Payload on s4yhii's blog https://blog.s4yhii.com/tags/payload/ Recent content in Payload on s4yhii's blog s4yhii's blog https://blog.s4yhii.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E https://blog.s4yhii.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E Hugo -- 0.155.3 en-us Wed, 16 Jun 2021 12:00:00 -0400 HackTheBox ScriptKiddie https://blog.s4yhii.com/posts/2021-06-16-scriptkiddie-htb/ Wed, 16 Jun 2021 12:00:00 -0400 https://blog.s4yhii.com/posts/2021-06-16-scriptkiddie-htb/ <hr> <p><strong>Machine IP</strong>: 10.10.10.226</p> <p><strong>DATE</strong> : 16/06/2021</p> <hr> <h2 id="reconocimiento">Reconocimiento</h2> <p>Primero hacemos un escaneo de puertos para saber cuales están abiertos y conocer sus servicios correspondientes.</p> <h2 id="nmap">Nmap</h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">┌──<span class="o">(</span>s4yhii㉿kali<span class="o">)</span>-<span class="o">[</span>~<span class="o">]</span> </span></span><span class="line"><span class="cl">└─$ nmap -p- --open -T5 -v -n 10.10.10.226 </span></span><span class="line"><span class="cl">Starting Nmap 7.91 <span class="o">(</span> https://nmap.org <span class="o">)</span> at 2021-06-15 20:45 EDT </span></span><span class="line"><span class="cl">Initiating Ping Scan at 20:45 </span></span><span class="line"><span class="cl">Scanning 10.10.10.226 <span class="o">[</span><span class="m">2</span> ports<span class="o">]</span> </span></span><span class="line"><span class="cl">Completed Ping Scan at 20:45, 0.12s elapsed <span class="o">(</span><span class="m">1</span> total hosts<span class="o">)</span> </span></span><span class="line"><span class="cl">Initiating Connect Scan at 20:45 </span></span><span class="line"><span class="cl">Scanning 10.10.10.226 <span class="o">[</span><span class="m">65535</span> ports<span class="o">]</span> </span></span><span class="line"><span class="cl">Discovered open port 22/tcp on 10.10.10.226 </span></span><span class="line"><span class="cl">Stats: 0:00:20 elapsed<span class="p">;</span> <span class="m">0</span> hosts completed <span class="o">(</span><span class="m">1</span> up<span class="o">)</span>, <span class="m">1</span> undergoing Connect Scan </span></span><span class="line"><span class="cl">Connect Scan Timing: About 29.62% <span class="k">done</span><span class="p">;</span> ETC: 20:46 <span class="o">(</span>0:00:48 remaining<span class="o">)</span> </span></span><span class="line"><span class="cl">Discovered open port 5000/tcp on 10.10.10.226 </span></span><span class="line"><span class="cl">Completed Connect Scan at 20:46, 60.38s elapsed <span class="o">(</span><span class="m">65535</span> total ports<span class="o">)</span> </span></span><span class="line"><span class="cl">Nmap scan report <span class="k">for</span> 10.10.10.226 </span></span><span class="line"><span class="cl">Host is up <span class="o">(</span>0.12s latency<span class="o">)</span>. </span></span><span class="line"><span class="cl">Not shown: <span class="m">52711</span> closed ports, <span class="m">12822</span> filtered ports </span></span><span class="line"><span class="cl">Some closed ports may be reported as filtered due to --defeat-rst-ratelimit </span></span><span class="line"><span class="cl">PORT STATE SERVICE </span></span><span class="line"><span class="cl">22/tcp open ssh </span></span><span class="line"><span class="cl">5000/tcp open upnp </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">Read data files from: /usr/bin/../share/nmap </span></span><span class="line"><span class="cl">Nmap <span class="k">done</span>: <span class="m">1</span> IP address <span class="o">(</span><span class="m">1</span> host up<span class="o">)</span> scanned in 60.62 seconds </span></span></code></pre></div><p>Como vemos tiene 2 puertos abiertos el <code>22</code> y el <code>5000</code> uno con el servicio <code>ssh</code> y el otro con el servicio de <code>Plug and Play</code>, que se usa para conectar impresoras, dispositivos bluetooh, etc.</p>