Compiled

Aug 8, 2024
HTB Windows

nmap -A -p- -oA compiled 10.10.11.26 --min-rate=10000 --script=vuln --script-timeout=15 -v

nmap -sC -sV -O -p- -oA compiled 10.10.11.26

ping -c 1 10.10.11.26

echo "10.10.11.26 board.htb crm.board.htb" | sudo tee -a /etc/hosts

ssh_command.

nmap -sU -O -p- -oA compiled-udp 10.10.11.26

nmap -p- --open -T5 -v -n 10.10.11.26

nmap -p- --open -sS --min-rate 5000 -vvv -n -Pn 10.10.11.26 -oG allPorts

ssh_command.

extractPorts allPorts

nmap -sCV -p5000,5985,7680,3000 10.10.11.26 -oN targeted

ssh_command.

bc targeted -l rb

ssh_command.

whatweb http://10.10.11.26:3000

whatweb http://10.10.11.26:5000

ssh_command.

http://10.10.11.26:3000/explore/repos

ssh_command.

Vemos que en el puerto 5000 necesitamos introducir algo comprimido en .git

ssh_command.