2 years ago I created this Bash script for my own (professional) needs:
I was looking for a way to quickly and efficiently identify all the ports available on different remote sites connected to the Internet. And I wanted to make sure, at the same time, there was no host that exposed a service with known vulnerabilities (CVE).
Maybe it could help someone on this forum 😉 and it's fully compatible with Pwnbox from HTB.
* Automatic installation of all the prerequisites (Debian OS family)
* 2 modes: automatic and Interactive
* Interactive mode: ports to scan, rate level and nmap script
* Extremely fast identification of open TCP/UDP ports (masscan)
* The output is sorted to gather all ports to be scanned by host
* Identification of services and vulnerabilities (nmap + vulners.nse)
* Multiple sessions in parallel, one session per host
* 2 generated reports: a global HTML and a TXT (vulnerable hosts)
Type your comment> @TazWake said:
Same issue for me... I got 10.129.107.58 for Tenet box with OpenVPN. And I'm not able to launch Pwnbox, error Could not mount personal drive (case open)...
And I'm VIP+ too... I'm starting to regret it.…
apt-update issue with Pwnbox:
rr:1 http://htb.deb.parrot.sh/parrot rolling InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 363A96A5CEA9EA27
To solve the issue:
sudo apt-key adv --keyser…
Very interesting box until now!! I'm near the user flag, and without IDE for the Java part :) Not so Insane for the moment for me compare to MulltiMaster but nevertheless I am sweating...
It may get tough after certainly... :'(
Edit: lol the Boxes…
I got the user (thanks for the nudge @gverre about the s*rial...).
NSE vulners could help you to identify the right security issue...
After, Google to find an interesting article... but before you have to try different things to find the right pat…
For those who use Pwnbox and want to speed up the reconnaissance phase, I created a variant of the Bash script:
It quickly and efficiently identify all the ports/services (TCP/UDP) available for a box, a…
Another interesting VM from @egre55 Thanks for your imagination and work :wink:
Credentials are not always necessary... Try to identify the right OS version.
After, Google can help you to find your new friend and don't be afraid b…