+ Uncommon header 'tcn' found, with contents: list Apache 2.2.34 is the EOL for the 2.x branch.
+ Apache/2.2.22 appears to be outdated (current is at least Apache/2.4.37). This could allow the user agent to render the content of the site in a different fashion to the MIME type + The X-Content-Type-Options header is not set. This header can hint to the user agent to protect against some forms of XSS + The X-XSS-Protection header is not defined. + The anti-clickjacking X-Frame-Options header is not present. + Server may leak inodes via ETags, header found with file /, inode: 1706318, size: 177, mtime: Mon May 11 13:55:10 2020 One of the first things I do is look in user folder for clues, here we see nikto -h Individual files in /usr/share/doc/*/copyright.ĭebian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent The exact distribution terms for each program are described in the
Bittorrent sync resilio software#
The programs included with the Debian GNU/Linux system are free software Warning: Permanently added '192.168.0.18' (ECDSA) to the list of known password:
We get a user called trunks, with a password u$3r, let’s try that SSH port we found ssh authenticity of host '192.168.0.18 (192.168.0.18)' can't be established.ĮCDSA key fingerprint is SHA256:XL6IZaa/M6erCuxf2qEiDREMhwGWxwoGjo0XfO47bmU.Īre you sure you want to continue connecting (yes/no/)? yes Now we have a wav file, playing it we can tell it is morse code, use decoder to see what it says: We find a file and a few interesting sounding directories, let’s have a look: ┌──(kali㉿puckie)-Ĭonnecting to 192.168.159.73:80. Wordlist: /usr/share/wordlists/SecLists/Discovery/Web-Content/ Gobuster -t 100 dir -e -w /usr/share/wordlists/SecLists/Discovery/Web-Content/ -u -x phpīy OJ Reeves & Christian Mehlmauer Url:
0 kommentar(er)
