Hackthebox.eu - Tabby - Retired Recon I started with my basic start a quick up/down scan on all TCP ports then another scan with -A to run all the scripts against the found ports. nmap -T4 -p- -oX ./nmapb.xml 10.10.10.194 Then converted that to HTML Xslprotc ./nmapb.xml -o ./nmapb.html Then I ran my second scan with just those ports nmap -T4 -A -p22,80,4202,8080,15751,24329,28144,28244,32972,34303,41376,42494,55006,57000,60317,62669,62796,63622 -oX ./nmapf.xml 10.10.10.194 Then converted it to html too xsltproc ./nmapf.xml -o ./nmapf.html Looks like we have openssh 8.2p1 on port 22 and apache 2.4.41 on port 80 and 8080 Let's browse to port 80 and see what we can see Looks like a site for a hosting provider. I generally just start by poking around the site following all the links to see if anything pops out. Well, it just so happens when I went to the News link at the top it gave a 404 error because it was looking for megahosting.htb and not the IP address of the box So I added t
@circusmonkey404 on the twitters; DM for contact