靶机下载地址:https://hackmyvm.eu/machines/machine.php?vm=Dentacare。
扫描端口,开放了22、80和8000。
└─$ nmap -sV -sC -Pn -p- -oN port.log 192.168.56.136
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 9.2p1 Debian 2+deb12u2 (protocol 2.0)
| ssh-hostkey:
| 256 e7:ce:f2:f6:5d:a7:47:5a:16:2f:90:07:07:33:4e:a9 (ECDSA)
|_ 256 09:db:b7:e8:ee:d4:52:b8:49:c3:cc:29:a5:6e:07:35 (ED25519)
80/tcp open http Werkzeug/3.0.2 Python/3.11.2
|_http-server-header: Werkzeug/3.0.2 Python/3.11.2
|_http-title: DentaCare Corporation
| fingerprint-strings:
...
8000/tcp open http Apache httpd 2.4.57
|_http-title: 403 Forbidden
|_http-server-header: Apache/2.4.57 (Debian)