About
| The Notebook | |
|---|---|
| IP | 10.129.116.95 |
| OS | Linux |
| Difficulty | Medium |
nmap
└─$ nmap -Pn -sV -sC -p- --min-rate=10000 -oA Notebook 10.129.116.95
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-10 00:56 EST
Warning: 10.129.116.95 giving up on port because retransmission cap hit (10).
Nmap scan report for 10.129.116.95
Host is up (0.25s latency).
Not shown: 45745 filtered ports, 19788 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 86:df:10:fd:27:a3:fb:d8:36:a7:ed:90:95:33:f5:bf (RSA)
| 256 e7:81:d6:6c:df:ce:b7:30:03:91:5c:b5:13:42:06:44 (ECDSA)
|_ 256 c6:06:34:c7:fc:00:c4:62:06:c2:36:0e:ee:5e:bf:6b (ED25519)
80/tcp open http nginx 1.14.0 (Ubuntu)
|_http-server-header: nginx/1.14.0 (Ubuntu)
|_http-title: The Notebook - Your Note Keeper
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 171.44 seconds
Port 80
We find ourselves a website which is called “The Notebook”, the description provided is:
Use this place to store thought of the day, or your notes ofcourse. All you need to do is register and get going. Super easy and safe.
Why do I have the feeling this website is everything but safe. I make an account with the following credentials:
u: test
p: test
e: test@test.com
When we login with these credentials we are now met with the following:
Welcome back! test Visit /notes to access your notes or select it from navbar.