🆕October [MEDIUM🔵]
Dificultad: Medio
Última actualización
Dificultad: Medio
Última actualización
ping -c 1 10.10.10.16❯ ping -c 1 10.10.10.16
PING 10.10.10.16 (10.10.10.16) 56(84) bytes of data.
64 bytes from 10.10.10.16: icmp_seq=1 ttl=63 time=173 ms
--- 10.10.10.16 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 172.550/172.550/172.550/0.000 msTTL <= 64 >>(Linux)
TTL <= 128 >> (Windows)nmap -sS -sCV -p- --min-rate 5000 --open -n -Pn -vvv 10.10.10.16 -oN escaneo.txt❯ nmap -sS -sCV -p- --min-rate 5000 --open -n -Pn -vvv 10.10.10.16 -oN escaneo.txt
Starting Nmap 7.95 ( https://nmap.org ) at 2025-03-16 20:40 -03
Nmap scan report for 10.10.10.16
Host is up (0.18s latency).
Not shown: 65533 filtered tcp ports (no-response)
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 1024 79:b1:35:b6:d1:25:12:a3:0c:b5:2e:36:9c:33:26:28 (DSA)
| 2048 16:08:68:51:d1:7b:07:5a:34:66:0d:4c:d0:25:56:f5 (RSA)
| 256 e3:97:a7:92:23:72:bf:1d:09:88:85:b6:6c:17:4e:85 (ECDSA)
|_ 256 89:85:90:98:20:bf:03:5d:35:7f:4a:a9:e1:1b:65:31 (ED25519)
80/tcp open http Apache httpd 2.4.7 ((Ubuntu))
|_http-title: October CMS - Vanilla
|_http-server-header: Apache/2.4.7 (Ubuntu)
| http-methods:
|_ Potentially risky methods: PUT PATCH DELETE
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 42.54 secondswhatweb http://10.10.10.16❯ whatweb http://10.10.10.16
http://10.10.10.16 [200 OK] Apache[2.4.7], Cookies[october_session], Country[RESERVED][ZZ], HTML5, HTTPServer[Ubuntu Linux][Apache/2.4.7 (Ubuntu)], HttpOnly[october_session], IP[10.10.10.16], Meta-Author[October CMS], PHP[5.5.9-1ubuntu4.21], Script, Title[October CMS - Vanilla], X-Powered-By[PHP/5.5.9-1ubuntu4.21]dirb http://10.10.10.16/ -o fuzzing_dirb.txt❯ dirb http://10.10.10.16/ -o fuzzing_dirb.txt
-----------------
DIRB v2.22
By The Dark Raver
-----------------
OUTPUT_FILE: fuzzing_dirb.txt
START_TIME: Sun Mar 16 21:07:15 2025
URL_BASE: http://10.10.10.16/
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt
-----------------
GENERATED WORDS: 4612
---- Scanning URL: http://10.10.10.16/ ----
+ http://10.10.10.16/account (CODE:200|SIZE:5089)
+ http://10.10.10.16/backend (CODE:302|SIZE:400)
+ http://10.10.10.16/blog (CODE:200|SIZE:4252)
+ http://10.10.10.16/Blog (CODE:200|SIZE:4252)
==> DIRECTORY: http://10.10.10.16/config/
+ http://10.10.10.16/error (CODE:200|SIZE:3343)
+ http://10.10.10.16/forgot-password (CODE:200|SIZE:3837)
+ http://10.10.10.16/forum (CODE:200|SIZE:9589)
+ http://10.10.10.16/index.php (CODE:200|SIZE:5163)
==> DIRECTORY: http://10.10.10.16/modules/
==> DIRECTORY: http://10.10.10.16/plugins/
+ http://10.10.10.16/server-status (CODE:403|SIZE:291)
==> DIRECTORY: http://10.10.10.16/storage/
==> DIRECTORY: http://10.10.10.16/tests/
==> DIRECTORY: http://10.10.10.16/themes/
==> DIRECTORY: http://10.10.10.16/vendor/