$ sudo nmap -sP 192.168.31.0/24 Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-13 13:52 CST ... Nmap scan report for 192.168.31.210 Host is up (0.00043s latency). MAC Address: 08:00:27:68:18:58 (Oracle VirtualBox virtual NIC) ... Nmap done: 256 IP addresses (7 hosts up) scanned in 2.17 seconds
$ sudo nmap -A 192.168.31.210 Starting Nmap 7.70 ( https://nmap.org ) at 2018-05-13 13:52 CST Nmap scan report for 192.168.31.210 Host is up (0.00046s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 af:b9:68:38:77:7c:40:f6:bf:98:09:ff:d9:5f:73:ec (RSA) | 256 b9:df:60:1e:6d:6f:d7:f6:24:fd:ae:f8:e3:cf:16:ac (ECDSA) |_ 256 78:5a:95:bb:d5:bf:ad:cf:b2:f5:0f:c0:0c:af:f7:76 (ED25519) 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) | http-robots.txt: 8 disallowed entries | / /backup /admin /admin_area /r00t /uploads |_/uploaded_files /flag |_http-server-header: Apache/2.4.18 (Ubuntu) | http-title: Sign-Up/Login Form |_Requested resource was login.php MAC Address: 08:00:27:68:18:58 (Oracle VirtualBox virtual NIC) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Network Distance: 1 hop Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE HOP RTT ADDRESS 1 0.46 ms 192.168.31.210
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 8.84 seconds
基本的檢測以後發現有開啟 ssh 和 web server 服務,而且有 robots.txt ,馬上先看到 /flag 得到第一個 flag:
