Services

NMAP Scan

Quick Scan

nmap 10.129.42.253

Long Scan (scan all ports)

nmap -p- 10.129.42.253

Enumerate versions

nmap -sV 10.129.42.253

Run Default Scripts

nmap -sC 10.129.42.253

Using netcat

nc -nv 10.129.42.253 21

Using NMAP

nmap -sV --script=banner <target>

Tools to Interact with Common Services

SMB

FTP

Email

Databases

smbclient

ftp

Thunderbird

mssql-cli

CrackMapExec

lftp

Claws

mycli

SMBMap

ncftp

Geary

mssqlclient.py

Impacket

filezilla

MailSpring

dbeaver

psexec.py

crossftp

mutt

MySQL Workbench

smbexec.py

mailutils

SQL Server Management Studio or SSMS

sendEmail

swaks

sendmail

Service Misconfigurations

  • Authentication

    • Anonymous Authentication

    • Misconfigured Access Rights

  • Unnecessary Defaults

Preventing Misconfigurations

  • Admin interfaces should be disabled.

  • Debugging is turned off.

  • Disable the use of default usernames and passwords.

  • Set up the server to prevent unauthorized access, directory listing, and other issues.

  • Run scans and audits regularly to help discover future misconfigurations or missing fixes.

Finding Sensitive Information

Sensitive information may include, but is not limited to:

  • Usernames.

  • Email Addresses.

  • Passwords.

  • DNS records.

  • IP Addresses.

  • Source code.

  • Configuration files.

  • PII.

PreviousScriptsNextHTTP (80)

Last updated