Skip to main content

Field Observations

Web

Web 1

Web 1: Apache 2.4.7 Target: Linux Foothold: Shellshock Nikto Scan OSVDB-112004: /cgi-bin/admin.cg...

Web 2

Web 11: File Storage Utility Target: Linux Foothold: Bad HTTP redirect & Source code leak gobuste...

Web 3

Web 21: GitStack Target: Windows Foothold: RCE HTTP 404 shows the web root Default credentials t...

Web 4

Web 31: Ladon Web SOAP API Target: Linux Foothold: File Inclusion via XXE Exploit DB: https://ww...

Web 5

Web 41: Adobe ColdFusion 8 Target: Windows Server 2008 R2 Standard Foothold: Unauthenticated File...

FTP

FTP 1: Microsft FTPd Target: Windows Foothold: Anonymous login Anonymous login directory is IIS ...

Mail

Mail 1: Apache James Target: Linux Foothold: Misconfiguration Admin CLI nc $target 4555 Login id:...

SMB

SMB 1: Windows XP Target: Windows Foothold: MS17-010 Eternal Blue Clone the Git repository: http...

Database

DB 1: MySQL Target: Linux Foothold: Weak credentials on open database Use hydra to bruteforce My...

Mobile

Mobile 1: Android Target: Android Foothold: ADB Shell tcp/5555 is a good sign of ADB over Inter...
Back to top