Vulnhub Kioptrix Walkthrough Part 2
Default username: John Default Password: TwoCows2 NIKTO `Web Vulneribility Scanner` nikto -h target ip* i.e nikto -host url Findings Outdated Applications - Google common exploits for given Version Apache mod_ssl openssl mod_ssl vulnerable to a remote buffer overflow Little bit of Directory Busting DIRBUSTER Directory Busting / Finding Folders ALternatives: gobuster, dirb, ferox boster dirbuster& insert target url on Target URL section Check ‘Go Faster’ Check List based brute force Click browse, navigate to /usr/share/wordlists/dirbuster/ Select a list File extension: php,txt,zip choose the extension you want to look for Note: more extension more time START Tip: Dir Scan takes a while....