DEV Community

loading...

Discussion on: Writeup: HackTheBox Mirai- Without Metasploit (OSCP Prep)

Collapse
wireless90 profile image
wireless90

Hi a few questions.

-sC = equivalent to --script=default
1) What does default script here mean? So nmap has some internal scripts it runs against the target?

-T4 = Set timing for faster output (0-5)
2) Does faster output impact us? Does faster output means less script is ran?

3) what does the vuln script do? Is it slower and more thorough?

Collapse
0xhuey profile image
Chris 'Huey' S Author

Hey, thanks for taking a look at the walk-through. The -sC will run the Nmap Script Engine (NSE) scripts. There are 4 main types of NSE scripts, Prerule, Host, Service and Postrule scripts. For the -T4 you can basically use ranges from 0-5 to speed things up. Timing comes into play when you are trying to hide yourself from a defender on a box because sending too many packets will get flagged. Being that this is a HTB machine I really dont care so I want to go faster.

The Vuln script will run some default checks on the box to see if you have a CVE that you can use. After getting the CVE go to searchsploit or Google to look up the exploit code.

Hope this helps!