Linux CTF

Step 1. Reconnaissance & Enumeration nmap -Pn -n -p- -g 53 mango.htb --min-rate 1000 -oA port_scan cat port_scan.nmap | grep "open" | cut -d '/' -f 1 > port_scan.txt cat port_scan.txt | tr '\n' ',' | sed s/,$// > port_scan.txt nmap -Pn -n -sC -sV -p `cat port_scan.txt` mango.htb -oA version_scan PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 a8:8f:d9:6f:a6:e4:ee:56:e3:ef:54:54:6d:56:0c:f5 (RSA) | 256 6a:1c:ba:89:1e:b0:57:2f:fe:63:e1:61:72:89:b4:cf (ECDSA) |_ 256 90:70:fb:6f:38:ae:dc:3b:0b:31:68:64:b0:4e:7d:c9 (ED25519) 80/tcp open http Apache httpd 2....

Step 1. Reconnaissance & Enumeration nmap -Pn -n -p- -g 53 traverxec.htb --min-rate 1000 -oA port_scan cat port_scan.nmap | grep "open" | cut -d '/' -f 1 > port_scan.txt cat port_scan.txt | tr '\n' ',' | sed s/,$// > port_scan.txt nmap -Pn -n -sC -sV -p `cat port_scan.txt` traverxec.htb -oA version_scan PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.9p1 Debian 10+deb10u1 (protocol 2.0) | ssh-hostkey: | 2048 aa:99:a8:16:68💿41:cc:f9:6c:84:01:c7:59:09:5c (RSA) | 256 93:dd:1a:23:ee:d7:1f:08:6b:58:47:09:73:a3:88:cc (ECDSA) |_ 256 9d:d6:62:1e:7a:fb:8f:56:92:e6:37:f1:10:db:9b:ce (ED25519) 80/tcp open http nostromo 1....

Step 1. Reconnaissance & Enumerati It was found that nmap is taking long time. Therefore used masscan to scan all ports of forest machine. nmap -Pn -n -p- -g 53 registry.htb --min-rate 1000 -oA port_scan cat port_scan.nmap | grep "open" | cut -d '/' -f 1 > port_scan.txt cat port_scan.txt | tr '\n' ',' | sed s/,$// > port_scan.txt nmap -Pn -n -sC -sV -p `cat port_scan.txt` registry.htb -oA version_scan PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7....