| ターゲット // AuthBy | |
|---|---|
| Platform | OffSec Proving Grounds |
| OS | Windows |
| Difficulty | Medium |
| IP | 192.168.100.46 |
Enumeration
Nmap
▶ Nmap output
PORT STATE SERVICE VERSION
21/tcp open ftp zFTPServer 6.0 build 2011-10-17
242/tcp open http Apache httpd 2.2.21 ((Win32) PHP/5.3.8)
3145/tcp open zftp-admin zFTPServer admin
3389/tcp open ssl/ms-wbt-server?
Windows Server 2008 box. An ancient zFTPServer on 21, an HTTP app on the non-standard port 242 sitting behind HTTP Basic auth, the zFTPServer admin interface on 3145, and RDP on 3389. The name of the box is the hint: authentication is the whole game here.