Service Login - Skills Assessment

Hi guys,

I’m stuck whit the enumeration of the services , if I perform a -p- scan with nmap I will find a lot of services. After that I try to bruteforce the web pages with a login page, but usually, when I find a valid user/password, I will get a HTB{flag} not information about users/employees.

I leave the link to the exercize:

What am I doing wrong?
I’m following the right path?


It is specified in exercise, that you have to bruteforce ssh and you are given one specific port for it. There is no need for enumeration as it is a bruteforcing exercise.