jpluimers/X10SRH-CF.txt Secret

## X10SRH-CF.txt
# nmap-fingerprint_host_all-ports-even-if-ping-fails 192.168.71.90
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 14:18 CEST
NSE: Loaded 148 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating ARP Ping Scan at 14:18
Scanning 192.168.71.90 [1 port]
Completed ARP Ping Scan at 14:18, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:18
Completed Parallel DNS resolution of 1 host. at 14:18, 0.01s elapsed
Initiating SYN Stealth Scan at 14:18
Scanning 192.168.71.90 [65535 ports]
Discovered open port 5900/tcp on 192.168.71.90
Discovered open port 80/tcp on 192.168.71.90
Discovered open port 443/tcp on 192.168.71.90
Discovered open port 22/tcp on 192.168.71.90
Discovered open port 623/tcp on 192.168.71.90
Completed SYN Stealth Scan at 14:18, 15.71s elapsed (65535 total ports)
Initiating Service scan at 14:18
Scanning 5 services on 192.168.71.90
Completed Service scan at 14:18, 12.99s elapsed (5 services on 1 host)
Initiating OS detection (try #1) against 192.168.71.90
NSE: Script scanning 192.168.71.90.
Initiating NSE at 14:18
Completed NSE at 14:18, 15.91s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.02s elapsed
Nmap scan report for 192.168.71.90
Host is up (0.0025s latency).
Not shown: 65530 closed ports
PORT     STATE SERVICE  VERSION
22/tcp   open  ssh      Dropbear sshd 2016.74 (protocol 2.0)
80/tcp   open  http     lighttpd
| http-methods:
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-title: Did not follow redirect to https://192.168.71.90/
443/tcp  open  ssl/http lighttpd
| ssl-cert: Subject: commonName=IPMI/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Issuer: commonName=IPMI/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2017-06-09T00:00:00
| Not valid after:  2020-06-09T00:00:00
| MD5:   aef7 ba8e 8f68 6722 9a7d 937d 5f24 36fc
|_SHA-1: 42b9 363f 5d03 863f f75e 9187 1ab1 fdcd 6d3b be58
623/tcp  open  asf-rmcp SuperMicro IPMI RMCP
5900/tcp open  ssl/vnc?
|_ssl-date: TLS randomness does not represent time
MAC Address: 0C:C4:7A:AE:A7:3B (Super Micro Computer)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: OpenWrt Kamikaze - Backfire or SuperMicro BMC (Linux 2.6.19 - 2.6.32)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=202 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel, cpe:/o:supermicro:intelligent_platform_management_firmware

TRACEROUTE
HOP RTT     ADDRESS
1   2.51 ms 192.168.71.90

NSE: Script Post-scanning.
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 46.65 seconds
           Raw packets sent: 65555 (2.885MB) | Rcvd: 65553 (2.623MB)

## X9SRi-3F.txt
# nmap-fingerprint_host_all-ports-even-if-ping-fails 192.168.71.93
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 14:18 CEST
NSE: Loaded 148 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating NSE at 14:18
Completed NSE at 14:18, 0.00s elapsed
Initiating ARP Ping Scan at 14:18
Scanning 192.168.71.93 [1 port]
Completed ARP Ping Scan at 14:18, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:18
Completed Parallel DNS resolution of 1 host. at 14:18, 0.01s elapsed
Initiating SYN Stealth Scan at 14:18
Scanning 192.168.71.93 [65535 ports]
Discovered open port 5900/tcp on 192.168.71.93
Discovered open port 443/tcp on 192.168.71.93
Discovered open port 80/tcp on 192.168.71.93
Discovered open port 22/tcp on 192.168.71.93
Discovered open port 623/tcp on 192.168.71.93
Discovered open port 5985/tcp on 192.168.71.93
Completed SYN Stealth Scan at 14:19, 15.57s elapsed (65535 total ports)
Initiating Service scan at 14:19
Scanning 6 services on 192.168.71.93
Completed Service scan at 14:19, 12.54s elapsed (6 services on 1 host)
Initiating OS detection (try #1) against 192.168.71.93
NSE: Script scanning 192.168.71.93.
Initiating NSE at 14:19
Completed NSE at 14:20, 61.93s elapsed
Initiating NSE at 14:20
Completed NSE at 14:20, 0.00s elapsed
Nmap scan report for 192.168.71.93
Host is up (0.0031s latency).
Not shown: 65529 closed ports
PORT     STATE SERVICE  VERSION
22/tcp   open  ssh      Dropbear sshd 2013.60 (protocol 2.0)
80/tcp   open  http     lighttpd 1.4.23
|_http-favicon: Unknown favicon MD5: 06BD07C7437846E2AA5A6F90280B1B56
| http-methods:
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: lighttpd/1.4.23
|_http-title: Site doesn't have a title (text/html).
443/tcp  open  ssl/http lighttpd 1.4.23
| http-methods:
|_  Supported Methods: HEAD POST OPTIONS
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=Linda/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Issuer: commonName=Linda/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
| Public Key type: rsa
| Public Key bits: 1024
| Signature Algorithm: sha1WithRSAEncryption
| Not valid before: 2011-05-26T16:19:20
| Not valid after:  2012-05-25T16:19:20
| MD5:   0787 43b3 35cc 4f8f 8b0d a6f7 cd12 1b27
|_SHA-1: 4122 61a0 3bd6 0948 0a08 e5a0 158f 1379 4ecb 1a42
|_ssl-date: 2019-05-19T12:19:27+00:00; 0s from scanner time.
623/tcp  open  asf-rmcp SuperMicro IPMI RMCP
5900/tcp open  vnc      VNC (protocol 3.8)
| vnc-info:
|   Protocol version: 3.8
|   Security types:
|     Tight (16)
|_  Tight auth: ATEN KVM VNC
5985/tcp open  wsman    Openwsman
MAC Address: 00:25:90:7D:9C:25 (Super Micro Computer)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 - 2.6.33
Uptime guess: 1.863 days (since Fri May 17 17:37:21 2019)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=203 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel, cpe:/o:supermicro:intelligent_platform_management_firmware

TRACEROUTE
HOP RTT     ADDRESS
1   3.11 ms 192.168.71.93

NSE: Script Post-scanning.
Initiating NSE at 14:20
Completed NSE at 14:20, 0.00s elapsed
Initiating NSE at 14:20
Completed NSE at 14:20, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 92.04 seconds
           Raw packets sent: 65555 (2.885MB) | Rcvd: 65552 (2.623MB)

## X9SRi-F.txt
# nmap-fingerprint_host_all-ports-even-if-ping-fails 192.168.71.96
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 14:21 CEST
NSE: Loaded 148 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating ARP Ping Scan at 14:21
Scanning 192.168.71.96 [1 port]
Completed ARP Ping Scan at 14:21, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:21
Completed Parallel DNS resolution of 1 host. at 14:21, 0.01s elapsed
Initiating SYN Stealth Scan at 14:21
Scanning 192.168.71.96 [65535 ports]
Discovered open port 443/tcp on 192.168.71.96
Discovered open port 5900/tcp on 192.168.71.96
Discovered open port 80/tcp on 192.168.71.96
Discovered open port 22/tcp on 192.168.71.96
Discovered open port 5985/tcp on 192.168.71.96
Discovered open port 623/tcp on 192.168.71.96
Completed SYN Stealth Scan at 14:21, 15.46s elapsed (65535 total ports)
Initiating Service scan at 14:21
Scanning 6 services on 192.168.71.96
Completed Service scan at 14:21, 12.92s elapsed (6 services on 1 host)
Initiating OS detection (try #1) against 192.168.71.96
NSE: Script scanning 192.168.71.96.
Initiating NSE at 14:21
Completed NSE at 14:22, 64.33s elapsed
Initiating NSE at 14:22
Completed NSE at 14:22, 0.00s elapsed
Nmap scan report for 192.168.71.96
Host is up (0.0024s latency).
Not shown: 65529 closed ports
PORT     STATE SERVICE  VERSION
22/tcp   open  ssh      Dropbear sshd 2013.60 (protocol 2.0)
80/tcp   open  http     ATEN/Supermicro IPMI web interface
|_http-favicon: Unknown favicon MD5: 06BD07C7437846E2AA5A6F90280B1B56
| http-methods:
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-title: Site doesn't have a title (text/html).
443/tcp  open  ssl/http ATEN/Supermicro IPMI web interface
| http-methods:
|_  Supported Methods: POST OPTIONS
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=IPMI/organizationName=Super Micro Computer Inc./stateOrProvinceName=California/countryName=US
| Issuer: commonName=IPMI/organizationName=Super Micro Computer Inc./stateOrProvinceName=California/countryName=US
| Public Key type: rsa
| Public Key bits: 1024
| Signature Algorithm: sha1WithRSAEncryption
| Not valid before: 2012-04-12T02:19:39
| Not valid after:  2014-04-12T02:19:39
| MD5:   893c 3fa4 0732 5cf4 587e 0dfe 1323 0004
|_SHA-1: 8f49 c1e0 7d9d 2c73 f486 29ec a667 c178 4573 91e4
|_ssl-date: 2019-05-19T12:21:58+00:00; -1s from scanner time.
623/tcp  open  asf-rmcp SuperMicro IPMI RMCP
5900/tcp open  vnc      VNC (protocol 3.8)
| vnc-info:
|   Protocol version: 3.8
|   Security types:
|     Tight (16)
|_  Tight auth: ATEN KVM VNC
5985/tcp open  wsman    Openwsman
MAC Address: 0C:C4:7A:07:66:56 (Super Micro Computer)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 - 2.6.33
Uptime guess: 1.902 days (since Fri May 17 16:44:10 2019)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=200 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; Device: remote management; CPE: cpe:/o:linux:linux_kernel, cpe:/o:supermicro:intelligent_platform_management_firmware

Host script results:
|_clock-skew: mean: -1s, deviation: 0s, median: -1s

TRACEROUTE
HOP RTT     ADDRESS
1   2.39 ms 192.168.71.96

NSE: Script Post-scanning.
Initiating NSE at 14:22
Completed NSE at 14:22, 0.00s elapsed
Initiating NSE at 14:22
Completed NSE at 14:22, 0.00s elapsed
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 94.71 seconds
           Raw packets sent: 65555 (2.885MB) | Rcvd: 65554 (2.623MB)
	# nmap-fingerprint_host_all-ports-even-if-ping-fails 192.168.71.90
	Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-19 14:18 CEST
	NSE: Loaded 148 scripts for scanning.
	NSE: Script Pre-scanning.
	Initiating NSE at 14:18
	Completed NSE at 14:18, 0.00s elapsed
	Initiating NSE at 14:18
	Completed NSE at 14:18, 0.00s elapsed
	Initiating ARP Ping Scan at 14:18
	Scanning 192.168.71.90 [1 port]
	Completed ARP Ping Scan at 14:18, 0.01s elapsed (1 total hosts)
	Initiating Parallel DNS resolution of 1 host. at 14:18
	Completed Parallel DNS resolution of 1 host. at 14:18, 0.01s elapsed
	Initiating SYN Stealth Scan at 14:18
	Scanning 192.168.71.90 [65535 ports]
	Discovered open port 5900/tcp on 192.168.71.90
	Discovered open port 80/tcp on 192.168.71.90
	Discovered open port 443/tcp on 192.168.71.90
	Discovered open port 22/tcp on 192.168.71.90
	Discovered open port 623/tcp on 192.168.71.90
	Completed SYN Stealth Scan at 14:18, 15.71s elapsed (65535 total ports)
	Initiating Service scan at 14:18
	Scanning 5 services on 192.168.71.90
	Completed Service scan at 14:18, 12.99s elapsed (5 services on 1 host)
	Initiating OS detection (try #1) against 192.168.71.90
	NSE: Script scanning 192.168.71.90.
	Initiating NSE at 14:18
	Completed NSE at 14:18, 15.91s elapsed
	Initiating NSE at 14:18
	Completed NSE at 14:18, 0.02s elapsed
	Nmap scan report for 192.168.71.90
	Host is up (0.0025s latency).
	Not shown: 65530 closed ports
	PORT STATE SERVICE VERSION
	22/tcp open ssh Dropbear sshd 2016.74 (protocol 2.0)
	80/tcp open http lighttpd
	\| http-methods:
	\|_ Supported Methods: GET HEAD POST OPTIONS
	\|_http-title: Did not follow redirect to https://192.168.71.90/
	443/tcp open ssl/http lighttpd
	\| ssl-cert: Subject: commonName=IPMI/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
	\| Issuer: commonName=IPMI/organizationName=Super Micro Computer/stateOrProvinceName=California/countryName=US
	\| Public Key type: rsa
	\| Public Key bits: 2048
	\| Signature Algorithm: sha256WithRSAEncryption
	\| Not valid before: 2017-06-09T00:00:00
	\| Not valid after: 2020-06-09T00:00:00
	\| MD5: aef7 ba8e 8f68 6722 9a7d 937d 5f24 36fc
	\|_SHA-1: 42b9 363f 5d03 863f f75e 9187 1ab1 fdcd 6d3b be58
	623/tcp open asf-rmcp SuperMicro IPMI RMCP
	5900/tcp open ssl/vnc?
	\|_ssl-date: TLS randomness does not represent time
	MAC Address: 0C:C4:7A:AE:A7:3B (Super Micro Computer)
	Device type: general purpose
	Running: Linux 2.6.X
	OS CPE: cpe:/o:linux:linux_kernel:2.6
	OS details: OpenWrt Kamikaze - Backfire or SuperMicro BMC (Linux 2.6.19 - 2.6.32)
	Network Distance: 1 hop
	TCP Sequence Prediction: Difficulty=202 (Good luck!)
	IP ID Sequence Generation: All zeros
	Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel, cpe:/o:supermicro:intelligent_platform_management_firmware

	TRACEROUTE
	HOP RTT ADDRESS
	1 2.51 ms 192.168.71.90

	NSE: Script Post-scanning.
	Initiating NSE at 14:18
	Completed NSE at 14:18, 0.00s elapsed
	Initiating NSE at 14:18
	Completed NSE at 14:18, 0.00s elapsed
	Read data files from: /usr/local/bin/../share/nmap
	OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
	Nmap done: 1 IP address (1 host up) scanned in 46.65 seconds
	Raw packets sent: 65555 (2.885MB) \| Rcvd: 65553 (2.623MB)