|
|
| Line 1: |
Line 1: |
| − | ==Description==
| |
| − | "DC-9 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
| |
| | | | |
| − | The ultimate goal of this challenge is to get root and to read the one and only flag.
| |
| − |
| |
| − | Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools."
| |
| − |
| |
| − | You can download the machine at https://www.vulnhub.com/entry/dc-9,412/
| |
| − |
| |
| − | <br />
| |
| − |
| |
| − | ==Enumeration==
| |
| − |
| |
| − | ===Scans===
| |
| − |
| |
| − |
| |
| − |
| |
| − | nmap -vvv -p- -sC -sV -T4 -oX dc-9.xml 192.168.50.49 && xsltproc dc-9.xml -o dc-9.html<gallery widths="500" heights="400">
| |
| − | File:Dc-9 nmap scan.png
| |
| − | </gallery>nikto -host 192.168.50.49
| |
| − | <gallery widths="500" heights="400">
| |
| − | [[File:DC-9 Nikto scan.png|left|thumb]]
| |
| − | </gallery>
| |
| − |
| |
| − |
| |
| − | We can see that the machine is hosting a web page on port 80 lets check it out. <br />Webpage
| |
| | | | |
| | <br /> | | <br /> |
