https://chiefdennis.github.io/tags/remote-command-execution/Recent content in Remote Command Execution on Chief Dennis' BlogHugoenFri, 29 Aug 2025 18:00:00 +0100https://chiefdennis.github.io/posts/clamav-walkthrough/Fri, 29 Aug 2025 18:00:00 +0100https://chiefdennis.github.io/posts/clamav-walkthrough/<h2 id="clamav-offsec-walkthrough"> ClamAV OffSec Walkthrough <a class="heading-link" href="#clamav-offsec-walkthrough"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h2> <h3 id="1-reconnaissance"> 1. Reconnaissance <a class="heading-link" href="#1-reconnaissance"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h3> <p>First, a ping is made to verify connection with the machine:</p> <p><img src="https://chiefdennis.github.io/posts/clamav-walkthrough/Picture.png" alt="image"></p> <p>A high TTL of ~130 is observed. However, the later Nmap scan will show a TTL of 61, which is more typical for Linux machines.</p> <p>A nmap SYN scan is run to discover all open ports:</p> <p>sudo nmap -sS -T5 -vvv -p- 192.168.199.42 -Pn -oG nmap_inicial</p>