Hackthebox

User flag It is not really necessary to start this one with nmap, but it’s never a bad first step root@kali:~# nmap -sS -Pn -sV 10.10.10.68 Starting Nmap 7.70 ( https://nmap.org ) at 2020-01-13 13:20 CET Nmap scan report for 10.10.10.68 Host is up (0.11s latency). Not shown: 999 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 10.24 seconds As we can see, only port 80 is opened. After opening it in web browser, there is a unfinished, but already launched website. We can dig a bit through it, just to learn that it is connected to a phpbash project. That’s nice, but we want to speed things up. ...