To check all devices connected to our network, there are 2 ways which are to use nmap and / or netdiscover command. Remember I have no idea what I am looking for all I know is that I was asked to conduct penetration test and assuming I already have gained entry to the network which I just did in part 1, all I have to do is to wait for every employee go home so that only the server will be up and running so basically, if I scan the network, only the server and my pc will be connected and the way to find this device is to use nmap and netdiscover and I will compare the results of these command lines.
NMAP Result:
Netdiscover Result:
NMAP discovered 2 devices on the network and 19.168.3.2 is my device therefore I just found the ip address of the device that I am going to hack. NMAP shows also that ports 80 and 443 are open.These ports accept http and https requests respectively.
Netdiscover showed 2 devices and 192.168.3.1 is the DHCP server therefore 192.168.3.3 is the device that I am going to hack. It did not showed my device and it did not show any other useful information but it met my objective which is to find the device that I am going to hack.
I usually check that once I obtained the ip address, the first thing I do is to open my browser and type the ip address at the url textbox of the browser and I got the following result:
At this stage, I am still clueless so I made an assumption that the commands at the bottom means I could use them together with the ip address. so I did checked one of the commands and got the following result:
Now I know that the device runs a word press blog. I also had a question what if I did not know what those commands are for. So I need to know what services are allowed on that ip address.
To be continued....
No comments:
Post a Comment