🖥️ Hackviser: Rivalry – Full Write-up

🔎 Step 1 – Reconnaissance with Nmap

I began with a full Nmap scan against the target 172.20.43.205:

nmap -sC -sV -p- 172.20.43.205

Findings:

• Port 21 (FTP) – Open, allowed anonymous login.
• Port 22 (SSH) – Open, running OpenSSH.
• Port 80 (HTTP) – Open, hosting a web service.

This indicated a potential FTP → Web exposure → Shell attack path.

🌐 Step 2 – Web Enumeration

I enumerated the webserver with dirsearch:

dirsearch -u <http://172.20.43.205/>

Discovered an interesting directory exposed at:

<http://172.20.43.205/ftp/>

What is the advertising budget of Orbitronix Systems in dollars? The answer in this file

🔑 Step 2 – FTP Brute Force with Hydra