In this step, you will learn how to perform a basic vulnerability scan on the Metasploitable2 target using Nmap.
- Inside the Kali Linux container, run the following command to scan the open ports on the Metasploitable2 target:
nmap -sV -p- 192.168.122.102
This command will perform a TCP connect scan on all ports of the target host and attempt to determine the service/version information for open ports.
- Observe the output, which will display a list of open ports and associated services running on the Metasploitable2 target.
Here's an example of the output you might see:
Starting Nmap 7.80 ( https://nmap.org ) at 2023-06-01 12:34:56 EDT
Nmap scan report for target (192.168.122.102)
Host is up (0.00024s latency).
Not shown: 65533 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 2.3.4
22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
23/tcp open telnet Linux telnetd
25/tcp open smtp Postfix smtpd
80/tcp open http Apache httpd 2.2.8 ((Ubuntu) PHP/5.2.4-2ubuntu5.24 with Suhosin-Patch)
111/tcp open rpcbind 2 (RPC #100000)
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
512/tcp open exec?
513/tcp open login?
514/tcp open shell?
1099/tcp open rmiregistry GNU Classpath grmiregistry
1524/tcp open ingreslock?
2121/tcp open ccproxy-ftp Citrix CacheServer
2123/tcp open gtp-user Citrix Gateway
3306/tcp open mysql MySQL 5.0.51a-3ubuntu5
5432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 14.45 seconds
This output shows various open ports and services running on the Metasploitable2 target, such as FTP, SSH, Telnet, HTTP, MySQL, and PostgreSQL.