Enumeration

nmap using Script

#Nmap TCP Scan
nmap -sC -sV -Pn -p- -O -oN [File_Name] -T4 [IP]
#Nmap UDP Scan
nmap -sU -Pn -oN [UDP_SCAN] -T4 [IP]

<aside> πŸ’‘

nmap의 κ²°κ³Όλ₯Ό λ§Ήμ‹ ν•˜μ§€ 말자. 포트 λ²ˆν˜Έμ— 따라 좜λ ₯은 ν•˜μ§€λ§Œ, λ•Œλ‘œλŠ” μ•Œλ €μ§€μ§€ μ•Šμ€ ν¬νŠΈμ—μ„œ 정보λ₯Ό 얻을 수 μžˆλ‹€.

</aside>

μ‚¬μš©ν•œ Bash μ½”λ“œ[계속 좔가될 μ˜ˆμ •]

#!/bin/bash

while IFS= read -r ip; do
  last_three=$(echo "$ip" | awk -F. '{print $4}')
  output_dir="nmap/wan"
  mkdir -p "$output_dir"
  sudo nmap -sC -sV -Pn -T4 -O -oN "${output_dir}/${last_three}_TCP" "$ip"
done < target

-----------------------------
for line in $(cat "../zip_list");
do
  wget <http://$target:7742/zipfiles/$line>
done
----------------------------------------------------

FTP

Anonymous Access

ftp [IP]
#login anonymous
password None -> μž…λ ₯ν•˜μ§€ μ•ŠμŒ λ°”λ‘œ μ—”ν„°

Download/Upload File

fpt [IP]
-----------------
#[Download]
PASSIVE
BINARY
get [FILE]
-----------------
#[Upload]
PASSIVE
BINARY
put [FILE]

hydraλ₯Ό μ΄μš©ν•œ λ¬΄μž‘μœ„ λŒ€μž… 곡격

#μœ μ € 이름을 μ•Œ λ•Œ
hydra -l [user] -P /path/to/wordlists [IP] ftp
--------------------
#μœ μ € 이름을 λͺ¨λ₯Ό λ•Œ
--------------------
hydra -L /path/to/wordlists -P /path/to/wordlists [IP] ftp

SSH