sudo nmap --min-rate 10000 -p- 10.10.253.243 [sudo] mikannse 的密码: Starting Nmap 7.94 ( https://nmap.org ) at 2023-11-29 06:01 UTC Warning: 10.10.253.243 giving up on port because retransmission cap hit (10). Nmap scan report for 10.10.253.243 Host is up (0.35s latency). Not shown: 65533 closed tcp ports (reset) PORT STATE SERVICE 22/tcp open ssh 80/tcp open http
sudo nmap -sT -sV -sC -O -p22,80 10.10.253.243 Starting Nmap 7.94 ( https://nmap.org ) at 2023-11-29 06:02 UTC Nmap scan report for 10.10.253.243 Host is up (0.25s latency).
PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 57:20:82:3c:62:aa:8f:42:23:c0:b8:93:99:6f:49:9c (DSA) | 2048 4c:40:db:32:64:0d:11:0c:ef:4f:b8:5b:73:9b:c7:6b (RSA) | 256 f7:6f:78:d5:83:52:a6:4d:da:21:3c:55:47:b7:2d:6d (ECDSA) |_ 256 a5:b4:f0:84:b6:a7:8d:eb:0a:9d:3e:74:37:33:65:16 (ED25519) 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) |_http-title: 0day |_http-server-header: Apache/2.4.7 (Ubuntu) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Aggressive OS guesses: Linux 3.10 - 3.13 (96%), Linux 5.4 (95%), ASUS RT-N56U WAP (Linux 3.4) (95%), Linux 3.16 (95%), Linux 3.1 (93%), Linux 3.2 (93%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (93%), Sony Android TV (Android 5.0) (93%), Android 5.0 - 6.0.1 (Linux 3.4) (93%), Android 5.1 (93%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 23.80 seconds
sudo nmap --script=vuln -p22,80 10.10.253.243 [sudo] mikannse 的密码: Starting Nmap 7.94 ( https://nmap.org ) at 2023-11-29 06:02 UTC Nmap scan report for 10.10.253.243 Host is up (0.26s latency).
PORT STATE SERVICE 22/tcp open ssh 80/tcp open http |_http-csrf: Couldn't find any CSRF vulnerabilities. |_http-dombased-xss: Couldn't find any DOM based XSS. |_http-stored-xss: Couldn't find any stored XSS vulnerabilities. | http-slowloris-check: | VULNERABLE: | Slowloris DOS attack | State: LIKELY VULNERABLE | IDs: CVE:CVE-2007-6750 | Slowloris tries to keep many connections to the target web server open and hold | them open as long as possible. It accomplishes this by opening connections to | the target web server and sending a partial request. By doing so, it starves | the http server's resources causing Denial Of Service. | | Disclosure date: 2009-09-17 | References: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750 |_ http://ha.ckers.org/slowloris/ | http-enum: | /admin/: Possible admin folder | /admin/index.html: Possible admin folder | /backup/: Possible backup | /robots.txt: Robots file | /css/: Potentially interesting directory w/ listing on 'apache/2.4.7 (ubuntu)' | /img/: Potentially interesting directory w/ listing on 'apache/2.4.7 (ubuntu)' | /js/: Potentially interesting directory w/ listing on 'apache/2.4.7 (ubuntu)' | /secret/: Potentially interesting folder |_ /uploads/: Potentially interesting folder
Nmap done: 1 IP address (1 host up) scanned in 347.83 seconds
