Sign in
Sign in
Recover your password.
A password will be e-mailed to you.
Port 88 – Kerberos
Kerberos is a protocol that is used for network authentication. Various versions are used by *nix and Windows. But if you notice a machine with port 88 (Kerberos ) open you can be fairly sure that it is a Domain Controller.
So, if you…
Port 111/135 – RPC/MSRPC
Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another machine on a network without having to understand the network's details. A procedure call is also sometimes known as a…
Port 3306 – MySQL
Always try to test the following credentials:
Username: root
Password: root
Connect to MySQL:
mysql --host=192.168.1.101 -u root -p
mysql -h 192.168.1.101 -u root
mysql -h 192.168.1.101 -u [email protected]
Nmap:
nmap -sV -Pn -vv…
Port 139 and 445- SMB/Samba
Samba is a service that allows the user to share files with other computers. It has interoperability, which means that it can share stuff between Linux and Windows systems. A windows user will simply see an icon for a folder that includes…
Port 1433 – MsSQL
Nmap Information Gathering:
nmap -p 1433 --script ms-sql-info,ms-sql-empty-password,ms-sql-xp-cmdshell,ms-sql-config,ms-sql-ntlm-info,ms-sql-tables,ms-sql-hasdbaccess,ms-sql-dac,ms-sql-dump-hashes --script-args…
Port 80/443 – HTTP/HTTPS
Find hidden files and directories:
# Dirb
dirb https://192.168.1.101
or
# Gobuster - remove relevant responde codes (403 for example)
gobuster -u http://192.168.1.101 -w…
Port 25 – SMTP
SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. It is normally worked with one of two other protocols, POP3 or IMAP, that allow the user to save messages in a server mailbox and download them…
Port 23 – Telnet
Telnet protocol considered insecure because it doesn't encrypt data. The protocol is old and is affected by various Code-Execution vulnerabilities, might be worth checking exploit-db.com for that.
Brute force Telnet with Nmap:
nmap -p…
Port 22 – SSH
SSH is a very popular method to securely communicate with a remote host. SSH is old and basic technology so most recent versions are well secured. You can discover out the version of the SSH by scanning it with nmap or by connecting with it…
Port 21 – FTP
FTP is a service that is usually used in Web Servers from admins for accessing the data remotely. So it's a fact that you will find this service in one of our clients' systems during penetration testing.
Connect to the ftp-server to…