- IP address
- Hostname
- Operating System (OS)
- Open Ports
- Connected Devices
- Network Hierarchy
1&2. IP address and Hostname
IP address If the machine is connected with your system then using an IP scanner you must be able to find the IP of the target system.
IP address If the machine is connected with your system then using an IP scanner you must be able to find the IP of the target system.
The Hostname comes up along with the IP address.
IF on a shared or if the target machine is a client system under a server this would help you guess the servers name.
3.Operating System
The next would be to use nmap for scanning the target for vulnerabilities
This shows the result of an nmap scan on the IP address 192.168.40.79 using a OS fingerprint scan using the command " nmap -O targetIP ".
now this helps you to categorize your attack strategy now that we know wt OS is running on the system.
4.Open Ports
Using the nmap predefined scan you can scan the states all the ports i suggest you to scan only the common ports since the other could take a lot of time. Using the intense scan option or the command "nmap -p 1-10000 -T4 -A -v targetIP " to scan the ports from 1- 10000.
This scan gives a complete detail on how can the target can be approached for a take over.
5.Connected Devices
6. Network Hierarchy
Its best when we know the structure of the network this could help in escalating privileges. Using commands like tracert to trace-route is used to identify the structure of the current model
No comments:
Post a Comment