| ターゲット // Wombo | |
|---|---|
| Platform | OffSec Proving Grounds |
| OS | Linux |
| Difficulty | Easy |
| IP | 192.168.105.69 |
Enumeration
Nmap
▶ Nmap output
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u7
80/tcp open http nginx 1.10.3
6379/tcp open redis Redis key-value store 5.0.9
8080/tcp open http-proxy
27017/tcp open mongod?
Multiple services, but Redis on 6379 with no authentication is the obvious target. Port 8080 runs NodeBB – a rabbit hole.