6 July 2022

Pentesting Fun Stuff

following the cyber security path…

Blocky

Enumeration

Starting with a portscan.

Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-25 20:11 CEST
Nmap scan report for 10.10.10.37
Host is up (0.022s latency).
Not shown: 65530 filtered ports
PORT      STATE  SERVICE   VERSION
21/tcp    open   ftp       ProFTPD 1.3.5a
22/tcp    open   ssh       OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
|   2048 d6:2b:99:b4:d5:e7:53:ce:2b:fc:b5:d7:9d:79:fb:a2 (RSA)
|   256 5d:7f:38:95:70:c9:be:ac:67:a0:1e:86:e7:97:84:03 (ECDSA)
|_  256 09:d5:c2:04:95:1a:90:ef:87:56:25:97:df:83:70:67 (EdDSA)
80/tcp    open   http      Apache httpd 2.4.18 ((Ubuntu))
|_http-generator: WordPress 4.8
|_http-server-header: Apache/2.4.18 (Ubuntu)
|_http-title: BlockyCraft – Under Construction!
8192/tcp  closed sophos
25565/tcp open   minecraft Minecraft 1.11.2 (Protocol: 127, Message: A Minecraft Server, Users: 0/20)
Device type: general purpose|specialized|WAP|storage-misc|printer
Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), Crestron 2-Series (88%), Asus embedded (88%), HP embedded (88%)
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:crestron:2_series cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:3.4
Aggressive OS guesses: Linux 3.10 - 4.8 (93%), Linux 3.13 or 4.2 (93%), Linux 3.16 (93%), Linux 4.4 (93%), Linux 3.13 (92%), Linux 3.16 - 4.6 (92%), Linux 3.2 - 4.8 (90%), Linux 4.2 (90%), Linux 3.12 (89%), Linux 3.18 (89%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 2 hops
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using proto 1/icmp)
HOP RTT      ADDRESS
1   20.74 ms 10.10.14.1
2   21.04 ms 10.10.10.37
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 158.45 seconds

A Minecraft server? With a title as Blocky and a Minecraft server I think I should look there first.
The website runs a wordpress site. After running wpscan it comes up with one user.

[+] Enumerating usernames ...
[+] Identified the following 1 user/s:
    +----+-------+---------+
    | Id | Login | Name    |
    +----+-------+---------+
    | 1  | notch | Notch – |
    +----+-------+---------+

The creator of minecraft. With Cewl I create a wordlist from some sites dedicated to minecraft and his creator. The plan is to bruteforce my way in.
 

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.