RustScan
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/exfiltrated]
└─$ rustscan -a $IP
I scanned ports so fast, even my computer was surprised.
[~] The config file is expected to be at "/home/kali/.rustscan.toml"
[~] Automatically increasing ulimit value to 10000.
Open 192.168.202.163:22
Open 192.168.202.163:80Nmap
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/exfiltrated]
└─$ nmap -p- -sC -sV -T5 --min-parallelism 100 --max-parallelism 256 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-04-02 11:52 CEST
Nmap scan report for 192.168.202.163
Host is up (0.019s latency).
Not shown: 65533 closed tcp ports (reset)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.2 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 c1:99:4b:95:22:25:ed:0f:85:20:d3:63:b4:48:bb:cf (RSA)
| 256 0f:44:8b:ad:ad:95:b8:22:6a:f0:36:ac:19:d0:0e:f3 (ECDSA)
|_ 256 32:e1:2a:6c:cc:7c:e6:3e:23:f4:80:8d:33:ce:9b:3a (ED25519)
80/tcp open http Apache httpd 2.4.41 ((Ubuntu))
|_http-title: Did not follow redirect to http://exfiltrated.offsec/
|_http-server-header: Apache/2.4.41 (Ubuntu)
| http-robots.txt: 7 disallowed entries
| /backup/ /cron/? /front/ /install/ /panel/ /tmp/
|_/updates/
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 20.12 secondsThe target system appears to be Ubuntu
UDP
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/exfiltrated]
└─$ sudo nmap -sU --top-ports 1000 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-04-02 11:52 CEST
Nmap scan report for 192.168.202.163
Host is up (0.020s latency).
All 1000 scanned ports on 192.168.202.163 are in ignored states.
Not shown: 1000 closed udp ports (port-unreach)
Nmap done: 1 IP address (1 host up) scanned in 1015.68 seconds