Sign in
Sign in
Recover your password.
A password will be e-mailed to you.
Browsing Category
Common ports and services
Port 139 and 445- SMB/Samba
Samba is a service that allows the user to share files with other computers. It has interoperability, which means that it can share stuff between Linux and Windows systems. A windows user will simply see an icon for a folder that includes…
Port 1433 – MsSQL
Nmap Information Gathering:
nmap -p 1433 --script ms-sql-info,ms-sql-empty-password,ms-sql-xp-cmdshell,ms-sql-config,ms-sql-ntlm-info,ms-sql-tables,ms-sql-hasdbaccess,ms-sql-dac,ms-sql-dump-hashes --script-args…
Port 80/443 – HTTP/HTTPS
Find hidden files and directories:
# Dirb
dirb https://192.168.1.101
or
# Gobuster - remove relevant responde codes (403 for example)
gobuster -u http://192.168.1.101 -w…
Port 25 – SMTP
SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. It is normally worked with one of two other protocols, POP3 or IMAP, that allow the user to save messages in a server mailbox and download them…
Port 23 – Telnet
Telnet protocol considered insecure because it doesn't encrypt data. The protocol is old and is affected by various Code-Execution vulnerabilities, might be worth checking exploit-db.com for that.
Brute force Telnet with Nmap:
nmap -p…
Port 22 – SSH
SSH is a very popular method to securely communicate with a remote host. SSH is old and basic technology so most recent versions are well secured. You can discover out the version of the SSH by scanning it with nmap or by connecting with it…
Port 21 – FTP
FTP is a service that is usually used in Web Servers from admins for accessing the data remotely. So it's a fact that you will find this service in one of our clients' systems during penetration testing.
Connect to the ftp-server to…