I have an in scope Microsoft iis 10.0 server that auto redirects to a login page
I am trying to learn some methods to pentest this server.
ports open are 21,80,443,1801, 2103, 2105, 2107, abd 8080
I have already used dirb with iisfinal.txt from github, no luck as all paths redirect to the same login page.
Im just starting off in this industry and would like some pointers on where to begin, brute forcing web app login page are not methods I am looking for.
anon login disabled for ftp
dos is not what I am looking for either.
21/tcp open ftp
| fingerprint-strings:
| GenericLines, Help, SMBProgNeg:
| 220 x.x.x.x:21 Smart Record FTP Server ready.
| Login incorrect
| NULL:
| 220 x.x.x.x:21 Smart Record FTP Server ready.
| SSLSessionReq:
| 220 x.x.x.x:21 Smart Record FTP Server ready.
| Login incorrect
|_ Login incorrect
80/tcp open http Microsoft IIS httpd 10.0
443/ open
1801/tcp open msmq?
2103/tcp open msrpc Microsoft Windows RPC
2105/tcp open msrpc Microsoft Windows RPC
2107/tcp open msrpc Microsoft Windows RPC
8080/tcp open http-proxy?
I am trying to learn some methods to pentest this server.
ports open are 21,80,443,1801, 2103, 2105, 2107, abd 8080
I have already used dirb with iisfinal.txt from github, no luck as all paths redirect to the same login page.
Im just starting off in this industry and would like some pointers on where to begin, brute forcing web app login page are not methods I am looking for.
anon login disabled for ftp
dos is not what I am looking for either.
21/tcp open ftp
| fingerprint-strings:
| GenericLines, Help, SMBProgNeg:
| 220 x.x.x.x:21 Smart Record FTP Server ready.
| Login incorrect
| NULL:
| 220 x.x.x.x:21 Smart Record FTP Server ready.
| SSLSessionReq:
| 220 x.x.x.x:21 Smart Record FTP Server ready.
| Login incorrect
|_ Login incorrect
80/tcp open http Microsoft IIS httpd 10.0
443/ open
1801/tcp open msmq?
2103/tcp open msrpc Microsoft Windows RPC
2105/tcp open msrpc Microsoft Windows RPC
2107/tcp open msrpc Microsoft Windows RPC
8080/tcp open http-proxy?