Last active
December 17, 2015 19:09
-
-
Save zachriggle/5658618 to your computer and use it in GitHub Desktop.
unalloctf portscan
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~ ⮀ sudo nmap -sT -T Insane -P0 -A 192.168.1.2 192.168.1.66 192.168.1.79 192.168.1.80 192.168.1.117 192.168.1.213 192.168.1.214 192.168.1.254 -v -v --privileged | |
| Starting Nmap 6.25 ( http://nmap.org ) at 2013-05-27 14:58 EDT | |
| NSE: Loaded 106 scripts for scanning. | |
| NSE: Script Pre-scanning. | |
| NSE: Starting runlevel 1 (of 2) scan. | |
| NSE: Starting runlevel 2 (of 2) scan. | |
| Initiating Parallel DNS resolution of 8 hosts. at 14:58 | |
| Completed Parallel DNS resolution of 8 hosts. at 14:58, 0.74s elapsed | |
| Initiating Connect Scan at 14:58 | |
| Scanning 8 hosts [1000 ports/host] | |
| Discovered open port 110/tcp on 192.168.1.66 | |
| Discovered open port 21/tcp on 192.168.1.213 | |
| Discovered open port 25/tcp on 192.168.1.66 | |
| Discovered open port 22/tcp on 192.168.1.66 | |
| Discovered open port 22/tcp on 192.168.1.79 | |
| Discovered open port 22/tcp on 192.168.1.117 | |
| Discovered open port 22/tcp on 192.168.1.2 | |
| Discovered open port 3306/tcp on 192.168.1.2 | |
| Discovered open port 3306/tcp on 192.168.1.79 | |
| Discovered open port 25/tcp on 192.168.1.213 | |
| Discovered open port 995/tcp on 192.168.1.66 | |
| Discovered open port 143/tcp on 192.168.1.66 | |
| Discovered open port 80/tcp on 192.168.1.79 | |
| Discovered open port 80/tcp on 192.168.1.2 | |
| Discovered open port 993/tcp on 192.168.1.66 | |
| Discovered open port 80/tcp on 192.168.1.117 | |
| Discovered open port 135/tcp on 192.168.1.80 | |
| Discovered open port 1025/tcp on 192.168.1.80 | |
| Discovered open port 135/tcp on 192.168.1.213 | |
| Discovered open port 1025/tcp on 192.168.1.213 | |
| Discovered open port 80/tcp on 192.168.1.213 | |
| Discovered open port 445/tcp on 192.168.1.80 | |
| Discovered open port 3389/tcp on 192.168.1.80 | |
| Discovered open port 139/tcp on 192.168.1.213 | |
| Discovered open port 445/tcp on 192.168.1.213 | |
| Discovered open port 443/tcp on 192.168.1.213 | |
| Discovered open port 139/tcp on 192.168.1.80 | |
| Discovered open port 80/tcp on 192.168.1.214 | |
| Discovered open port 1026/tcp on 192.168.1.213 | |
| Discovered open port 1186/tcp on 192.168.1.80 | |
| Discovered open port 1187/tcp on 192.168.1.80 | |
| Discovered open port 1218/tcp on 192.168.1.80 | |
| Discovered open port 119/tcp on 192.168.1.213 | |
| Discovered open port 1027/tcp on 192.168.1.213 | |
| Discovered open port 563/tcp on 192.168.1.213 | |
| Discovered open port 3372/tcp on 192.168.1.213 | |
| Discovered open port 2000/tcp on 192.168.1.117 | |
| Completed Connect Scan against 192.168.1.2 in 0.44s (7 hosts left) | |
| Completed Connect Scan against 192.168.1.66 in 0.45s (6 hosts left) | |
| Completed Connect Scan against 192.168.1.117 in 0.45s (5 hosts left) | |
| Completed Connect Scan against 192.168.1.213 in 0.45s (4 hosts left) | |
| Completed Connect Scan against 192.168.1.79 in 0.45s (3 hosts left) | |
| Completed Connect Scan against 192.168.1.80 in 0.45s (2 hosts left) | |
| Completed Connect Scan against 192.168.1.254 in 4.76s (1 host left) | |
| Warning: 192.168.1.214 giving up on port because retransmission cap hit (2). | |
| Completed Connect Scan at 14:59, 5.91s elapsed (8000 total ports) | |
| Initiating Service scan at 14:59 | |
| Scanning 37 services on 8 hosts | |
| Completed Service scan at 15:00, 76.04s elapsed (37 services on 8 hosts) | |
| Initiating OS detection (try #1) against 8 hosts | |
| Retrying OS detection (try #2) against 3 hosts | |
| adjust_timeouts2: packet supposedly had rtt of -1041195 microseconds. Ignoring time. | |
| adjust_timeouts2: packet supposedly had rtt of -1041195 microseconds. Ignoring time. | |
| adjust_timeouts2: packet supposedly had rtt of -398032 microseconds. Ignoring time. | |
| adjust_timeouts2: packet supposedly had rtt of -398032 microseconds. Ignoring time. | |
| Initiating Traceroute at 15:00 | |
| Completed Traceroute at 15:00, 12.09s elapsed | |
| Initiating Parallel DNS resolution of 8 hosts. at 15:00 | |
| Completed Parallel DNS resolution of 8 hosts. at 15:00, 0.02s elapsed | |
| NSE: Script scanning 8 hosts. | |
| NSE: Starting runlevel 1 (of 2) scan. | |
| Initiating NSE at 15:00 | |
| NSE Timing: About 99.16% done; ETC: 15:01 (0:00:00 remaining) | |
| Completed NSE at 15:01, 31.74s elapsed | |
| NSE: Starting runlevel 2 (of 2) scan. | |
| Nmap scan report for 192.168.1.2 | |
| Host is up (0.0012s latency). | |
| Scanned at 2013-05-27 14:58:58 EDT for 103s | |
| Not shown: 997 closed ports | |
| PORT STATE SERVICE VERSION | |
| 22/tcp open ssh OpenSSH 6.0p1 Debian 3ubuntu1 (Ubuntu Linux; protocol 2.0) | |
| | ssh-hostkey: 1024 b8:14:6e:b5:2d:c1:8e:56:12:e5:5c:73:b2:03:9c:f4 (DSA) | |
| | ssh-dss AAAAB3NzaC1kc3MAAACBAPZiCVO2SrlGIiaRkKlOvTQLGNImPzr+T2cZIPdBT7mcSsIhGeXEvbjFwZuvcUkxoK61TvFnsQf6xK5wkeDDo5UuQCU3JzdRS8tsdaNKMIqOjUd66OOrzSDl8t74AUAppsXr4W/MEJ24xTEZRqM7hQb0f8NuF8X/+0DQ4l9epfNrAAAAFQCeoO/lBHeb68IJfnz9y60NP/KOwQAAAIBf6d4H99CpPLLaTqgOkm6s035/jpRG3fCvg8JNBV/vQFvSRe4RraQR/bjSt5MaZjElQJObevTpKmz0z+EuGpsJvHxk2qv7Un7Mf2sNZ7pE8k2GFhs4XBRjnwBFfufD248yOVErDf/GYEVhUJ0CEt+fDyKOwpi/MlpT8Tjkf2L+RgAAAIEAllADrdQ/xJJfSkGkzneH1/Hk7NQSt696IL4VlW1H91Vlsd37rxtPaW0i72NtXxT9EKoCOEPmn0pxr94eVgQbmQX5G8rU4RI0dzycQdu1mPE27iYqTpT2I6ywPbJDeB99nUK3c7g09yg34loGBh5tku074B+6+cey/8M/dFoK82A= | |
| | 2048 a8:7b:41:d2:d6:47:57:e7:ba:05:6b:7a:c4:f2:3f:54 (RSA) | |
| | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQ7sGkGED/B6af7W77uAY5Ef+jD3Zm6kSBnLr7rZYWefSn+NyNiyXD+GUQKXdFV3AoYQUoe1Gjskc1V28ym3smqQ9+q83eiTR/PGja35DlGu9k9qC+TBNjJdU8TFR6SNLqke6d+2L59iV21bwR4CRrWaI/IjJUjDi34eb/eX0Q0I7FHJJy8xVfYJDlmGnEnlKUrjrjP4D1GL68EH9sHULDlICvyI2D65h/vwlvQ/h1xhMjrmHXqBVHpaw54sHMv2KjClkiEBldzqgZwYyo9v3KjO++kYcS4Sf5CvJVgWPoI3ix85c2GoR7Jz/QBeRmx9bsCV53+Eaind9RkK4F/IKH | |
| | 256 d7:d8:13:94:93:2f:e5:d8:d6:9c:54:e2:5b:63:ee:48 (ECDSA) | |
| |_ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMcxYDFI52jOAlylJG5UeL5RVnY8JRUv4iL8hkyvQ99lnjfdsA4UHvaOzPyVMsFVKs6hjiR4RnGYMyK7cvA1kcE= | |
| 80/tcp open http Apache httpd 2.2.22 ((Ubuntu)) | |
| |_http-methods: GET HEAD POST OPTIONS | |
| |_http-title: Site doesn't have a title (text/html). | |
| 3306/tcp open mysql MySQL (unauthorized) | |
| Device type: general purpose | |
| Running: Linux 3.X | |
| OS CPE: cpe:/o:linux:linux_kernel:3 | |
| OS details: Linux 3.2 | |
| TCP/IP fingerprint: | |
| OS:SCAN(V=6.25%E=4%D=5/27%OT=22%CT=1%CU=42198%PV=Y%DS=2%DC=T%G=N%TM=51A3AD7 | |
| OS:6%P=x86_64-apple-darwin12.3.0)SEQ(SP=103%GCD=1%ISR=109%TI=Z%II=I%TS=8)OP | |
| OS:S(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST | |
| OS:11NW7%O6=M5B4ST11)WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)EC | |
| OS:N(R=Y%DF=Y%T=40%W=3908%O=M5B4NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F= | |
| OS:AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD | |
| OS:=0%Q=)T6(R=N)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%R | |
| OS:UCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S) | |
| Uptime guess: 0.683 days (since Sun May 26 22:37:38 2013) | |
| Network Distance: 2 hops | |
| TCP Sequence Prediction: Difficulty=259 (Good luck!) | |
| IP ID Sequence Generation: All zeros | |
| Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| 1 0.59 ms 172.16.105.254 | |
| 2 0.95 ms 192.168.1.2 | |
| Nmap scan report for 192.168.1.66 | |
| Host is up (0.0012s latency). | |
| Scanned at 2013-05-27 14:58:58 EDT for 103s | |
| Not shown: 994 closed ports | |
| PORT STATE SERVICE VERSION | |
| 22/tcp open ssh OpenSSH 6.0p1 Debian 3ubuntu1 (Ubuntu Linux; protocol 2.0) | |
| | ssh-hostkey: 1024 ad:c3:f0:ff:df:9e:61:dc:6e:0c:97:83:ba:1a:e9:d8 (DSA) | |
| | ssh-dss AAAAB3NzaC1kc3MAAACBAP8Yu84NOJqGSk5tIXyKLFsKccPfZTJszOXY9TZPhjfZnAmBlEoIDb27vq/fLuKsM5vIaxHFEfwLI+HTaqU82pOGmt4OuE6qHRHago8Ub36NOdc1TgQ/CQrH3mE71X0bl+wj+3PMY2yOr7k7aMrd+HxPk/3PVoVwb6yKOzfeYHjXAAAAFQDRDm9lZyHo25ZBZdUMZ86PewnvbwAAAIEA2VLFF4A5HQa73HYUN0gjrkpW5/zJTHe4kRC6e/arJz0DKp6sTLxLrbluSzGJ3g+oGBTy2gRKC82CB09csTCFN/tDPMcjJKX2iQB+MuNhZEt0704ZkR7OF8c5QCN918CtpdS1c75jXADuqpY+LHp3igsmw4Ybdk9AAiE5pVJyaFgAAACBAMnmUNfRKq0embGckfGanE9pIAyuIrnx9ngRz0AGtw1JmXXCJosqjqLKQ/Kr5u9jIdhgGUOlHEcgShYsflehVCUhkf9UJWH6fKM/hiJFi3N6jUvQQ5BB8zgst56Ge8FwMcn+UJlRtOjk2VO0TeRkTxIcCzPxL3k1vgtC2YOdfgHU | |
| | 2048 18:13:6e:62:c5:a6:1a:c0:3d:49:05:4d:94:c9:9a:7a (RSA) | |
| | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXFQ96ASoiBf/jjk3Q4tJhrZLEVbg1x4okxVbzFI8cm1wqAtUe86p7EWYz7OAvi4aJwthW5Fjzr1TPHwR9UsKkAspxIR/+laWBC8eXjdxnzT/wzIo+oFzQRdISEOJIzoVn31+XAfgOkclD34B6NGsIGJexamq3L4RiM/4ycRnVqwLejD5/jQxJY4hHN0//OfnMPrjSsk4gJF0U8mLyc98tES5BqFSkU0AUEQID1OyZuO31sh0K2Kt8p++8n4dTbwUS/MX8aSQwVIl7qxJhpAX6yZFMoZA0g3pQ0ebJzflGqs+A2uu5T7Psxl2j9om1Ws9Lnh1vHlDKjjvWmihbVwZr | |
| | 256 fb:fd:3c:2f:1c:2b:34:f1:c8:2a:57:78:09:97:de:d5 (ECDSA) | |
| |_ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBG2pl5fMwWnoAUaQyhBbPLn80FxeW3W2gu6dxQig/FK1tJwxmHLURqbM1E3iLYrHJWenGeUohn71Co05wBpl92A= | |
| 25/tcp open smtp Postfix smtpd | |
| |_smtp-commands: ubuntu, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, | |
| | ssl-cert: Subject: commonName=ubuntu | |
| | Issuer: commonName=ubuntu | |
| | Public Key type: rsa | |
| | Public Key bits: 2048 | |
| | Not valid before: 2013-05-17T18:12:05+00:00 | |
| | Not valid after: 2023-05-15T18:12:05+00:00 | |
| | MD5: aa9f 27b4 5a31 cdc6 b146 f825 dfde 82d8 | |
| | SHA-1: 7971 d554 6dc2 990d a8cb fa62 313a 0e0c b8c2 c269 | |
| | -----BEGIN CERTIFICATE----- | |
| | MIICsjCCAZqgAwIBAgIJAPEXgDagVFeCMA0GCSqGSIb3DQEBBQUAMBExDzANBgNV | |
| | BAMTBnVidW50dTAeFw0xMzA1MTcxOTEyMDVaFw0yMzA1MTUxOTEyMDVaMBExDzAN | |
| | BgNVBAMTBnVidW50dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtU | |
| | v0RC/rJi+svbZ7TbyQ4oQkrNuvAZ0owCi4fOBJKoN4IO4RuXU+gg9hhQ7sZkxjRe | |
| | ikFPzr3uxMZvPF44nEUqJu8o3jyFyaEiANs4+VV+oFIJIvOCL661MBm6r2lRIWR+ | |
| | x4UWr1dBLF5Eo2cI79rzUjjU524RtpxNrKXTzo6rX+Mhc9+dRhn2w8Yny//lsLvn | |
| | ig54rJblJA64hBH4cmp+5TysKqWHeRMokaUcPNZJuZUEieYlBJJAYlwrEJukQ1qx | |
| | EOew334uaHSA/+xR0mbYRX4jUeCO8HDiwWsKJYPaorO/kyvpcN2+VhxD9H8e42t6 | |
| | GxzLNRrxe+7/Gpbpo/sCAwEAAaMNMAswCQYDVR0TBAIwADANBgkqhkiG9w0BAQUF | |
| | AAOCAQEAYlI7mS2UMvbE9cb1Ja0Bc9nTZQ7ijAsflh4iqW1q1n/E2R+1oGV0+Bvm | |
| | PgalZD+NXo9w/MZmq15Iw3o/A64T1HBcTLxw9b86LwuUAZJbHDJZPPPKQxUdiGYT | |
| | ZnCP2kscs0Msx3+wGYStnrYFTD6pcjo77Im1eznCMtKKa5w2Hfmh9Q/tdATzlKIS | |
| | t/hRZ81zMn3sWHVI+Y3ibP3tuv6c46vDpSozZOKIkXAT/rY5z8JTEhzbL0PhDkkl | |
| | J0bxAPsS/sTSigTqz0Z579tfj89Bq68cLzMFKYXopMWePX/PPFjYLTWU5i6us5ee | |
| | DXnhP3GwwUzt8IHb8rLixO281MTVIg== | |
| |_-----END CERTIFICATE----- | |
| |_ssl-date: 2013-05-27T19:00:12+00:00; -27s from local time. | |
| 110/tcp open pop3 Dovecot pop3d | |
| |_pop3-capabilities: SASL TOP CAPA STLS PIPELINING UIDL RESP-CODES | |
| 143/tcp open imap Dovecot imapd | |
| |_imap-capabilities: IDLE listed capabilities have Pre-login LOGIN-REFERRALS LITERAL+ STARTTLS ID ENABLE more SASL-IR LOGINDISABLEDA0001 OK post-login IMAP4rev1 | |
| 993/tcp open ssl/imap Dovecot imapd | |
| |_imap-capabilities: IDLE capabilities have Pre-login LOGIN-REFERRALS LITERAL+ AUTH=PLAINA0001 ID ENABLE more SASL-IR listed OK post-login IMAP4rev1 | |
| | ssl-cert: Subject: commonName=ubuntu/organizationName=Dovecot mail server/emailAddress=root@ubuntu/organizationalUnitName=ubuntu | |
| | Issuer: commonName=ubuntu/organizationName=Dovecot mail server/emailAddress=root@ubuntu/organizationalUnitName=ubuntu | |
| | Public Key type: rsa | |
| | Public Key bits: 2048 | |
| | Not valid before: 2013-05-17T18:12:14+00:00 | |
| | Not valid after: 2023-05-17T18:12:14+00:00 | |
| | MD5: a647 bcef bf7a 9b83 9698 a1f1 5bcb a725 | |
| | SHA-1: 13f3 b3b2 7af9 4659 da0b 6894 4a1f ce9b ef66 a190 | |
| | -----BEGIN CERTIFICATE----- | |
| | MIIDizCCAnOgAwIBAgIJAJawBt9Bw5bKMA0GCSqGSIb3DQEBBQUAMFwxHDAaBgNV | |
| | BAoME0RvdmVjb3QgbWFpbCBzZXJ2ZXIxDzANBgNVBAsMBnVidW50dTEPMA0GA1UE | |
| | AwwGdWJ1bnR1MRowGAYJKoZIhvcNAQkBFgtyb290QHVidW50dTAeFw0xMzA1MTcx | |
| | OTEyMTRaFw0yMzA1MTcxOTEyMTRaMFwxHDAaBgNVBAoME0RvdmVjb3QgbWFpbCBz | |
| | ZXJ2ZXIxDzANBgNVBAsMBnVidW50dTEPMA0GA1UEAwwGdWJ1bnR1MRowGAYJKoZI | |
| | hvcNAQkBFgtyb290QHVidW50dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC | |
| | ggEBAOGc8hSjdmHua5l9aRwqZg3t+M3Ydan3dacFnwXriv1japosXHbTH3dAQ1X0 | |
| | uHByqJq23F1MgJqqxfpBoMaWIVGaKrff6fhq5f7NXYUhoQbCAK/GJg9i7ipNTfMg | |
| | gIiyCoti8Z7fQqqYRESENeHJgT3HX1N6ozDfueFdzUZJ0aVC1HZjskMa9VEb8iru | |
| | TdqXzVU+p21Iov+5ttArZHEax35a++Et5OVLz3TyWnGewKwTfQeWTuN3CfL1e31p | |
| | 4X77Tgkac1bgY2yx/aa//lUBlQw6mG9p+PQ9BSwbts03Eci9WeeIyVTG8hvKWNJu | |
| | h28XAHjU8m/+C2J2AW4U84OubhMCAwEAAaNQME4wHQYDVR0OBBYEFCcQ6LPsunxS | |
| | QObBGDeCrhcQDnvEMB8GA1UdIwQYMBaAFCcQ6LPsunxSQObBGDeCrhcQDnvEMAwG | |
| | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHBao+qbPFrm7XcJ/lFSQ2+B | |
| | OM8lg2eniG6XThiCHaoqfM5XnaTZeYt2p/SuwFMQx9qw9s/iWnL6t2DYoOlGz2Ga | |
| | XKf+tS54M1G6d1UHF6AhWTnnnqb3GFlmvGtgUf8fGavJ2bRfndxhHkawYz+8InwU | |
| | LoDOXuMYM37ZaAHijUq5iTSgc7NzTZyhGEulUL3uexQu+1jIQmHPwjukvZC6dCiK | |
| | 9wVMVN9Ce2dNv9Nfd7CSwopdlxU9IJ6YPf6Je4KzJfCABtIcuFJDxDoE2hiGUlOF | |
| | fJRNPDjjzn4AOf2AQGG0n8AEVLrP9ZAbqhCs+bFKA1xC/7r4kcEkz1Lh/fujj+U= | |
| |_-----END CERTIFICATE----- | |
| |_ssl-date: 2013-05-27T19:00:13+00:00; -27s from local time. | |
| 995/tcp open ssl/pop3 Dovecot pop3d | |
| |_pop3-capabilities: SASL(PLAIN) TOP CAPA USER PIPELINING UIDL RESP-CODES | |
| | ssl-cert: Subject: commonName=ubuntu/organizationName=Dovecot mail server/emailAddress=root@ubuntu/organizationalUnitName=ubuntu | |
| | Issuer: commonName=ubuntu/organizationName=Dovecot mail server/emailAddress=root@ubuntu/organizationalUnitName=ubuntu | |
| | Public Key type: rsa | |
| | Public Key bits: 2048 | |
| | Not valid before: 2013-05-17T18:12:14+00:00 | |
| | Not valid after: 2023-05-17T18:12:14+00:00 | |
| | MD5: a647 bcef bf7a 9b83 9698 a1f1 5bcb a725 | |
| | SHA-1: 13f3 b3b2 7af9 4659 da0b 6894 4a1f ce9b ef66 a190 | |
| | -----BEGIN CERTIFICATE----- | |
| | MIIDizCCAnOgAwIBAgIJAJawBt9Bw5bKMA0GCSqGSIb3DQEBBQUAMFwxHDAaBgNV | |
| | BAoME0RvdmVjb3QgbWFpbCBzZXJ2ZXIxDzANBgNVBAsMBnVidW50dTEPMA0GA1UE | |
| | AwwGdWJ1bnR1MRowGAYJKoZIhvcNAQkBFgtyb290QHVidW50dTAeFw0xMzA1MTcx | |
| | OTEyMTRaFw0yMzA1MTcxOTEyMTRaMFwxHDAaBgNVBAoME0RvdmVjb3QgbWFpbCBz | |
| | ZXJ2ZXIxDzANBgNVBAsMBnVidW50dTEPMA0GA1UEAwwGdWJ1bnR1MRowGAYJKoZI | |
| | hvcNAQkBFgtyb290QHVidW50dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC | |
| | ggEBAOGc8hSjdmHua5l9aRwqZg3t+M3Ydan3dacFnwXriv1japosXHbTH3dAQ1X0 | |
| | uHByqJq23F1MgJqqxfpBoMaWIVGaKrff6fhq5f7NXYUhoQbCAK/GJg9i7ipNTfMg | |
| | gIiyCoti8Z7fQqqYRESENeHJgT3HX1N6ozDfueFdzUZJ0aVC1HZjskMa9VEb8iru | |
| | TdqXzVU+p21Iov+5ttArZHEax35a++Et5OVLz3TyWnGewKwTfQeWTuN3CfL1e31p | |
| | 4X77Tgkac1bgY2yx/aa//lUBlQw6mG9p+PQ9BSwbts03Eci9WeeIyVTG8hvKWNJu | |
| | h28XAHjU8m/+C2J2AW4U84OubhMCAwEAAaNQME4wHQYDVR0OBBYEFCcQ6LPsunxS | |
| | QObBGDeCrhcQDnvEMB8GA1UdIwQYMBaAFCcQ6LPsunxSQObBGDeCrhcQDnvEMAwG | |
| | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHBao+qbPFrm7XcJ/lFSQ2+B | |
| | OM8lg2eniG6XThiCHaoqfM5XnaTZeYt2p/SuwFMQx9qw9s/iWnL6t2DYoOlGz2Ga | |
| | XKf+tS54M1G6d1UHF6AhWTnnnqb3GFlmvGtgUf8fGavJ2bRfndxhHkawYz+8InwU | |
| | LoDOXuMYM37ZaAHijUq5iTSgc7NzTZyhGEulUL3uexQu+1jIQmHPwjukvZC6dCiK | |
| | 9wVMVN9Ce2dNv9Nfd7CSwopdlxU9IJ6YPf6Je4KzJfCABtIcuFJDxDoE2hiGUlOF | |
| | fJRNPDjjzn4AOf2AQGG0n8AEVLrP9ZAbqhCs+bFKA1xC/7r4kcEkz1Lh/fujj+U= | |
| |_-----END CERTIFICATE----- | |
| |_ssl-date: 2013-05-27T19:00:11+00:00; -27s from local time. | |
| Device type: general purpose | |
| Running: Linux 3.X | |
| OS CPE: cpe:/o:linux:linux_kernel:3 | |
| OS details: Linux 3.2 | |
| TCP/IP fingerprint: | |
| OS:SCAN(V=6.25%E=4%D=5/27%OT=22%CT=1%CU=36056%PV=Y%DS=2%DC=T%G=N%TM=51A3AD7 | |
| OS:6%P=x86_64-apple-darwin12.3.0)SEQ(SP=107%GCD=1%ISR=108%TI=Z%II=I%TS=8)OP | |
| OS:S(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST | |
| OS:11NW7%O6=M5B4ST11)WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)EC | |
| OS:N(R=Y%DF=Y%T=40%W=3908%O=M5B4NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F= | |
| OS:AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD | |
| OS:=0%Q=)T6(R=N)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%R | |
| OS:UCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S) | |
| Uptime guess: 0.617 days (since Mon May 27 00:12:07 2013) | |
| Network Distance: 2 hops | |
| TCP Sequence Prediction: Difficulty=263 (Good luck!) | |
| IP ID Sequence Generation: All zeros | |
| Service Info: Host: ubuntu; OS: Linux; CPE: cpe:/o:linux:linux_kernel | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| - Hop 1 is the same as for 192.168.1.2 | |
| 2 0.89 ms 192.168.1.66 | |
| Nmap scan report for 192.168.1.79 | |
| Host is up (0.00084s latency). | |
| Scanned at 2013-05-27 14:58:58 EDT for 102s | |
| Not shown: 997 closed ports | |
| PORT STATE SERVICE VERSION | |
| 22/tcp open ssh OpenSSH 6.0p1 Debian 3ubuntu1 (Ubuntu Linux; protocol 2.0) | |
| | ssh-hostkey: 1024 b8:14:6e:b5:2d:c1:8e:56:12:e5:5c:73:b2:03:9c:f4 (DSA) | |
| | ssh-dss AAAAB3NzaC1kc3MAAACBAPZiCVO2SrlGIiaRkKlOvTQLGNImPzr+T2cZIPdBT7mcSsIhGeXEvbjFwZuvcUkxoK61TvFnsQf6xK5wkeDDo5UuQCU3JzdRS8tsdaNKMIqOjUd66OOrzSDl8t74AUAppsXr4W/MEJ24xTEZRqM7hQb0f8NuF8X/+0DQ4l9epfNrAAAAFQCeoO/lBHeb68IJfnz9y60NP/KOwQAAAIBf6d4H99CpPLLaTqgOkm6s035/jpRG3fCvg8JNBV/vQFvSRe4RraQR/bjSt5MaZjElQJObevTpKmz0z+EuGpsJvHxk2qv7Un7Mf2sNZ7pE8k2GFhs4XBRjnwBFfufD248yOVErDf/GYEVhUJ0CEt+fDyKOwpi/MlpT8Tjkf2L+RgAAAIEAllADrdQ/xJJfSkGkzneH1/Hk7NQSt696IL4VlW1H91Vlsd37rxtPaW0i72NtXxT9EKoCOEPmn0pxr94eVgQbmQX5G8rU4RI0dzycQdu1mPE27iYqTpT2I6ywPbJDeB99nUK3c7g09yg34loGBh5tku074B+6+cey/8M/dFoK82A= | |
| | 2048 a8:7b:41:d2:d6:47:57:e7:ba:05:6b:7a:c4:f2:3f:54 (RSA) | |
| | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQ7sGkGED/B6af7W77uAY5Ef+jD3Zm6kSBnLr7rZYWefSn+NyNiyXD+GUQKXdFV3AoYQUoe1Gjskc1V28ym3smqQ9+q83eiTR/PGja35DlGu9k9qC+TBNjJdU8TFR6SNLqke6d+2L59iV21bwR4CRrWaI/IjJUjDi34eb/eX0Q0I7FHJJy8xVfYJDlmGnEnlKUrjrjP4D1GL68EH9sHULDlICvyI2D65h/vwlvQ/h1xhMjrmHXqBVHpaw54sHMv2KjClkiEBldzqgZwYyo9v3KjO++kYcS4Sf5CvJVgWPoI3ix85c2GoR7Jz/QBeRmx9bsCV53+Eaind9RkK4F/IKH | |
| | 256 d7:d8:13:94:93:2f:e5:d8:d6:9c:54:e2:5b:63:ee:48 (ECDSA) | |
| |_ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMcxYDFI52jOAlylJG5UeL5RVnY8JRUv4iL8hkyvQ99lnjfdsA4UHvaOzPyVMsFVKs6hjiR4RnGYMyK7cvA1kcE= | |
| 80/tcp open http Apache httpd 2.2.22 ((Ubuntu)) | |
| |_http-methods: No Allow or Public header in OPTIONS response (status code 200) | |
| |_http-title: Site doesn't have a title (text/html). | |
| 3306/tcp open mysql MySQL 5.5.27-0ubuntu2 | |
| | mysql-info: Protocol: 10 | |
| | Version: 5.5.27-0ubuntu2 | |
| | Thread ID: 11541 | |
| | Some Capabilities: Long Passwords, Connect with DB, Compress, ODBC, Transactions, Secure Connection | |
| | Status: Autocommit | |
| |_Salt: J8ug''0X | |
| Device type: general purpose|firewall|terminal|WAP | |
| Running (JUST GUESSING): Linux 3.X|2.6.X|2.4.X (98%), IPFire Linux 2.6.X (90%), IGEL Linux 2.6.X (89%) | |
| OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.6 cpe:/o:ipfire:linux:2.6.32 cpe:/o:igel:linux:2.6 cpe:/o:linux:linux_kernel:2.4 | |
| OS fingerprint not ideal because: Timing level 5 (Insane) used | |
| Aggressive OS guesses: Linux 3.2 (98%), Linux 2.6.32 - 2.6.38 (98%), Linux 3.0 (95%), Linux 2.6.32 (92%), Linux 3.1 - 3.4 (91%), Linux 2.6.38 (91%), Linux 3.0 - 3.2 (91%), Linux 2.6.15 - 2.6.26 (90%), Linux 2.6.32 - 2.6.33 (90%), Linux 2.6.32 - 2.6.35 (90%) | |
| No exact OS matches for host (test conditions non-ideal). | |
| TCP/IP fingerprint: | |
| SCAN(V=6.25%E=4%D=5/27%OT=22%CT=1%CU=43628%PV=Y%DS=2%DC=T%G=N%TM=51A3AD76%P=x86_64-apple-darwin12.3.0) | |
| SEQ(SP=F5%GCD=1%ISR=FB%TI=Z%II=I%TS=8) | |
| OPS(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST11NW7%O6=M5B4ST11) | |
| WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890) | |
| ECN(R=Y%DF=Y%T=40%W=3908%O=M5B4NNSNW7%CC=Y%Q=) | |
| T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=) | |
| T2(R=N) | |
| T3(R=N) | |
| T4(R=N) | |
| T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=) | |
| T6(R=N) | |
| T7(R=N) | |
| U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G) | |
| IE(R=Y%DFI=N%T=40%CD=S) | |
| Uptime guess: 0.600 days (since Mon May 27 00:36:48 2013) | |
| Network Distance: 2 hops | |
| TCP Sequence Prediction: Difficulty=245 (Good luck!) | |
| IP ID Sequence Generation: All zeros | |
| Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| - Hop 1 is the same as for 192.168.1.2 | |
| 2 0.88 ms 192.168.1.79 | |
| Nmap scan report for 192.168.1.80 | |
| Host is up (0.00089s latency). | |
| Scanned at 2013-05-27 14:58:58 EDT for 105s | |
| Not shown: 992 closed ports | |
| PORT STATE SERVICE VERSION | |
| 135/tcp open msrpc Microsoft Windows RPC | |
| 139/tcp open netbios-ssn | |
| 445/tcp open tcpwrapped | |
| 1025/tcp open msrpc Microsoft Windows RPC | |
| 1186/tcp open sip (SIP end point; Status: 200 OK) | |
| | sip-methods: | |
| |_ INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE | |
| 1187/tcp open tcpwrapped | |
| 1218/tcp open sip (SIP end point; Status: 200 OK) | |
| | sip-methods: | |
| |_ INVITE, ACK, CANCEL, OPTIONS, BYE, REGISTER, SUBSCRIBE, NOTIFY, REFER, INFO, MESSAGE | |
| 3389/tcp open ms-wbt-server Microsoft Terminal Service | |
| 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port1186-TCP:V=6.25%I=7%D=5/27%Time=51A3AD03%P=x86_64-apple-darwin12.3. | |
| SF:0%r(GenericLines,2,"\r\n")%r(SIPOptions,1C1,"SIP/2\.0\x20200\x20OK\r\nV | |
| SF:ia:\x20SIP/2\.0/TCP\x20nm;branch=foo;received=172\.16\.105\.106\r\nCont | |
| SF:act:\x20<sip:192\.168\.1\.80:1186;transport=TCP>\r\nTo:\x20<sip:nm2@nm2 | |
| SF:>;tag=56799d03\r\nFrom:\x20<sip:nm@nm>;tag=root\r\nCall-ID:\x2050000\r\ | |
| SF:nCSeq:\x2042\x20OPTIONS\r\nAccept:\x20application/sdp\r\nAccept-Languag | |
| SF:e:\x20en\r\nAllow:\x20INVITE,\x20ACK,\x20CANCEL,\x20OPTIONS,\x20BYE,\x2 | |
| SF:0REGISTER,\x20SUBSCRIBE,\x20NOTIFY,\x20REFER,\x20INFO,\x20MESSAGE\r\nSu | |
| SF:pported:\x20replaces\r\nAllow-Events:\x20presence,\x20message-summary,\ | |
| SF:x20tunnel-info\r\nContent-Length:\x200\r\n\r\n"); | |
| ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== | |
| SF-Port1218-TCP:V=6.25%I=7%D=5/27%Time=51A3AD03%P=x86_64-apple-darwin12.3. | |
| SF:0%r(GenericLines,2,"\r\n")%r(SIPOptions,1C1,"SIP/2\.0\x20200\x20OK\r\nV | |
| SF:ia:\x20SIP/2\.0/TCP\x20nm;branch=foo;received=172\.16\.105\.106\r\nCont | |
| SF:act:\x20<sip:192\.168\.1\.80:1218;transport=TCP>\r\nTo:\x20<sip:nm2@nm2 | |
| SF:>;tag=8976fd4b\r\nFrom:\x20<sip:nm@nm>;tag=root\r\nCall-ID:\x2050000\r\ | |
| SF:nCSeq:\x2042\x20OPTIONS\r\nAccept:\x20application/sdp\r\nAccept-Languag | |
| SF:e:\x20en\r\nAllow:\x20INVITE,\x20ACK,\x20CANCEL,\x20OPTIONS,\x20BYE,\x2 | |
| SF:0REGISTER,\x20SUBSCRIBE,\x20NOTIFY,\x20REFER,\x20INFO,\x20MESSAGE\r\nSu | |
| SF:pported:\x20replaces\r\nAllow-Events:\x20presence,\x20message-summary,\ | |
| SF:x20tunnel-info\r\nContent-Length:\x200\r\n\r\n"); | |
| Device type: general purpose | |
| Running: Microsoft Windows 2003 | |
| OS CPE: cpe:/o:microsoft:windows_server_2003::sp1 cpe:/o:microsoft:windows_server_2003::sp2 | |
| OS details: Microsoft Windows Server 2003 SP1 or SP2 | |
| TCP/IP fingerprint: | |
| OS:SCAN(V=6.25%E=4%D=5/27%OT=135%CT=1%CU=33237%PV=Y%DS=2%DC=T%G=N%TM=51A3AD | |
| OS:76%P=x86_64-apple-darwin12.3.0)SEQ(SP=F2%GCD=1%ISR=10A%TI=I%II=I%SS=S%TS | |
| OS:=0)OPS(O1=M5B4NW0NNT00NNS%O2=M5B4NW0NNT00NNS%O3=M5B4NW0NNT00%O4=M5B4NW0N | |
| OS:NT00NNS%O5=M5B4NW0NNT00NNS%O6=M5B4NNT00NNS)WIN(W1=4000%W2=4000%W3=4000%W | |
| OS:4=4000%W5=4000%W6=4000)ECN(R=Y%DF=N%T=80%W=4000%O=M5B4NW0NNS%CC=N%Q=)T1( | |
| OS:R=Y%DF=N%T=80%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=N%T=8 | |
| OS:0%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=N)T7(R=N)U1(R=Y%DF=N%T=80%IPL=B0%UN= | |
| OS:0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=S%T=80%CD=Z) | |
| Network Distance: 2 hops | |
| TCP Sequence Prediction: Difficulty=242 (Good luck!) | |
| IP ID Sequence Generation: Incremental | |
| Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows | |
| Host script results: | |
| | nbstat: | |
| | NetBIOS name: REMOTE, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:af:6c:a6 (VMware) | |
| | Names | |
| | REMOTE<00> Flags: <unique><active> | |
| | CTF<00> Flags: <group><active> | |
| | CTF<1e> Flags: <group><active> | |
| | CTF<1d> Flags: <unique><active> | |
| | \x01\x02__MSBROWSE__\x02<01> Flags: <group><active> | |
| | REMOTE<20> Flags: <unique><active> | |
| | Statistics | |
| | 00 0c 29 af 6c a6 00 00 00 00 00 00 00 00 00 00 | |
| | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
| |_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
| | p2p-conficker: | |
| | Checking for Conficker.C or higher... | |
| | Check 1 (port 39226/tcp): CLEAN (Couldn't connect) | |
| | Check 2 (port 23895/tcp): CLEAN (Couldn't connect) | |
| | | Check 3 (port 40520/udp): CLEAN (Failed to receive data) | |
| | | Check 4 (port 34590/udp): CLEAN (Failed to receive data) | |
| |_ 0/4 checks are positive: Host is CLEAN or ports are blocked | |
| | smb-os-discovery: | |
| | OS: Windows Server 2003 3790 Service Pack 2 (Windows Server 2003 5.2) | |
| | OS CPE: cpe:/o:microsoft:windows_server_2003::sp2 | |
| | Computer name: remote | |
| | NetBIOS computer name: REMOTE | |
| | Domain name: ctf.unallocatedspace.org | |
| | Forest name: ctf.unallocatedspace.org | |
| | FQDN: remote.ctf.unallocatedspace.org | |
| | NetBIOS domain name: CTF | |
| |_ System time: 2013-05-27T15:38:22-04:00 | |
| | smb-security-mode: | |
| | Account that was used for smb scripts: guest | |
| | User-level authentication | |
| | SMB Security: Challenge/response passwords supported | |
| |_ Message signing disabled (dangerous, but default) | |
| |_smbv2-enabled: Server doesn't support SMBv2 protocol | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| - Hop 1 is the same as for 192.168.1.2 | |
| 2 0.86 ms 192.168.1.80 | |
| Nmap scan report for 192.168.1.117 | |
| Host is up (0.0011s latency). | |
| Scanned at 2013-05-27 14:58:58 EDT for 103s | |
| Not shown: 997 closed ports | |
| PORT STATE SERVICE VERSION | |
| 22/tcp open ssh OpenSSH 6.0p1 Debian 3ubuntu1 (Ubuntu Linux; protocol 2.0) | |
| | ssh-hostkey: 1024 d6:6e:ac:6a:3a:45:9d:9d:9d:fc:97:e3:3a:9f:39:d1 (DSA) | |
| | ssh-dss AAAAB3NzaC1kc3MAAACBANeimg5jeRW1iR79w8WEckuwHoKhPVpc4muMOC0aUgSJKvSxRuZk6cuTepH42zLDjdB3/F/7h+iOHhlj3pI6S4fF5Rq0A1zHavqwD406FX0ys6vZRbj7XoJfdLH2n7aEI6lwcNjCbqXC09OCRrCENjM4NZgLLx5/4TFtbXSYEdeVAAAAFQD9tgrUJg2Zfr/QM5UJbhF0GApEswAAAIEAl7ezliqWJ1c9FjmHXSaxLiFq56Ibg0aG7NRHkb1z1tEKfMZGD83YFBeP5gg8qB+3DHuASm0OOIW1vUvubKhopsw5fKdpjpGZFpsC/d5YVTZB7b2fxAOp5oSR8ZlsMgdxgteL3yKwqHV+fmoqGb2SkcgD7bhRk5y4Y+cih5gbZcQAAACAQWg09KCZuJFnPVne3UJMC2AlL95tM9LaDqRPqb1Z2qIbWxszetGm7WRLkoaZH6RF9iw6F6dqdJlosXv6zpuzomxb7gOtY4WL/nzqH44mmdhW2Xjq0hk2025I9Uq9V0BKmZlEyRFtqBcqyeEmNKMxkKrj/Hl5lGwWFoaM8hylIPQ= | |
| | 2048 92:0c:09:f4:98:67:e1:45:c8:05:24:dd:bd:4a:eb:78 (RSA) | |
| | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDNQD6BQ33Aktt1VWdkwUH/fahNBCQLWgEwsds1nSRqzwvTI07pYUVaeFMXhRk0r7hbQrf7wCm3rKk3vulYtk86fseC1xF/MdiKMmHWiIBf7bxR8RdeLE7Cji8P1LwHAdXR2ltFVsLWKHdLVAt2Eq5tiS7Enk7PbiNRtDjZSPRSonKW6lY5i7Zj3Uwh0yosk/gs42Ln2HaJy3H8l8LOOwQyklLcMjtpIaTlCqlZFORt/FmzVgOdn2u4A2gHi0Gq6kqZd3K6+Sm3VR0h4vebYC5+ERsbbjgT2xz5JZlvgo2DFUa3WF3UvB+FKb/8Qfkl7ViFcyCZ51Qk3OiH5jEMZjR | |
| | 256 93:98:38:45:a1:05:21:d2:e8:03:80:0b:e7:72:c5:92 (ECDSA) | |
| |_ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFBB+tWncu7U7zGkzPqLxPTxwbH+ACtbhK3S0+BoP7DNu9/aDif7aUdd9gLmZQUaxe8wzjtHWH68CmHVwvnww9k= | |
| 80/tcp open http Apache httpd 2.2.22 ((Ubuntu)) | |
| |_http-methods: GET HEAD POST OPTIONS | |
| | http-robots.txt: 1 disallowed entry | |
| |_/ | |
| |_http-title: FreePBX | |
| 2000/tcp open cisco-sccp? | |
| Device type: general purpose | |
| Running: Linux 3.X | |
| OS CPE: cpe:/o:linux:linux_kernel:3 | |
| OS details: Linux 3.2 | |
| TCP/IP fingerprint: | |
| OS:SCAN(V=6.25%E=4%D=5/27%OT=22%CT=1%CU=37027%PV=Y%DS=2%DC=T%G=N%TM=51A3AD7 | |
| OS:6%P=x86_64-apple-darwin12.3.0)SEQ(SP=105%GCD=1%ISR=107%TI=Z%II=I%TS=8)OP | |
| OS:S(O1=M5B4ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST | |
| OS:11NW7%O6=M5B4ST11)WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)EC | |
| OS:N(R=Y%DF=Y%T=40%W=3908%O=M5B4NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F= | |
| OS:AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD | |
| OS:=0%Q=)T6(R=N)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%R | |
| OS:UCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S) | |
| Uptime guess: 0.787 days (since Sun May 26 20:08:00 2013) | |
| Network Distance: 2 hops | |
| TCP Sequence Prediction: Difficulty=261 (Good luck!) | |
| IP ID Sequence Generation: All zeros | |
| Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| - Hop 1 is the same as for 192.168.1.2 | |
| 2 0.85 ms 192.168.1.117 | |
| Nmap scan report for 192.168.1.213 | |
| Host is up (0.00096s latency). | |
| Scanned at 2013-05-27 14:58:58 EDT for 104s | |
| Not shown: 987 closed ports | |
| PORT STATE SERVICE VERSION | |
| 21/tcp open ftp Microsoft ftpd 5.0 | |
| |_ftp-anon: Anonymous FTP login allowed (FTP code 230) | |
| 25/tcp open smtp Microsoft ESMTP 5.0.2172.1 | |
| | smtp-commands: scada-dev.ctf.unallocatedspace.org Hello [172.16.105.106], AUTH GSSAPI NTLM LOGIN, AUTH=LOGIN, TURN, ATRN, SIZE 2097152, ETRN, PIPELINING, DSN, ENHANCEDSTATUSCODES, 8bitmime, BINARYMIME, CHUNKING, VRFY, OK, | |
| |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH TURN ATRN ETRN BDAT VRFY | |
| 80/tcp open http Microsoft IIS httpd 5.0 | |
| | http-methods: OPTIONS TRACE GET HEAD COPY PROPFIND SEARCH LOCK UNLOCK DELETE PUT POST MOVE MKCOL PROPPATCH | |
| | Potentially risky methods: TRACE COPY PROPFIND SEARCH LOCK UNLOCK DELETE PUT MOVE MKCOL PROPPATCH | |
| |_See http://nmap.org/nsedoc/scripts/http-methods.html | |
| |_http-title: Under Construction | |
| 119/tcp open nntp Microsoft NNTP Service 5.00.0984 | |
| 135/tcp open msrpc Microsoft Windows RPC | |
| 139/tcp open netbios-ssn | |
| 443/tcp open https? | |
| 445/tcp open microsoft-ds Microsoft Windows 2000 microsoft-ds | |
| 563/tcp open snews? | |
| 1025/tcp open msrpc Microsoft Windows RPC | |
| 1026/tcp open msrpc Microsoft Windows RPC | |
| 1027/tcp open msrpc Microsoft Windows RPC | |
| 3372/tcp open msdtc Microsoft Distributed Transaction Coordinator | |
| Device type: general purpose | |
| Running: Microsoft Windows 7 | |
| OS CPE: cpe:/o:microsoft:windows_7 | |
| OS details: Microsoft Windows 7 | |
| TCP/IP fingerprint: | |
| OS:SCAN(V=6.25%E=4%D=5/27%OT=21%CT=1%CU=35287%PV=Y%DS=2%DC=T%G=N%TM=51A3AD7 | |
| OS:6%P=x86_64-apple-darwin12.3.0)SEQ(SP=80%GCD=1%ISR=9A%TI=I%II=I%SS=S%TS=0 | |
| OS:)OPS(O1=M5B4NW0NNT00NNS%O2=M5B4NW0NNT00NNS%O3=M5B4NW0NNT00%O4=M5B4NW0NNT | |
| OS:00NNS%O5=M5B4NW0NNT00NNS%O6=M5B4NNT00NNS)WIN(W1=4470%W2=41A0%W3=4100%W4= | |
| OS:40E8%W5=40E8%W6=402E)ECN(R=Y%DF=Y%T=80%W=4470%O=M5B4NW0NNS%CC=N%Q=)T1(R= | |
| OS:Y%DF=Y%T=80%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=N%T=80% | |
| OS:W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=N)T7(R=N)U1(R=Y%DF=N%T=80%IPL=38%UN=0% | |
| OS:RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=S%T=80%CD=Z) | |
| Network Distance: 2 hops | |
| TCP Sequence Prediction: Difficulty=128 (Good luck!) | |
| IP ID Sequence Generation: Incremental | |
| Service Info: Host: scada-dev.ctf.unallocatedspace.org; OSs: Windows, Windows 2000; CPE: cpe:/o:microsoft:windows | |
| Host script results: | |
| | nbstat: | |
| | NetBIOS name: SCADA-DEV, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:a3:42:c0 (VMware) | |
| | Names | |
| | SCADA-DEV<00> Flags: <unique><active> | |
| | SCADA-DEV<20> Flags: <unique><active> | |
| | CTF<00> Flags: <group><active> | |
| | SCADA-DEV<03> Flags: <unique><active> | |
| | CTF<1e> Flags: <group><active> | |
| | INet~Services<1c> Flags: <group><active> | |
| | IS~SCADA-DEV<00> Flags: <unique><active> | |
| | Statistics | |
| | 00 0c 29 a3 42 c0 00 00 00 00 00 00 00 00 00 00 | |
| | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
| |_ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
| | p2p-conficker: | |
| | Checking for Conficker.C or higher... | |
| | Check 1 (port 29462/tcp): CLEAN (Couldn't connect) | |
| | Check 2 (port 4176/tcp): CLEAN (Couldn't connect) | |
| | | Check 3 (port 62292/udp): CLEAN (Failed to receive data) | |
| | | Check 4 (port 5769/udp): CLEAN (Failed to receive data) | |
| |_ 0/4 checks are positive: Host is CLEAN or ports are blocked | |
| | smb-security-mode: | |
| | Account that was used for smb scripts: guest | |
| | User-level authentication | |
| | SMB Security: Challenge/response passwords supported | |
| |_ Message signing disabled (dangerous, but default) | |
| |_smbv2-enabled: Server doesn't support SMBv2 protocol | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| - Hop 1 is the same as for 192.168.1.2 | |
| 2 0.83 ms 192.168.1.213 | |
| Nmap scan report for 192.168.1.214 | |
| Host is up (0.0064s latency). | |
| Scanned at 2013-05-27 14:58:58 EDT for 132s | |
| Not shown: 806 closed ports, 193 filtered ports | |
| PORT STATE SERVICE VERSION | |
| 80/tcp open tcpwrapped | |
| |_http-favicon: Unknown favicon MD5: 86C4F4F950DD8664AF572A874E9BDA6A | |
| |_http-title: IP9258 | |
| Device type: router | |
| Running (JUST GUESSING): Linksys embedded (87%) | |
| OS fingerprint not ideal because: Timing level 5 (Insane) used | |
| Aggressive OS guesses: Linksys BEFSR41 EtherFast router (87%) | |
| No exact OS matches for host (test conditions non-ideal). | |
| TCP/IP fingerprint: | |
| SCAN(V=6.25%E=4%D=5/27%OT=80%CT=1%CU=%PV=Y%DS=3%DC=T%G=N%TM=51A3AD76%P=x86_64-apple-darwin12.3.0) | |
| SEQ(SP=28%GCD=A%ISR=64%TI=I%TS=U) | |
| SEQ(SP=2F%GCD=A%ISR=65%TI=I%II=RI%SS=O%TS=U) | |
| OPS(O1=M5BA%O2=M5BA%O3=M5BA%O4=M5BA%O5=M5BA%O6=M5BA) | |
| WIN(W1=8000%W2=8000%W3=8000%W4=8000%W5=8000%W6=8000) | |
| ECN(R=Y%DF=N%TG=FF%W=8000%O=M5BA%CC=N%Q=) | |
| T1(R=Y%DF=N%TG=FF%S=O%A=S+%F=AS%RD=0%Q=) | |
| T2(R=N) | |
| T3(R=N) | |
| T4(R=N) | |
| T5(R=Y%DF=N%TG=FF%W=7A69%S=A%A=S+%F=AR%O=%RD=0%Q=) | |
| T6(R=N) | |
| T7(R=N) | |
| U1(R=N) | |
| IE(R=Y%DFI=S%TG=40%CD=S) | |
| Network Distance: 3 hops | |
| TCP Sequence Prediction: Difficulty=47 (Good luck!) | |
| IP ID Sequence Generation: Incremental | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| - Hop 1 is the same as for 192.168.1.2 | |
| 2 ... | |
| 3 4.09 ms 192.168.1.214 | |
| Nmap scan report for 192.168.1.254 | |
| Host is up. | |
| All 1000 scanned ports on 192.168.1.254 are filtered | |
| Too many fingerprints match this host to give specific OS details | |
| TCP/IP fingerprint: | |
| SCAN(V=6.25%E=4%D=5/27%OT=%CT=%CU=%PV=Y%DC=I%G=N%TM=51A3AD76%P=x86_64-apple-darwin12.3.0) | |
| U1(R=N) | |
| IE(R=N) | |
| TRACEROUTE (using proto 1/icmp) | |
| HOP RTT ADDRESS | |
| 1 ... 30 | |
| NSE: Script Post-scanning. | |
| NSE: Starting runlevel 1 (of 2) scan. | |
| Initiating NSE at 15:01 | |
| Completed NSE at 15:01, 0.00s elapsed | |
| NSE: Starting runlevel 2 (of 2) scan. | |
| Post-scan script results: | |
| | ssh-hostkey: Possible duplicate hosts | |
| | Key 2048 a8:7b:41:d2:d6:47:57:e7:ba:05:6b:7a:c4:f2:3f:54 (RSA) used by: | |
| | 192.168.1.2 | |
| | 192.168.1.79 | |
| | Key 1024 b8:14:6e:b5:2d:c1:8e:56:12:e5:5c:73:b2:03:9c:f4 (DSA) used by: | |
| | 192.168.1.2 | |
| | 192.168.1.79 | |
| | Key 256 d7:d8:13:94:93:2f:e5:d8:d6:9c:54:e2:5b:63:ee:48 (ECDSA) used by: | |
| | 192.168.1.2 | |
| |_ 192.168.1.79 | |
| Read data files from: /opt/boxen/homebrew/bin/../share/nmap | |
| OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . | |
| Nmap done: 8 IP addresses (8 hosts up) scanned in 132.93 seconds | |
| Raw packets sent: 446 (32.768KB) | Rcvd: 1605 (153.140KB) | |
| ~ ⮀ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment