nmap
___
( _ ) _ __ ___ __ _ _ __
/ _ \| '_ ` _ \ / _` | '_ \
| (_) | | | | | | (_| | |_) |
\___/|_| |_| |_|\__,_| .__/
|_|
adot8 <3
[+] Scanning 10.10.11.20 [65535 TCP ports]
[+] Enumerating 10.10.11.20 [22,80]
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-06-24 13:45 CDT
Nmap scan report for editorial.htb (10.10.11.20)
Host is up (0.13s latency).
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 256 0d:ed:b2:9c:e2:53:fb:d4:c8:c1:19:6e:75:80:d8:64 (ECDSA)
|_ 256 0f:b9:a7:51:0e:00:d5:7b:5b:7c:5f:bf:2b:ed:53:a0 (ED25519)
80/tcp open http nginx 1.18.0 (Ubuntu)
|_http-title: Editorial Tiempo Arriba
|_http-server-header: nginx/1.18.0 (Ubuntu)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 10.62 seconds
[+] Enumerating 10.10.11.20 for vulnerabilities [22,80]
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-06-24 13:45 CDT
Pre-scan script results:
| broadcast-avahi-dos:
| Discovered hosts:
| 224.0.0.251
| After NULL UDP avahi packet DoS (CVE-2011-1002).
|_ Hosts are all up (not vulnerable).
Nmap scan report for editorial.htb (10.10.11.20)
Host is up (0.12s latency).
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
| http-csrf:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=editorial.htb
| Found the following possible CSRF vulnerabilities:
|
| Path: http://editorial.htb:80/upload
| Form id:
|_ Form action: /upload
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-dombased-xss: Couldn't find any DOM based XSS.
| http-fileupload-exploiter:
|
| Couldn't find a file-type field.
|
| Couldn't find a file-type field.
|
| Couldn't find a file-type field.
|
| Couldn't find a file-type field.
|
|_ Couldn't find a file-type field.
Nmap done: 1 IP address (1 host up) scanned in 369.93 seconds
[+] Scanning 10.10.11.20 [1000 UDP ports]
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-06-24 13:51 CDT
Initiating Ping Scan at 13:51
Scanning 10.10.11.20 [4 ports]
Completed Ping Scan at 13:51, 0.18s elapsed (1 total hosts)
Initiating UDP Scan at 13:51
Scanning editorial.htb (10.10.11.20) [100 ports]
Increasing send delay for 10.10.11.20 from 0 to 50 due to max_successful_tryno increase to 5
Increasing send delay for 10.10.11.20 from 50 to 100 due to max_successful_tryno increase to 6
Warning: 10.10.11.20 giving up on port because retransmission cap hit (6).
Increasing send delay for 10.10.11.20 from 100 to 200 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 10.10.11.20 from 200 to 400 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 10.10.11.20 from 400 to 800 due to 11 out of 11 dropped probes since last increase.
Completed UDP Scan at 13:53, 94.29s elapsed (100 total ports)
Nmap scan report for editorial.htb (10.10.11.20)
Host is up (0.13s latency).
Not shown: 89 closed udp ports (port-unreach)
PORT STATE SERVICE
68/udp open|filtered dhcpc
88/udp open|filtered kerberos-sec
500/udp open|filtered isakmp
514/udp open|filtered syslog
1022/udp open|filtered exp2
1030/udp open|filtered iad1
2223/udp open|filtered rockwell-csp2
5060/udp open|filtered sip
20031/udp open|filtered bakbonenetvault
49181/udp open|filtered unknown
49188/udp open|filtered unknown
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 94.64 seconds
Raw packets sent: 402 (26.558KB) | Rcvd: 204 (33.760KB)
[+] Completed!Last updated
Was this helpful?