Scanning and Enumeration
Scanning
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1.10 (Ubuntu Linux; protocol 2.0)
80/tcp open http Apache httpd 2.2.22 ((Ubuntu))
443/tcp open ssl/http Apache httpd 2.2.22 ((Ubuntu))
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Things we need to ask ourselves. Is this system at the end of it's life? If it is we can check if it is vulnerable to heartbleed. In this case, this machine uses ubuntu precise which was last updated in 2014. We might be able to find if it is vulnerable to heartbleed. Since it is an older machine we can run a vulnerability script with the following command to check for vulnerabilities.
nmap --script vuln -oA vulnscan 10.10.10.79

We can also confirm thatvulnerable to heartbleed by running sslyze.
sslyze --heartbleed 10.10.10.79:443

Enumeration

Port 22
Potential command Execution
Port 80 and 443


Gobuster Scan

Found key


Last updated
Was this helpful?