AnonymousSriLanka

University Colombo - Sri Lanka SSH/RSA Login Key Dump

Aug 26th, 2011
2,180
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. University Colombo - Sri Lanka SSH/RSA Login Key Dump - Linux (TUX-Fuck3D) Haxor3D
  2.  
  3. EXCLUSIVE FROM - Anonymous Sri Lanka
  4.  
  5. WWW.UCSC.LK -----> LINUX SSH Fuck3D and Bust3D
  6.  
  7. Hail to Anonymous, Lulzsec and Operation Anti-Sec...
  8.  
  9. Initiating Parallel DNS resolution of 1 host. at 16:02
  10. Completed Parallel DNS resolution of 1 host. at 16:02, 0.00s elapsed
  11. Initiating SYN Stealth Scan at 16:02
  12.  
  13. Scanning 10.16.16.2 [100 ports]
  14. Discovered open port 22/tcp on 10.16.16.2
  15. Discovered open port 8080/tcp on 10.16.16.2
  16. Discovered open port 443/tcp on 10.16.16.2
  17. Discovered open port 80/tcp on 10.16.16.2
  18. Discovered open port 3128/tcp on 10.16.16.2
  19. Discovered open port 8000/tcp on 10.16.16.2
  20.  
  21. Completed SYN Stealth Scan at 16:02, 9.47s elapsed (100 total ports)
  22. Initiating Service scan at 16:02
  23. Scanning 6 services on 10.16.16.2
  24. Completed Service scan at 16:03, 36.06s elapsed (6 services on 1 host)
  25. Initiating OS detection (try #1) against 10.16.16.2
  26. Retrying OS detection (try #2) against 10.16.16.2
  27. Initiating Traceroute at 16:03
  28. Completed Traceroute at 16:03, 1.03s elapsed
  29. Initiating Parallel DNS resolution of 2 hosts. at 16:03
  30. Completed Parallel DNS resolution of 2 hosts. at 16:03, 0.01s elapsed
  31. NSE: Script scanning 10.16.16.2.
  32. NSE: Starting runlevel 1 (of 1) scan.
  33. Initiating NSE at 16:03
  34. Completed NSE at 16:04, 8.83s elapsed
  35.  
  36. Scan report for 10.16.16.2
  37. Host is up (0.17s latency).
  38. Not shown: 93 closed ports
  39.  
  40. SSH/RSA KEY DUMPED
  41.  
  42. PORT STATE SERVICE VERSION
  43.  
  44. 22/tcp open ssh 3Com WX4400 NOS sshd 2.0 (protocol 2.0)
  45. | ssh-hostkey: 1024 4b:0e:a5:ce:76:e5:6d:47:5f:27:fc:cc:d4:58:d5:2e (RSA)
  46. |_ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCYF9O6XMgcwCjPeyzqeUb8feHbj8XbJ57w+fkIGQq61UnLvNzM36peVkVjJuO6fsB4Lhi80xLRRnDKZuaLUFIERI8+TLdhy8McN1SVb7jyhvzIW2F5BaeHrZBDKQaJecAWtsa68nste98YIFMMU1342tWZ5/mva6iCxxyAdzNFsQ==
  47.  
  48. 80/tcp open tcpwrapped
  49.  
  50. 443/tcp open ssl/tcpwrapped
  51. | sslv2: server still supports SSLv2
  52. | SSL2_DES_192_EDE3_CBC_WITH_MD5
  53. | SSL2_RC2_CBC_128_CBC_WITH_MD5
  54. | SSL2_RC4_128_WITH_MD5
  55. | SSL2_DES_64_CBC_WITH_MD5
  56. |_ SSL2_RC4_128_EXPORT40_WITH_MD5
  57.  
  58. 514/tcp filtered shell
  59. 3128/tcp open squid-http?
  60. 8000/tcp open tcpwrapped
  61. 8080/tcp open http-proxy?
  62.  
  63. 2 services unrecognized despite returning data.
  64.  
  65. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  66.  
  67. SF-Port3128-TCP:V=5.35DC1%I=7%D=10/28%Time=4CC9515E%P=i686-pc-linux-gnu%r(
  68. SF:GetRequest,13C,"HTTP/1\.1\x20404\x20Not\x20Found\r\nDate:\x20Oct\x2028,
  69. SF:\x2015:54:02\.663\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\
  70. SF:.0\r\nContent-Length:\x20173\r\nContent-Type:\x20text/html\r\n\r\n<HTML
  71. SF:><HEAD><TITLE>Not\x20Found</TITLE></HEAD>\n<BODY><H1>Not\x20Found</H1>\
  72. SF:n<br>&nbsp;&nbsp;The\x20requested\x20URL\x20was\x20not\x20found\x20on\x
  73. SF:20this\x20server\.\n<br><H2>Error\x20404</H2></BODY></HTML>\r\r\n\n")%r
  74. SF:(FourOhFourRequest,13C,"HTTP/1\.1\x20404\x20Not\x20Found\r\nDate:\x20Oc
  75. SF:t\x2028,\x2015:54:22\.181\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Versio
  76. SF:n:\x201\.0\r\nContent-Length:\x20173\r\nContent-Type:\x20text/html\r\n\
  77. SF:r\n<HTML><HEAD><TITLE>Not\x20Found</TITLE></HEAD>\n<BODY><H1>Not\x20Fou
  78. SF:nd</H1>\n<br>&nbsp;&nbsp;The\x20requested\x20URL\x20was\x20not\x20found
  79. SF:\x20on\x20this\x20server\.\n<br><H2>Error\x20404</H2></BODY></HTML>\r\r
  80. SF:\n\n");
  81.  
  82. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  83.  
  84. SF-Port8080-TCP:V=5.35DC1%I=7%D=10/28%Time=4CC9515F%P=i686-pc-linux-gnu%r(
  85. SF:GetRequest,13C,"HTTP/1\.1\x20404\x20Not\x20Found\r\nDate:\x20Oct\x2028,
  86. SF:\x2015:54:02\.652\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\
  87. SF:.0\r\nContent-Length:\x20173\r\nContent-Type:\x20text/html\r\n\r\n<HTML
  88. SF:><HEAD><TITLE>Not\x20Found</TITLE></HEAD>\n<BODY><H1>Not\x20Found</H1>\
  89. SF:n<br>&nbsp;&nbsp;The\x20requested\x20URL\x20was\x20not\x20found\x20on\x
  90. SF:20this\x20server\.\n<br><H2>Error\x20404</H2></BODY></HTML>\r\r\n\n")%r
  91. SF:(FourOhFourRequest,13C,"HTTP/1\.1\x20404\x20Not\x20Found\r\nDate:\x20Oc
  92. SF:t\x2028,\x2015:54:02\.911\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Versio
  93. SF:n:\x201\.0\r\nContent-Length:\x20173\r\nContent-Type:\x20text/html\r\n\
  94. SF:r\n<HTML><HEAD><TITLE>Not\x20Found</TITLE></HEAD>\n<BODY><H1>Not\x20Fou
  95. SF:nd</H1>\n<br>&nbsp;&nbsp;The\x20requested\x20URL\x20was\x20not\x20found
  96. SF:\x20on\x20this\x20server\.\n<br><H2>Error\x20404</H2></BODY></HTML>\r\r
  97. SF:\n\n");
  98.  
  99. TCP/IP fingerprint:
  100. SCAN(V=5.35DC1%D=10/28%OT=22%CT=7%CU=%PV=Y%DS=2%DC=T%G=N%TM=4CC9519B%P=i686-pc-linux-gnu)
  101. SEQ(SP=FC%GCD=2%ISR=107%TI=I%CI=RI%II=I%SS=S%TS=U)
  102. SEQ(SP=103%GCD=1%ISR=109%TI=I%CI=RI%II=I%SS=S%TS=U)
  103. OPS(O1=M5B4%O2=M5B4%O3=M5B4%O4=M5B4%O5=M5B4%O6=M5B4)
  104. WIN(W1=FAF0%W2=FAF0%W3=FAF0%W4=FAF0%W5=FAF0%W6=FAF0)
  105. ECN(R=Y%DF=N%TG=80%W=FAF0%O=M5B4%CC=N%Q=)
  106. ECN(R=Y%DF=N%TG=80%W=FAF0%O=%CC=N%Q=)
  107. T1(R=Y%DF=N%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
  108. T2(R=N)
  109. T3(R=Y%DF=N%TG=80%W=FAF0%S=O%A=S+%F=AS%O=M5B4%RD=0%Q=)
  110. T4(R=Y%DF=N%TG=80%W=7FFF%S=A%A=Z%F=R%O=%RD=0%Q=)
  111. T5(R=Y%DF=N%TG=80%W=FAF0%S=O%A=S+%F=AR%O=%RD=0%Q=)
  112. T6(R=Y%DF=N%TG=80%W=7FFF%S=A%A=Z%F=R%O=%RD=0%Q=)
  113. T7(R=N)
  114. U1(R=N)
  115. IE(R=Y%DFI=N%TG=80%CD=Z)
  116.  
  117. Network Distance: 2 hops
  118. TCP Sequence Prediction: Difficulty=259 (Good luck!)
  119. IP ID Sequence Generation: Incremental
  120. Service Info: Device: WAP
  121.  
  122. TRACEROUTE (using port 587/tcp)
  123. HOP RTT ADDRESS
  124. 1 0.10 ms 192.168.159.2
  125. 2 0.35 ms 10.16.16.2
  126.  
  127. Nmap done: 1 IP address (1 host up) scanned in 76.39 seconds
  128. Raw packets sent: 478 (27.696KB) | Rcvd: 217 (9.936KB)
  129.  
  130.  
  131.  
  132. EXTERNAL TCP RAW SCAN:
  133.  
  134. Scan report for 10.16.31.254
  135.  
  136. Host is up, received user-set (0.0085s latency).
  137.  
  138. PORT STATE SERVICE REASON VERSION
  139. 21/tcp filtered ftp no-response
  140. 22/tcp filtered ssh no-response
  141. 23/tcp filtered telnet no-response
  142. 25/tcp filtered smtp no-response
  143. 80/tcp open http? syn-ack
  144. 110/tcp filtered pop3 no-response
  145. 139/tcp filtered netbios-ssn no-response
  146. 443/tcp open ssl/https? syn-ack
  147. 445/tcp filtered microsoft-ds no-response
  148. 3389/tcp filtered ms-term-serv no-response
  149. 53/udp open domain udp-response ISC BIND bind
  150. 67/udp open|filtered dhcps no-response
  151. 123/udp open|filtered ntp no-response
  152. 135/udp open|filtered msrpc no-response
  153. 137/udp open|filtered netbios-ns no-response
  154. 138/udp open|filtered netbios-dgm no-response
  155. 161/udp open|filtered snmp no-response
  156. 445/udp open|filtered microsoft-ds no-response
  157. 631/udp open|filtered ipp no-response
  158. 1434/udp open|filtered ms-sql-m no-response
  159.  
  160. 2 services unrecognized despite returning data.
  161.  
  162. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  163. SF-Port80-TCP:V=5.35DC1%I=9%D=10/30%Time=4CCBABC4%P=i686-pc-linux-gnu%r(Ge
  164. SF:tRequest,11B,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x2010:44:04
  165. SF:\.518\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0\r\nLocati
  166. SF:on:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?wbaredirec
  167. SF:t=http:///\r\nContent-Length:\x2067\r\nContent-Type:\x20text/html\r\n\r
  168. SF:\n<HTML><HEAD><TITLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\
  169. SF:n\n")%r(FourOhFourRequest,136,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x
  170. SF:2030,\x2010:44:04\.706\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\
  171. SF:x201\.0\r\nLocation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\
  172. SF:.html\?wbaredirect=http:///nice\x20ports,/Trinity\.txt\.bak\r\nContent-
  173. SF:Length:\x2067\r\nContent-Type:\x20text/html\r\n\r\n<HTML><HEAD><TITLE>R
  174. SF:edirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\n\n")%r(OfficeScan,121
  175. SF:,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x2010:44:05\.668\r\nSer
  176. SF:ver:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0\r\nLocation:\x20http:
  177. SF://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?wbaredirect=http:///\?
  178. SF:CAVIT\r\nContent-Length:\x2067\r\nContent-Type:\x20text/html\r\n\r\n<HT
  179. SF:ML><HEAD><TITLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\n\n");
  180.  
  181. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  182.  
  183. SF-Port443-TCP:V=5.35DC1%T=SSL%I=9%D=10/30%Time=4CCBABCA%P=i686-pc-linux-gnu%r(GetRequest,11C,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x2010:44
  184. SF::10\.672\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0\r\nLoc
  185. SF:ation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?wbaredi
  186. SF:rect=https:///\r\nContent-Length:\x2067\r\nContent-Type:\x20text/html\r
  187. SF:\n\r\n<HTML><HEAD><TITLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\
  188. SF:r\r\n\n")%r(FourOhFourRequest,137,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20O
  189. SF:ct\x2030,\x2010:44:12\.090\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Versi
  190. SF:on:\x201\.0\r\nLocation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_lo
  191. SF:gin\.html\?wbaredirect=https:///nice\x20ports,/Trinity\.txt\.bak\r\nCon
  192. SF:tent-Length:\x2067\r\nContent-Type:\x20text/html\r\n\r\n<HTML><HEAD><TI
  193. SF:TLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\n\n")%r(OfficeSca
  194. SF:n,122,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x2010:44:13\.992\r
  195. SF:\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0\r\nLocation:\x20
  196. SF:http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?wbaredirect=https
  197. SF::///\?CAVIT\r\nContent-Length:\x2067\r\nContent-Type:\x20text/html\r\n\
  198. SF:r\n<HTML><HEAD><TITLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r
  199. SF:\n\n");
  200.  
  201. Final times for host: srtt: 8506 rttvar: 6700 to: 100000
  202.  
  203. ----------------------------------------------------------------------------------------------
  204.  
  205. Scan report for 10.16.31.254
  206. Host is up, received user-set (0.0059s latency).
  207.  
  208. PORT STATE SERVICE REASON VERSION
  209. 21/tcp filtered ftp no-response
  210. 22/tcp filtered ssh no-response
  211. 23/tcp filtered telnet no-response
  212. 25/tcp filtered smtp no-response
  213. 80/tcp open http? syn-ack
  214. 110/tcp filtered pop3 no-response
  215. 139/tcp filtered netbios-ssn no-response
  216. 443/tcp open ssl/https? syn-ack
  217. 445/tcp filtered microsoft-ds no-response
  218. 3389/tcp filtered ms-term-serv no-response
  219.  
  220. 2 services unrecognized despite returning data.
  221.  
  222. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  223. SF-Port80-TCP:V=5.35DC1%I=7%D=10/30%Time=4CCBACBB%P=i686-pc-linux-gnu%r(Ge
  224. SF:tRequest,11B,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x2010:48:11
  225. SF:\.562\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0\r\nLocati
  226. SF:on:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?wbaredirec
  227. SF:t=http:///\r\nContent-Length:\x2067\r\nContent-Type:\x20text/html\r\n\r
  228. SF:\n<HTML><HEAD><TITLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\
  229. SF:n\n")%r(FourOhFourRequest,136,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x
  230. SF:2030,\x2010:48:12\.045\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\
  231. SF:x201\.0\r\nLocation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\
  232. SF:.html\?wbaredirect=http:///nice\x20ports,/Trinity\.txt\.bak\r\nContent-
  233. SF:Length:\x2067\r\nContent-Type:\x20text/html\r\n\r\n<HTML><HEAD><TITLE>R
  234. SF:edirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\n\n");
  235.  
  236. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  237.  
  238. SF-Port443-TCP:V=5.35DC1%T=SSL%I=7%D=10/30%Time=4CCBACC7%P=i686-pc-linux-gnu%r(FourOhFourRequest,137,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x
  239. SF:2010:48:23\.593\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0
  240. SF:\r\nLocation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?
  241. SF:wbaredirect=https:///nice\x20ports,/Trinity\.txt\.bak\r\nContent-Length
  242. SF::\x2067\r\nContent-Type:\x20text/html\r\n\r\n<HTML><HEAD><TITLE>Redirec
  243. SF:t</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\n\n");
  244. Final times for host: srtt: 5938 rttvar: 5989 to: 100000
  245.  
  246. ----------------------------------------------------------------------------------------------
  247. Scan report for 10.16.31.254
  248. Host is up, received user-set (0.017s latency).
  249.  
  250. PORT STATE SERVICE REASON VERSION
  251. 21/tcp filtered ftp no-response
  252. 22/tcp filtered ssh no-response
  253. 23/tcp filtered telnet no-response
  254. 25/tcp filtered smtp no-response
  255. 53/tcp filtered domain no-response
  256. 80/tcp open http? syn-ack
  257. 110/tcp filtered pop3 no-response
  258. 111/tcp filtered rpcbind no-response
  259. 135/tcp filtered msrpc no-response
  260. 139/tcp filtered netbios-ssn no-response
  261. 143/tcp filtered imap no-response
  262. 443/tcp open https? syn-ack
  263. 445/tcp filtered microsoft-ds no-response
  264. 993/tcp filtered imaps no-response
  265. 995/tcp filtered pop3s no-response
  266. 1723/tcp filtered pptp no-response
  267. 3306/tcp filtered mysql no-response
  268. 3389/tcp filtered ms-term-serv no-response
  269. 5900/tcp filtered vnc no-response
  270. 8080/tcp open http-proxy? syn-ack
  271. 53/udp open domain? udp-response
  272. 67/udp open|filtered dhcps no-response
  273. 68/udp open|filtered dhcpc no-response
  274. 69/udp open|filtered tftp no-response
  275. 123/udp open|filtered ntp no-response
  276. 135/udp open|filtered msrpc no-response
  277. 137/udp open|filtered netbios-ns no-response
  278. 138/udp open|filtered netbios-dgm no-response
  279. 139/udp open|filtered netbios-ssn no-response
  280. 161/udp open|filtered snmp no-response
  281. 162/udp open|filtered snmptrap no-response
  282. 445/udp open|filtered microsoft-ds no-response
  283. 500/udp open|filtered isakmp no-response
  284. 514/udp open|filtered syslog no-response
  285. 520/udp open|filtered route no-response
  286. 631/udp open|filtered ipp no-response
  287. 1434/udp open|filtered ms-sql-m no-response
  288. 1900/udp open|filtered upnp no-response
  289. 4500/udp open|filtered nat-t-ike no-response
  290. 49152/udp open|filtered unknown no-response
  291.  
  292. 1 service unrecognized despite returning data.
  293.  
  294. SF-Port53-UDP:V=5.35DC1%I=9%D=10/30%Time=4CCBAE00%P=i686-pc-linux-gnu%r(RP
  295. SF:CCheck,3A,"\0\x06\x85\x80\0\x01\0\x01\0\0\0\0\x07version\x04bind\0\0\x1
  296. SF:0\0\x03\x07version\x04bind\0\0\x10\0\x03\0\0\0\0\0\x04\n\x10\x10\x02")%
  297. SF:r(NBTStat,62,"\x80\xf0\x84\x80\0\x01\0\x01\0\0\0\0\x20CKAAAAAAAAAAAAAAA
  298. SF:AAAAAAAAAAAAAAA\0\0!\0\x01\x20CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\x
  299. SF:01\0\0\0\0\0\x04\n\x10\x10\x02")%r(NTPRequest,20,"\xe3\0\x84\x80\0\x01\
  300. SF:0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x04\n\x10\x10\x02")%r(DNS-S
  301. SF:D,5A,"\0\0\x84\x80\0\x01\0\x01\0\0\0\0\t_services\x07_dns-sd\x04_udp\x0
  302. SF:5local\0\0\x0c\0\x01\t_services\x07_dns-sd\x04_udp\x05local\0\0\x0c\0\x
  303. SF:01\0\0\0\0\0\x04\n\x10\x10\x02");
  304. Final times for host: srtt: 16874 rttvar: 10563 to: 100000
  305.  
  306. ----------------------------------------------------------------------------------------------
  307.  
  308. Scan report for 10.16.31.254
  309. Host is up, received user-set (0.012s latency).
  310.  
  311. PORT STATE SERVICE REASON VERSION
  312. 21/tcp filtered ftp no-response
  313. 22/tcp filtered ssh no-response
  314. 23/tcp filtered telnet no-response
  315. 25/tcp filtered smtp no-response
  316. 80/tcp open http? syn-ack
  317. 110/tcp filtered pop3 no-response
  318. 139/tcp filtered netbios-ssn no-response
  319. 443/tcp open ssl/https? syn-ack
  320. 445/tcp filtered microsoft-ds no-response
  321. 3389/tcp filtered ms-term-serv no-response
  322.  
  323. 2 services unrecognized despite returning data.
  324.  
  325. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  326. SF-Port80-TCP:V=5.35DC1%I=7%D=10/30%Time=4CCBAF43%P=i686-pc-linux-gnu%r(Ge
  327. SF:tRequest,11B,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x2010:58:59
  328. SF:\.515\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0\r\nLocati
  329. SF:on:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?wbaredirec
  330. SF:t=http:///\r\nContent-Length:\x2067\r\nContent-Type:\x20text/html\r\n\r
  331. SF:\n<HTML><HEAD><TITLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\
  332. SF:n\n")%r(FourOhFourRequest,136,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x
  333. SF:2030,\x2010:58:59\.831\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\
  334. SF:x201\.0\r\nLocation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\
  335. SF:.html\?wbaredirect=http:///nice\x20ports,/Trinity\.txt\.bak\r\nContent-
  336. SF:Length:\x2067\r\nContent-Type:\x20text/html\r\n\r\n<HTML><HEAD><TITLE>R
  337. SF:edirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\n\n");
  338.  
  339. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
  340.  
  341. SF-Port443-TCP:V=5.35DC1%T=SSL%I=7%D=10/30%Time=4CCBAF49%P=i686-pc-linux-gnu%r(GetRequest,11C,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20Oct\x2030,\x2010:59
  342. SF::05\.756\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Version:\x201\.0\r\nLoc
  343. SF:ation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_login\.html\?wbaredi
  344. SF:rect=https:///\r\nContent-Length:\x2067\r\nContent-Type:\x20text/html\r
  345. SF:\n\r\n<HTML><HEAD><TITLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\
  346. SF:r\r\n\n")%r(FourOhFourRequest,137,"HTTP/1\.1\x20302\x20OK\r\nDate:\x20O
  347. SF:ct\x2030,\x2010:59:07\.103\r\nServer:\x20TreeNeWS/0\.0\.1\r\nMime-Versi
  348. SF:on:\x201\.0\r\nLocation:\x20http://webaaa-cert-10\.16\.16\.2/aaa/wba_lo
  349. SF:gin\.html\?wbaredirect=https:///nice\x20ports,/Trinity\.txt\.bak\r\nCon
  350. SF:tent-Length:\x2067\r\nContent-Type:\x20text/html\r\n\r\n<HTML><HEAD><TI
  351. SF:TLE>Redirect</TITLE></HEAD>\n<BODY></BODY></HTML>\r\r\n\n");
  352.  
  353. Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
  354.  
  355. Device type: general purpose|storage-misc|webcam|VoIP phone
  356. Running (JUST GUESSING) : Apple Mac OS X 10.5.X (96%), BlueArc embedded (93%), DVTel embedded (88%), Pirelli embedded (87%)
  357.  
  358. OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
  359. Aggressive OS guesses: Apple Mac OS X 10.5.5 (Leopard) (96%), BlueArc Titan 2100 NAS device (93%), DVTel DVT-9540DW network camera (88%), Pirelli DP-10 VoIP phone (87%)
  360. No exact OS matches for host (test conditions non-ideal).
  361.  
  362. TCP/IP fingerprint:
  363.  
  364. SCAN(V=5.35DC1%D=10/30%OT=80%CT=%CU=%PV=Y%DS=2%DC=T%G=N%TM=4CCBAF52%P=i686-pc-linux-gnu)
  365. SEQ(SP=FB%GCD=1%ISR=103%TI=I%CI=RI%TS=U)
  366. SEQ(SP=F2%GCD=1%ISR=F8%TI=I%CI=RI%TS=U)
  367. OPS(O1=M5B4%O2=M5B4%O3=M5B4%O4=M5B4%O5=M5B4%O6=M5B4)
  368. WIN(W1=FAF0%W2=FAF0%W3=FAF0%W4=FAF0%W5=FAF0%W6=FAF0)
  369. ECN(R=Y%DF=N%TG=80%W=FAF0%O=M5B4%CC=N%Q=)
  370. T1(R=Y%DF=N%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
  371. T2(R=N)
  372. T3(R=Y%DF=N%TG=80%W=FAF0%S=O%A=S+%F=AS%O=M5B4%RD=0%Q=)
  373. T4(R=Y%DF=N%TG=80%W=7FFF%S=A%A=Z%F=R%O=%RD=0%Q=)
  374. T5(R=Y%DF=N%TG=80%W=FAF0%S=O%A=S+%F=A%O=%RD=0%Q=)
  375. T6(R=Y%DF=N%TG=80%W=7FFF%S=A%A=Z%F=R%O=%RD=0%Q=)
  376. U1(R=N)
  377. IE(R=N)
  378.  
  379. Network Distance: 2 hops
  380. TCP Sequence Prediction: Difficulty=242 (Good luck!)
  381. IP ID Sequence Generation: Incremental
  382.  
  383. TRACEROUTE (using port 443/tcp)
  384. HOP RTT ADDRESS
  385. 1 2.57 ms 192.168.159.2
  386. 2 23.38 ms 10.16.31.254
  387.  
  388. Final times for host: srtt: 11742 rttvar: 6118 to: 100000
RAW Paste Data