Beep HTB Writeup

  • The OpenSSH version that is running on port 22 is pretty old so checking searchsploit to see if any critical vulnerabilities are associated with this version.
  • Ports 25, 110, 143, 995 are running mail protocols for that finding a valid email address to further enumerate these services will be a good starting point. Port 4190 running Cyrus timsieved 2.3.7 seems to be associated to imapd.
  • Port 111 is running RPCbind. The port 878 running the status service is associated to this.
  • Ports 80, 443 and 10000 are running web servers. Port 80 seems to redirect to port 443.
  • Port 3306 is running MySQL database. There is a lot of enumeration potential for this service.
  • Port 4559 is running HylaFAX 4.3.10.
  • Port 5038 is running running Asterisk Call Manager 1.1. Again, we’ll have to check the version number to see if it is associated with any critical exploits.
  • I’m not sure what the upnotifyp service on port 4445 does.

--

--

--

Passionate Security Researcher | Dogs over Human |

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

NGRAVE uses QR codes to keep its hardware wallet 100% offline

NGRAVE relies on one way QR code technology and a fully offline hardware wallet for securely managing your crypto.

The Ultimate Checklist on Ways to Prevent IoT Data Compromise

Pryv SA releases an Open-Source Solution for Personal Data & Privacy Management

What is the Connection Between NFTs and Metaverses

NHS Scotland’s Covid Status app criticised over privacy failings

How to Use the Hurricane Bridge (For Heco & BSC Users)

Cracking eAadhar password in 2 seconds with Maths

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sayali Chavan

Sayali Chavan

Passionate Security Researcher | Dogs over Human |

More from Medium

Sense HTB Writeup

BTLO: Network Analysis-Web Shell challenge Walkthrough

UMDCTF 2022 Write-ups

Analysis of the SBIDIOT Malware