Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Nmap scan report for 172.16.16.1
- Host is up (0.00044s latency).
- Not shown: 996 filtered ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.5 (protocol 2.0)
- | ssh-hostkey:
- |_ 4096 d4:6e:2b:9c:29:50:86:7d:ef:c4:50:01:51:c4:35:7e (RSA)
- 53/tcp open domain
- 80/tcp open http nginx
- |_http-server-header: nginx
- |_http-title: Did not follow redirect to https://172.16.16.1/
- 443/tcp open ssl/http nginx
- |_http-title: pfSense - Login
- | ssl-cert: Subject: commonName=pfSense-5dbdade926f7f/organizationName=pfSense webConfigurator Self-Signed Certificate
- | Subject Alternative Name: DNS:pfSense-5dbdade926f7f
- | Not valid before: 2019-11-02T16:25:13
- |_Not valid after: 2025-04-24T16:25:13
- Nmap scan report for 172.16.16.9
- Host is up (0.00065s latency).
- Not shown: 998 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0)
- | ssh-hostkey:
- | 1024 6b:a3:a7:41:1b:1d:51:89:56:e0:f3:08:98:e9:0e:c1 (DSA)
- | 2048 0b:b3:ce:6c:69:5d:cf:6a:6b:ff:e4:64:64:94:bb:bc (RSA)
- | 256 a8:d1:79:0b:91:39:86:59:e5:75:1c:34:1f:82:40:fe (ECDSA)
- |_ 256 6c:50:20:a7:b4:8b:9d:45:57:53:11:d3:6f:e6:03:6b (EdDSA)
- 80/tcp open http Apache httpd 2.4.7 ((Ubuntu))
- |_http-generator: Drupal 7 (http://drupal.org)
- | http-robots.txt: 36 disallowed entries (15 shown)
- | /includes/ /misc/ /modules/ /profiles/ /scripts/
- | /themes/ /CHANGELOG.txt /cron.php /INSTALL.mysql.txt
- | /INSTALL.pgsql.txt /INSTALL.sqlite.txt /install.php /INSTALL.txt
- |_/LICENSE.txt /MAINTAINERS.txt
- |_http-server-header: Apache/2.4.7 (Ubuntu)
- |_http-title: orochimaru | Boomers to the Moon
- Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
- Nmap scan report for 172.16.16.25
- Host is up (0.00062s latency).
- Not shown: 990 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
- | ssh-hostkey:
- | 2048 44:c4:b3:74:4d:23:a8:10:33:0e:bb:e0:bd:7f:25:ae (RSA)
- | 256 f9:26:2e:23:7d:bf:fd:db:44:5c:29:31:ed:4a:a3:64 (ECDSA)
- |_ 256 d6:1f:f5:6a:96:e4:36:2c:97:2d:77:79:7d:6d:c2:7f (EdDSA)
- 25/tcp open smtp Postfix smtpd
- |_smtp-commands: mail.microspace.lowcoal, SIZE 11534336, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
- | ssl-cert: Subject: commonName=mail.microspace.lowcoal
- | Not valid before: 2019-12-20T06:47:11
- |_Not valid after: 2020-12-19T06:47:11
- |_ssl-date: TLS randomness does not represent time
- 80/tcp open http nginx 1.16.1
- |_http-server-header: nginx/1.16.1
- | http-title: Welcome to Modoboa
- |_Requested resource was /accounts/login/?next=/
- 110/tcp open pop3 Dovecot pop3d
- |_pop3-capabilities: USER UIDL SASL(PLAIN LOGIN) AUTH-RESP-CODE TOP CAPA STLS RESP-CODES PIPELINING
- | ssl-cert: Subject: commonName=mail.microspace.lowcoal
- | Not valid before: 2019-12-20T06:47:11
- |_Not valid after: 2020-12-19T06:47:11
- |_ssl-date: TLS randomness does not represent time
- 143/tcp open imap Dovecot imapd
- |_imap-capabilities: ID post-login IMAP4rev1 Pre-login SASL-IR AUTH=PLAIN AUTH=LOGINA0001 listed LOGIN-REFERRALS more LITERAL+ ENABLE STARTTLS OK capabilities IDLE have
- | ssl-cert: Subject: commonName=mail.microspace.lowcoal
- | Not valid before: 2019-12-20T06:47:11
- |_Not valid after: 2020-12-19T06:47:11
- |_ssl-date: TLS randomness does not represent time
- 443/tcp open ssl/http nginx 1.16.1
- |_http-server-header: nginx/1.16.1
- | http-title: Welcome to Modoboa
- |_Requested resource was /accounts/login/?next=/
- | ssl-cert: Subject: commonName=mail.microspace.lowcoal
- | Not valid before: 2019-12-20T06:47:11
- |_Not valid after: 2020-12-19T06:47:11
- |_ssl-date: TLS randomness does not represent time
- | tls-nextprotoneg:
- |_ http/1.1
- 587/tcp open smtp Postfix smtpd
- |_smtp-commands: mail.microspace.lowcoal, PIPELINING, SIZE 11534336, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
- | ssl-cert: Subject: commonName=mail.microspace.lowcoal
- | Not valid before: 2019-12-20T06:47:11
- |_Not valid after: 2020-12-19T06:47:11
- |_ssl-date: TLS randomness does not represent time
- 993/tcp open ssl/imap Dovecot imapd
- |_imap-capabilities: more ID OK AUTH=PLAIN post-login AUTH=LOGINA0001 listed LOGIN-REFERRALS IMAP4rev1 LITERAL+ ENABLE capabilities SASL-IR Pre-login IDLE have
- | ssl-cert: Subject: commonName=mail.microspace.lowcoal
- | Not valid before: 2019-12-20T06:47:11
- |_Not valid after: 2020-12-19T06:47:11
- |_ssl-date: TLS randomness does not represent time
- 995/tcp open ssl/pop3 Dovecot pop3d
- |_pop3-capabilities: UIDL AUTH-RESP-CODE USER TOP CAPA SASL(PLAIN LOGIN) RESP-CODES PIPELINING
- | ssl-cert: Subject: commonName=mail.microspace.lowcoal
- | Not valid before: 2019-12-20T06:47:11
- |_Not valid after: 2020-12-19T06:47:11
- |_ssl-date: TLS randomness does not represent time
- 3306/tcp open mysql MariaDB (unauthorized)
- Service Info: Host: mail.microspace.lowcoal
- Nmap scan report for 172.16.16.30
- Host is up (0.00066s latency).
- Not shown: 978 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH for_Windows_8.0 (protocol 2.0)
- | ssh-hostkey:
- | 3072 93:f4:70:de:99:c4:de:5b:c8:22:1e:07:57:45:4c:69 (RSA)
- | 256 b1:e8:f9:6f:c0:bc:b9:a8:fa:32:d2:a4:6f:52:a0:94 (ECDSA)
- |_ 256 60:d7:2a:a5:bf:75:3c:c8:d6:85:a7:2b:41:ad:d8:f8 (EdDSA)
- 23/tcp open telnet Microsoft Windows XP telnetd
- | telnet-ntlm-info:
- | Target_Name: US
- | NetBIOS_Domain_Name: US
- | NetBIOS_Computer_Name: BORUTO
- | DNS_Domain_Name: microspace.lowcoal
- | DNS_Computer_Name: boruto.microspace.lowcoal
- | DNS_Tree_Name: microspace.lowcoal
- |_ Product_Version: 6.3.9600
- 53/tcp open domain Microsoft DNS
- 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2020-01-25 18:38:24Z)
- 135/tcp open msrpc Microsoft Windows RPC
- 139/tcp open netbios-ssn Microsoft Windows netbios-ssn
- 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: microspace.lowcoal, Site: Default-First-Site-Name)
- 445/tcp open microsoft-ds Windows Server 2012 R2 Standard 9600 microsoft-ds (workgroup: US)
- 464/tcp open kpasswd5?
- 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
- 636/tcp open tcpwrapped
- 3268/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: microspace.lowcoal, Site: Default-First-Site-Name)
- 3269/tcp open tcpwrapped
- 3389/tcp open ms-wbt-server Microsoft Terminal Service
- | ssl-cert: Subject: commonName=boruto.microspace.lowcoal
- | Not valid before: 2019-12-04T07:26:18
- |_Not valid after: 2020-06-04T07:26:18
- |_ssl-date: 2020-01-25T18:41:07+00:00; +5h20m40s from scanner time.
- 49152/tcp open msrpc Microsoft Windows RPC
- 49153/tcp open msrpc Microsoft Windows RPC
- 49154/tcp open msrpc Microsoft Windows RPC
- 49155/tcp open msrpc Microsoft Windows RPC
- 49157/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
- 49158/tcp open msrpc Microsoft Windows RPC
- 49159/tcp open msrpc Microsoft Windows RPC
- 49175/tcp open msrpc Microsoft Windows RPC
- Service Info: Host: BORUTO; OSs: Windows XP, Windows; CPE: cpe:/o:microsoft:windows_xp, cpe:/o:microsoft:windows
- Host script results:
- |_clock-skew: mean: 5h20m40s, deviation: 0s, median: 5h20m39s
- |_nbstat: NetBIOS name: BORUTO, NetBIOS user: <unknown>, NetBIOS MAC: 00:50:56:a8:51:34 (VMware)
- | smb-os-discovery:
- | OS: Windows Server 2012 R2 Standard 9600 (Windows Server 2012 R2 Standard 6.3)
- | OS CPE: cpe:/o:microsoft:windows_server_2012::-
- | Computer name: boruto
- | NetBIOS computer name: BORUTO\x00
- | Domain name: microspace.lowcoal
- | Forest name: microspace.lowcoal
- | FQDN: boruto.microspace.lowcoal
- |_ System time: 2020-01-25T10:40:57-08:00
- | smb-security-mode:
- | account_used: <blank>
- | authentication_level: user
- | challenge_response: supported
- |_ message_signing: required
- | smb2-security-mode:
- | 2.02:
- |_ Message signing enabled and required
- | smb2-time:
- | date: 2020-01-25 18:40:59
- |_ start_date: 2020-01-24 03:39:59
- Nmap scan report for 172.16.16.35
- Host is up (0.00062s latency).
- Not shown: 979 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH for_Windows_8.0 (protocol 2.0)
- | ssh-hostkey:
- | 3072 93:f4:70:de:99:c4:de:5b:c8:22:1e:07:57:45:4c:69 (RSA)
- | 256 b1:e8:f9:6f:c0:bc:b9:a8:fa:32:d2:a4:6f:52:a0:94 (ECDSA)
- |_ 256 60:d7:2a:a5:bf:75:3c:c8:d6:85:a7:2b:41:ad:d8:f8 (EdDSA)
- 23/tcp open telnet Microsoft Windows XP telnetd
- | telnet-ntlm-info:
- | Target_Name: US
- | NetBIOS_Domain_Name: US
- | NetBIOS_Computer_Name: NARUTO
- | DNS_Domain_Name: microspace.lowcoal
- | DNS_Computer_Name: NARUTO.microspace.lowcoal
- | DNS_Tree_Name: microspace.lowcoal
- |_ Product_Version: 6.3.9600
- 53/tcp open domain Microsoft DNS
- 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2020-01-25 18:38:24Z)
- 135/tcp open msrpc Microsoft Windows RPC
- 139/tcp open netbios-ssn Microsoft Windows netbios-ssn
- 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: microspace.lowcoal, Site: Default-First-Site-Name)
- 445/tcp open microsoft-ds Windows Server 2012 R2 Standard 9600 microsoft-ds (workgroup: US)
- 464/tcp open kpasswd5?
- 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
- 636/tcp open tcpwrapped
- 3268/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: microspace.lowcoal, Site: Default-First-Site-Name)
- 3269/tcp open tcpwrapped
- 3389/tcp open ms-wbt-server Microsoft Terminal Service
- | ssl-cert: Subject: commonName=NARUTO.microspace.lowcoal
- | Not valid before: 2019-12-03T09:00:46
- |_Not valid after: 2020-06-03T09:00:46
- |_ssl-date: 2020-01-25T18:41:02+00:00; +5h20m41s from scanner time.
- 49152/tcp open msrpc Microsoft Windows RPC
- 49153/tcp open msrpc Microsoft Windows RPC
- 49154/tcp open msrpc Microsoft Windows RPC
- 49155/tcp open msrpc Microsoft Windows RPC
- 49157/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
- 49158/tcp open msrpc Microsoft Windows RPC
- 49159/tcp open msrpc Microsoft Windows RPC
- Service Info: Host: NARUTO; OSs: Windows XP, Windows; CPE: cpe:/o:microsoft:windows_xp, cpe:/o:microsoft:windows
- Host script results:
- |_clock-skew: mean: 5h20m40s, deviation: 0s, median: 5h20m40s
- |_nbstat: NetBIOS name: NARUTO, NetBIOS user: <unknown>, NetBIOS MAC: 00:50:56:a8:19:4b (VMware)
- | smb-os-discovery:
- | OS: Windows Server 2012 R2 Standard 9600 (Windows Server 2012 R2 Standard 6.3)
- | OS CPE: cpe:/o:microsoft:windows_server_2012::-
- | Computer name: NARUTO
- | NetBIOS computer name: NARUTO\x00
- | Domain name: microspace.lowcoal
- | Forest name: microspace.lowcoal
- | FQDN: NARUTO.microspace.lowcoal
- |_ System time: 2020-01-25T10:41:13-08:00
- | smb-security-mode:
- | account_used: guest
- | authentication_level: user
- | challenge_response: supported
- |_ message_signing: required
- | smb2-security-mode:
- | 2.02:
- |_ Message signing enabled and required
- | smb2-time:
- | date: 2020-01-25 18:41:05
- |_ start_date: 2020-01-23 22:18:16
- Nmap scan report for 172.16.16.43
- Host is up (0.00071s latency).
- Not shown: 993 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
- | ssh-hostkey:
- | 2048 45:be:14:b7:25:47:9b:fc:25:a5:43:2b:f8:12:61:e9 (RSA)
- | 256 5a:20:a4:a1:8c:8f:50:6d:ad:c8:da:62:f3:45:28:63 (ECDSA)
- |_ 256 d9:d4:ff:20:78:f7:b9:c5:17:00:b1:22:be:ba:7e:80 (EdDSA)
- 80/tcp open http nginx 1.16.1
- |_http-server-header: nginx/1.16.1
- |_http-title: Alfresco
- 139/tcp open netbios-ssn?
- 445/tcp open microsoft-ds Java microsoft-ds
- | fingerprint-strings:
- | Kerberos:
- | ^0\xa0
- | SMBProgNeg:
- |_ SMBr
- 8009/tcp open ajp13 Apache Jserv (Protocol v1.3)
- |_ajp-methods: Failed to get a valid response for the OPTION request
- 8080/tcp open http Apache Tomcat/Coyote JSP engine 1.1
- |_http-open-proxy: Proxy might be redirecting requests
- |_http-server-header: Apache-Coyote/1.1
- |_http-title: Alfresco
- 8443/tcp open ssl/http Apache Tomcat/Coyote JSP engine 1.1
- |_http-server-header: Apache-Coyote/1.1
- |_http-title: Alfresco
- | ssl-cert: Subject: commonName=Alfresco Repository/organizationName=Alfresco Software Ltd./stateOrProvinceName=UK/countryName=GB
- | Not valid before: 2012-08-10T16:21:00
- |_Not valid after: 2112-07-17T16:21:00
- Host script results:
- |_clock-skew: mean: 5h20m40s, deviation: 0s, median: 5h20m40s
- |_nbstat: NetBIOS name: SASUKEA, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
- | smb-os-discovery:
- | OS: Java (Alfresco CIFS Server 6.0.0)
- | Computer name: SASUKEA
- | NetBIOS computer name: SASUKEA\x00
- | Workgroup: US\x00
- |_ System time: 2020-01-25T18:41:10+00:00
- | smb-security-mode:
- | account_used: guest
- | authentication_level: user
- | challenge_response: supported
- |_ message_signing: disabled (dangerous, but default)
- |_smb2-time: Protocol negotiation failed (SMB2)
- Nmap scan report for 172.16.16.60
- Host is up (0.00069s latency).
- Not shown: 996 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
- | ssh-hostkey:
- | 2048 b9:09:b1:7a:a9:dc:4c:91:e3:07:e7:f1:8a:11:dc:ef (RSA)
- | 256 86:fa:5c:40:ad:41:91:f6:75:77:46:08:f8:3e:81:11 (ECDSA)
- |_ 256 c8:e5:d6:a1:f9:73:be:ed:86:d9:a5:de:57:ce:57:48 (EdDSA)
- 23/tcp open telnet Linux telnetd
- 80/tcp open http Werkzeug httpd 0.16.0 (Python 3.6.8)
- |_http-server-header: Werkzeug/0.16.0 Python/3.6.8
- |_http-title: Launch Results!
- 111/tcp open rpcbind 2-4 (RPC #100000)
- | rpcinfo:
- | program version port/proto service
- | 100000 2,3,4 111/tcp rpcbind
- |_ 100000 2,3,4 111/udp rpcbind
- Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
- Nmap scan report for 172.16.16.66
- Host is up (0.00020s latency).
- Not shown: 991 closed ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp OpenBSD ftpd 6.4 (Linux port 0.17)
- 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0)
- | ssh-hostkey:
- | 1024 e0:f8:2d:26:40:a5:72:f9:8b:17:e2:a6:79:e4:54:a8 (DSA)
- | 2048 ee:6e:4f:aa:71:98:99:f6:6a:04:b9:57:f4:66:58:95 (RSA)
- | 256 a7:94:ac:0d:48:9c:98:a5:7e:38:25:41:b3:7d:1a:07 (ECDSA)
- |_ 256 bd:d0:58:00:1e:55:ec:0c:f4:8f:5d:c3:4e:28:67:52 (EdDSA)
- 23/tcp open telnet Linux telnetd
- 80/tcp open http Apache httpd 2.4.7 ((Ubuntu))
- |_http-server-header: Apache/2.4.7 (Ubuntu)
- |_http-title: Apache2 Ubuntu Default Page: It works
- 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
- 445/tcp open netbios-ssn Samba smbd 4.3.11-Ubuntu (workgroup: WORKGROUP)
- 3306/tcp open mysql MySQL (unauthorized)
- 5901/tcp open vnc VNC (protocol 3.8)
- | vnc-info:
- | Protocol version: 3.8
- | Security types:
- |_ VNC Authentication (2)
- 6001/tcp open X11 (access denied)
- Service Info: Host: sakura; OSs: Linux, Unix; CPE: cpe:/o:linux:linux_kernel
- Host script results:
- |_clock-skew: mean: 5h20m40s, deviation: 0s, median: 5h20m40s
- |_nbstat: NetBIOS name: SAKURA, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
- | smb-os-discovery:
- | OS: Windows 6.1 (Samba 4.3.11-Ubuntu)
- | Computer name: sakura
- | NetBIOS computer name: SAKURA\x00
- | Domain name: \x00
- | FQDN: sakura
- |_ System time: 2020-01-25T10:41:00-08:00
- | smb-security-mode:
- | account_used: <blank>
- | authentication_level: user
- | challenge_response: supported
- |_ message_signing: disabled (dangerous, but default)
- | smb2-security-mode:
- | 2.02:
- |_ Message signing enabled but not required
- | smb2-time:
- | date: 2020-01-25 18:41:14
- |_ start_date: 1601-01-01 00:00:00
- Nmap scan report for 172.16.16.67
- Host is up (0.00029s latency).
- Not shown: 990 closed ports
- PORT STATE SERVICE VERSION
- 7/tcp open echo
- 9/tcp open discard?
- 13/tcp open daytime
- 19/tcp open chargen xinetd chargen
- 21/tcp open ftp vsftpd 3.0.2
- |_ftp-anon: Anonymous FTP login allowed (FTP code 230)
- | ftp-syst:
- | STAT:
- | FTP server status:
- | Connected to 172.16.16.201
- | Logged in as ftp
- | TYPE: ASCII
- | No session bandwidth limit
- | Session timeout in seconds is 300
- | Control connection is plain text
- | Data connections will be plain text
- | At session startup, client count was 1
- | vsFTPd 3.0.2 - secure, fast, stable
- |_End of status
- 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0)
- | ssh-hostkey:
- | 1024 09:f4:57:2a:58:af:06:41:7c:09:0b:04:32:8a:6b:30 (DSA)
- | 2048 fe:30:c9:c1:39:77:26:11:db:2f:ac:d6:24:a3:04:ba (RSA)
- | 256 d3:90:23:be:ea:ec:d4:b6:8f:c7:b3:19:a4:9f:3e:b2 (ECDSA)
- |_ 256 68:35:a2:b2:b7:a0:a6:55:25:e2:0b:5e:d4:ba:7c:19 (EdDSA)
- 37/tcp open time (32 bits)
- |_rfc868-time: 2020-01-25T18:41:04
- 80/tcp open http Apache httpd 2.4.7 ((Ubuntu))
- |_http-server-header: Apache/2.4.7 (Ubuntu)
- |_http-title: Apache2 Ubuntu Default Page: It works
- 2222/tcp open ssh Dropbear sshd 2013.60 (protocol 2.0)
- 3306/tcp open mysql MySQL 5.5.62-0ubuntu0.14.04.1
- | mysql-info:
- | Protocol: 10
- | Version: 5.5.62-0ubuntu0.14.04.1
- | Thread ID: 81911
- | Capabilities flags: 63487
- | Some Capabilities: Support41Auth, SupportsCompression, InteractiveClient, FoundRows, ConnectWithDatabase, DontAllowDatabaseTableColumn, SupportsTransactions, IgnoreSpaceBeforeParenthesis, Speaks41ProtocolNew, IgnoreSigpipes, SupportsLoadDataLocal, LongPassword, ODBCClient, LongColumnFlag, Speaks41ProtocolOld, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
- | Status: Autocommit
- | Salt: 9~5+s(gP;u]PZRnT9_Uj
- |_ Auth Plugin Name: 96
- Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
- Host script results:
- |_clock-skew: mean: 5h20m39s, deviation: 0s, median: 5h20m39s
- Nmap scan report for 172.16.16.68
- Host is up (0.00080s latency).
- Not shown: 986 closed ports
- PORT STATE SERVICE VERSION
- 21/tcp open ftp Microsoft ftpd
- | ftp-anon: Anonymous FTP login allowed (FTP code 230)
- | 12-20-19 11:15AM 1407 admin.asp
- | 12-20-19 11:15AM 1407 admin.asp.txt
- | 12-20-19 09:58AM <DIR> aspnet_client
- | 12-20-19 03:56PM 1407 help.asp
- | 12-20-19 04:01PM <DIR> icons
- | 12-20-19 10:16AM 1781 index.html
- | 12-20-19 03:56PM 1407 shell.asp
- |_12-20-19 04:00PM <DIR> tickets
- | ftp-syst:
- |_ SYST: Windows_NT
- 23/tcp open telnet Microsoft Windows XP telnetd
- | telnet-ntlm-info:
- | Target_Name: US
- | NetBIOS_Domain_Name: US
- | NetBIOS_Computer_Name: TSUNADE
- | DNS_Domain_Name: microspace.lowcoal
- | DNS_Computer_Name: Tsunade.microspace.lowcoal
- | DNS_Tree_Name: microspace.lowcoal
- |_ Product_Version: 6.2.9200
- 80/tcp open http Microsoft IIS httpd 8.0
- | http-methods:
- |_ Potentially risky methods: TRACE COPY PROPFIND DELETE MOVE PROPPATCH MKCOL LOCK UNLOCK PUT
- |_http-server-header: Microsoft-IIS/8.0
- |_http-title: HTML Meta Tag
- | http-webdav-scan:
- | WebDAV type: Unkown
- | Public Options: OPTIONS, TRACE, GET, HEAD, POST, PROPFIND, PROPPATCH, MKCOL, PUT, DELETE, COPY, MOVE, LOCK, UNLOCK
- | Allowed Methods: OPTIONS, TRACE, GET, HEAD, POST, COPY, PROPFIND, DELETE, MOVE, PROPPATCH, MKCOL, LOCK, UNLOCK
- | Server Date: Sat, 25 Jan 2020 18:41:10 GMT
- |_ Server Type: Microsoft-IIS/8.0
- 111/tcp open rpcbind 2-4 (RPC #100000)
- | rpcinfo:
- | program version port/proto service
- | 100000 2,3,4 111/tcp rpcbind
- | 100000 2,3,4 111/udp rpcbind
- | 100003 2,3 2049/udp nfs
- | 100003 2,3,4 2049/tcp nfs
- | 100005 1,2,3 2049/tcp mountd
- | 100005 1,2,3 2049/udp mountd
- | 100021 1,2,3,4 2049/tcp nlockmgr
- | 100021 1,2,3,4 2049/udp nlockmgr
- | 100024 1 2049/tcp status
- |_ 100024 1 2049/udp status
- 135/tcp open msrpc Microsoft Windows RPC
- 139/tcp open netbios-ssn Microsoft Windows netbios-ssn
- 445/tcp open microsoft-ds Microsoft Windows Server 2008 R2 - 2012 microsoft-ds
- 2049/tcp open mountd 1-3 (RPC #100005)
- 3389/tcp open ms-wbt-server Microsoft Terminal Service
- | ssl-cert: Subject: commonName=Tsunade.microspace.lowcoal
- | Not valid before: 2019-12-19T17:58:34
- |_Not valid after: 2020-06-19T17:58:34
- |_ssl-date: 2020-01-25T18:41:15+00:00; +5h20m40s from scanner time.
- 49152/tcp open msrpc Microsoft Windows RPC
- 49153/tcp open msrpc Microsoft Windows RPC
- 49154/tcp open msrpc Microsoft Windows RPC
- 49155/tcp open msrpc Microsoft Windows RPC
- 49156/tcp open msrpc Microsoft Windows RPC
- Service Info: OSs: Windows, Windows XP, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_xp
- Host script results:
- |_clock-skew: mean: 5h20m40s, deviation: 0s, median: 5h20m39s
- |_nbstat: NetBIOS name: TSUNADE, NetBIOS user: <unknown>, NetBIOS MAC: 00:50:56:a8:8e:bd (VMware)
- | smb-security-mode:
- | authentication_level: user
- | challenge_response: supported
- |_ message_signing: disabled (dangerous, but default)
- | smb2-security-mode:
- | 2.02:
- |_ Message signing enabled but not required
- | smb2-time:
- | date: 2020-01-25 18:41:08
- |_ start_date: 2020-01-23 22:20:08
- Nmap scan report for 172.16.16.77
- Host is up (0.00076s latency).
- Not shown: 998 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 (Ubuntu Linux; protocol 2.0)
- | ssh-hostkey:
- | 1024 17:69:f8:46:d9:ec:f5:e5:57:d5:a4:4d:05:0c:af:eb (DSA)
- | 2048 e8:bf:1e:c6:c5:f4:7f:ab:c2:36:1e:ff:95:4c:32:9f (RSA)
- | 256 ea:5c:f2:2a:0e:dd:f3:47:dc:18:76:c8:de:72:4c:05 (ECDSA)
- |_ 256 7d:bc:c2:77:b9:8c:63:ab:94:df:e9:af:9b:49:11:43 (EdDSA)
- 53/tcp open domain
- | dns-nsid:
- |_ bind.version: 9.9.5-3ubuntu0.19-Ubuntu
- Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
- Nmap scan report for 172.16.16.83
- Host is up (0.00078s latency).
- Not shown: 990 closed ports
- PORT STATE SERVICE VERSION
- 80/tcp open http Microsoft IIS httpd 8.0
- |_http-generator: WordPress 5.0
- | http-methods:
- |_ Potentially risky methods: TRACE COPY PROPFIND DELETE MOVE PROPPATCH MKCOL LOCK UNLOCK PUT
- |_http-server-header: Microsoft-IIS/8.0
- |_http-title: Microspace Main Blog – Boomers to the Moon
- | http-webdav-scan:
- | WebDAV type: Unkown
- | Public Options: OPTIONS, TRACE, GET, HEAD, POST, PROPFIND, PROPPATCH, MKCOL, PUT, DELETE, COPY, MOVE, LOCK, UNLOCK
- | Allowed Methods: OPTIONS, TRACE, GET, HEAD, POST, COPY, PROPFIND, DELETE, MOVE, PROPPATCH, MKCOL, LOCK, UNLOCK
- | Server Date: Sat, 25 Jan 2020 18:41:06 GMT
- |_ Server Type: Microsoft-IIS/8.0
- 135/tcp open msrpc Microsoft Windows RPC
- 139/tcp open netbios-ssn Microsoft Windows netbios-ssn
- 445/tcp open microsoft-ds Microsoft Windows Server 2008 R2 - 2012 microsoft-ds
- 3389/tcp open ssl Microsoft SChannel TLS
- | fingerprint-strings:
- | TLSSessionReq:
- | ]GAy
- | 0%1#0!
- | rocklee.microspace.lowcoal0
- | 191227054058Z
- | 200627054058Z0%1#0!
- | rocklee.microspace.lowcoal0
- | owXv
- | jK6Y
- | z}w"
- | =Sg?/
- | gH*7
- | a3ih
- | $0"0
- | F:=#
- | _p5M
- | uc7]f
- | mgGB
- | 7\xf4
- |_ u727
- | ssl-cert: Subject: commonName=rocklee.microspace.lowcoal
- | Not valid before: 2019-12-27T05:40:58
- |_Not valid after: 2020-06-27T05:40:58
- |_ssl-date: 2020-01-25T18:41:13+00:00; +5h20m41s from scanner time.
- 49152/tcp open msrpc Microsoft Windows RPC
- 49153/tcp open msrpc Microsoft Windows RPC
- 49154/tcp open msrpc Microsoft Windows RPC
- 49155/tcp open msrpc Microsoft Windows RPC
- 49156/tcp open msrpc Microsoft Windows RPC
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
- SF-Port3389-TCP:V=7.60%I=7%D=1/25%Time=5E2C4015%P=x86_64-pc-linux-gnu%r(TL
- SF:SSessionReq,360,"\x16\x03\x03\x03\[\x02\0\0M\x03\x03\^,\x8b8\xb9\0&l\xa
- SF:3\xbf=zJ\xcdO\xde\xdfp\xf8w\x83\x01\x83=\xfcX\xb1\xc0\xa3@b\xab\x20\.&\
- SF:0\0\xe6\x7f\xa1\x8a\xc3\x82\xc0\x16n\x0b\xc4\xf2M\xc1\)R\x19\xcfM\xb4\x
- SF:d8\x07\xb06\xabW\xde\x91\0/\0\0\x05\xff\x01\0\x01\0\x0b\0\x03\x02\0\x02
- SF:\xff\0\x02\xfc0\x82\x02\xf80\x82\x01\xe0\xa0\x03\x02\x01\x02\x02\x10c\x
- SF:ca\x15\]GAy\x88K\xca\x92\xaa\x0e\xca-\xa70\r\x06\t\*\x86H\x86\xf7\r\x01
- SF:\x01\x05\x05\x000%1#0!\x06\x03U\x04\x03\x13\x1arocklee\.microspace\.low
- SF:coal0\x1e\x17\r191227054058Z\x17\r200627054058Z0%1#0!\x06\x03U\x04\x03\
- SF:x13\x1arocklee\.microspace\.lowcoal0\x82\x01\"0\r\x06\t\*\x86H\x86\xf7\
- SF:r\x01\x01\x01\x05\0\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\0\xb
- SF:9\xb1\+\x11\x14\x94\xd6\xd4\xb7\xbc>b\x20\xfb\.~\xa8\xd8\x85\xd8\xa6s\x
- SF:c4\r\xdf\xa7\xd0\xc8owXv\xa40\xa3\xba\xd2k\xb8\x20\xc9a\xa0`Fg\xdc\xb0\
- SF:xed\xeb\)\x11\xbc\xe4\x1e;\x1b\^\xa2\xf7\xf76@\[\0\xe8\xb0\xed\xe9m\x16
- SF:\xf0\n\x07j\x8bjK6Y\xf1\x0f\x10vPd\xcf\xf9\x06\xb2\xb4\x0c\xc6z}w\"\xfe
- SF:M\x06\xc5=Sg\?/\x02\xa2\xd3u\xc4\x930\x9fY\xd5\xa9\xb1\xf4\xba\x05\xe7\
- SF:xdc\)\xf9\xaa\xce\x8bq\t\xfa\xb3\x93\xc4\x855\xb1\x969\]a\x9aG\xe7TZ\xc
- SF:6\+\xcb\xe7\xe7\xb8\|G\xabZ:\x8e\xc5\xce\xfa\|\xaaSf\x10\xdc\xe8\xefV\x
- SF:c5\x93D\x15\x8e\x83gH\*7\x10O\xc0X\x89\xb9\x84\xe1\xa7\xeca3ih\x82\x8el
- SF:\x87@\xb6\xf2\xd6\xe7\x82A\xb6\xb8\x02\xbd\xf8\[k{\x1b\x9b6\xbb\xd0\x1b
- SF:k\xafs\r\xc3\x91\x06\*\x88P\x040\x9c7D\[\x10,\xe4\x84\xf7\xc1\x99\xb21f
- SF:\x18b\xf8\n\x8d\xd3\xe79\xe3~\xc7\x02\x03\x01\0\x01\xa3\$0\"0\x13\x06\x
- SF:03U\x1d%\x04\x0c0\n\x06\x08\+\x06\x01\x05\x05\x07\x03\x010\x0b\x06\x03U
- SF:\x1d\x0f\x04\x04\x03\x02\x0400\r\x06\t\*\x86H\x86\xf7\r\x01\x01\x05\x05
- SF:\0\x03\x82\x01\x01\0%to\xa3\x08\xae\x8a\x87\xf6r9s\xfd\x82YNy\xe4\xf9\x
- SF:b9\xf7\xbd\xb5\xa5\xe8G\x11\x1c\xe9\xf8\x80F:=#\x06K\x04\0I\xa61\x12_p5
- SF:M\xb0\x85\xdb\?\xc3<\x03\x12\xfd\x99\xa1@7\x1f\xf1\x98\xb3\xe3\x08uc7\]
- SF:f\x99-\x0e%\x03\x86Ps\xf5G@\xac\xe2\xde\xf6\^Q\xc4\xd3\xfd\x96p\xfc\xd7
- SF::V\xb0\x9a\x90Al\x80\xae\xd99\xeemgGB\xbd\$\$\xc0\xb0C\x0e\xd6\xde\x05\
- SF:x01\xbc\n\\/U\n\x91\xff\xbc\xe7\xef\x17\x91\*\x96\x13k\x10y\x96\)\xb4\x
- SF:14\x0c\x04\xe5\xe8'j\xe9k\xc25\x7f\t\xaf\x05#r\xa0\x06\x002\xc7\xbc\x9f
- SF:!\xe4\xed\x93\x99\xcd\xc7\x0fhp\xe2\xb4\xb9\xe4\xe7\xa17\\\xf4\x0cn\xd9
- SF:k\xd4!_R\xee\xa53\x13\xa7\xf4\x01\x07JN\x9cup\xd2d\xd5\xc5\x15\xec,U\xe
- SF:d\x88\xa0\xa4~\xd8\xff\x87\+\xfaQo\x0f\xca\xd6CH\xc8K\\B#\xceu72\\7\x8a
- SF:gb\x85\x8a#\xe05\xd2p\xb8\xb4\x0e\0\0\0");
- Service Info: OSs: Windows, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows
- Host script results:
- |_clock-skew: mean: 5h20m40s, deviation: 0s, median: 5h20m40s
- |_nbstat: NetBIOS name: ROCKLEE, NetBIOS user: <unknown>, NetBIOS MAC: 00:50:56:a8:b1:2a (VMware)
- | smb-security-mode:
- | account_used: guest
- | authentication_level: user
- | challenge_response: supported
- |_ message_signing: disabled (dangerous, but default)
- | smb2-security-mode:
- | 2.02:
- |_ Message signing enabled but not required
- | smb2-time:
- | date: 2020-01-25 18:41:06
- |_ start_date: 2020-01-24 03:40:50
- Nmap scan report for 172.16.16.200
- Host is up (0.00076s latency).
- Not shown: 991 closed ports
- PORT STATE SERVICE VERSION
- 135/tcp open msrpc Microsoft Windows RPC
- 139/tcp open netbios-ssn Microsoft Windows netbios-ssn
- 445/tcp open microsoft-ds Windows 7 Professional 7601 Service Pack 1 microsoft-ds (workgroup: US)
- 3389/tcp open ms-wbt-server Microsoft Terminal Service
- | ssl-cert: Subject: commonName=ino.microspace.lowcoal
- | Not valid before: 2019-12-19T04:50:46
- |_Not valid after: 2020-06-19T04:50:46
- |_ssl-date: 2020-01-25T18:41:03+00:00; +5h20m40s from scanner time.
- 7070/tcp open ssl/realserver?
- |_ssl-date: 2020-01-25T18:41:09+00:00; +5h20m40s from scanner time.
- 49152/tcp open msrpc Microsoft Windows RPC
- 49153/tcp open msrpc Microsoft Windows RPC
- 49154/tcp open msrpc Microsoft Windows RPC
- 49155/tcp open msrpc Microsoft Windows RPC
- Service Info: Host: INO; OS: Windows; CPE: cpe:/o:microsoft:windows
- Host script results:
- |_clock-skew: mean: 5h20m39s, deviation: 0s, median: 5h20m39s
- |_nbstat: NetBIOS name: INO, NetBIOS user: <unknown>, NetBIOS MAC: 00:50:56:a8:bc:11 (VMware)
- | smb-os-discovery:
- | OS: Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
- | OS CPE: cpe:/o:microsoft:windows_7::sp1:professional
- | Computer name: ino
- | NetBIOS computer name: INO\x00
- | Domain name: microspace.lowcoal
- | Forest name: microspace.lowcoal
- | FQDN: ino.microspace.lowcoal
- |_ System time: 2020-01-25T10:41:09-08:00
- | smb-security-mode:
- | account_used: guest
- | authentication_level: user
- | challenge_response: supported
- |_ message_signing: disabled (dangerous, but default)
- | smb2-security-mode:
- | 2.02:
- |_ Message signing enabled but not required
- | smb2-time:
- | date: 2020-01-25 18:41:06
- |_ start_date: 2020-01-23 22:19:29
- Nmap scan report for 172.16.16.201
- Host is up (0.00070s latency).
- Not shown: 998 closed ports
- PORT STATE SERVICE VERSION
- 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
- | ssh-hostkey:
- | 2048 85:05:db:cc:40:d5:40:e8:73:5c:53:6f:7e:3e:36:7c (RSA)
- | 256 fe:e4:34:5a:38:94:6f:2a:96:e6:08:18:9f:58:76:77 (ECDSA)
- |_ 256 a6:41:59:01:72:ee:0c:9d:8c:b7:6d:11:f4:ac:f5:d8 (EdDSA)
- 3389/tcp open ms-wbt-server Microsoft Terminal Service
- Service Info: OSs: Linux, Windows; CPE: cpe:/o:linux:linux_kernel, cpe:/o:microsoft:windows
- Post-scan script results:
- | clock-skew:
- | 5h20m40s:
- | 172.16.16.68
- | 172.16.16.30
- | 172.16.16.67
- |_ 172.16.16.200
- | ssh-hostkey: Possible duplicate hosts
- | Key 256 b1:e8:f9:6f:c0:bc:b9:a8:fa:32:d2:a4:6f:52:a0:94 (ECDSA) used by:
- | 172.16.16.30
- | 172.16.16.35
- | Key 3072 93:f4:70:de:99:c4:de:5b:c8:22:1e:07:57:45:4c:69 (RSA) used by:
- | 172.16.16.30
- | 172.16.16.35
- | Key 256 60:d7:2a:a5:bf:75:3c:c8:d6:85:a7:2b:41:ad:d8:f8 (EdDSA) used by:
- | 172.16.16.30
- |_ 172.16.16.35
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 256 IP addresses (14 hosts up) scanned in 306.03 seconds
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement