CVE

Enumeration Scanning with nmap All port scanning is being perform with the following command: nmap -p- --min-rate 2500 10.10.11.20 -oN allports.txt The following shows the result of the command: It shows port 22, 80 as open. In order to find the version of services, service version enumeration is being performed with the following command. nmap -p 22,80 10.10.11.20 -sC -sV -O -oN serviceVersion.txt As the web server is running, so the website is being browsed and the following is the hosted web server. ...

Enumeration All the ports were scanned. ┌──(kali㉿kali)-[~/Desktop/hackthebox/keeper] └─$ nmap -p- --min-rate 1000 keeper.htb --oN AllPortScan.txt Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-18 18:13 EDT Nmap scan report for keeper.htb (10.10.11.227) Host is up (0.032s latency). Not shown: 65533 closed tcp ports (conn-refused) PORT STATE SERVICE 22/tcp open ssh 80/tcp open http The ssh and http port were open. The service version and OS enumeration is being carried out with the following command. ┌──(kali㉿kali)-[~/Desktop/hackthebox/keeper] └─$ nmap -p22,80 -A keeper.htb --oN ServiceVersion.txt Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-18 18:14 EDT Stats: 0:00:07 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan NSE Timing: About 99.30% done; ETC: 18:14 (0:00:00 remaining) Nmap scan report for keeper.htb (10.10.11.227) Host is up (0.030s latency). PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 256 35:39:d4:39:40:4b:1f:61:86:dd:7c:37:bb:4b:98:9e (ECDSA) |_ 256 1a:e9:72:be:8b:b1:05:d5:ef:fe:dd:80:d8:ef:c0:66 (ED25519) 80/tcp open http nginx 1.18.0 (Ubuntu) |_http-title: Site doesnt have a title (text/html). |_http-server-header: nginx/1.18.0 (Ubuntu) Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel It shows the web server is using nginx and the underlying OS is Linux. ...