mirror of
https://github.com/AbdullahRizwan101/CTF-Writeups
synced 2024-11-10 06:34:17 +00:00
Add files via upload
This commit is contained in:
parent
b894483aed
commit
8bfa5cd798
1 changed files with 112 additions and 0 deletions
112
TryHackMe/Panda.md
Normal file
112
TryHackMe/Panda.md
Normal file
|
@ -0,0 +1,112 @@
|
|||
# TryHackMe-Panda
|
||||
|
||||
|
||||
## NMAP
|
||||
|
||||
```
|
||||
|
||||
Nmap scan report for 10.10.87.214
|
||||
Host is up (0.23s latency).
|
||||
Not shown: 991 closed ports
|
||||
PORT STATE SERVICE VERSION
|
||||
22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
|
||||
| ssh-hostkey:
|
||||
| 2048 af:ff:dd:8f:74:ef:1b:ea:3a:33:7c:df:a0:e8:35:08 (RSA)
|
||||
| 256 b5:dc:77:c4:15:a4:b6:5e:f3:07:46:ad:90:ea:d6:59 (ECDSA)
|
||||
|_ 256 a5:20:b4:a0:94:2a:27:f2:c9:ea:cb:09:f8:ab:f0:a6 (ED25519)
|
||||
53/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
|
||||
| dns-nsid:
|
||||
|_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
|
||||
80/tcp open http Apache httpd 2.4.6 ((CentOS) PHP/5.6.40)
|
||||
| http-methods:
|
||||
|_ Potentially risky methods: TRACE
|
||||
|_http-server-header: Apache/2.4.6 (CentOS) PHP/5.6.40
|
||||
|_http-title: Site doesn't have a title (text/html; charset=UTF-8).
|
||||
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: SAMBA)
|
||||
445/tcp open netbios-ssn Samba smbd 4.9.1 (workgroup: SAMBA)
|
||||
3306/tcp open mysql MariaDB (unauthorized)
|
||||
8009/tcp open ajp13 Apache Jserv (Protocol v1.3)
|
||||
|_ajp-methods: Failed to get a valid response for the OPTION request
|
||||
8080/tcp open http Apache Tomcat/Coyote JSP engine 1.1
|
||||
|_http-favicon: Apache Tomcat
|
||||
|_http-open-proxy: Proxy might be redirecting requests
|
||||
|_http-server-header: Apache-Coyote/1.1
|
||||
|_http-title: Apache Tomcat/7.0.92
|
||||
9999/tcp open abyss?
|
||||
| fingerprint-strings:
|
||||
| FourOhFourRequest:
|
||||
| HTTP/1.0 200 OK
|
||||
| Date: Sat, 03 Oct 2020 10:50:05 GMT
|
||||
| Content-Length: 0
|
||||
| GenericLines, Help, Kerberos, LDAPSearchReq, LPDString, RTSPRequest, SIPOptions, SSLSessionReq, TLSSessionReq, TerminalServerCookie:
|
||||
| HTTP/1.1 400 Bad Request
|
||||
| Content-Type: text/plain; charset=utf-8
|
||||
| Connection: close
|
||||
| Request
|
||||
| GetRequest, HTTPOptions:
|
||||
| HTTP/1.0 200 OK
|
||||
| Date: Sat, 03 Oct 2020 10:50:04 GMT
|
||||
|_ Content-Length: 0
|
||||
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
|
||||
SF-Port9999-TCP:V=7.80%I=7%D=10/3%Time=5F785755%P=x86_64-pc-linux-gnu%r(Ge
|
||||
SF:tRequest,4B,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Sat,\x2003\x20Oct\x2020
|
||||
SF:20\x2010:50:04\x20GMT\r\nContent-Length:\x200\r\n\r\n")%r(HTTPOptions,4
|
||||
SF:B,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Sat,\x2003\x20Oct\x202020\x2010:5
|
||||
SF:0:04\x20GMT\r\nContent-Length:\x200\r\n\r\n")%r(FourOhFourRequest,4B,"H
|
||||
SF:TTP/1\.0\x20200\x20OK\r\nDate:\x20Sat,\x2003\x20Oct\x202020\x2010:50:05
|
||||
SF:\x20GMT\r\nContent-Length:\x200\r\n\r\n")%r(GenericLines,67,"HTTP/1\.1\
|
||||
SF:x20400\x20Bad\x20Request\r\nContent-Type:\x20text/plain;\x20charset=utf
|
||||
SF:-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x20Request")%r(RTSPRequest
|
||||
SF:,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-Type:\x20text/plain;
|
||||
SF:\x20charset=utf-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x20Request"
|
||||
SF:)%r(Help,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-Type:\x20tex
|
||||
SF:t/plain;\x20charset=utf-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x20
|
||||
SF:Request")%r(SSLSessionReq,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nCon
|
||||
SF:tent-Type:\x20text/plain;\x20charset=utf-8\r\nConnection:\x20close\r\n\
|
||||
SF:r\n400\x20Bad\x20Request")%r(TerminalServerCookie,67,"HTTP/1\.1\x20400\
|
||||
SF:x20Bad\x20Request\r\nContent-Type:\x20text/plain;\x20charset=utf-8\r\nC
|
||||
SF:onnection:\x20close\r\n\r\n400\x20Bad\x20Request")%r(TLSSessionReq,67,"
|
||||
SF:HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-Type:\x20text/plain;\x20c
|
||||
SF:harset=utf-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x20Request")%r(K
|
||||
SF:erberos,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-Type:\x20text
|
||||
SF:/plain;\x20charset=utf-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x20R
|
||||
SF:equest")%r(LPDString,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-
|
||||
SF:Type:\x20text/plain;\x20charset=utf-8\r\nConnection:\x20close\r\n\r\n40
|
||||
SF:0\x20Bad\x20Request")%r(LDAPSearchReq,67,"HTTP/1\.1\x20400\x20Bad\x20Re
|
||||
SF:quest\r\nContent-Type:\x20text/plain;\x20charset=utf-8\r\nConnection:\x
|
||||
SF:20close\r\n\r\n400\x20Bad\x20Request")%r(SIPOptions,67,"HTTP/1\.1\x2040
|
||||
SF:0\x20Bad\x20Request\r\nContent-Type:\x20text/plain;\x20charset=utf-8\r\
|
||||
SF:nConnection:\x20close\r\n\r\n400\x20Bad\x20Request");
|
||||
Service Info: Host: PANDA; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
|
||||
|
||||
Host script results:
|
||||
|_clock-skew: mean: 1h20m07s, deviation: 2h18m34s, median: 7s
|
||||
|_nbstat: NetBIOS name: PANDA, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
|
||||
| smb-os-discovery:
|
||||
| OS: Windows 6.1 (Samba 4.9.1)
|
||||
| Computer name: panda
|
||||
| NetBIOS computer name: PANDA\x00
|
||||
| Domain name: \x00
|
||||
| FQDN: panda
|
||||
|_ System time: 2020-10-03T06:51:44-04:00
|
||||
| smb-security-mode:
|
||||
| account_used: <blank>
|
||||
| authentication_level: user
|
||||
| challenge_response: supported
|
||||
|_ message_signing: disabled (dangerous, but default)
|
||||
| smb2-security-mode:
|
||||
| 2.02:
|
||||
|_ Message signing enabled but not required
|
||||
| smb2-time:
|
||||
| date: 2020-10-03T10:51:44
|
||||
|_ start_date: N/A
|
||||
|
||||
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
|
||||
Nmap done: 1 IP address (1 host up) scanned in 134.43 seconds
|
||||
|
||||
```
|
||||
|
||||
|
||||
### PORT 80
|
||||
|
||||
Username `shifu`. Bruteforce with this username
|
Loading…
Reference in a new issue