APT

IP

10.129.96.60

initial nmap scan

sudo nmap -p- --min-rate 1500 -T4 10.129.96.60 | cut -d"/" -f1 | tr '\n' ','

we can see the following open port within the target machine

80,135

Lets dig further into these ports

sudo nmap -sCV -A -p80,135 -oA TCP_ports 10.129.96.60

results

PORT    STATE SERVICE VERSION
80/tcp  open  http    Microsoft IIS httpd 10.0
| http-methods: 
|_  Potentially risky methods: TRACE
|_http-title: Gigantic Hosting | Home
|_http-server-header: Microsoft-IIS/10.0
135/tcp open  msrpc   Microsoft Windows RPC
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Microsoft Windows 2016 (89%)
OS CPE: cpe:/o:microsoft:windows_server_2016
Aggressive OS guesses: Microsoft Windows Server 2016 (89%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 2 hops
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

TRACEROUTE (using port 80/tcp)
HOP RTT       ADDRESS
1   648.20 ms 10.10.16.1
2   648.46 ms 10.129.96.60

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 36.06 seconds

PreviousHTB Windows MachinesNextMantis HTB

Last updated