Difference between revisions of "Pinky's Palace: v1 ~ VulnHub - Walkthrough"
m |
m (→Methodology) |
||
| Line 7: | Line 7: | ||
== Methodology == | == Methodology == | ||
| − | + | === Discovery === | |
| + | Identify the target | ||
<syntaxhighlight lang=shell-session highlight="" line> | <syntaxhighlight lang=shell-session highlight="" line> | ||
| − | + | root@kali:~# nmap -sP 192.168.56.0/24 | |
| + | ..... | ||
| + | root@kali:~# export TANGO=192.168.56.104 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | + | ||
| − | <syntaxhighlight lang=shell-session highlight="" line> | + | <syntaxhighlight lang=shell-session highlight="10,11,12" line> |
| − | + | root@kali:~# nmap -O -sT -sV -p- -T5 $TANGO | |
| + | |||
| + | Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 19:11 EDT | ||
| + | mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers | ||
| + | Nmap scan report for $TANGO | ||
| + | Host is up (0.00098s latency). | ||
| + | Not shown: 65532 closed ports | ||
| + | PORT STATE SERVICE VERSION | ||
| + | 8080/tcp open http nginx 1.10.3 | ||
| + | 31337/tcp open http-proxy Squid http proxy 3.5.23 | ||
| + | 64666/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u2 (protocol 2.0) | ||
| + | MAC Address: 08:00:27:A3:C5:2A (Oracle VirtualBox virtual NIC) | ||
| + | Device type: general purpose | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 42: | Line 57: | ||
xxx | xxx | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | |||
== Final Notes == | == Final Notes == | ||
Revision as of 06:33, 13 June 2018
Contents
Objective
xxxxxxxxxxxxxxxxxxxxx
Source: [xxxxxx]
Status: [In Progress]
Methodology
Discovery
Identify the target
root@kali:~# nmap -sP 192.168.56.0/24
.....
root@kali:~# export TANGO=192.168.56.104root@kali:~# nmap -O -sT -sV -p- -T5 $TANGO
Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 19:11 EDT
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Nmap scan report for $TANGO
Host is up (0.00098s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE VERSION
8080/tcp open http nginx 1.10.3
31337/tcp open http-proxy Squid http proxy 3.5.23
64666/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u2 (protocol 2.0)
MAC Address: 08:00:27:A3:C5:2A (Oracle VirtualBox virtual NIC)
Device type: general purposeEntry Point #1 - Port NN (XXX)
Enumeration
xxxxx
xxxxxExploitation
xxx xxx xxx
xxx
xxxxxx
xxx
xxxFinal Notes
xxx
Appendix A: Vulnerability Detail and Mitigation
| Rating | High |
| Description | xxxx |
| Impact | xxxxxxxxxxxxxxxxxxxxxxxxxxxx |
| Remediation | xxxxxxxxxxxxxxxxx |