| ターゲット // Internal | |
|---|---|
| Platform | OffSec Proving Grounds |
| OS | Windows |
| Difficulty | Easy |
| IP | 192.168.x.x |
Enumeration
Nmap
The exposed surface is minimal — SMB is the only port in play:
▶ Nmap output
PORT STATE SERVICE VERSION
445/tcp open microsoft-ds
An old Windows host exposing SMB. Post-exploitation sysinfo confirms the target: Windows Server 2008 (6.0 Build 6001, SP1), x86, workgroup member. That 32-bit architecture matters — it kills one of the two rabbit holes below.