Hydra brute force port scan code#
Looking at the source code of /admin I find the username of admin I will use hydra for this.įirst I will need a username. Since the name of the box is Brute It, I will likely need to brute force this login. Wordlist: /usr/share/wordlists/dirbuster/ Here I find gobuster dir -u 10.10.119.208 -w /usr/share/wordlists/dirbuster/ -x htmlīy OJ Reeves & Christian Mehlmauer Url: Since port 80 is open with HTTP, I run gobuster against it. Nmap done: 1 IP address (1 host up) scanned in 38.92 seconds
Service Info: OS: Linux CPE: cpe:/o:linux:linux_kernel
|_http-title: Apache2 Ubuntu Default Page: It works
|_http-server-header: Apache/2.4.29 (Ubuntu) 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux protocol 2.0)