Nmap, Gobuster, JohnTheRipper

Nmap

-p-: scan all port

-Pn: Disable host discovery and just scan for open ports

-sV: Service Scan

-sC: Scan with the default nmap scripts

-A: Enables OS and version detection, executes in-build scripts for further enumeration 

 

nmap -sV -vv --script vuln TARGET_IP
포트 명시 안하면 기본적으로 1000개를 검색한다.
--script vuln : 스크립트 파일명에 vuln이 포함된 nse파일을 검색한다.

 

 

GoBuster flag

gobuster dir -u http://:3333 -w

 

Description
-e: Print the full URLs in your console
-u: The target URL
-w: Path to your wordlist
-U and -P: Username and Password for Basic Auth
-p : Proxy to use for requests
-c : Specify a cookie for simulating your aut
-v: vervose
-t: thread
-o: output

 

Example
gobuster.exe -p http://127.0.0.1:9090 dir -w dictionary_1500.txt -v --wildcard -l -u https://test.com/ -t 5 -o 10619.txt

 

 

John The Ripper
root@kali:/THM# john --format=NT --wordlist=/root/Desktop/rockyou.txt hash.txt