DevContainer: 1

Easy machine from vulnhub.

Enumeration:

1) Target IP: 10.0.2.15. Nmap all port scan: nmap -p- -T5 -Pn -v 10.0.2.15

PORT   STATE SERVICE
80/tcp open  http

2) Target scan of port 80: nmap -sV -sC -v -p 80 10.0.2.15

PORT   STATE SERVICE VERSION
80/tcp open  http    Apache httpd 2.4.38 ((Debian))
| http-methods: 
|_  Supported Methods: OPTIONS HEAD GET POST
|_http-server-header: Apache/2.4.38 (Debian)
|_http-title: Freelancer - Start Bootstrap Theme

3) scanning web: nikto -h http://10.0.2.15/

+ Server: Apache/2.4.38 (Debian)
+ Server may leak inodes via ETags, header found with file /, inode: 6a7f, size: 5af24a0184072, mtime: gzip
+ Allowed HTTP Methods: OPTIONS, HEAD, GET, POST 
+ OSVDB-3233: /icons/README: Apache default file found.

4) Trying web directory scan, only this reveals some info.

gobuster dir -u http://10.0.2.15/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

===============================================================
/img                  (Status: 301) [Size: 304] [--> http://10.0.2.15/img/]
/mail                 (Status: 301) [Size: 305] [--> http://10.0.2.15/mail/]
/upload               (Status: 301) [Size: 307] [--> http://10.0.2.15/upload/]
/css                  (Status: 301) [Size: 304] [--> http://10.0.2.15/css/]   
/license              (Status: 200) [Size: 11336]                             
/js                   (Status: 301) [Size: 303] [--> http://10.0.2.15/js/]    
/fonts                (Status: 301) [Size: 306] [--> http://10.0.2.15/fonts/] 
/less                 (Status: 301) [Size: 305] [--> http://10.0.2.15/less/]  
/server-status        (Status: 403) [Size: 274]