var unreadAlerts = '1';
You have one unread private message from dkota titled Welcome to the Forum!

New user needs help.
#1
so i scan with nmap and get some open ports, what are the next steps? i am very new to all this
Report
#2
TechnWoE Wrote: so i scan with nmap and get some open ports, what are the next steps? i am very new to all this

Depends what are you scanning XD....
First you need to do "recon" before trying to exploit anything. That's simple : get as much informations as possible that include port scanning but you will have to do a ton of other things (service vulns, nmap tcp fingerprinting, os detection). Then you can do CVE scan with tools like jok3r or nmap NSE script like vuln. With only port scanning you already have an idea what service is running on the host, you can check the version to know its vulnerabilities for example.
Just don't forget that hacking is research and not running scripts, you will always have to find ways and tricks to exploit something nmap is a tool to help...
Here are some cool nmap command you can use to find interesting infos:
  1. Banner grabbing
    Code:
    nmap -vv -sV -A --script=banner <target>
  2. Scanning for common vulns
    Code:
    nmap -vv -sV -A --script vuln <target>
  3. Small network scan, to know how much device there is on the current network + OS detection
    Code:
    nmap -vv -A -Pn -O 192.168.1.1-99
We are Light Hat Arsenal, we are hackers for the light !
Reply Quote // Report
#3
TechnWoE Wrote: so i scan with nmap and get some open ports, what are the next steps? i am very new to all this


check all vulnerabilities there maybe. You'll need more than nmap. Use zap or nikto and so much more.
Reply Quote // Report
#4
Next step would likely be to identify the services and their version for each open port
after that you search for ways to possibly attack any of these services.

you can also always consult sites like this: pentest-standard.org
There are multiple ones like this, each with a slightly different way of going about things.
The killchain is still the same for most of them. You will get familiar with the cycle very rapidly
if you practice some machines. HTB and vulnhub where my go to sites to practice
Reply Quote // Report


Quick Reply
Message
Type your reply to this message here.





Users browsing this thread: purely_cabbage
var thread_deleted = "0"; if(thread_deleted == "1") { $("#quick_reply_form, .new_reply_button, .thread_tools, .inline_rating").hide(); $("#moderator_options_selector option.option_mirage").attr("disabled","disabled"); }