The Bank box was the first time I ran into virtual hosts on a web server. Till now, I’ve been able to discover all of the directories with a simple dirb or gobuster scan… this time was very different.
The NMAP scan showed only a few ports open. 22, 53, and 80. I always bypass 22 because there are rarely SSH exploits that go quick, so it was on to the other two ports. Interestingly, they had DNS running on port 53 and the description was ICS BIND. Bind is the Berkeley Internet Name Domain, and ISC bind can run in a large number of Linux environments. In this case, it was used to map to folders that didn’t show on an IP address scan of the machine.Continue Reading