![]() + GET /examples/servlets/index.html: Apache Tomcat default JSP pages present. + MISDLEZU Web Server returns a valid response with junk HTTP methods, this may cause false positives. + OSVDB-5646: GET HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server. + OSVDB-397: GET HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server. + OPTIONS Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, OPTIONS + OSVDB-39272: GET /favicon.ico file identifies this app/server as: Apache Tomcat (possibly 5.5.26 through 8.0.15), Alfresco Community This could allow the user agent to render the content of the site in a different fashion to the MIME type + GET The X-Content-Type-Options header is not set. This header can hint to the user agent to protect against some forms of XSS + GET The X-XSS-Protection header is not defined. ![]() + GET The anti-clickjacking X-Frame-Options header is not present. # Nmap done at Thu Jan 23 22:01:30 2020 - 1 IP address (1 host up) scanned in 110.94 seconds No exact OS matches for host (test conditions non-ideal). Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed portĪggressive OS guesses: Microsoft Windows Server 2012 or Windows Server 2012 R2 (91%), Microsoft Windows Server 2012 R2 (91%), Microsoft Windows Server 2012 (90%), Microsoft Windows 7 Professional (87%), Microsoft Windows 8.1 Update 1 (86%), Microsoft Windows Phone 7.5 or 8.0 (86%), Microsoft Windows 7 or Windows Server 2008 R2 (85%), Microsoft Windows Server 2008 R2 (85%), Microsoft Windows Server 2008 R2 or Windows 8.1 (85%), Microsoft Windows Server 2008 R2 SP1 or Windows 8 (85%) # Nmap 7.80 scan initiated Thu Jan 23 21:59:39 2020 as: nmap -oX -A -T4 -p-oN /mnt/hgfs/_shared_folder/htb/boxes/Jerry/scans/full_tcp.nmap -oG /mnt/hgfs/_shared_folder/htb/boxes/Jerry/scans/full_tcp.gnmap 10.10.10.95Ĩ080/tcp open http Apache Tomcat/Coyote JSP engine 1.1
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |