• -sV will probe open ports to determine service/version info.
  • -sC will scan with default NSE (Nmap Scripting Engine) scripts.
  • Port 21/tcp (FTP) ProFTPD 1.3.5
  • Port 22/tcp (SSH) OpenSSH 7.2p2
  • Port 80/tcp (HTTP) Apache httpd 2.4.18
  • Port 111/tcp (RPC) rpcbind
  • Port 139/tcp (Samba) smbd 3.x — 4.x
  • Port 445/tcp (Samba) smbd 4.3.11
  • Port 2049 (NFS) nfs_acl
  • nmap -p 445 — script=smb-enum-shares.nse,smb-enum-users.nse Target_IP
  • Enables communication to an SMB/CIFS server.
  • Enter command dir for the directory of the share then enter cat log.txt to see the contents of the file.
  • The smb share can also be recursively downloaded with smbget -R smb://Target_IP/anonymous
  • A connection is made to the host with netcat using nc Target_IP 21
  • Using the commands SITE CPFR (source-path) and SITE CPTO (destination-path), the private SSH key for user Kenobi can be copied to the /var/tmp directory.
  • It is known that the FTP service is running as Kenobi and an SSH key has been generated for this user from previously concatenating the log.txt file.
  • The command -i will remove the filter for upper or lowercase characters
  • The command 2>/dev/null will remove permission denied and other errors from the output.




Hacking, CTFs, and technology.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Duck Hunting 3d Season 2018 Hack Free Resources Generator

VulnNet: Internal Write-Up

Cyber Psychology

An Overview of SafleID

Jade Currency x Degen Gang Partnership

{UPDATE} Time to love! Hack Free Resources Generator

Hacked. Living a digital nightmare. Life-or-death security implications.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Zach Gillespie

Zach Gillespie

Hacking, CTFs, and technology.

More from Medium

Cryptography a Foundation of Cyber Security. (Part-2)

VulnHub — VulnCMS: 1 (Drupalgeddon Path)

Week 1: Introduction

Top 10 Links to harden your Linux machine