Analyze the Scan Results
After scanning the target host, you need to analyze the scan results to identify potential vulnerabilities.
- View the scan report:
cat /tmp/report.txt
This command displays the contents of the /tmp/report.txt
file, which contains information about the open ports, services, and versions on the target host, here's an example of the output you might see:
Starting Nmap 7.94 ( https://nmap.org ) at 2024-03-23 15:28 UTC
NSE: Loaded 156 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating ARP Ping Scan at 15:28
Scanning 192.168.122.102 [1 port]
Completed ARP Ping Scan at 15:28, 1.42s elapsed (1 total hosts)
Nmap scan report for 192.168.122.102 [host down]
NSE: Script Post-scanning.
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 1.98 seconds
Raw packets sent: 2 (56B) | Rcvd: 0 (0B)
- Use the
searchsploit
tool to search for vulnerability information:
searchsploit unreal ircd
This command searches the Exploit Database for vulnerabilities related to the "unreal ircd" service, here's an example of the output you might see:
---------------------------------------------------------------------------------------------------------------- ---------------------------------
Exploit Title | Path
---------------------------------------------------------------------------------------------------------------- ---------------------------------
UnrealIRCd 3.2.8.1 - Backdoor Command Execution (Metasploit) | linux/remote/16922.rb
UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow | windows/dos/18011.txt
UnrealIRCd 3.2.8.1 - Remote Downloader/Execute | linux/remote/13853.pl
UnrealIRCd 3.x - Remote Denial of Service | windows/dos/27407.pl
---------------------------------------------------------------------------------------------------------------- ---------------------------------
Shellcodes: No Results
- View the details of a vulnerability:
cat /usr/share/exploitdb/exploits/linux/remote/16922.rb
This command displays the contents of the vulnerability exploit file located at /usr/share/exploitdb/exploits/linux/remote/16922.rb
.