Day 8 (Task 13) What’s Under the Christmas Tree? – Advent of Cyber 2 TryHackMe

Looks like we will be using Nmap for this task. 

The first question is when was snort created.  I was shocked at how old this program is.  A quick Google search will provide the answer.

Now we need to know what port numbers are running services, so run a nmap scan like so:

nmap -p- -T4 -Pn 10.10.97.231

We use the -Pn flag to just treat the host like it is up, avoiding the ping scan.  This can be useful in case the firewall is blocking ICMP, where Nmap will try to ping the device before it scans it.

We can also use the OS scan to scan the ports as well using

nmap -O -Pn -T4 10.10.97.231

Looks like it didn’t tell us a good OS match.  Let’s try the -A option.  It did tell us the open ports, which is the answer to the 2nd question. 

It tells us it thinks it’s Linux, but our answer is longer than that.  Another operating system in the Linux family is Ubuntu and that’s our answer to the 5th question.

Now we need to know what the title of the web server is.  We can use an Nmap script called http-title, so we run

nmap -T4 –script http-title -p80 10.10.97.231

Now what might this website be used for, well most likely a blog (just like this one!)