Port Scanning and Information Gathering With Nmap and Nikto | TryHackMe Probe
We covered scanning hosts for services, open ports, running software, hidden directories using scanning tools such as Nmap and Nikto. We gathered details such as the ports the webserver is running on, the version of the webserver, domain and email information, hidden directories, the PHP version and the content management system running on the machine. We also discovered ssh and FTP server along with other services running on non-standard ports. This was part of TryHackMe Probe.
We used the below commands to run the Nmap scans:
nmap -p- -T4 IP
nmap -p80,1443,9007,443 -A IP
We also used the below commands to scan for hidden directories with gobuster
sudo dir gobuster -u http://IP:8000 -w /usr/share/wordlists/dirbuster/common.txt
We used Nikto and wpscan to reveal more detail about the webserver and the CMS
wpscan — url http://IP:9007 — enumerate ap,at,cb,dbe — disable-tls-checks
wpscan — url http://IP:9007 — enumerate u — disable-tls-checks
Full Writeup is here.
Video Walkthrough
