InfoSec LAB

Zeno_Recon

Created: 2 min read

RustScan

┌──(kali㉿kali)-[~/archive/thm/zeno]
└─$ rustscan -a $IP
________________________________________
: http://discord.skerritt.blog         :
: https://github.com/RustScan/RustScan :
 --------------------------------------
Scanning ports faster than you can say 'SYN ACK'
 
[~] The config file is expected to be at "/home/kali/.rustscan.toml"
[~] Automatically increasing ulimit value to 5000.
[!] File limit is lower than default batch size. Consider upping with --ulimit. May cause harm to sensitive servers
Open 10.10.20.195:22
Open 10.10.20.195:12340

Nmap

┌──(kali㉿kali)-[~/archive/thm/zeno]
└─$ nmap -Pn -p- $IP
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-13 12:57 CEST
Nmap scan report for 10.10.20.195
Host is up (0.027s latency).
Not shown: 65381 filtered tcp ports (no-response), 152 filtered tcp ports (host-unreach)
PORT      STATE SERVICE
22/tcp    open  ssh
12340/tcp open  unknown
 
Nmap done: 1 IP address (1 host up) scanned in 182.68 seconds
┌──(kali㉿kali)-[~/archive/thm/zeno]
└─$ nmap -Pn -sC -sV -p22,12340 $IP
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-13 13:18 CEST
Nmap scan report for 10.10.20.195
Host is up (0.025s latency).
 
PORT      STATE SERVICE VERSION
22/tcp    open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey:
|   2048 09:23:62:a2:18:62:83:69:04:40:62:32:97:ff:3c:cd (RSA)
|   256 33:66:35:36:b0:68:06:32:c1:8a:f6:01:bc:43:38:ce (ECDSA)
|_  256 14:98:e3:84:70:55:e6:60:0c:c2:09:77:f8:b7:a6:1c (ED25519)
12340/tcp open  http    Apache httpd 2.4.6 ((CentOS) PHP/5.4.16)
| http-methods:
|_  Potentially risky methods: TRACE
|_http-title: We've got some trouble | 404 - Resource not found
|_http-server-header: Apache/2.4.6 (CentOS) PHP/5.4.16
 
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 16.52 seconds

The target system appears to be CentOS

UDP

┌──(kali㉿kali)-[~/archive/thm/zeno]
└─$ sudo nmap -Pn -sU -top-ports 1000 $IP
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-13 12:54 CEST
Nmap scan report for 10.10.20.195
Host is up (0.027s latency).
All 1000 scanned ports on 10.10.20.195 are in ignored states.
Not shown: 969 filtered udp ports (host-prohibited), 31 open|filtered udp ports (no-response)
 
Nmap done: 1 IP address (1 host up) scanned in 1501.53 seconds

Interactive Graph View

Backlinks