When initiating the scanning process, there was an issue alreasdy with trying to find the victim. I wanted to do this as a Black Box hacking, where I new nothing of the victim. Not even the IP address. This proved difficult, because – perhaps due to the strange Adapter settings – I were not able to find the victim through network scanning. When I even later checked for the IP address of the victim – it continously appeard as Down. This might also be a reaction the settings of the victim, making it more difficult to do a PING sweep.

However, since this was not the work I were meant to be doing – I wanted to proceed with the actual scanning. I therefore assumed I knew the local IP of the victim, which were 192.168.56.103. Mine were 192.168.56.101.

ipconfig

Here I am using NMAP to probe open ports to determine service/version info:

nmap -sV -p- 192.168.56.103

With the next scan I ask NMAP to detect the OS and other details about the victim:

nmap -O 192.168.56.103

The interesting thing here is that although NMAP says it is just guessing – all the information is accurate. From machine to network hops.

Lastly, I use nmap via the Metasploit Framework console to create a database service:

db_nmap -sV -p- 192.168.0.3
db_services

Alright. Easy breazy.