HTB : SNEAKYMAILER Initial Recon Run nmap for the initial recon : sudo nmap -sS -sV -sC 10.10.10.197 > rec_ini The following things can be concluded from here : vsftpd version 3.0.3 is running on port 21. It is not a vulnerable version ssh runnng on port 22 Postfix smtpd is running on port 25 A http nginx server is running on port 80 imap running on port 143 ssl/imap courier is running on port 993 A http proxy server is running on port 8080 Let the complete port scan run in the background :