Web
Nmap discovered a Web server on the target port 80
The running service is Apache httpd 2.4.56 ((Debian))
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/law]
└─$ curl -I http://$IP/
HTTP/1.1 200 OK
Date: Mon, 24 Feb 2025 11:37:46 GMT
Server: Apache/2.4.56 (Debian)
Set-Cookie: sid=vhangui7tfcvh1fmgmdqrchdvi; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, max-age=1800
Last-Modified: Tue, 22 Dec 2020 02:17:42 GMT
Set-Cookie: sid=aqo7c8mhrvgf01omg5d99e2ot9; path=/
Content-Type: text/html; charset=UTF-8/Practice/law/2-Enumeration/attachments/{7673A209-B2BA-4A56-967F-B61844684AA0}.png)
Webroot
It appears to be HTMLawed 1.2.5
Vulnerabilities
/Practice/law/2-Enumeration/attachments/{221C61DD-2CAF-4D03-9FEC-E01F9CC25FF5}.png)
Looking up the target instance reveals a vulnerability; CVE-2022-35914