan initiated Sun Dec 26 01:20:04 2021 as: nmap -sS -A -sC -sV -v -p- --min-rate 5000 -oN nmapresult.txt 10.10.11.106 Nmap scan report for 10.10.11.106 Host is up (0.062s latency). Not shown: 65531 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 80/tcp open http Microsoft IIS httpd 10.0 | http-methods: | Supported Methods: OPTIONS TRACE GET HEAD POST |_ Potentially risky methods: TRACE |_http-title: Site doesn't have a title (text/html; charset=UTF-8)....