In this post we will learn about how we do Information Gathering and Service Enumeration phase in the pentesting. Information Gathering is the most critical step of an application security test.
In the first post I've already create target for pentesting and now I will do Information Gathering and Service Enumeration phase.
Think that I dont know the IP of target so I will scan the network to get the target ip using nmap
root@bt:~# nmap -sP 192.168.56.1/24
Now I got two host up 192.168.56.1 and 192.168.56.2
My IP address is 192.168.56.1 so the target ip should be 192.168.56.2
So, whats next..?
The next step is check what is OS, Open Ports and Services that currently active in the target
root@bt:~# nmap -sS -sV -O 192.168.56.2
What I got..?
Now I know the target is using Windows XP SP3 with 3 open ports 139, 445, and 2869
What should we do next..?
The next step is Vulnerability Assessment. and I will talk abou it in the next post, so stay tune and keep reading..