Verify Service Version Locally

Introduction

In this challenge, you'll learn how to identify the version of a locally running web server using Nmap. A simple HTTP server is set up using Python on port 8080, but its version is unknown. Your task is to use Nmap with version detection enabled to determine the server's software and version.

To accomplish this, you'll need to execute the nmap command with the -sV option targeting localhost on port 8080 from the ~/project directory. The expected output should reveal the web server software and its version, such as "Python SimpleHTTPServer 0.6". Successful completion involves accurately identifying the server version using Nmap's version detection capabilities.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL nmap(("Nmap")) -.-> nmap/NmapGroup(["Nmap"]) nmap/NmapGroup -.-> nmap/target_specification("Target Specification") nmap/NmapGroup -.-> nmap/os_version_detection("OS and Version Detection") nmap/NmapGroup -.-> nmap/service_detection("Service Detection") subgraph Lab Skills nmap/target_specification -.-> lab-548693{{"Verify Service Version Locally"}} nmap/os_version_detection -.-> lab-548693{{"Verify Service Version Locally"}} nmap/service_detection -.-> lab-548693{{"Verify Service Version Locally"}} end

Verify Service Version Locally

A web server is running locally, but its version is unknown. Identifying the version is crucial for assessing potential security vulnerabilities.

Tasks

Use Nmap to perform version detection on the local web server running on port 8080.

Requirements

You must use the nmap command.
The target should be localhost on port 8080.
Execute the command in the ~/project directory.

Examples

The expected output should include the web server software and its version, similar to:

Starting Nmap 7.80 ( https://nmap.org ) at ...
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00028s latency).

PORT     STATE SERVICE VERSION
8080/tcp open  http    Python SimpleHTTPServer 0.6 (BaseHTTP/0.6 Python/3.8.5)

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.23 seconds

Hints

The -sV option is crucial for version detection.
Make sure the web server is running before running the Nmap scan.

✨ Check Solution and Practice

Summary

In this challenge, the objective is to identify the version of a locally running web server using Nmap. The challenge involves setting up a simple Python HTTP server on port 8080 and then utilizing Nmap with the -sV option for version detection to determine the server software and its version.

The key learning point is the effective use of Nmap's version detection feature (-sV) to gather information about network services. This skill is crucial for cybersecurity professionals to assess potential vulnerabilities associated with specific software versions. The verification script confirms the successful identification of the Python SimpleHTTPServer within the Nmap output.