Quaoar

Hi, I'm beginner for pentest and I will just write this post for me.

I found a very easy vulnerable vm which called a 'Quaoar' on the internet.
This is not complete write up and maybe not helpful at all.
I wish you just have a interests about this job after reading this post.    :)

if you want to download it please click this------> https://www.vulnhub.com/


NMAP version scan  (with -sv : you can see the version together.)

I guessed 22,139,143,993,995 looks vulnerable to heartbleed
so I re-scan this with the script in nmap.

I did refer to below document to the heartbleed attack.

PDF - Heart bleed
https://alexandreborgesbrazil.files.wordpress.com/2014/04/heartbleed_article_rev_b.pdf


But there was nothing else.
I think vulnerable services are not communicating with other service.
but it surely vulnerable to the heartbleed.

Now I'm gonna go to bed for tomroow!
Good Night!