RustScan
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/walla]
└─$ rustscan -a $IP
________________________________________
: http://discord.skerritt.blog :
: https://github.com/RustScan/RustScan :
--------------------------------------
TCP handshake? More like a friendly high-five!
[~] The config file is expected to be at "/home/kali/.rustscan.toml"
[~] Automatically increasing ulimit value to 10000.
Open 192.168.179.97:22
Open 192.168.179.97:23
Open 192.168.179.97:25
Open 192.168.179.97:53
Open 192.168.179.97:422
Open 192.168.179.97:8091
Open 192.168.179.97:42042Nmap
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/walla]
└─$ nmap -p- -sC -sV -T5 --min-parallelism 100 --max-parallelism 256 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-03-27 15:34 CET
Warning: 192.168.179.97 giving up on port because retransmission cap hit (2).
Nmap scan report for 192.168.179.97
Host is up (0.026s latency).
Not shown: 65352 closed tcp ports (reset), 176 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey:
| 2048 02:71:5d:c8:b9:43:ba:6a:c8:ed:15:c5:6c:b2:f5:f9 (RSA)
| 256 f3:e5:10:d4:16:a9:9e:03:47:38:ba:ac:18:24:53:28 (ECDSA)
|_ 256 02:4f:99:ec:85:6d:79:43:88:b2:b5:7c:f0:91:fe:74 (ED25519)
23/tcp open telnet Linux telnetd
25/tcp open smtp Postfix smtpd
|_ssl-date: TLS randomness does not represent time
| ssl-cert: Subject: commonName=walla
| Subject Alternative Name: DNS:walla
| Not valid before: 2020-09-17T18:26:36
|_Not valid after: 2030-09-15T18:26:36
|_smtp-commands: walla, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, SMTPUTF8, CHUNKING
53/tcp open tcpwrapped
422/tcp open ssh OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey:
| 2048 02:71:5d:c8:b9:43:ba:6a:c8:ed:15:c5:6c:b2:f5:f9 (RSA)
| 256 f3:e5:10:d4:16:a9:9e:03:47:38:ba:ac:18:24:53:28 (ECDSA)
|_ 256 02:4f:99:ec:85:6d:79:43:88:b2:b5:7c:f0:91:fe:74 (ED25519)
8091/tcp open http lighttpd 1.4.53
| http-cookie-flags:
| /:
| PHPSESSID:
|_ httponly flag not set
|_http-title: Site doesnt have a title (text/html; charset=UTF-8).
|_http-server-header: lighttpd/1.4.53
| http-auth:
| HTTP/1.1 401 Unauthorized\x0D
|_ Basic realm=RaspAP
42042/tcp open ssh OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey:
| 2048 02:71:5d:c8:b9:43:ba:6a:c8:ed:15:c5:6c:b2:f5:f9 (RSA)
| 256 f3:e5:10:d4:16:a9:9e:03:47:38:ba:ac:18:24:53:28 (ECDSA)
|_ 256 02:4f:99:ec:85:6d:79:43:88:b2:b5:7c:f0:91:fe:74 (ED25519)
Service Info: Host: walla; OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 38.09 secondsThe target system appears to be Debian
The hostname is WALLA
/Practice/Walla/1-Recon/attachments/{664467F8-4D8C-4304-8A72-D2516B75ABF5}.png)
The /etc/hosts file on Kali has been updated for local DNS resolution
UDP
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/walla]
└─$ sudo nmap -sU --top-ports 1000 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-03-27 15:34 CET
Nmap scan report for 192.168.179.97
Host is up (0.019s latency).
Not shown: 994 closed udp ports (port-unreach)
PORT STATE SERVICE
53/udp open|filtered domain
67/udp open|filtered dhcps
631/udp open|filtered ipp
5353/udp open|filtered zeroconf
17638/udp open|filtered unknown
39632/udp open|filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 1100.56 seconds