SF:t/html\r\nContent-Length:\x20340\r\nConnection:\x20close\r\nAuthInfo:\x SF:ml\r\nContent-Length:\x200\r\nConnection:\x20close\r\nAuthInfo:\x20\r\n =NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)= If you know the service/version, please submit the following fingerprints at : |_ssl-date: TLS randomness does not represent timeĢ services unrecognized despite returning data. | ssl-cert: Subject: commonName=localhost | FourOhFourRequest, HTTPOptions, RTSPRequest, SIPOptions:
#HACK ROUTER PORT 5355 WINDOWS#
|_http-title: Site doesn't have a title (text/html).ġ39/tcp open netbios-ssn Microsoft Windows netbios-ssn
#HACK ROUTER PORT 5355 CODE#
| ftp-anon: Anonymous FTP login allowed (FTP code 230)Ģ2/tcp open ssh OpenSSH for_Windows_7.7 (protocol 2.0) The simple command nmap scans the most commonly used 1,000 TCP ports on the host.
#HACK ROUTER PORT 5355 PASSWORD#
NVMS-1000 Path Traversal allows retrieval of above discovered password file ( CVE).Anonymous FTP reveals location of password file.I had about 8 hours or so when I started. My motivation for doing this machine was to challenge myself to do it before it got retired. It is an easy Windows machine, and largely relies on CVE's for exploitation. This is a writeup for the HackTheBox machine ServMon.