Homework 4. HackTheBox

Tehtävänanto on kopioitu Tero Karvisen sivulta:
http://terokarvinen.com/2019/penetration-testing-tunkeutumistestaus-ict4tn027-3004-intensive-summer-course-2019-w21w22-5-credits

a) Hedelmiä matalalla. Mitkä vaikuttavat HackTheBoxin helpoimmilta kohteilta? Tiedustele HackTheBox-verkko esimerkiksi porttiskannerilla ja ryömijällä. Noudata Rules-kohdassa annettua scopea.

Nämä vaikuttavat helpoilta:
Netmon –> Sain molemmat flag :it
Help
SwagShop
Luke

HackTheBox :n verkkoavaruus ja koneet scannattuna nmap :lla

msf5 > db_nmap 10.10.10.0/24
[*] Nmap: Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-27 06:20 UTC
[*] Nmap: Nmap scan report for 10.10.10.2
[*] Nmap: Host is up (0.027s latency).
[*] Nmap: All 1000 scanned ports on 10.10.10.2 are filtered

[*] Nmap: Nmap scan report for 10.10.10.101
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 996 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http
[*] Nmap: 2222/tcp open EtherNetIP-1
[*] Nmap: 8080/tcp open http-proxy

[*] Nmap: Nmap scan report for 10.10.10.103
[*] Nmap: Host is up (0.027s latency).
[*] Nmap: Not shown: 987 filtered ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 21/tcp open ftp
[*] Nmap: 53/tcp open domain
[*] Nmap: 80/tcp open http
[*] Nmap: 135/tcp open msrpc
[*] Nmap: 139/tcp open netbios-ssn
[*] Nmap: 389/tcp open ldap
[*] Nmap: 443/tcp open https
[*] Nmap: 445/tcp open microsoft-ds
[*] Nmap: 464/tcp open kpasswd5
[*] Nmap: 593/tcp open http-rpc-epmap
[*] Nmap: 636/tcp open ldapssl
[*] Nmap: 3268/tcp open globalcatLDAP
[*] Nmap: 3269/tcp open globalcatLDAPssl

[*] Nmap: Nmap scan report for 10.10.10.116
[*] Nmap: Host is up (0.027s latency).
[*] Nmap: All 1000 scanned ports on 10.10.10.116 are filtered

[*] Nmap: Nmap scan report for 10.10.10.120
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 994 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 80/tcp open http
[*] Nmap: 110/tcp open pop3
[*] Nmap: 143/tcp open imap
[*] Nmap: 993/tcp open imaps
[*] Nmap: 995/tcp open pop3s
[*] Nmap: 10000/tcp open snet-sensor-mgmt

[*] Nmap: Nmap scan report for 10.10.10.121
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 997 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http
[*] Nmap: 3000/tcp open ppp

[*] Nmap: Nmap scan report for 10.10.10.122
[*] Nmap: Host is up (0.027s latency).
[*] Nmap: Not shown: 998 filtered ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http

[*] Nmap: Nmap scan report for 10.10.10.123
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 993 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 21/tcp open ftp
[*] Nmap: 22/tcp open ssh
[*] Nmap: 53/tcp open domain
[*] Nmap: 80/tcp open http
[*] Nmap: 139/tcp open netbios-ssn
[*] Nmap: 443/tcp open https
[*] Nmap: 445/tcp open microsoft-ds

[*] Nmap: Nmap scan report for 10.10.10.124
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 996 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http
[*] Nmap: 443/tcp open https
[*] Nmap: 8080/tcp open http-proxy

[*] Nmap: Nmap scan report for 10.10.10.125
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 996 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 135/tcp open msrpc
[*] Nmap: 139/tcp open netbios-ssn
[*] Nmap: 445/tcp open microsoft-ds
[*] Nmap: 1433/tcp open ms-sql-s

[*] Nmap: Nmap scan report for 10.10.10.126
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 998 filtered ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 80/tcp open http
[*] Nmap: 443/tcp open https

[*] Nmap: Nmap scan report for 10.10.10.127
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 997 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http
[*] Nmap: 443/tcp open https

[*] Nmap: Nmap scan report for 10.10.10.128
[*] Nmap: Host is up (0.027s latency).
[*] Nmap: Not shown: 998 filtered ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 80/tcp open http
[*] Nmap: 6666/tcp open irc

[*] Nmap: Nmap scan report for 10.10.10.129
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 998 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http

[*] Nmap: Nmap scan report for 10.10.10.130
[*] Nmap: Host is up (0.027s latency).
[*] Nmap: Not shown: 995 filtered ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 80/tcp open http
[*] Nmap: 135/tcp open msrpc
[*] Nmap: 139/tcp open netbios-ssn
[*] Nmap: 445/tcp open microsoft-ds
[*] Nmap: 8080/tcp open http-proxy

[*] Nmap: Nmap scan report for 10.10.10.131
[*] Nmap: Host is up (0.16s latency).
[*] Nmap: Not shown: 996 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 21/tcp open ftp
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http
[*] Nmap: 443/tcp open https

[*] Nmap: Nmap scan report for 10.10.10.132
[*] Nmap: Host is up (0.036s latency).
[*] Nmap: Not shown: 997 filtered ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 135/tcp open msrpc
[*] Nmap: 445/tcp open microsoft-ds
[*] Nmap: 8080/tcp open http-proxy

[*] Nmap: Nmap scan report for 10.10.10.133
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 998 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http

[*] Nmap: Nmap scan report for 10.10.10.134
[*] Nmap: Host is up (0.028s latency).
[*] Nmap: Not shown: 996 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 135/tcp open msrpc
[*] Nmap: 139/tcp open netbios-ssn
[*] Nmap: 445/tcp open microsoft-ds

[*] Nmap: Nmap scan report for 10.10.10.137
[*] Nmap: Host is up (0.028s latency).
[*] Nmap: Not shown: 995 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 21/tcp open ftp
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http
[*] Nmap: 3000/tcp open ppp
[*] Nmap: 8000/tcp open http-alt

[*] Nmap: Nmap scan report for 10.10.10.139
[*] Nmap: Host is up (0.026s latency).
[*] Nmap: Not shown: 998 filtered ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http

[*] Nmap: Nmap scan report for 10.10.10.140
[*] Nmap: Host is up (0.045s latency).
[*] Nmap: Not shown: 998 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 22/tcp open ssh
[*] Nmap: 80/tcp open http

[*] Nmap: Nmap scan report for 10.10.10.152
[*] Nmap: Host is up (0.027s latency).
[*] Nmap: Not shown: 995 closed ports
[*] Nmap: PORT STATE SERVICE
[*] Nmap: 21/tcp open ftp
[*] Nmap: 80/tcp open http
[*] Nmap: 135/tcp open msrpc
[*] Nmap: 139/tcp open netbios-ssn
[*] Nmap: 445/tcp open microsoft-ds
[*] Nmap: Nmap done: 256 IP addresses (23 hosts up) scanned in 150.84 seconds

Crawl vinkkejä: https://www.hackingarticles.in/5-ways-crawl-website/

b) Bonus: murtaudu jollekin HackTheBoxin maalikoneelle. Voit katsoa weppiliittymästä vinkkiä siitä, mitkä koneet ovat helppoja.

Raportti löytyy täältä:
HackTheBox Netmon ratkaisu

Leave a Reply

Your email address will not be published. Required fields are marked *