When initiating the scanning process, there was an issue alreasdy with trying to find the victim. I wanted to do this as a Black Box hacking, where I new nothing of the victim. Not even the IP address. This proved difficult, because – perhaps due to the strange Adapter settings – I were not able to find the victim through network scanning. When I even later checked for the IP address of the victim – it continously appeard as Down. This might also be a reaction the settings of the victim, making it more difficult to do a PING sweep.
However, since this was not the work I were meant to be doing – I wanted to proceed with the actual scanning. I therefore assumed I knew the local IP of the victim, which were 192.168.56.103. Mine were 192.168.56.101.
Here I am using NMAP to probe open ports to determine service/version info:
nmap -sV -p- 192.168.56.103
With the next scan I ask NMAP to detect the OS and other details about the victim:
nmap -O 192.168.56.103
The interesting thing here is that although NMAP says it is just guessing – all the information is accurate. From machine to network hops.
Lastly, I use nmap via the Metasploit Framework console to create a database service:
db_nmap -sV -p- 192.168.0.3 db_services
Alright. Easy breazy.