Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-10-15 15:02 CST Stats: 0:05:21 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 98.06% done; ETC: 15:07 (0:00:06 remaining) Stats: 0:05:45 elapsed; 0 hosts completed (1 up), 1 undergoing Traceroute Traceroute Timing: About 32.26% done; ETC: 15:08 (0:00:00 remaining) Nmap scan report for 10.10.235.246 Host is up (0.30s latency). Not shown: 65532 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 58:1b:0c:0f:fa:cf:05:be:4c:c0:7a:f1:f1:88:61:1c (RSA) | 256 3c:fc:e8:a3:7e:03:9a:30:2c:77:e0:0a:1c:e4:52:e6 (ECDSA) |_ 256 9d:59:c6:c7:79:c5:54:c4:1d:aa:e4:d1:84:71:01:92 (ED25519) 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) |_http-server-header: Apache/2.4.18 (Ubuntu) | http-robots.txt: 1 disallowed entry |_/ |_http-title: Mustacchio | Home 8765/tcp open http nginx 1.10.3 (Ubuntu) |_http-server-header: nginx/1.10.3 (Ubuntu) |_http-title: Mustacchio | Login Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose|specialized|storage-misc Running (JUST GUESSING): Linux 3.X|5.X (90%), Crestron 2-Series (86%), HP embedded (85%) OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:5.4 cpe:/o:crestron:2_series cpe:/h:hp:p2000_g3 Aggressive OS guesses: Linux 3.10 - 3.13 (90%), Linux 5.4 (88%), Crestron XPanel control system (86%), HP P2000 G3 NAS device (85%) No exact OS matches for host (test conditions non-ideal). Network Distance: 2 hops Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 22/tcp) HOP RTT ADDRESS 1 275.52 ms 10.14.0.1 2 355.01 ms 10.10.235.246
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 361.77 seconds
可以看出开放了22,80,8765端口
80端口
扫描下目录
gobuster dir -u http://10.10.235.246/ -w /usr/share/wordlists/dirb/common.txt