Skip to main content

Kinh nghiệm exploit - bài 3 - network - chống brute force

Scanning

lika@learning:~/Downloads$ cnmap -sV -sC 10.129.241.14
Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-08 11:35 +07
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.23 seconds
lika@learning:~/Downloads$ cnmap -sV -sC 10.129.15.51
Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-08 11:35 +07
Stats: 0:01:29 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 99.99% done; ETC: 11:37 (0:00:00 remaining)
Nmap scan report for abc.xyz (10.129.15.51)
Host is up (0.38s latency).
Not shown: 999 closed tcp ports (reset)
PORT   STATE SERVICE VERSION
80/tcp open  http    nginx 1.14.2
|_http-server-header: nginx/1.14.2
|_http-title: Home page

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 125.23 seconds

Xác định host

curl -v $IP

do chỉ có port 80 là open, nên mình sẽ xài gubuster để scan directory

lika@learning:~/Downloads$ gobuster dir -u http://abc.xyz -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-small.txt

===============================================================
Gobuster v3.8
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url:                     http://abc.xyz
[+] Method:                  GET
[+] Threads:                 10
[+] Wordlist:                /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-small.txt
[+] Negative Status codes:   404
[+] User Agent:              gobuster/3.8
[+] Timeout:                 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
/contact              (Status: 200) [Size: 28673]
/home                 (Status: 200) [Size: 25802]
/media                (Status: 301) [Size: 185] [--> http://abc.xyz/media/]
/0                    (Status: 200) [Size: 25803]
/catalog              (Status: 302) [Size: 0] [--> http://abc.xyz/]
/static               (Status: 301) [Size: 185] [--> http://abc.xyz/static/]
/admin                (Status: 200) [Size: 7092]
/Home                 (Status: 301) [Size: 0] [--> http://abc.xyz/home]
/cms                  (Status: 200) [Size: 25817]