Nmap
┌──(kali㉿kali)-[~/archive/htb/labs]
└─$ nmap -sC -sV -p- $IP
starting nmap 7.93 ( https://nmap.org ) at 2022-10-15 14:08 CEST
Nmap scan report for 10.10.10.9
Host is up (0.029s latency).
not shown: 65532 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
80/tcp open http Microsoft IIS httpd 7.5
| http-methods:
|_ potentially risky methods: TRACE
|_http-server-header: Microsoft-IIS/7.5
|_http-generator: Drupal 7 (http://drupal.org)
| http-robots.txt: 36 disallowed entries (15 shown)
| /includes/ /misc/ /modules/ /profiles/ /scripts/
| /themes/ /CHANGELOG.txt /cron.php /INSTALL.mysql.txt
| /INSTALL.pgsql.txt /INSTALL.sqlite.txt /install.php /INSTALL.txt
|_/LICENSE.txt /MAINTAINERS.txt
|_http-title: Welcome to 10.10.10.9 | 10.10.10.9
135/tcp open msrpc Microsoft Windows RPC
49154/tcp open msrpc Microsoft Windows RPC
service info: OS: Windows; CPE: cpe:/o:microsoft:windows
service detection performed. please report any incorrect results at https://nmap.org/submit/ .
nmap done: 1 IP address (1 host up) scanned in 169.08 secondsnmap scan returns open ports of:
80:Microsoft IIS httpd 7.5135:Microsoft Windows RPC49154
The target system is Microsoft Windows