Try anonymous login : For password press ENTER
Try Username enumeration using hydra
Try Password brute force using hydra or nmap FTP Brute script.
Once we get access to files , we can use get filename command to get copy of file on our system.
Use nmap to gether version of SSH
Use Netcat to connect with SSH port for banner grabbing.
Use nmap scripts to enumerate key used by ssh, auth methods allowed for users.
Check Robots.txt or sitemap.xml for directory listings.
Use dirb , nmap scripts or gobuster for directory enumeration.
Use wapplyzer extension or whatweb command line tool to identify web technologies used.
http URL to gather header information
Use http-enum, http-methods and http-headers nmap scripts to gather information
Browsh or Lynx tool to render page template on command line.
Use Metasploit for enumeration of directory , discover available methods. Metasploit modules such as http_version, http_header, robots_txt, dir_scanner, files_dir, http_login can be used to enumerate information.
Port 135 : Remote Procedure Call RPC client server communication Port 139 : netbios Network basic input/output system Port 445 : Server message block SMB
net command on windows
Nmap scripts smb-protocols , smb-security-mode , smb-enum-sessions, smb-enum-shares , smb-enum-users , smb-server-stats, smb-enum-domains , dmb-enum-groups , smb-enum-services
msfconsole : smb_version , smb_enumusers , smb_enumshares , smb_login
smbmap Smbmap -H host -u username -p password –upload –download
use smbclient to connect to SMB services.
SMTP runs on port 25 and if SSL is configured then on 465 or 587.
Use Metasploit modules such as smtp_enum and smtp_version to gather information.
We can also use smtp-enum-user command to enumerate users. We can also use sendemail to send emails.
Connect to SMTP port and Use VRFY command to find if user actually exists or not.
Use Command List to run desired commands.
Generally hosted on port 3306