Kioptrix 1.1 (Level 2) Writeup

I’ve decided to start a series of blog posts with write ups from Vuln Hub to keep my skills up to date, and learn more offensive techniques.

The first step was to use nmap which revealed the presence of various open ports and in particular port 80 (HTTP).

nmap -sS -T5 192.168.74.134

Nmap scan report for 192.168.74.134
Host is up (0.00018s latency).
Not shown: 994 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
443/tcp  open  https
631/tcp  open  ipp
3306/tcp open  mysql

(more…)