No.5-Jeeves-难度普通-HTB-walkthrough
攻击机:官方Kali linux 2019 64位
作者:Ikonw
靶机介绍
一,端口扫描
日常的 HTTP端口80 和 端口50000 Jetty HTTP服务器
Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-03 15:11 +08
Nmap scan report for 10.10.10.63
Host is up (0.27s latency).
PORT STATE SERVICE VERSION
80/tcp open http Microsoft IIS httpd 10.0
| http-methods:
|_ Potentially risky methods: TRACE
|_http-server-header: Microsoft-IIS/10.0
|_http-title: Ask Jeeves
135/tcp open msrpc Microsoft Windows RPC
445/tcp open microsoft-ds Microsoft Windows 7 - 10 microsoft-ds (workgroup: WORKGROUP)
50000/tcp open http Jetty 9.4.z-SNAPSHOT
|_http-server-header: Jetty(9.4.z-SNAPSHOT)
|_http-title: Error 404 Not Found
Service Info: Host: JEEVES; OS: Windows; CPE: cpe:/o:microsoft:windows
Host script results:
|_clock-skew: mean: 5h00m43s, deviation: 0s, median: 5h00m43s
|_smb-os-discovery: ERROR: Script execution failed (use -d to debug)
| smb-security-mode:
| authentication_level: user
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
| smb2-security-mode:
| 2.02:
|_ Message signing enabled but not re