Mango
Logo Creator OS Difficulty Points Release MrR3boot Linux Medium 30 Initial Scan I started the enumeration of Mango as usual with an NMAP quick scan, followed by the default script scan and a full port scan. With the script scan I identified three key ports for the box: 22, 80, and 443.
Command: nmap -sC -sV -oN nmap/def-script -p 22,80,443 10.10.10.162
PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.
Traverxec
Logo Creator OS Difficulty Points Release jkr Linux Easy 20 Initial Scan I started with an initial NMAP scan of the host, and discovered ports 22 and 80. Command: nmap -F -oN nmap/quick 10.10.10.165
PORT STATE SERVICE 22/tcp open ssh 80/tcp open http Further script scanning revealed that the HTTP service was running nostromo 1.9.6. Command: nmap -sC -sV -oN nmap/def-script -p 22,80 10.10.10.165
PORT STATE SERVICE VERSION 80/tcp open http nostromo 1.
Registry
Logo Creator OS Difficulty Points Graph thek Linux Hard 40 Reconnaissance Registry is a Ubuntu host running a private docker registry server guarded by weak credentials. With some enumeration of the service, I was able to locate a certificate that allowed me to pull the docker image and examine the filesystem, which gave me an encrypted SSH key and its password. With the user account, I dug through the SQLite database for the web server and found admin credentials.
Forest
Logo Creator OS Difficulty Points Graph egre55 & mrb3n Windows Easy 20 Initial Scan My initial scan revealed a lot of open ports, and even more with more in-depth scanning. Some of the most important services I noticed are below:
Nmap 7.80 scan initiated Wed Jan 15 17:20:09 2020 as: nmap -sC -sV -p 53,88,135,139,389,445 -oN nmap/def-script 10.10.10.161 Nmap scan report for 10.10.10.161 Host is up (0.38s latency). PORT STATE SERVICE VERSION 53/tcp open domain?
Bitlab
Logo Creator OS Difficulty Points Graph Frey & thek Linux Medium 30 Initial Scan I identified two open ports (22 and 80) with my quick scan: nmap -F 10.10.10.114. I’ll do a script scan to get some more information.