PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 19:3c:02:15:1a:79:af:d6:a6:73:91:d0:51:42:0b:a1 (RSA)
| 256 3d:32:6e:4e:07:b9:10:40:6b:a5:45:df:b1:b1:6a:15 (ECDSA)
|_ 256 c1:ec:cd:d9:87:94:5d:f4:9d:23:ab:04:5f:13:b6:33 (ED25519)
80/tcp open http Apache httpd 2.4.29 ((Ubuntu))
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Data web
| http-methods:
|_ Supported Methods: POST OPTIONS HEAD GET
8080/tcp open http Apache httpd 2.4.49 ((Unix))
|_http-server-header: Apache/2.4.49 (Unix)
| http-methods:
| Supported Methods: GET POST OPTIONS HEAD TRACE
|_ Potentially risky methods: TRACE
|_http-open-proxy: Proxy might be redirecting requests
|_http-title: Site doesn't have a title (text/html).
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Wordlist: common.txt
Target: <http://10.9.2.20/FUZZ>
Total requests: 4713
=====================================================================
ID Response Lines Word Chars Payload
=====================================================================
000000024: 403 9 L 28 W 274 Ch ".hta"
000000026: 403 9 L 28 W 274 Ch ".htpasswd"
000000025: 403 9 L 28 W 274 Ch ".htaccess"
000001326: 301 9 L 28 W 304 Ch "css"
000002165: 301 9 L 28 W 307 Ch "images"
000002192: 200 304 L 1023 W 14486 Ch "index.html"
000002349: 301 9 L 28 W 303 Ch "js"
000003710: 403 9 L 28 W 274 Ch "server-status"
Wordlist: common.txt
Target: <http://10.9.2.20:8080/FUZZ>
Total requests: 4713
=====================================================================
ID Response Lines Word Chars Payload
=====================================================================
000001038: 403 7 L 20 W 199 Ch "cgi-bin/"
000002192: 200 1 L 2 W 45 Ch "index.html"
https://www.linkedin.com/pulse/poc-apache-version-2429-exploit-using-weakness-tmp-chanaka/?trk=articles_directory