Enumeration

Running nmap scan on the target machine

nmap -sV -sC -A -p 0-10000 10.129.212.3

Open ports are 22 and 5000, identified as OpenSSH and Gunicorn

Incase you are wondering what Gunicorn is,

Using the Dirbuster console to get more information on the target URL + Gunicorn

Used auto switch, increased the threads, also used list based brute force, common.txt list

Dirbuster finds /feed and /upload. The upload page allows uploading of XML files

Last updated 1 year ago