Enumeration Link: https://tryhackme.com/room/basicpentestingjt
Author: https://tryhackme.com/p/ashu
Host: 10.10.137.134
Let’s do an NMAP scan against the host with safe scripts and version fingerprinting of services running on the machine.
┌──(root💀b0x)-[~/THM/Basic Pentesting] └─# nmap -sC -sV -v -Pn -n 10.10.137.134 Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower. Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-11 03:47 PKT NSE: Loaded 153 scripts for scanning....
Enumeration Host: 10.10.56.222
Let’s start with nmap scan against the host and see the ports open on it.
┌──(root💀b0x)-[/mnt/hgfs/THM/Bounty Hacker] [1/377] └─# nmap -A 10.10.56.222 -Pn -n Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower. Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-09 00:03 PKT Nmap scan report for 10.10.56.222 Host is up (0.21s latency). Not shown: 967 filtered ports, 30 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3....
Enumeration IP: 10.10.25.58 Host: internal.thm
Let’s start with the nmap full port scan and see the open ports
Nmap full port scan ┌──(root💀b0x)-[/mnt/hgfs/THM/Internal] [7/117] └─# nmap -p- -v -iL ip -oN nmapFullPort.nmap Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-07 13:15 PKT Initiating Ping Scan at 13:15 Scanning 10.10.25.58 [4 ports] Completed Ping Scan at 13:15, 0.22s elapsed (1 total hosts) Initiating SYN Stealth Scan at 13:15 Scanning internal....