Optimum is a beginner-level machine which mainly focuses on enumeration of services with known exploits. Both exploits are easy to obtain and have associated Metasploit modules, making this machine fairly simple to complete.

🕵️ Enumeration

After spawning the machine and connecting to the VPN, we start with the initial enumeration.

🔍 Initial Nmap Scan

We begin by running an initial nmap scan with the following command:

nmap -sC -sV -vv -oA nmap/initial_scan <Target-IP>

• -sC Default script scan
• -sV Service version detection
• -vv Verbose output
• -oA Output all formats

Nmap reports only Port 80 open: