- Help McSkidy and run
nmap -sT MACHINE_IP. How many ports are open between 1 and 100?
ANS: 2
EXPLANATION:
2. What is the smallest port number that is open?
ANS: 22
EXPLANATION:
3. What is the service related to the highest port number you found in the first question?
ANS: HTTP
EXPLANATION:
4. Now run nmap -sS MACHINE_IP. Did you get the same results? (Y/N)
ANS: Y
EXPLANATION:
5. If you want Nmap to detect the version info of the services installed, you can use nmap -sV MACHINE_IP. What is the version number of the web server?
ANS: Apache httpd 2.4.49
EXPLANATION:
6. By checking the vulnerabilities related to the installed web server, you learn that there is a critical vulnerability that allows path traversal and remote code execution. Now you can tell McSkidy that Grinch Enterprises used this vulnerability. What is the CVE number of the vulnerability that was solved in version 2.4.51?
ANS: CVE-2021–42013
EXPLANATION:
Step 1: Open this link (https://httpd.apache.org/security/vulnerabilities_24.html) and check CVE Number that falls on version 2.4.51
7. You are putting the pieces together and have a good idea of how your web server was exploited. McSkidy is suspicious that the attacker might have installed a backdoor. She asks you to check if there is some service listening on an uncommon port, i.e. outside the 1000 common ports that Nmap scans by default. She explains that adding -p1-65535 or -p- will scan all 65,535 TCP ports instead of only scanning the 1000 most common ports. What is the port number that appeared in the results now?
ANS: 20212
EXPLANATION:
8. What is the name of the program listening on the newly discovered port?
ANS: telnetd
EXPLANATION:
*****************THANK YOU****KEEP LEARNING ******************
HOPE YOU GUYS, THIS WALKTHROUGH MIGHT HELP YOU,IF SO LIKE THE PAGE WILL BE MUCH APPRECIATED AND FOLLOW MY PROFILE FOR MORE WRITE-UPS
*******PEACE*****
