nmap 10.129.171.69 nmap 10.129.171.69 -A -p 21,80
ftp 10.129.171.69 Anonymous #登录 ls #列出目录 get allowed.userlist get allowed.userlist.passwd exit cat allowed.userlist cat allowed.userlist.passwd
gobuster dir -u 10.129.171.69 -w /usr/share/dirbuster/wordlists/directory-list-2.3-small.txt -x .php
What Nmap scanning switch employs the use of default scripts during a scan?
What service version is found to be running on port 21?
What FTP code is returned to us for the "Anonymous FTP login allowed" message?
After connecting to the FTP server using the ftp client, what username do we provide when prompted to log in anonymously?
After connecting to the FTP server anonymously, what command can we use to download the files we find on the FTP server?
What is one of the higher-privilege sounding usernames in 'allowed.userlist' that we download from the FTP server?
What version of Apache HTTP Server is running on the target host?
Apache httpd 2.4.41
What switch can we use with Gobuster to specify we are looking for specific filetypes?
Which PHP file can we identify with directory brute force that will provide the opportunity to authenticate to the web service?