Add to collection(s) Add to saved
  1. No category
Uploaded by Ash Chaisson

lab

advertisement 
# Nmap 7.93 scan initiated Tue Aug 15 18:02:40 2023 as: nmap -sT -Pn -sC -vv -oX lab.xml -oN lab.txt 192.168.56.105
Nmap scan report for 192.168.56.105
Host is up, received user-set (0.0049s latency).
Scanned at 2023-08-15 18:02:40 UTC for 53s
Not shown: 982 filtered tcp ports (no-response)
PORT STATE SERVICE REASON
21/tcp open ftp syn-ack
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
| ftp-syst: | STAT: | localhost FTP server status:
| Version wu-2.6.2(1) Tue Jul 14 17:34:17 UTC 2020
| Connected to 192.168.56.1
| Logged in anonymously
| TYPE: ASCII, FORM: Nonprint; STRUcture: File; transfer MODE: Stream
| No data connection
| 0 data bytes received in 0 files
| 0 data bytes transmitted in 0 files
| 0 data bytes total in 0 files
| 48 traffic bytes received in 0 transfers
| 639 traffic bytes transmitted in 0 transfers
| 736 traffic bytes total in 0 transfers
|_End of status
22/tcp open ssh syn-ack
| ssh-hostkey: | 2048 26cf188e78102a5911a634623320188d (RSA)
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD1oD7YMlP2nd0E8+kQMJGZDg0WTPPPl74AeE/+OV7rQ2gYwtiDVhVPGOt/Pne10ddH2mC1HgvAWXJgedKaVc9O1pKEZsT77+lumcUNx1J1maIOYIgco7b1hAaX6xMIKjXt8hiUPd4xbbTb6T7w4xFZG/YO0exlJzPTLt7H4fWAurWS6/pt2OyjvYeFYStiEkiKFBLTTxcDujakicAkDthkAsP+VQCZv5yYYQZGfh3vJ4ul0GrjbFcLIhHqEgOCZmKl5fUkbGQ+j35IDlTN9vLXqpW86n63D5779Hprq2dMk3kveBhULLpqoLIzJJruBZ/K4mqWMgIzAwaINGUSK1dD
| 256 034f9737c0a31f46cce278ca9d64b554 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHzOQ0mAXzTDdkpJVaHFQbLPuzCtwP+cVSZv00t3noVIvaA21JSePsLaS346B9I7LR9QoSIQ9YhneVRdvt9buXc=
| 256 9aec27f59215d007ce9a28050c4d1bc7 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEzCX7kYKg4fT/iNnmdSmNYqVeTsAjJNsOVHTIE+Pj0D
23/tcp open telnet syn-ack
25/tcp open smtp syn-ack
| smtp-commands: localhost Hello nmap.scanme.org [192.168.56.1], SIZE 52428800, 8BITMIME, PIPELINING, CHUNKING, PRDR, HELP
|_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
53/tcp open domain syn-ack
| dns-nsid: |_ bind.version: 9.8.1
80/tcp open http syn-ack
|_http-favicon: Unknown favicon MD5: DA62EE8EC2A2E0659D873123F5D30A41
| http-methods: | Supported Methods: OPTIONS GET HEAD POST DELETE TRACE PROPFIND PROPPATCH COPY MOVE LOCK UNLOCK
|_ Potentially risky methods: DELETE TRACE PROPFIND PROPPATCH COPY MOVE LOCK UNLOCK
| http-robots.txt: 41 disallowed entries (40 shown)
| /private /admin /secretstuff /debugvpn.txt /README.txt | /includes/ /misc/ /modules/ /profiles/ /scripts/ /themes/ | /CHANGELOG.txt /cron.php /INSTALL.mysql.txt /INSTALL.pgsql.txt | /INSTALL.sqlite.txt /install.php /INSTALL.txt /LICENSE.txt | /MAINTAINERS.txt /update.php /UPGRADE.txt /xmlrpc.php /admin/ | /comment/reply/ /filter/tips/ /node/add/ /search/ /user/register/ | /user/password/ /user/login/ /user/logout/ /?q=admin/ | /?q=comment/reply/ /?q=filter/tips/ /?q=node/add/ /?q=search/ |_/?q=user/password/ /?q=user/register/ /?q=user/login/
| http-webdav-scan: | Allowed Methods: OPTIONS,GET,HEAD,POST,DELETE,TRACE,PROPFIND,PROPPATCH,COPY,MOVE,LOCK,UNLOCK
| Server Date: Tue, 15 Aug 2023 18:03:33 GMT
| Server Type: Apache/2.4.20 (Debian)
| WebDAV type: Apache DAV
| Directory Listing: | /
| /DavLock
| /CHANGELOG.txt
| /COPYRIGHT.txt
| /INSTALL.mysql.txt
| /INSTALL.pgsql.txt
| /INSTALL.sqlite.txt
| /INSTALL.txt
| /LICENSE.txt
| /MAINTAINERS.txt
| /README
| /UPGRADE.txt
| /admin/
| /authorize.php
| /ca.crt
| /config/
| /cpg1414/
| /cron.php
| /debugvpn.txt
| /favicon.ico
| /html/
| /includes/
| /index.php
| /install.php
| /logs/
| /misc/
| /modules/
| /phpinfo.php
| /ponyapp/
| /private/
| /profiles/
| /robots.txt
| /scripts/
| /sites/
| /sqldump.sql
| /themes/
| /update.php
| /vpn/
| /web.config
| /www2/
|_ /xmlrpc.php
| http-ls: Volume /
| maxfiles limit reached (10)
| SIZE TIME FILENAME
| 73K 2013-02-20 20:32 CHANGELOG.txt
| 1.4K 2013-02-20 20:32 COPYRIGHT.txt
| 12K 2023-08-15 18:03 DavLock
| 1.4K 2013-02-20 20:32 INSTALL.mysql.txt
| 1.8K 2013-02-20 20:32 INSTALL.pgsql.txt
| 1.3K 2013-02-20 20:32 INSTALL.sqlite.txt
| 17K 2013-02-20 20:32 INSTALL.txt
| 18K 2011-09-17 21:50 LICENSE.txt
| 8.0K 2013-02-20 20:32 MAINTAINERS.txt
| 804 2020-06-25 16:20 README
|_
|_http-title: Index of /
|_http-svn-info: ERROR: Script execution failed (use -d to debug)
111/tcp open rpcbind syn-ack
| rpcinfo: | program version port/proto service
| 100000 2,3,4 111/tcp rpcbind
| 100000 2,3,4 111/udp rpcbind
| 100000 3,4 111/tcp6 rpcbind
| 100000 3,4 111/udp6 rpcbind
| 100003 3,4 2049/tcp nfs
| 100003 3,4 2049/tcp6 nfs
| 100003 3,4 2049/udp nfs
| 100003 3,4 2049/udp6 nfs
| 100005 1,2,3 33206/udp6 mountd
| 100005 1,2,3 50040/tcp mountd
| 100005 1,2,3 57417/udp mountd
| 100005 1,2,3 60446/tcp6 mountd
| 100021 1,3,4 33922/tcp nlockmgr
| 100021 1,3,4 48494/udp6 nlockmgr
| 100021 1,3,4 51612/udp nlockmgr
| 100021 1,3,4 60235/tcp6 nlockmgr
| 100227 3 2049/tcp nfs_acl
| 100227 3 2049/tcp6 nfs_acl
| 100227 3 2049/udp nfs_acl
|_ 100227 3 2049/udp6 nfs_acl
139/tcp open netbios-ssn syn-ack
389/tcp open ldap syn-ack
443/tcp open https syn-ack
| ssl-cert: Subject: commonName=webserver01/organizationName=Hacker House/stateOrProvinceName=HackerHouse/countryName=UK/localityName=Paper St/organizationalUnitName=Leet hax/emailAddress=root@webserver01
| Issuer: commonName=webserver01/organizationName=Hacker House/stateOrProvinceName=HackerHouse/countryName=UK/localityName=Paper St/organizationalUnitName=Leet hax/emailAddress=root@webserver01
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2017-02-18T11:44:38
| Not valid after: 2018-02-18T11:44:38
| MD5: abcbdf8f7a05331ec2de362b7f645aaf
| SHA-1: 939557fad60169a3d9338aaceae02555b28b6109
| -----BEGIN CERTIFICATE-----
| MIIEAzCCAuugAwIBAgIJAOh7hnOrD55UMA0GCSqGSIb3DQEBCwUAMIGXMQswCQYD
| VQQGEwJVSzEUMBIGA1UECAwLSGFja2VySG91c2UxETAPBgNVBAcMCFBhcGVyIFN0
| MRUwEwYDVQQKDAxIYWNrZXIgSG91c2UxETAPBgNVBAsMCExlZXQgaGF4MRQwEgYD
| VQQDDAt3ZWJzZXJ2ZXIwMTEfMB0GCSqGSIb3DQEJARYQcm9vdEB3ZWJzZXJ2ZXIw
| MTAeFw0xNzAyMTgxMTQ0MzhaFw0xODAyMTgxMTQ0MzhaMIGXMQswCQYDVQQGEwJV
| SzEUMBIGA1UECAwLSGFja2VySG91c2UxETAPBgNVBAcMCFBhcGVyIFN0MRUwEwYD
| VQQKDAxIYWNrZXIgSG91c2UxETAPBgNVBAsMCExlZXQgaGF4MRQwEgYDVQQDDAt3
| ZWJzZXJ2ZXIwMTEfMB0GCSqGSIb3DQEJARYQcm9vdEB3ZWJzZXJ2ZXIwMTCCASIw
| DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQa25gsR3xbIcufa90Sy/XUZI61
| 5B/8UHZActs9ot6sRCte92X+zydqO93lJRG4Ib9BLnjI54m6B1Y/gHRHj5/45l2l
| AUOoLwYFK87uhU/4lqVeXUBiBJqc4xxDnCNC2WjkMru0t4jlNiTIIVqforlcEdla
| jFmWILje+z+GRC7BrnQbkX6g5pfiljdmyI5jjouWOZsxlXMJfcNmMpVXDgAxCqRM
| z+JPgo4fQQLRUxCzOfOCG5OdvD2Ip6BQzYRZ3/zUVVgCUvRZOGIbuU3rF2q1M6AK
| qZ1eKzeXe/cB0A38ZgEwcquiLCoUnnJwnHkR608acYFFlxuR0hDtrdIb1J0CAwEA
| AaNQME4wHQYDVR0OBBYEFJwvcYNFTP6ps46oqhcaNn2fCak8MB8GA1UdIwQYMBaA
| FJwvcYNFTP6ps46oqhcaNn2fCak8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
| BQADggEBAIWHbSKAgfMlPI449YQ6xz4Ul/O+t13alsYqkEKMy4p0LmK+dLU0UlGk
| 1h0V4IoEgmeIN9PPt307urHiXVu4U+E7Nmn2Kjyg1uMHEldIBQorVoNXd5auQXWV
| nLHDZycSMFvUKmf593KYgAYoFDUVIJHtW5qcSY/O8ggElcOptWYYD03zSIq/ytqm
| SCqjCu5AbU/Pz8EzTJOLZd5WNr41AM530QEcWsHQXVYpNqWFvjPdz+PyBCeKiHsm
| teclnMyXk3kxweI3J1zJWARb/8ANgCnKrRMk1DIqCOlO57lN1A64hRZaT4c0eZuJ
| lpJLH391+ymTRkY/bOvBIlIO5j44JbA=
|_-----END CERTIFICATE-----
|_ssl-date: TLS randomness does not represent time
|_http-title: Ministry of Pony | Friendship is magic
| http-methods: |_ Supported Methods: GET HEAD POST OPTIONS
|_http-favicon: Unknown favicon MD5: DA62EE8EC2A2E0659D873123F5D30A41
|_http-generator: Drupal 7 (http://drupal.org)
| http-robots.txt: 41 disallowed entries (40 shown)
| /private /admin /secretstuff /debugvpn.txt /README.txt | /includes/ /misc/ /modules/ /profiles/ /scripts/ /themes/ | /CHANGELOG.txt /cron.php /INSTALL.mysql.txt /INSTALL.pgsql.txt | /INSTALL.sqlite.txt /install.php /INSTALL.txt /LICENSE.txt | /MAINTAINERS.txt /update.php /UPGRADE.txt /xmlrpc.php /admin/ | /comment/reply/ /filter/tips/ /node/add/ /search/ /user/register/ | /user/password/ /user/login/ /user/logout/ /?q=admin/ | /?q=comment/reply/ /?q=filter/tips/ /?q=node/add/ /?q=search/ |_/?q=user/password/ /?q=user/register/ /?q=user/login/
445/tcp open microsoft-ds syn-ack
873/tcp open rsync syn-ack
2049/tcp open nfs_acl syn-ack
3128/tcp open squid-http syn-ack
3306/tcp open mysql syn-ack
| mysql-info: | Protocol: 10
| Version: 5.0.51a-24+lenny2
| Thread ID: 58
| Capabilities flags: 43564
| Some Capabilities: Support41Auth, SupportsCompression, ConnectWithDatabase, SupportsTransactions, SwitchToSSLAfterHandshake, LongColumnFlag, Speaks41ProtocolNew
| Status: Autocommit
|_ Salt: ?LABg_&<>bRU2;qIVW/&
5432/tcp open postgresql syn-ack
| ssl-cert: Subject: commonName=localhost.localdomain
| Subject Alternative Name: DNS:localhost.localdomain
| Issuer: commonName=localhost.localdomain
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2020-07-14T17:25:50
| Not valid after: 2030-07-12T17:25:50
| MD5: 627478dde562fca7b9581df75630295c
| SHA-1: c7ec8934bb1ee3bc06a1c362b4ac3576c46d776b
| -----BEGIN CERTIFICATE-----
| MIIC8jCCAdqgAwIBAgIJAMCIJ9DxeOW4MA0GCSqGSIb3DQEBCwUAMCAxHjAcBgNV
| BAMTFWxvY2FsaG9zdC5sb2NhbGRvbWFpbjAeFw0yMDA3MTQxNzI1NTBaFw0zMDA3
| MTIxNzI1NTBaMCAxHjAcBgNVBAMTFWxvY2FsaG9zdC5sb2NhbGRvbWFpbjCCASIw
| DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ/u0K28NynK90x4LJ/ckZLn860S
| Ns7cpePfWUG0DQoZgl0mbiuSzA52Kv6HsuhBY5aI+bAKNkrJjHhIs2ng3PgIzMgx
| ZGmcfkcKaWhdmFm5+2rQzLEdfxjE0dGQ+QNMAgWguORKOCKGr8C9ba8XFc5U3BCP
| TxMxyFOsPbnQMUpGOnhBJNhp2AcmnjV3kF6H0wo98Q1JGYEDztAbIzJewSKacUod
| /+gsbIZ9njCZxGKf4wQhCYvVARDby8M05WW08yVn8bh2vS/Sinw5qNXLbyMeHLgX
| H3k7zl0T4Fida8RB0pTm3AwHf7D444yn/wJMf6sfxc4yH7twVAxAG1etnEkCAwEA
| AaMvMC0wCQYDVR0TBAIwADAgBgNVHREEGTAXghVsb2NhbGhvc3QubG9jYWxkb21h
| aW4wDQYJKoZIhvcNAQELBQADggEBABbqzM75hxZ4usB3zhxTh0RirV1JVC7VQtFQ
| 0gq4Vvo/7Q6+1Z+3gnKpSrHZz2xERpakEcVSq92VTQyNk8Z1LhQZ0wQpONaGvSRd
| ybDK9xdKR5wrwF5QTpmjKFW9ieTMsxWnW5ATfQfPaIui399vSXgZNrQrFoVcos2p
| GL6GGYCsRfwnLmikS3fL0co7TAYJWyIElIScXarIbTVo84EQqJlAnlzvIR8PsXoQ
| ne7RjQIyTiro4DiubaT8xoyy8p1+ulvET86YclbKWqm5cEJh03jy5lqiBTyDDUgk
| 5tFuiEO+AEJXcFDD77iDtKDNfQnNgPBR3ICyGFoyndoqv1AaTJg=
|_-----END CERTIFICATE-----
|_ssl-date: TLS randomness does not represent time
8080/tcp open http-proxy syn-ack
| http-methods: | Supported Methods: GET HEAD POST PUT DELETE OPTIONS
|_ Potentially risky methods: PUT DELETE
|_http-open-proxy: Proxy might be redirecting requests
|_http-title: Apache Tomcat
10000/tcp open snet-sensor-mgmt syn-ack
Host script results:
| smb2-time: | date: 2023-08-15T18:02:47
|_ start_date: N/A
| smb2-security-mode: | 311: |_ Message signing enabled but not required
|_clock-skew: mean: 0s, deviation: 1s, median: 0s
| smb-security-mode: | account_used: guest
| authentication_level: user
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
| p2p-conficker: | Checking for Conficker.C or higher...
| Check 1 (port 12437/tcp): CLEAN (Couldn't connect)
| Check 2 (port 24599/tcp): CLEAN (Couldn't connect)
| Check 3 (port 16778/udp): CLEAN (Timeout)
| Check 4 (port 49867/udp): CLEAN (Timeout)
|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
| smb-os-discovery: | OS: Windows 6.1 (Samba 4.5.0-Debian)
| Computer name: localhost
| NetBIOS computer name: HACKLAB01\x00
| Domain name: \x00
| FQDN: localhost
|_ System time: 2023-08-15T18:02:47+00:00
| nbstat: NetBIOS name: HACKLAB01, NetBIOS user: <unknown>, NetBIOS MAC: 000000000000 (Xerox)
| Names:
| HACKLAB01<00> Flags: <unique><active>
| HACKLAB01<03> Flags: <unique><active>
| HACKLAB01<20> Flags: <unique><active>
| \x01\x02__MSBROWSE__\x02<01> Flags: <group><active>
| EVILCORP<00> Flags: <group><active>
| EVILCORP<1d> Flags: <unique><active>
| EVILCORP<1e> Flags: <group><active>
| Statistics:
| 0000000000000000000000000000000000
| 0000000000000000000000000000000000
|_ 0000000000000000000000000000
Read data files from: /usr/bin/../share/nmap
# Nmap done at Tue Aug 15 18:03:33 2023 -- 1 IP address (1 host up) scanned in 53.55 seconds
Download
advertisement