Month: December 2017

SickOS 1.2 Walkthrough

SickOS 1.2 Walkthrough

Penetration Testing, Security
Since I have managed to put down SickOS 1.1, I guess the next challenge would be visiting SickOS 1.2. After setting up the machine through VMWare, an initial Nmap scan towards 192.168.209.161 (Address of SickOS 1.2) has shown the following output: By the results shown, only two TCP ports were open. One SSH and another one is an HTTP service. Firing up Mozilla in Kali and typing in the IP address 192.168.209.161 should give us this output: The next things to do were: Check robots.txt (Not found) Check source code of web page (Nothing really useful) Use dirb Use HTTP Nmap scripts against the main directory (Nothing really useful)   Looking at the HTTP headers when browsing the website, it was also found that the server was using lighttpd 1.4.28 (als...