DEV Community 👩‍💻👨‍💻

Discussion on: Writeup: HackTheBox Mirai- Without Metasploit (OSCP Prep)

0xhuey profile image
Chris 'Huey' S Author

Hey, thanks for taking a look at the walk-through. The -sC will run the Nmap Script Engine (NSE) scripts. There are 4 main types of NSE scripts, Prerule, Host, Service and Postrule scripts. For the -T4 you can basically use ranges from 0-5 to speed things up. Timing comes into play when you are trying to hide yourself from a defender on a box because sending too many packets will get flagged. Being that this is a HTB machine I really dont care so I want to go faster.

The Vuln script will run some default checks on the box to see if you have a CVE that you can use. After getting the CVE go to searchsploit or Google to look up the exploit code.

Hope this helps!