Skip to content

CPTS labs - 05 Vulnerability assessment

Vulnerability Assessment

Nesus

Nessus Skills assessment

What is the name of one of the accessible SMB shares from the authenticated Windows scan? (One word)

Authenticate to port 22  with user "htb-student" and password "HTB_@cademy_student!". Start nessus and go to the IP:8834 url. Have a look at the windows scan.

Results: wsus

What was the target for the authenticated scan?

Results: 172.16.16.100

What is the plugin ID of the highest criticality vulnerability for the Windows authenticated scan?

Results: 156032

What is the name of the vulnerability with plugin ID 26925 from the Windows authenticated scan? (Case sensitive)

Results: VNC Server Unauthenticated Access

What port is the VNC server running on in the authenticated Windows scan?

Results: 5900

Openvass

Openvass Skills assessment

What type of operating system is the Linux host running? (one word)

Results: Ubuntu

What type of FTP vulnerability is on the Linux host? (Case Sensitive, four words)

Results: Anonymous FTP Login Reporting

What is the IP of the Linux host targeted for the scan?

Results: 172.16.16.160

What vulnerability is associated with the HTTP server? (Case-sensitive)

Results: Cleartext Transmission of Sensitive Information via HTTP

Last update: 2025-01-26
Created: January 26, 2025 19:15:53