+ All Categories
Home > Documents > pastebin-THNIC.pdf

pastebin-THNIC.pdf

Date post: 04-Oct-2015
Category:

Documents
Upload: nrpradhan
View: 778 times
Download: 37 times
Download Report this document
Share this document with a friend
Popular Tags:
windows xp windows
microsoft windows server
microsoft windows xp20002003nt
microsoft windows xp
microsoft windows xp
windows xp sp2
linksys linux
arch linux
28
1. # Nmap 5.35DC1 scan initiated Sat Sep 18 22:04:57 2010 as: nmap -O -sV -A -sS -sU -o THINC.local 192.168.11.200-250 2. Warning: 192.168.11.202 giving up on port because retransmission cap hit (10). 3. Nmap scan report for 192.168.11.201 4. Host is up (0.053s latency). 5. Not shown: 1990 closed ports 6. PORT STATE SERVICE VERSION 7. 135/tcp open msrpc Microsoft Windows RPC 8. 139/tcp open netbios-ssn 9. 135/udp open msrpc 10. 137/udp open netbios-ns Microsoft Windows NT netbios-ssn (workgroup: THINC) 11. 138/udp open|filtered netbios-dgm 12. 445/udp open|filtered microsoft-ds 13. 1026/udp open|filtered win-rpc 14. 1027/udp open|filtered unknown 15. 1041/udp open|filtered unknown 16. 1087/udp open|filtered unknown 17. MAC Address: 00:50:56:BC:10:DE (VMware) 18. Device type: general purpose|media device|switch|printer 19. Running (JUST GUESSING) : Microsoft Windows XP|2000|2003|NT (95%), Motorola Windows PocketPC/CE (87%), 3Com embedded (86%), Ricoh embedded (85%) 20. Aggressive OS guesses: Microsoft Windows XP (95%), Microsoft Windows 2000 SP0 (94%), Microsoft Windows 2000 SP4 (93%), Microsoft Windows 2000 SP2 (91%), Microsoft Windows XP SP3 (90%), Microsoft Windows 2000 SP4 or Windows XP SP2 or SP3 (89%), Microsoft Windows XP SP1 (88%), Microsoft Windows Server 2003 SP1 or SP2 (88%), Microsoft Windows Server 2003 SP2 (88%), Microsoft Windows XP Embedded (87%) 21. No exact OS matches for host (test conditions non-ideal). 22. Network Distance: 1 hop 23. Service Info: Host: ALICE; OS: Windows 24. 25. Host script results: 26. |_nbstat: NetBIOS name: ALICE, NetBIOS user: <unknown>, NetBIOS MAC: 00:50:56:bc:10:de (VMware) 27. | smb-os-discovery: 28. | OS: Windows XP (Windows 2000 LAN Manager) 29. | Name: THINC\ALICE 30. |_ System time: 2010-09-19 05:28:20 UTC+1 31. |_smbv2-enabled: Server doesn't support SMBv2 protocol 32. 33. TRACEROUTE 34. HOP RTT ADDRESS 35. 1 52.52 ms 192.168.11.201 36. 37. Nmap scan report for 192.168.11.202 38. Host is up (0.052s latency). 39. Not shown: 1055 closed ports, 659 open|filtered ports, 285 filtered ports 40. PORT STATE SERVICE VERSION 41. 80/tcp open http? 42. |_html-title: Let's play with the offsec team 43. MAC Address: 00:50:56:BC:79:02 (VMware) 44. Device type: general purpose|WAP|router 45. Running (JUST GUESSING) : Linux 2.6.X|2.4.X (92%), D-Link embedded (89%), Linksys embedded (89%), Peplink embedded (89%), Linksys Linux 2.4.X (89%), Gemtek embedded (87%), Siemens embedded (87%) 46. Aggressive OS guesses: Linux 2.6.23 - 2.6.32 (92%), Linux 2.6.22 (91%), Linux 2.6.31 (90%), Linux 2.6.18 - 2.6.27 (89%), D-Link DSA-3100 or Linksys WRT54GL (DD-WRT v23) WAP, or Peplink Balance 30 router (89%), Linux 2.6.15 - 2.6.27 (89%), Linux 2.6.16 - 2.6.20 (89%), Linux 2.6.21 (89%), Linux 2.6.21 (Arch Linux 0.8, x86) (89%), Linux 2.6.22 (Fedora Core 6) (89%) 47. No exact OS matches for host (test conditions non-ideal). 48. Network Distance: 1 hop 49. 50. TRACEROUTE 51. HOP RTT ADDRESS 52. 1 51.93 ms 192.168.11.202 53. 54. Nmap scan report for bob.thinc.local (192.168.11.203) 55. Host is up (0.056s latency). 56. Not shown: 999 open|filtered ports, 997 filtered ports Page 1 of 28 Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV 05-03-2015 http://pastebin.com/print.php?i=3S0p6iNV
Transcript

  • 1. # Nmap 5.35DC1 scan initiated Sat Sep 18 22:04:57 2010 as: nmap -O -sV -A -sS -sU -o THINC.local 192.168.11.200-250

    2. Warning: 192.168.11.202 giving up on port because retransmission cap hit (10).3. Nmap scan report for 192.168.11.2014. Host is up (0.053s latency).5. Not shown: 1990 closed ports6. PORT STATE SERVICE VERSION7. 135/tcp open msrpc Microsoft Windows RPC8. 139/tcp open netbios-ssn9. 135/udp open msrpc

    10. 137/udp open netbios-ns Microsoft Windows NT netbios-ssn (workgroup: THINC)

    11. 138/udp open|filtered netbios-dgm12. 445/udp open|filtered microsoft-ds13. 1026/udp open|filtered win-rpc14. 1027/udp open|filtered unknown15. 1041/udp open|filtered unknown16. 1087/udp open|filtered unknown17. MAC Address: 00:50:56:BC:10:DE (VMware)18. Device type: general purpose|media device|switch|printer19. Running (JUST GUESSING) : Microsoft Windows XP|2000|2003|NT (95%), Motorola

    Windows PocketPC/CE (87%), 3Com embedded (86%), Ricoh embedded (85%)20. Aggressive OS guesses: Microsoft Windows XP (95%), Microsoft Windows 2000 SP0

    (94%), Microsoft Windows 2000 SP4 (93%), Microsoft Windows 2000 SP2 (91%), Microsoft Windows XP SP3 (90%), Microsoft Windows 2000 SP4 or Windows XP SP2 or SP3 (89%), Microsoft Windows XP SP1 (88%), Microsoft Windows Server 2003 SP1 or SP2 (88%), Microsoft Windows Server 2003 SP2 (88%), Microsoft Windows XP Embedded (87%)

    21. No exact OS matches for host (test conditions non-ideal).22. Network Distance: 1 hop23. Service Info: Host: ALICE; OS: Windows24.25. Host script results:26. |_nbstat: NetBIOS name: ALICE, NetBIOS user: , NetBIOS MAC:

    00:50:56:bc:10:de (VMware)27. | smb-os-discovery: 28. | OS: Windows XP (Windows 2000 LAN Manager)29. | Name: THINC\ALICE30. |_ System time: 2010-09-19 05:28:20 UTC+131. |_smbv2-enabled: Server doesn't support SMBv2 protocol32.33. TRACEROUTE34. HOP RTT ADDRESS35. 1 52.52 ms 192.168.11.20136.37. Nmap scan report for 192.168.11.20238. Host is up (0.052s latency).39. Not shown: 1055 closed ports, 659 open|filtered ports, 285 filtered ports40. PORT STATE SERVICE VERSION41. 80/tcp open http?42. |_html-title: Let's play with the offsec team43. MAC Address: 00:50:56:BC:79:02 (VMware)44. Device type: general purpose|WAP|router45. Running (JUST GUESSING) : Linux 2.6.X|2.4.X (92%), D-Link embedded (89%), Linksys

    embedded (89%), Peplink embedded (89%), Linksys Linux 2.4.X (89%), Gemtek embedded (87%), Siemens embedded (87%)

    46. Aggressive OS guesses: Linux 2.6.23 - 2.6.32 (92%), Linux 2.6.22 (91%), Linux 2.6.31 (90%), Linux 2.6.18 - 2.6.27 (89%), D-Link DSA-3100 or Linksys WRT54GL (DD-WRT v23) WAP, or Peplink Balance 30 router (89%), Linux 2.6.15 - 2.6.27 (89%), Linux 2.6.16 - 2.6.20 (89%), Linux 2.6.21 (89%), Linux 2.6.21 (Arch Linux 0.8, x86) (89%), Linux 2.6.22 (Fedora Core 6) (89%)

    47. No exact OS matches for host (test conditions non-ideal).48. Network Distance: 1 hop49.50. TRACEROUTE51. HOP RTT ADDRESS52. 1 51.93 ms 192.168.11.20253.54. Nmap scan report for bob.thinc.local (192.168.11.203)55. Host is up (0.056s latency).56. Not shown: 999 open|filtered ports, 997 filtered ports

    Page 1 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 57. PORT STATE SERVICE VERSION58. 21/tcp open ftp Microsoft ftpd59. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)60. 80/tcp open http Microsoft IIS httpd 5.161. | http-methods: Potentially risky methods: TRACE DELETE COPY MOVE PROPFIND

    PROPPATCH SEARCH MKCOL LOCK UNLOCK PUT62. |_See http://nmap.org/nsedoc/scripts/http-methods.html63. |_html-title: Site doesn't have a title (text/html).64. 3389/tcp open microsoft-rdp Microsoft Terminal Service65. 161/udp open snmp SNMPv1 server (public)66. | snmp-win32-software: 67. | VMware Tools; 2008-09-16 11:26:2268. | WebFldrs XP; 2007-01-16 17:53:0669. | WinRAR archiver; 2007-01-10 14:12:1870. |_ freeSSHd 1.2.1; 2008-09-26 15:02:4071. | snmp-win32-users: 72. | Administrator73. | Guest74. | HelpAssistant75. | IUSR_BOB76. | IWAM_BOB77. | SUPPORT_388945a078. | bob79. |_ dj80. | snmp-interfaces: 81. | MS TCP Loopback interface82. | IP address: 127.0.0.1 Netmask: 255.0.0.083. | Type: softwareLoopback Speed: 10 Mbps84. | Traffic stats: 156.64 Kb sent, 156.64 Kb received85. | VMware Accelerated AMD PCNet Adapter86. | IP address: 192.168.11.203 Netmask: 255.255.254.087. | MAC address: 00:50:56:bc:32:a0 (VMware)88. | Type: ethernetCsmacd Speed: 1 Gbps89. |_ Traffic stats: 13.59 Mb sent, 40.94 Mb received90. | snmp-sysdescr: Hardware: x86 Family 6 Model 7 Stepping 10 AT/AT COMPATIBLE -

    Software: Windows 2000 Version 5.1 (Build 2600 Uniprocessor Free)91. |_ System uptime: 183 days, 19:04:33.40 (1587987340 timeticks)92. | snmp-win32-services: 93. | Application Layer Gateway Service94. | COM+ Event System95. | COM+ System Application96. | Computer Browser97. | DNS Client98. | Distributed Link Tracking Client99. | Distributed Transaction Coordinator100. | Event Log101. | FTP Publishing102. | FreeSSHDService103. | Help and Support104. | IIS Admin105. | Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS)106. | Logical Disk Manager107. | Messenger108. | Net Logon109. | Network Connections110. | Network Location Awareness (NLA)111. | Plug and Play112. | Print Spooler113. | Protected Storage114. | Remote Access Connection Manager115. | Remote Procedure Call (RPC)116. | Remote Registry117. | SNMP Service118. | Secondary Logon119. | Security Accounts Manager120. | Server121. | Shell Hardware Detection122. | System Event Notification123. | TCP/IP NetBIOS Helper124. | Task Scheduler125. | Telephony

    Page 2 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 126. | Terminal Services127. | Themes128. | Upload Manager129. | VMware Tools Service130. | WebClient131. | Windows Audio132. | Windows Management Instrumentation133. | Windows Time134. | Workstation135. |_ World Wide Web Publishing136. MAC Address: 00:50:56:BC:32:A0 (VMware)137. Warning: OSScan results may be unreliable because we could not find at least 1

    open and 1 closed port138. OS fingerprint not ideal because: Missing a closed TCP port so results incomplete139. No OS matches for host140. Network Distance: 1 hop141. Service Info: OS: Windows142.143. TRACEROUTE144. HOP RTT ADDRESS145. 1 55.54 ms bob.thinc.local (192.168.11.203)146.147. Nmap scan report for bob2.thinc.local (192.168.11.204)148. Host is up (0.050s latency).149. Not shown: 999 open|filtered ports, 997 filtered ports150. PORT STATE SERVICE VERSION151. 21/tcp open ftp Microsoft ftpd152. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)153. 80/tcp open http Microsoft IIS httpd 5.1154. | http-methods: Potentially risky methods: TRACE DELETE COPY MOVE PROPFIND

    PROPPATCH SEARCH MKCOL LOCK UNLOCK PUT155. |_See http://nmap.org/nsedoc/scripts/http-methods.html156. |_html-title: Site doesn't have a title (text/html).157. 3389/tcp open microsoft-rdp Microsoft Terminal Service158. 161/udp open snmp SNMPv1 server (public)159. | snmp-win32-software: 160. | VMware Tools; 2008-09-16 11:26:22161. | WebFldrs XP; 2007-01-16 17:53:06162. | WinRAR archiver; 2007-01-10 14:12:18163. |_ freeSSHd 1.2.1; 2008-09-26 15:02:40164. | snmp-processes: 165. | System Idle Process166. | PID: 1167. | System168. | PID: 4169. | dllhost.exe170. | PID: 148171. | smss.exe172. | PID: 332173. | logon.scr174. | PID: 368175. | csrss.exe176. | PID: 404177. | winlogon.exe178. | PID: 428179. | services.exe180. | PID: 472181. | lsass.exe182. | PID: 484183. | svchost.exe184. | PID: 652185. | svchost.exe186. | PID: 700187. | svchost.exe188. | PID: 756189. | msdtc.exe190. | PID: 764191. | svchost.exe192. | PID: 808193. | IEXPLORE.EXE194. | PID: 824

    Page 3 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 195. | spoolsv.exe196. | PID: 864197. | cmd.exe198. | PID: 904199. | alg.exe200. | PID: 1000201. | FreeSSHDService.exe202. | PID: 1020203. | snmp.exe204. | PID: 1088205. | VMwareService.exe206. | PID: 1124207. | davcdata.exe208. | PID: 1204209. | IEXPLORE.EXE210. | PID: 1248211. | dllhost.exe212. | PID: 1780213. | IEXPLORE.EXE214. | PID: 1808215. | inetinfo.exe216. |_ PID: 2036217. | snmp-win32-services: 218. | Application Layer Gateway Service219. | COM+ Event System220. | COM+ System Application221. | Computer Browser222. | DNS Client223. | Distributed Link Tracking Client224. | Distributed Transaction Coordinator225. | Event Log226. | FTP Publishing227. | FreeSSHDService228. | Help and Support229. | IIS Admin230. | Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS)231. | Logical Disk Manager232. | Messenger233. | Net Logon234. | Network Connections235. | Network Location Awareness (NLA)236. | Plug and Play237. | Print Spooler238. | Remote Access Connection Manager239. | Remote Procedure Call (RPC)240. | Remote Registry241. | SNMP Service242. | Secondary Logon243. | Security Accounts Manager244. | Server245. | Shell Hardware Detection246. | System Event Notification247. | TCP/IP NetBIOS Helper248. | Task Scheduler249. | Telephony250. | Terminal Services251. | Themes252. | Upload Manager253. | VMware Tools Service254. | WebClient255. | Windows Audio256. | Windows Management Instrumentation257. | Windows Time258. | Workstation259. |_ World Wide Web Publishing260. | snmp-win32-users: 261. | Administrator262. | Guest263. | HelpAssistant264. | IUSR_BOB265. | IWAM_BOB

    Page 4 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 266. | SUPPORT_388945a0267. |_ bob268. | snmp-sysdescr: Hardware: x86 Family 6 Model 7 Stepping 10 AT/AT COMPATIBLE -

    Software: Windows 2000 Version 5.1 (Build 2600 Uniprocessor Free)269. |_ System uptime: 183 days, 19:00:25.09 (1587962509 timeticks)270. | snmp-netstat: 271. | TCP 0.0.0.0:21 0.0.0.0:14556272. | TCP 0.0.0.0:80 0.0.0.0:45125273. | TCP 0.0.0.0:135 0.0.0.0:12376274. | TCP 0.0.0.0:443 0.0.0.0:34986275. | TCP 0.0.0.0:445 0.0.0.0:24822276. | TCP 0.0.0.0:1025 0.0.0.0:41204277. | TCP 0.0.0.0:1038 0.0.0.0:45118278. | TCP 0.0.0.0:3060 0.0.0.0:10347279. | TCP 0.0.0.0:3061 0.0.0.0:37066280. | TCP 0.0.0.0:3389 0.0.0.0:41121281. | TCP 0.0.0.0:4620 0.0.0.0:10418282. | TCP 0.0.0.0:60000 0.0.0.0:28691283. | TCP 127.0.0.1:3001 0.0.0.0:45070284. | TCP 127.0.0.1:3002 0.0.0.0:49283285. | TCP 127.0.0.1:3003 0.0.0.0:45118286. | TCP 127.0.0.1:3114 0.0.0.0:14428287. | TCP 127.0.0.1:3128 0.0.0.0:18494288. | TCP 127.0.0.1:3129 0.0.0.0:36906289. | TCP 127.0.0.1:3130 0.0.0.0:32904290. | TCP 127.0.0.1:3131 0.0.0.0:57555291. | TCP 127.0.0.1:3243 0.0.0.0:39125292. | TCP 127.0.0.1:3444 0.0.0.0:45278293. | TCP 127.0.0.1:3449 0.0.0.0:2064294. | TCP 127.0.0.1:3450 0.0.0.0:206295. | TCP 127.0.0.1:3451 0.0.0.0:33016296. | TCP 127.0.0.1:3452 0.0.0.0:45230297. | TCP 127.0.0.1:3481 0.0.0.0:47235298. | TCP 127.0.0.1:3755 0.0.0.0:2096299. | TCP 127.0.0.1:3756 0.0.0.0:14457300. | TCP 127.0.0.1:3757 0.0.0.0:6148301. | TCP 127.0.0.1:3800 0.0.0.0:24627302. | TCP 127.0.0.1:3801 0.0.0.0:45226303. | TCP 127.0.0.1:3885 0.0.0.0:22758304. | TCP 127.0.0.1:3886 0.0.0.0:2048305. | TCP 127.0.0.1:3887 0.0.0.0:8261306. | TCP 127.0.0.1:3888 0.0.0.0:59629307. | TCP 127.0.0.1:3889 0.0.0.0:2251308. | TCP 127.0.0.1:4029 0.0.0.0:2128309. | TCP 127.0.0.1:4054 0.0.0.0:10311310. | TCP 127.0.0.1:4057 0.0.0.0:53433311. | TCP 127.0.0.1:4200 0.0.0.0:2144312. | TCP 127.0.0.1:4230 0.0.0.0:18443313. | TCP 127.0.0.1:4571 0.0.0.0:45294314. | TCP 127.0.0.1:4572 0.0.0.0:45230315. | TCP 127.0.0.1:4749 0.0.0.0:26877316. | TCP 127.0.0.1:4829 0.0.0.0:51200317. | TCP 127.0.0.1:4830 0.0.0.0:2080318. | TCP 127.0.0.1:4831 0.0.0.0:22740319. | TCP 127.0.0.1:4832 0.0.0.0:43093320. | TCP 127.0.0.1:4833 0.0.0.0:43189321. | TCP 127.0.0.1:4894 0.0.0.0:16555322. | TCP 192.168.11.204:80 192.168.10.129:35127323. | TCP 192.168.11.204:80 192.168.10.129:57887324. | TCP 192.168.11.204:80 192.168.10.129:58032325. | TCP 192.168.11.204:80 192.168.10.129:58033326. | TCP 192.168.11.204:80 192.168.10.129:58034327. | TCP 192.168.11.204:139 0.0.0.0:2080328. | TCP 192.168.11.204:3061 192.168.10.127:4444329. | TCP 192.168.11.204:3115 192.168.11.220:139330. | TCP 192.168.11.204:3117 192.168.11.220:139331. | TCP 192.168.11.204:3121 192.168.11.204:21332. | UDP 0.0.0.0:135 *:*333. | UDP 0.0.0.0:161 *:*334. | UDP 0.0.0.0:445 *:*335. | UDP 0.0.0.0:1026 *:*

    Page 5 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 336. | UDP 0.0.0.0:1027 *:*337. | UDP 0.0.0.0:1039 *:*338. | UDP 0.0.0.0:3007 *:*339. | UDP 0.0.0.0:3456 *:*340. | UDP 127.0.0.1:123 *:*341. | UDP 127.0.0.1:3154 *:*342. | UDP 127.0.0.1:3166 *:*343. | UDP 192.168.11.204:123 *:*344. | UDP 192.168.11.204:137 *:*345. |_ UDP 192.168.11.204:138 *:*346. | snmp-interfaces: 347. | MS TCP Loopback interface348. | IP address: 127.0.0.1 Netmask: 255.0.0.0349. | Type: softwareLoopback Speed: 10 Mbps350. | Traffic stats: 1.03 Mb sent, 1.03 Mb received351. | VMware Accelerated AMD PCNet Adapter352. | IP address: 192.168.11.204 Netmask: 255.255.254.0353. | MAC address: 00:50:56:bc:7a:58 (VMware)354. | Type: ethernetCsmacd Speed: 1 Gbps355. |_ Traffic stats: 10.98 Mb sent, 101.14 Mb received356. MAC Address: 00:50:56:BC:7A:58 (VMware)357. Warning: OSScan results may be unreliable because we could not find at least 1

    open and 1 closed port358. OS fingerprint not ideal because: Missing a closed TCP port so results incomplete359. No OS matches for host360. Network Distance: 1 hop361. Service Info: OS: Windows362.363. TRACEROUTE364. HOP RTT ADDRESS365. 1 49.64 ms bob2.thinc.local (192.168.11.204)366.367. Nmap scan report for oracle.thinc.local (192.168.11.205)368. Host is up (0.050s latency).369. Not shown: 1978 closed ports370. PORT STATE SERVICE VERSION371. 21/tcp open ftp Microsoft ftpd 5.0372. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)373. 80/tcp open http Microsoft IIS httpd 5.0374. |_html-title: Under Construction375. | http-methods: Potentially risky methods: TRACE COPY PROPFIND SEARCH LOCK UNLOCK

    DELETE PUT MOVE MKCOL PROPPATCH376. |_See http://nmap.org/nsedoc/scripts/http-methods.html377. 135/tcp open msrpc Microsoft Windows RPC378. 139/tcp open netbios-ssn379. 443/tcp open https?380. 445/tcp open microsoft-ds Microsoft Windows 2000 microsoft-ds381. 1027/tcp open msrpc Microsoft Windows RPC382. 1033/tcp open msrpc Microsoft Windows RPC383. 1038/tcp open msrpc Microsoft Windows RPC384. 1043/tcp open oracle Oracle Database385. 2030/tcp open oracle-mts Oracle MTS Recovery Service386. 3372/tcp open msdtc Microsoft Distributed Transaction

    Coordinator387. 3389/tcp open microsoft-rdp Microsoft Terminal Service388. 4443/tcp open http Oracle HTTP Server Powered by Apache 1.3.22

    (mod_plsql/3.0.9.8.3b mod_ssl/2.8.5 OpenSSL/0.9.6b mod_fastcgi/2.2.12 mod_oprocmgr/1.0 mod_perl/1.25)

    389. |_html-title: 400 Bad Request390. | http-methods: Potentially risky methods: TRACE391. |_See http://nmap.org/nsedoc/scripts/http-methods.html392. 7778/tcp open http Oracle HTTP Server Powered by Apache 1.3.22

    (mod_plsql/3.0.9.8.3b mod_ssl/2.8.5 OpenSSL/0.9.6b mod_fastcgi/2.2.12 mod_oprocmgr/1.0 mod_perl/1.25)

    393. | http-methods: Potentially risky methods: TRACE394. |_See http://nmap.org/nsedoc/scripts/http-methods.html395. |_html-title: Oracle HTTP Server Index396. 135/udp open msrpc397. 137/udp open netbios-ns Microsoft Windows netbios-ssn (workgroup:

    ACME)398. 138/udp open|filtered netbios-dgm

    Page 6 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 399. 445/udp open|filtered microsoft-ds400. 500/udp open|filtered isakmp401. 1029/udp open msrpc402. 3456/udp open|filtered IISrpc-or-vat403. MAC Address: 00:50:56:BC:1E:F7 (VMware)404. Device type: general purpose|media device405. Running (JUST GUESSING) : Microsoft Windows 2000|XP|NT|2003 (94%), Motorola

    Windows PocketPC/CE (85%)406. Aggressive OS guesses: Microsoft Windows 2000 SP0 (94%), Microsoft Windows XP

    (94%), Microsoft Windows 2000 SP4 (93%), Microsoft Windows 2000 SP2 (90%), Microsoft Windows NT 4.0 SP6 (89%), Microsoft Windows XP SP3 (89%), Microsoft Windows 2000 SP4 or Windows XP SP2 or SP3 (89%), Microsoft Windows Server 2003 SP1 or SP2 (88%), Microsoft Windows Server 2003 SP2 (88%), Microsoft Windows XP SP1 (87%)

    407. No exact OS matches for host (test conditions non-ideal).408. Network Distance: 1 hop409. Service Info: Host: ORACLE2; OS: Windows410.411. Host script results:412. | smb-os-discovery: 413. | OS: Windows 2000 (Windows 2000 LAN Manager)414. | Name: ACME\ORACLE2415. |_ System time: 2010-09-19 05:27:01 UTC+2416. |_smbv2-enabled: Server doesn't support SMBv2 protocol417. |_nbstat: NetBIOS name: ORACLE2, NetBIOS user: , NetBIOS MAC:

    00:50:56:bc:1e:f7 (VMware)418.419. TRACEROUTE420. HOP RTT ADDRESS421. 1 50.22 ms oracle.thinc.local (192.168.11.205)422.423. Nmap scan report for oracle2.thinc.local (192.168.11.206)424. Host is up (0.050s latency).425. Not shown: 1982 closed ports426. PORT STATE SERVICE VERSION427. 135/tcp open msrpc Microsoft Windows RPC428. 139/tcp open netbios-ssn429. 445/tcp open microsoft-ds Microsoft Windows 2000 microsoft-ds430. 1038/tcp open msrpc Microsoft Windows RPC431. 1054/tcp open msrpc Microsoft Windows RPC432. 1064/tcp open msrpc Microsoft Windows RPC433. 1069/tcp open cognex-insight?434. 2030/tcp open oracle-mts Oracle MTS Recovery Service435. 3372/tcp open msdtc?436. 3389/tcp open microsoft-rdp Microsoft Terminal Service437. 4443/tcp open pharos?438. 137/udp open netbios-ns?439. 138/udp open|filtered netbios-dgm440. 445/udp open|filtered microsoft-ds441. 500/udp open|filtered isakmp442. 1027/udp open|filtered unknown443. 1047/udp open|filtered unknown444. 3456/udp open|filtered IISrpc-or-vat445. 1 service unrecognized despite returning data. If you know the service/version,

    please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

    446. SF-Port3372-TCP:V=5.35DC1%I=7%D=9/19%Time=4C959229%P=i686-pc-linux-gnu%r(G447. SF:etRequest,6,"\xb8\xdc\n\0\x08@")%r(RTSPRequest,6,"\xb8\xdc\n\0\x08@")%r448. SF:(HTTPOptions,6,"\x08\xb0\n\0\xb8\xdc")%r(Help,6,"\xb8\xdc\n\0\x08@")%r(449. SF:SSLSessionReq,6,"\xb8\xdc\n\0\x08@")%r(FourOhFourRequest,6,"\xb8\xdc\n\450. SF:0\x08@")%r(LPDString,6,"\xb8\xdc\n\0\x08@")%r(SIPOptions,6,"\xb8\xdc\n\451. SF:0\x08@");452. MAC Address: 00:50:56:BC:28:EB (VMware)453. Device type: general purpose|media device|switch|printer454. Running (JUST GUESSING) : Microsoft Windows 2000|XP|2003|NT (95%), Motorola

    Windows PocketPC/CE (86%), 3Com embedded (86%), Ricoh embedded (85%)455. Aggressive OS guesses: Microsoft Windows 2000 SP0 (95%), Microsoft Windows XP

    (95%), Microsoft Windows 2000 SP4 (93%), Microsoft Windows 2000 SP2 (91%), Microsoft Windows XP SP3 (90%), Microsoft Windows 2000 SP4 or Windows XP SP2 or SP3 (89%), Microsoft Windows XP SP1 (88%), Microsoft Windows XP Embedded (88%),

    Page 7 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • Microsoft Windows Server 2003 SP1 or SP2 (88%), Microsoft Windows Server 2003 SP2 (88%)

    456. No exact OS matches for host (test conditions non-ideal).457. Network Distance: 1 hop458. Service Info: OS: Windows459.460. Host script results:461. |_smbv2-enabled: Server doesn't support SMBv2 protocol462.463. TRACEROUTE464. HOP RTT ADDRESS465. 1 50.13 ms oracle2.thinc.local (192.168.11.206)466.467. Nmap scan report for 192.168.11.207468. Host is up (0.048s latency).469. All 2000 scanned ports on 192.168.11.207 are filtered (1000) or open|filtered

    (1000)470. MAC Address: 00:50:56:BC:74:7A (VMware)471. Too many fingerprints match this host to give specific OS details472. Network Distance: 1 hop473.474. TRACEROUTE475. HOP RTT ADDRESS476. 1 48.03 ms 192.168.11.207477.478. Nmap scan report for phoenix.thinc.local (192.168.11.208)479. Host is up (0.052s latency).480. Not shown: 1989 filtered ports481. PORT STATE SERVICE VERSION482. 21/tcp open ftp vsftpd 2.0.1483. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)484. 22/tcp open ssh OpenSSH 3.9p1 (protocol 1.99)485. |_sshv1: Server supports SSHv1486. | ssh-hostkey: 1024 89:94:af:2e:5d:c1:da:84:25:11:2c:12:45:c6:70:ac (RSA1)487. | 1024 c1:c5:d1:83:0f:4d:d8:9e:8f:82:4c:be:53:4b:6e:14 (DSA)488. |_1024 bc:e1:e6:dd:ab:5e:fd:d1:21:2e:11:7c:d5:b2:03:52 (RSA)489. 25/tcp closed smtp490. 80/tcp open http Apache httpd 2.0.52 ((CentOS))491. |_html-title: Site doesn't have a title (text/html; charset=UTF-8).492. | http-methods: Potentially risky methods: TRACE493. |_See http://nmap.org/nsedoc/scripts/http-methods.html494. | robots.txt: has 2 disallowed entries 495. |_/internal/ /tmp/ 496. 111/tcp open rpcbind 2 (rpc #100000)497. 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: MYGROUP)498. 443/tcp open ssl/http Apache httpd 2.0.52 ((CentOS))499. |_html-title: Site doesn't have a title (text/html; charset=UTF-8).500. |_sslv2: server still supports SSLv2501. | http-methods: Potentially risky methods: TRACE502. |_See http://nmap.org/nsedoc/scripts/http-methods.html503. | robots.txt: has 2 disallowed entries 504. |_/internal/ /tmp/ 505. 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: MYGROUP)506. 631/tcp open ipp CUPS 1.1507. 3306/tcp open mysql MySQL (unauthorized)508. 631/udp open|filtered ipp509. MAC Address: 00:50:56:BC:3D:AB (VMware)510. Device type: WAP|general purpose|remote management|webcam|storage-misc511. Running (JUST GUESSING) : Linux 2.4.X|2.6.X (94%), Linksys Linux 2.4.X (93%), TP-

    Link embedded (91%), Dell embedded (90%), AXIS Linux 2.6.X (88%), IBM embedded (88%)

    512. Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), Linux 2.6.21 (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (93%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (93%), Linux 2.6.27 (Ubuntu 8.10) (93%), Linux 2.6.9 - 2.6.27 (92%), Linux 2.6.22 (92%), Linux 2.6.5 (SUSE Enterprise Server 9) (92%), Linux 2.6.20 (91%), Linux 2.6.20 (Ubuntu, x86_64) (91%)

    513. No exact OS matches for host (test conditions non-ideal).514. Network Distance: 1 hop515. Service Info: OS: Unix516.517. Host script results:

    Page 8 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 518. |_smbv2-enabled: Server doesn't support SMBv2 protocol519. | smb-os-discovery: 520. | OS: Unix (Samba 3.0.33-0.17.el4)521. | Name: MYGROUP\Unknown522. |_ System time: 2010-03-14 08:28:56 UTC-4523.524. TRACEROUTE525. HOP RTT ADDRESS526. 1 51.88 ms phoenix.thinc.local (192.168.11.208)527.528. Nmap scan report for suse.thinc.local (192.168.11.209)529. Host is up (0.050s latency).530. Not shown: 1991 closed ports531. PORT STATE SERVICE VERSION532. 22/tcp open ssh OpenSSH 4.1 (protocol 1.99)533. | ssh-hostkey: 1024 5c:98:60:0f:d3:ae:57:dd:cb:97:d8:f7:4c:e0:b4:10 (RSA1)534. | 1024 f3:c5:c1:14:c9:41:c2:6b:10:75:cf:fd:86:8e:6a:fc (DSA)535. |_1024 cf:ad:91:b2:a6:8a:88:1b:8f:e3:c6:9e:e9:a1:81:ba (RSA)536. |_sshv1: Server supports SSHv1537. 80/tcp open http Apache httpd 2.0.54 ((Linux/SUSE))538. | robots.txt: has 1 disallowed entry 539. |_/540. |_html-title: Access forbidden!541. | http-methods: Potentially risky methods: TRACE542. |_See http://nmap.org/nsedoc/scripts/http-methods.html543. |_http-favicon: Apache on Linux544. 111/tcp open rpcbind 2 (rpc #100000)545. 631/tcp open ipp CUPS 1.1546. 3306/tcp open mysql MySQL 4.1.13547. | mysql-info: Protocol: 10548. | Version: 4.1.13549. | Thread ID: 8550. | Some Capabilities: Connect with DB, Compress, Transactions, Secure Connection551. | Status: Autocommit552. |_Salt: W)fHr(ljM$f[tX:V&V^Y553. 111/udp open rpcbind 2 (rpc #100000)554. 631/udp open|filtered ipp555. 5353/udp open|filtered zeroconf556. 32768/udp open|filtered omad557. MAC Address: 00:50:56:BC:26:80 (VMware)558. Device type: WAP|general purpose|router|firewall|remote management|broadband

    router559. Running (JUST GUESSING) : Linux 2.4.X|2.6.X (96%), Linksys Linux 2.4.X (95%),

    Linksys embedded (92%), TP-Link embedded (91%), Dell embedded (91%)560. Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt

    White Russian 0.9 (Linux 2.4.30) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.15 - 2.6.27 (94%), Linux 2.6.16 - 2.6.20 (94%), Linux 2.6.21 (94%), Linux 2.6.21 (Arch Linux 0.8, x86) (94%), Linux 2.6.23 (94%), Linux 2.6.18 - 2.6.27 (94%), Linux 2.6.18 - 2.6.24 (94%)

    561. No exact OS matches for host (test conditions non-ideal).562. Network Distance: 1 hop563.564. TRACEROUTE565. HOP RTT ADDRESS566. 1 49.87 ms suse.thinc.local (192.168.11.209)567.568. Nmap scan report for 192.168.11.210569. Host is up (0.049s latency).570. Not shown: 1996 filtered ports571. PORT STATE SERVICE VERSION572. 22/tcp open ssh OpenSSH 4.3 (protocol 2.0)573. | ssh-hostkey: 1024 ab:a7:86:a8:a0:39:c6:0a:81:0b:f9:ae:6f:4b:51:79 (DSA)574. |_2048 8b:a5:11:b8:ca:75:9e:8c:a7:17:2c:a3:c9:90:1e:87 (RSA)575. 80/tcp closed http576. 631/tcp closed ipp577. 631/udp closed ipp578. MAC Address: 00:50:56:BC:61:43 (VMware)579. Device type: WAP|general purpose|webcam|remote management|storage-misc|firewall580. Running (JUST GUESSING) : Linux 2.4.X|2.6.X (96%), Linksys Linux 2.4.X (94%), TP-

    Link embedded (92%), AXIS Linux 2.6.X (92%), Dell embedded (91%), IBM embedded (91%), HID embedded (90%)

    Page 9 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 581. Aggressive OS guesses: OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (96%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.21 (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), Linux 2.6.9 - 2.6.27 (94%), Linux 2.6.22 (94%), Linux 2.6.5 (SUSE Enterprise Server 9) (94%), Linux 2.6.9 - 2.6.18 (93%), Linux 2.6.18 - 2.6.27 (92%), Linux 2.6.9 (CentOS 4.3) (92%)

    582. No exact OS matches for host (test conditions non-ideal).583. Network Distance: 1 hop584.585. TRACEROUTE586. HOP RTT ADDRESS587. 1 49.25 ms 192.168.11.210588.589. Nmap scan report for sip.thinc.local (192.168.11.211)590. Host is up (0.050s latency).591. Not shown: 1985 closed ports592. PORT STATE SERVICE VERSION593. 21/tcp open ftp vsftpd 2.0.5594. 22/tcp open ssh OpenSSH 4.3 (protocol 2.0)595. | ssh-hostkey: 1024 3e:a0:7d:28:94:bb:51:86:17:1b:4e:0f:ec:b6:c0:89 (DSA)596. |_2048 46:42:b8:92:26:8b:bc:7f:07:45:0f:dd:68:55:e0:31 (RSA)597. 80/tcp open http Apache httpd 2.2.3 ((CentOS))598. | robots.txt: has 1 disallowed entry 599. |_/600. |_http-methods: No Allow or Public header in OPTIONS response (status code 302)601. | html-title: trixbox - User Mode602. |_Requested resource was http://sip.thinc.local/user/603. |_http-favicon: 604. 111/tcp open rpcbind605. 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)606. 443/tcp open ssl/http Apache httpd 2.2.3 ((CentOS))607. |_http-methods: No Allow or Public header in OPTIONS response (status code 302)608. | robots.txt: has 1 disallowed entry 609. |_/610. | html-title: trixbox - User Mode611. |_Requested resource was https://sip.thinc.local:443/user/612. |_http-favicon: 613. 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)614. 3306/tcp open mysql MySQL (unauthorized)615. 69/udp open|filtered tftp616. 111/udp open rpcbind 2 (rpc #100000)617. 123/udp open|filtered ntp618. 137/udp open netbios-ns Samba nmbd (workgroup: WORKGROUP)619. 138/udp open|filtered netbios-dgm620. 5060/udp open sip-proxy Asterisk PBX621. 5353/udp open mdns DNS-based service discovery622. | dns-service-discovery: 623. | 69/tcp aastra-cfg624. | Address=192.168.11.233625. | 80/tcp http626. |_ Address=192.168.11.233627. MAC Address: 00:50:56:BC:45:51 (VMware)628. Device type: WAP|general purpose|storage-misc|remote management|firewall|webcam629. Running (JUST GUESSING) : Linksys Linux 2.4.X (96%), Linux 2.6.X|2.4.X (95%), TP-

    Link embedded (94%), IBM embedded (93%), Dell embedded (92%), HID embedded (92%), AXIS Linux 2.6.X (92%)

    630. Aggressive OS guesses: OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux 2.6.21 (95%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.9 - 2.6.27 (94%), Linux 2.6.22 (94%), Linux 2.6.5 (SUSE Enterprise Server 9) (94%), TP-Link TL-WR941N WAP (94%), Linux 2.6.27 (93%), Linux 2.6.9 (CentOS 4.3) (93%)

    631. No exact OS matches for host (test conditions non-ideal).632. Network Distance: 1 hop633. Service Info: Host: TRIXBOX1; OS: Unix634.635. Host script results:636. |_nbstat: NetBIOS name: TRIXBOX1, NetBIOS user: , NetBIOS MAC: 637. | smb-os-discovery: 638. | OS: Unix (Samba 3.0.25b-1.el5_1.4)639. | Name: WORKGROUP\Unknown640. |_ System time: 2010-03-18 23:42:11 UTC-4641. |_smbv2-enabled: Server doesn't support SMBv2 protocol

    Page 10 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 642.

    643. TRACEROUTE644. HOP RTT ADDRESS

    645. 1 49.57 ms sip.thinc.local (192.168.11.211)

    646.

    647. Nmap scan report for 192.168.11.212

    648. Host is up (0.051s latency).649. Not shown: 1000 open|filtered ports, 997 filtered ports

    650. PORT STATE SERVICE VERSION

    651. 3389/tcp open microsoft-rdp Microsoft Terminal Service

    652. 4444/tcp closed krb524

    653. 5900/tcp closed vnc654. MAC Address: 00:50:56:BC:3F:89 (VMware)

    655. Device type: general purpose|media device

    656. Running (JUST GUESSING) : Microsoft Windows 2000|XP|2003 (92%), Motorola Windows

    PocketPC/CE (85%)657. Aggressive OS guesses: Microsoft Windows 2000 SP4 (92%), Microsoft Windows XP SP3

    (92%), Microsoft Windows Server 2003 SP1 or SP2 (91%), Microsoft Windows 2000 SP0

    (91%), Microsoft Windows XP (91%), Microsoft Windows Server 2003 SP2 (90%),

    Microsoft Windows XP SP2 (89%), Microsoft Windows XP SP2 or SP3 (89%), Microsoft

    Windows 2000 SP4 or Windows XP SP2 or SP3 (88%), Microsoft Windows XP SP2 (firewall disabled) (88%)

    658. No exact OS matches for host (test conditions non-ideal).

    659. Network Distance: 1 hop

    660. Service Info: OS: Windows

    661.662. TRACEROUTE

    663. HOP RTT ADDRESS

    664. 1 51.13 ms 192.168.11.212

    665.

    666. Nmap scan report for 192.168.11.213667. Host is up (0.052s latency).

    668. Not shown: 1000 open|filtered ports, 997 filtered ports

    669. PORT STATE SERVICE VERSION

    670. 3389/tcp open microsoft-rdp Microsoft Terminal Service

    671. 4444/tcp closed krb524672. 5900/tcp closed vnc

    673. MAC Address: 00:50:56:BC:1A:EF (VMware)

    674. Device type: general purpose|media device

    675. Running (JUST GUESSING) : Microsoft Windows 2000|XP|2003 (93%), Motorola Windows

    PocketPC/CE (85%)676. Aggressive OS guesses: Microsoft Windows 2000 SP4 (93%), Microsoft Windows XP SP3

    (92%), Microsoft Windows Server 2003 SP1 or SP2 (91%), Microsoft Windows 2000 SP0

    (91%), Microsoft Windows XP (91%), Microsoft Windows Server 2003 SP2 (90%),

    Microsoft Windows Server 2003 (89%), Microsoft Windows XP SP2 (89%), Microsoft

    Windows XP SP2 or SP3 (89%), Microsoft Windows 2000 SP4 or Windows XP SP2 or SP3 (88%)

    677. No exact OS matches for host (test conditions non-ideal).678. Network Distance: 1 hop

    679. Service Info: OS: Windows

    680.681. TRACEROUTE

    682. HOP RTT ADDRESS683. 1 51.54 ms 192.168.11.213

    684.

    685. Nmap scan report for 192.168.11.214686. Host is up (0.053s latency).

    687. Not shown: 1000 open|filtered ports, 997 filtered ports688. PORT STATE SERVICE VERSION

    689. 3389/tcp open microsoft-rdp Microsoft Terminal Service

    690. 4444/tcp closed krb524691. 5900/tcp closed vnc

    692. MAC Address: 00:50:56:BC:7B:8F (VMware)693. Device type: general purpose|media device

    694. Running (JUST GUESSING) : Microsoft Windows XP|2000|2003 (93%), Motorola Windows

    PocketPC/CE (85%)695. Aggressive OS guesses: Microsoft Windows XP SP3 (93%), Microsoft Windows 2000 SP4

    (92%), Microsoft Windows Server 2003 SP1 or SP2 (91%), Microsoft Windows Server 2003 SP2 (91%), Microsoft Windows 2000 SP0 (91%), Microsoft Windows XP (91%),

    Microsoft Windows XP SP2 (90%), Microsoft Windows Server 2003 (89%), Microsoft

    Page 11 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • Windows XP SP2 or SP3 (89%), Microsoft Windows 2000 SP4 or Windows XP SP2 or SP3 (88%)

    696. No exact OS matches for host (test conditions non-ideal).697. Network Distance: 1 hop698. Service Info: OS: Windows699.700. TRACEROUTE701. HOP RTT ADDRESS702. 1 52.80 ms 192.168.11.214703.704. Nmap scan report for redhat9.thinc.local (192.168.11.215)705. Host is up (0.054s latency).706. Not shown: 1986 closed ports707. PORT STATE SERVICE VERSION708. 21/tcp open ftp vsftpd 1.1.3709. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)710. 22/tcp open ssh OpenSSH 3.5p1 (protocol 1.99)711. | ssh-hostkey: 1024 36:70:a4:9f:32:47:ac:57:3f:ef:a1:ec:0b:ba:44:1b (RSA1)712. | 1024 64:79:7d:c6:a2:63:32:54:f0:d9:2b:f3:5d:c7:d2:69 (DSA)713. |_1024 48:fb:39:3d:30:82:50:de:66:69:c5:ca:45:62:c0:dc (RSA)714. |_sshv1: Server supports SSHv1715. 25/tcp open smtp Sendmail 8.12.8/8.12.8716. | smtp-commands: redhat.acme.com Hello [192.168.10.129], pleased to meet you,

    ENHANCEDSTATUSCODES, PIPELINING, EXPN, VERB, 8BITMIME, SIZE, DSN, ETRN, DELIVERBY, HELP

    717. |_ 2.0.0 This is sendmail version 8.12.8 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP ". 2.0.0 To report bugs in the implementation send email to 2.0.0 [email protected]. 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info

    718. 111/tcp open rpcbind719. 139/tcp open netbios-ssn Samba smbd (workgroup: MYGROUP)720. 143/tcp open imap UW imapd 2001.315rh721. |_imap-capabilities: LOGIN-REFERRALS IMAP4REV1 STARTTLS SCAN THREAD=REFERENCES

    MAILBOX-REFERRALS SORT AUTH=LOGIN THREAD=ORDEREDSUBJECT IDLE NAMESPACE MULTIAPPEND

    722. 199/tcp open smux Linux SNMP multiplexer723. 3306/tcp open mysql MySQL (unauthorized)724. 32768/tcp open status 1 (rpc #100024)725. 111/udp open rpcbind 2 (rpc #100000)726. 137/udp open netbios-ns Microsoft Windows NT netbios-ssn (workgroup:

    MYGROUP)727. 138/udp open|filtered netbios-dgm728. 161/udp open snmp?729. | snmp-sysdescr: Linux redhat.acme.com 2.4.20-8 #1 Thu Mar 13 17:54:28 EST 2003

    i686730. |_ System uptime: 184 days, 19:57:02.84 (1596942284 timeticks)731. 32768/udp open status 1 (rpc #100024)732. 1 service unrecognized despite returning data. If you know the service/version,

    please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

    733. SF-Port161-UDP:V=5.35DC1%I=7%D=9/19%Time=4C959240%P=i686-pc-linux-gnu%r(SN734. SF:MPv3GetRequest,A4,"08\x02\x01\0\x04\x06public\xa2\+\x02\x04L3\xa7V\x02\735. SF:x01\0\x02\x01\x000\x1d0\x1b\x06\x08\+\x06\x01\x02\x01\x01\x05\0\x04\x0f736. SF:redhat\.acme\.com0h\x02\x01\x030\x0f\x02\x02Ji\x02\x03\0\xff\xe3\x04\x0737. SF:1\0\x02\x01\x03\x04\x200\x1e\x04\r\x80\0\x07\xe5\x80\xaaI\xe6k\xb0i\xac738. SF:E\x02\x01\x17\x02\x04\0\xf3\x08\xea\x04\0\x04\0\x04\x0000\x04\r\x80\0\x739. SF:07\xe5\x80\xaaI\xe6k\xb0i\xacE\x04\0\xa8\x1d\x02\x027\xf0\x02\x01\0\x02740. SF:\x01\x000\x110\x0f\x06\n\+\x06\x01\x06\x03\x0f\x01\x01\x04\0A\x01\x02");741. MAC Address: 00:50:56:BC:37:29 (VMware)742. Device type: WAP|remote management|general purpose|router743. Running (JUST GUESSING) : Linksys Linux 2.4.X (96%), Dell embedded (95%), Linux

    2.4.X|2.6.X (95%), D-Link embedded (93%), Enterasys embedded (93%), Netgear embedded (93%), D-Link Linux 2.4.X (93%)

    744. Aggressive OS guesses: OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Dell Integrated Remote Access Controller (iDRAC6) (95%), Linux 2.4.21 - 2.4.31 (likely embedded) (95%), Linux 2.6.15 - 2.6.23 (embedded) (95%), Linux 2.6.15 - 2.6.30 (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.22 (94%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), Linux 2.4.27 (94%), Linux 2.6.23-gentoo-r3 (93%)

    745. No exact OS matches for host (test conditions non-ideal).

    Page 12 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 746. Network Distance: 1 hop747. Service Info: Host: redhat.acme.com; OSs: Unix, Linux, Windows748.749. Host script results:750. |_nbstat: NetBIOS name: REDHAT, NetBIOS user: , NetBIOS MAC: 751.752. TRACEROUTE753. HOP RTT ADDRESS754. 1 53.57 ms redhat9.thinc.local (192.168.11.215)755.756. Nmap scan report for redhat6.thinc.local (192.168.11.217)757. Host is up (0.052s latency).758. Not shown: 1986 closed ports759. PORT STATE SERVICE VERSION760. 21/tcp open ftp WU-FTPD wu-2.6.0761. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)762. |_auth-owners: root763. 23/tcp open telnet Linux telnetd764. |_auth-owners: root765. 25/tcp open smtp Sendmail 8.9.3/8.9.3766. | smtp-commands: ftp3.thinc.local Hello [192.168.10.129], pleased to meet you,

    EXPN, VERB, 8BITMIME, SIZE, DSN, ONEX, ETRN, XUSR, HELP767. |_ This is Sendmail version 8.9.3 Topics: HELO EHLO MAIL RCPT DATA RSET NOOP QUIT

    HELP VRFY EXPN VERB ETRN DSN For more info use "HELP ". To report bugs in the implementation send email to [email protected]. For local information send email to Postmaster at your site. End of HELP info

    768. |_auth-owners: root769. 79/tcp open finger Debian fingerd770. | finger: Login Name Tty Idle Login Time Office Office

    Phone771. |_OS5547 *pts/0 12:56 Sep 18 22:47 (192.168.10.39)772. |_auth-owners: root773. 111/tcp open rpcbind774. |_auth-owners: bin775. 113/tcp open ident776. |_auth-owners: nobody777. 513/tcp open login?778. |_auth-owners: root779. 514/tcp open tcpwrapped780. |_auth-owners: root781. 515/tcp open printer lpd (error: : Malformed from address)782. |_auth-owners: root783. 1024/tcp open tcpwrapped784. |_auth-owners: root785. 111/udp open rpcbind 2 (rpc #100000)786. 517/udp open talk?787. 518/udp open ntalk?788. 1024/udp open rpc.unknown789. 2 services unrecognized despite returning data. If you know the service/version,

    please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

    790. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============791. SF-Port517-UDP:V=5.35DC1%I=7%D=9/19%Time=4C959240%P=i686-pc-linux-gnu%r(RP792. SF:CCheck,18,"\x01\xfe\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0")%r(D793. SF:NSVersionBindReq,18,"\x01\x06\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0794. SF:\0\0")%r(DNSStatusRequest,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\795. SF:0\0\0\0\0\0")%r(NBTStat,18,"\x01\xf0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\796. SF:0\0\0\0\0\0")%r(Help,18,"\x01e\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\797. SF:0\0\0")%r(SIPOptions,18,"\x01P\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\798. SF:0\0\0")%r(Sqlping,18,"\x01P\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0799. SF:\0")%r(NTPRequest,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\800. SF:0\0")%r(SNMPv1public,18,"\x01\x82\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0801. SF:\0\0\0\0")%r(SNMPv3GetRequest,18,"\x01:\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0802. SF:\0\0\0\0\0\0\0")%r(xdmcp,18,"\x01\x01\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0803. SF:\0\0\0\0\0\0")%r(AFSVersionRequest,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0804. SF:\0\0\0\0\0\0\0\0\0\0")%r(DNS-SD,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\805. SF:0\0\0\0\0\0\0\0\0")%r(Citrix,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0806. SF:\0\0\0\0\0\0\0")%r(Kerberos,18,"\x01\x81\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\807. SF:0\0\0\0\0\0\0\0");808. ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============809. SF-Port518-UDP:V=5.35DC1%I=7%D=9/19%Time=4C959241%P=i686-pc-linux-gnu%r(RP

    Page 13 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 810. SF:CCheck,18,"\x01\xfe\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0")%r(D811. SF:NSVersionBindReq,18,"\x01\x06\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0812. SF:\0\0")%r(DNSStatusRequest,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\813. SF:0\0\0\0\0\0")%r(NBTStat,18,"\x01\xf0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\814. SF:0\0\0\0\0\0")%r(Help,18,"\x01e\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\815. SF:0\0\0")%r(SIPOptions,18,"\x01P\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\816. SF:0\0\0")%r(Sqlping,18,"\x01P\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0817. SF:\0")%r(NTPRequest,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\818. SF:0\0")%r(SNMPv1public,18,"\x01\x82\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0819. SF:\0\0\0\0")%r(SNMPv3GetRequest,18,"\x01:\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0820. SF:\0\0\0\0\0\0\0")%r(xdmcp,18,"\x01\x01\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0821. SF:\0\0\0\0\0\0")%r(AFSVersionRequest,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0822. SF:\0\0\0\0\0\0\0\0\0\0")%r(DNS-SD,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\823. SF:0\0\0\0\0\0\0\0\0")%r(Citrix,18,"\x01\0\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\0824. SF:\0\0\0\0\0\0\0")%r(Kerberos,18,"\x01\x81\x03\0\0\0\0\0\0\0\0\0\0\0\0\0\825. SF:0\0\0\0\0\0\0\0");826. MAC Address: 00:50:56:BC:5D:06 (VMware)827. Device type: general purpose|webcam|printer|WAP|game console828. Running (JUST GUESSING) : Linux 2.2.X|2.6.X|2.4.X (90%), Mobotix Linux 2.2.X

    (89%), Lexmark embedded (88%), Netgear Linux 2.4.X (88%), Linksys Linux 2.4.X (87%), GNU Hurd (86%), Sony embedded (86%), D-Link embedded (85%)

    829. Aggressive OS guesses: Linux 2.2.5 - 2.2.14 (Red Hat 6.0 - 6.2) (90%), Linux 2.2.9 (89%), Linux 2.2.13 (SuSE 6.3) (88%), Lexmark X644e printer (88%), Netgear WG602v1 WAP (Linux 2.2.14) (88%), OpenWrt White Russian 0.9 (Linux 2.4.30) (87%), GNU Hurd 0.3 (86%), Sony PlayStation 2 game console test kit 2.2.1 (86%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (86%), Linux 2.4.19 - 2.4.20 (86%)

    830. No exact OS matches for host (test conditions non-ideal).831. Network Distance: 1 hop832. Service Info: Host: ftp3.thinc.local; OSs: Unix, Linux833.834. TRACEROUTE835. HOP RTT ADDRESS836. 1 52.27 ms redhat6.thinc.local (192.168.11.217)837.838. Nmap scan report for 192.168.11.220839. Host is up (0.056s latency).840. Not shown: 996 open|filtered ports, 982 filtered ports841. PORT STATE SERVICE VERSION842. 21/tcp open ftp FileZilla ftpd843. 53/tcp open domain Microsoft DNS 6.0.6001844. 88/tcp open kerberos-sec Microsoft Windows kerberos-sec845. 135/tcp open msrpc Microsoft Windows RPC846. 139/tcp open netbios-ssn847. 389/tcp open ldap848. 445/tcp open microsoft-ds Microsoft Windows 2003 or 2008 microsoft-ds849. 464/tcp open kpasswd5?850. 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0851. 636/tcp open tcpwrapped852. 3268/tcp open ldap853. 3269/tcp open tcpwrapped854. 3389/tcp open microsoft-rdp Microsoft Terminal Service855. 49154/tcp open msrpc Microsoft Windows RPC856. 49156/tcp open msrpc Microsoft Windows RPC857. 49157/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0858. 49158/tcp open msrpc Microsoft Windows RPC859. 49163/tcp open msrpc Microsoft Windows RPC860. 53/udp open domain Microsoft DNS 6.0.6001 (17714650)861. |_dns-recursion: Recursion appears to be enabled862. 88/udp open kerberos-sec Windows 2003 Kerberos (server time: 2010-09-19

    05:03:52Z)863. 123/udp open ntp NTP v3864. | ntp-info: 865. |_ receive time stamp: Sun Sep 19 05:26:52 2010866. 137/udp open netbios-ns Microsoft Windows NT netbios-ssn (workgroup: THINC)867. MAC Address: 00:50:56:BC:40:CE (VMware)868. Warning: OSScan results may be unreliable because we could not find at least 1

    open and 1 closed port869. Device type: general purpose870. Running (JUST GUESSING) : Microsoft Windows 2008|Vista|7 (90%), FreeBSD 6.X (85%)

    Page 14 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 871. Aggressive OS guesses: Microsoft Windows Server 2008 R2 (90%), Microsoft Windows Server 2008 Beta 3 (89%), Microsoft Windows Vista SP0 or SP1, Server 2008 SP1, or Windows 7 (89%), FreeBSD 6.2-RELEASE (85%), FreeBSD 6.3-RELEASE (85%)

    872. No exact OS matches for host (test conditions non-ideal).873. Network Distance: 1 hop874. Service Info: Hosts: Welcome, MASTER; OS: Windows875.876. Host script results:877. |_nbstat: NetBIOS name: MASTER, NetBIOS user: , NetBIOS MAC:

    00:50:56:bc:40:ce (VMware)878. | smb-os-discovery: 879. | OS: Windows Server (R) 2008 Standard 6001 Service Pack 1 (Windows Server (R)

    2008 Standard 6.0)880. | Name: THINC\MASTER881. |_ System time: 2010-09-19 05:27:49 UTC-7882. |_smbv2-enabled: Server supports SMBv2 protocol883.884. TRACEROUTE885. HOP RTT ADDRESS886. 1 56.15 ms 192.168.11.220887.888. Nmap scan report for slave.thinc.local (192.168.11.221)889. Host is up (0.052s latency).890. Not shown: 1974 closed ports891. PORT STATE SERVICE VERSION892. 53/tcp open domain Microsoft DNS893. 88/tcp open kerberos-sec Microsoft Windows kerberos-sec894. 135/tcp open msrpc Microsoft Windows RPC895. 139/tcp open netbios-ssn896. 389/tcp open ldap897. 445/tcp open tcpwrapped898. 464/tcp open tcpwrapped899. 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0900. 636/tcp open tcpwrapped901. 1025/tcp open msrpc Microsoft Windows RPC902. 1027/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0903. 1038/tcp open msrpc Microsoft Windows RPC904. 53/udp open domain?905. |_dns-recursion: Recursion appears to be enabled906. 88/udp open kerberos-sec Windows 2003 Kerberos (server time: 2010-09-

    19 06:07:05Z)907. 123/udp open ntp Microsoft NTP908. | ntp-info: 909. |_ receive time stamp: Sun Sep 19 05:27:24 2010910. 137/udp open netbios-ns Microsoft Windows NT netbios-ssn (workgroup:

    THINC)911. 138/udp open|filtered netbios-dgm912. 389/udp open|filtered ldap913. 445/udp open|filtered microsoft-ds914. 464/udp open|filtered kpasswd5915. 500/udp open|filtered isakmp916. 1029/udp open|filtered unknown917. 1036/udp open domain Zoom X5 ADSL modem DNS918. 1037/udp open|filtered unknown919. 1043/udp open|filtered boinc920. 4500/udp open|filtered nat-t-ike921. 1 service unrecognized despite returning data. If you know the service/version,

    please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

    922. SF-Port53-UDP:V=5.35DC1%I=7%D=9/19%Time=4C959263%P=i686-pc-linux-gnu%r(NBT923. SF:Stat,32,"\x80\xf0\x80\x82\0\x01\0\0\0\0\0\0\x20CKAAAAAAAAAAAAAAAAAAAAAA924. SF:AAAAAAAA\0\0!\0\x01")%r(DNS-SD,2E,"\0\0\x80\x82\0\x01\0\0\0\0\0\0\t_ser925. SF:vices\x07_dns-sd\x04_udp\x05local\0\0\x0c\0\x01")%r(Citrix,1E,"\x1e\0\x926. SF:81\x01\x02\xfd\xa8\xe3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");927. MAC Address: 00:50:56:BC:16:63 (VMware)928. Device type: general purpose|media device929. Running (JUST GUESSING) : Microsoft Windows 2003|2000|XP (95%), Motorola Windows

    PocketPC/CE (90%)930. Aggressive OS guesses: Microsoft Windows Server 2003 SP2 (95%), Microsoft Windows

    Server 2003 R2 SP2 (91%), Microsoft Windows 2000 or Server 2003 SP1 (91%), Microsoft Windows Server 2003 SP1 or SP2 (91%), Microsoft Windows XP SP2 (91%),

    Page 15 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • Microsoft Windows XP SP2 or Server 2003 SP2 (90%), Motorola VIP1200 digital set top box (Windows CE 5.0) (90%), Microsoft Windows XP SP2 or SP3 (89%), Microsoft Windows XP SP3 (89%), Microsoft Windows XP SP2 (firewall disabled) (89%)

    931. No exact OS matches for host (test conditions non-ideal).932. Network Distance: 1 hop933. Service Info: OS: Windows; Device: broadband router934.935. Host script results:936. | smb-os-discovery: 937. | OS: Windows Server 2003 3790 Service Pack 1 (Windows Server 2003 5.2)938. | Name: THINC\SLAVE939. |_ System time: 2010-09-19 05:27:26 UTC-7940. |_smbv2-enabled: Server doesn't support SMBv2 protocol941. |_nbstat: NetBIOS name: SLAVE, NetBIOS user: , NetBIOS MAC:

    00:50:56:bc:16:63 (VMware)942.943. TRACEROUTE944. HOP RTT ADDRESS945. 1 51.74 ms slave.thinc.local (192.168.11.221)946.947. Nmap scan report for redhat7.thinc.local (192.168.11.222)948. Host is up (0.050s latency).949. Not shown: 1984 closed ports950. PORT STATE SERVICE VERSION951. 21/tcp open ftp WU-FTPD wu-2.6.2-5952. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)953. 22/tcp open ssh OpenSSH 3.1p1 (protocol 1.99)954. |_sshv1: Server supports SSHv1955. | ssh-hostkey: 1024 4a:e3:f8:07:d5:d6:b1:b5:bf:54:ac:e7:17:36:7e:e8 (RSA1)956. | 1024 77:67:f2:2c:3d:7c:45:24:fe:5e:0f:de:07:65:b3:57 (DSA)957. |_1024 42:b1:48:0b:41:f8:a9:12:cc:9b:c4:ed:26:74:64:2c (RSA)958. 23/tcp open telnet Linux telnetd959. 25/tcp open smtp Sendmail 8.11.6/8.11.6960. | smtp-commands: localhost.localdomain Hello [192.168.10.129], pleased to meet

    you, ENHANCEDSTATUSCODES, EXPN, VERB, 8BITMIME, SIZE, DSN, ONEX, ETRN, XUSR, HELP961. |_ 2.0.0 This is sendmail version 8.11.6 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT

    DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP ". 2.0.0 To report bugs in the implementation send email to 2.0.0 [email protected]. 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info

    962. 80/tcp open http Apache httpd 1.3.23 ((Unix) (Red-Hat/Linux) mod_python/2.7.6 Python/1.5.2 mod_ssl/2.8.7 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.1.2 mod_perl/1.26 mod_throttle/3.1.2)

    963. |_html-title: Test Page for the Apache Web Server on Red Hat Linux964. | http-methods: Potentially risky methods: PUT DELETE CONNECT PATCH PROPFIND

    PROPPATCH MKCOL COPY MOVE LOCK UNLOCK TRACE965. |_See http://nmap.org/nsedoc/scripts/http-methods.html966. 111/tcp open rpcbind967. 139/tcp open netbios-ssn Samba smbd (workgroup: MYGROUP)968. 199/tcp open smux Linux SNMP multiplexer969. 443/tcp open ssl/http Apache httpd 1.3.23 ((Unix) (Red-Hat/Linux)

    mod_python/2.7.6 Python/1.5.2 mod_ssl/2.8.7 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.1.2 mod_perl/1.26 mod_throttle/3.1.2)

    970. |_sslv2: server still supports SSLv2971. | http-methods: Potentially risky methods: PUT DELETE CONNECT PATCH PROPFIND

    PROPPATCH MKCOL COPY MOVE LOCK UNLOCK TRACE972. |_See http://nmap.org/nsedoc/scripts/http-methods.html973. |_html-title: Test Page for the Apache Web Server on Red Hat Linux974. 995/tcp open ssl/pop3 ipopd 2001.78rh975. |_pop3-capabilities: OK(K Capability list follows) UIDL LOGIN-DELAY(180) USER TOP

    SASL(PLAIN LOGIN)976. |_sslv2: server still supports SSLv2977. 32768/tcp open status 1 (rpc #100024)978. 111/udp open rpcbind 2 (rpc #100000)979. 137/udp open netbios-ns Microsoft Windows XP netbios-ssn980. 138/udp open|filtered netbios-dgm981. 161/udp open snmp SNMPv1 server (public)982. | snmp-sysdescr: Linux mailman 2.4.18-3 #1 Thu Apr 18 07:37:53 EDT 2002 i686983. |_ System uptime: 488 days, 1:51:42.07 (4216990207 timeticks)984. 32768/udp open status 1 (rpc #100024)985. MAC Address: 00:50:56:BC:0D:2C (VMware)

    Page 16 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 986. Device type: WAP|router|remote management|general purpose|firewall987. Running (JUST GUESSING) : D-Link embedded (95%), Enterasys embedded (95%),

    Netgear embedded (95%), Linksys Linux 2.4.X (93%), Dell embedded (93%), Linux 2.4.X|2.6.X (93%), Cisco embedded (92%)

    988. Aggressive OS guesses: Enterasys Matrix X router, or D-Link DWL-G700AP or Netgear WG302v1 WAP (95%), OpenWrt White Russian 0.9 (Linux 2.4.30) (93%), Dell Integrated Remote Access Controller (iDRAC6) (93%), Linux 2.4.21 - 2.4.31 (likely embedded) (93%), Linux 2.6.15 - 2.6.23 (embedded) (93%), Linux 2.6.15 - 2.6.30 (93%), Cisco MARS 50 firewall version 4.2.1 (92%), Linux 2.4.9 (Red Hat Enterprise Linux 2.1 AS) (92%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (92%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (92%)

    989. No exact OS matches for host (test conditions non-ideal).990. Network Distance: 1 hop991. Service Info: Hosts: localhost.localdomain, 192.168.11.222, MAILMAN; OSs: Unix,

    Linux, Windows992.993. Host script results:994. |_nbstat: NetBIOS name: MAILMAN, NetBIOS user: , NetBIOS MAC: 995.996. TRACEROUTE997. HOP RTT ADDRESS998. 1 50.39 ms redhat7.thinc.local (192.168.11.222)999.1000. Nmap scan report for jeff.thinc.local (192.168.11.223)1001. Host is up (0.054s latency).1002. Not shown: 1982 closed ports1003. PORT STATE SERVICE VERSION1004. 80/tcp open http Apache httpd 2.2.14 ((Win32) DAV/2

    mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1)

    1005. | http-methods: Potentially risky methods: TRACE1006. |_See http://nmap.org/nsedoc/scripts/http-methods.html1007. |_html-title: Index of /1008. 135/tcp open msrpc Microsoft Windows RPC1009. 139/tcp open netbios-ssn1010. 443/tcp open ssl/http Apache httpd 2.2.14 ((Win32) DAV/2

    mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1)

    1011. |_html-title: Index of /1012. | http-methods: Potentially risky methods: TRACE1013. |_See http://nmap.org/nsedoc/scripts/http-methods.html1014. |_sslv2: server still supports SSLv21015. 3306/tcp open mysql MySQL (unauthorized)1016. 3389/tcp open microsoft-rdp Microsoft Terminal Service1017. 49152/tcp open msrpc Microsoft Windows RPC1018. 49153/tcp open msrpc Microsoft Windows RPC1019. 49154/tcp open msrpc Microsoft Windows RPC1020. 49155/tcp open msrpc Microsoft Windows RPC1021. 49156/tcp open msrpc Microsoft Windows RPC1022. 49157/tcp open msrpc Microsoft Windows RPC1023. 123/udp open|filtered ntp1024. 137/udp open netbios-ns?1025. 138/udp open|filtered netbios-dgm1026. 500/udp open|filtered isakmp1027. 4500/udp open|filtered nat-t-ike1028. 5355/udp open|filtered unknown1029. 1 service unrecognized despite returning data. If you know the service/version,

    please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

    1030. SF-Port137-UDP:V=5.35DC1%I=7%D=9/19%Time=4C959276%P=i686-pc-linux-gnu%r(NB1031. SF:TStat,67,"\x80\xf0\x84\0\0\0\0\x01\0\0\0\0\x20CKAAAAAAAAAAAAAAAAAAAAAAA1032. SF:AAAAAAA\0\0!\0\x01\0\0\0\0\0/\0\0PV\xbcO\x16\0\0\0\0\0\0\0\0\0\0\0\0\0\1033. SF:0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");1034. MAC Address: 00:50:56:BC:4F:16 (VMware)1035. Device type: general purpose|printer|WAP1036. Running (JUST GUESSING) : Microsoft Windows Vista|7|2008 (95%), Lexmark embedded

    (88%), Linux 2.6.X (85%)1037. Aggressive OS guesses: Microsoft Windows Vista Home Premium SP1, Windows 7, or

    Server 2008 (95%), Microsoft Windows Vista SP1 (93%), Microsoft Windows Vista Enterprise (90%), Lexmark X644e printer (88%), Microsoft Windows Vista (88%), Microsoft Windows Vista Business (86%), Microsoft Windows Vista SP0 - SP2, Server

    Page 17 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 2008, or Windows 7 Ultimate (86%), Microsoft Windows Vista SP0 or SP1 (86%), Microsoft Windows Vista SP0 or SP1, Server 2008 SP1, or Windows 7 (86%), Microsoft Windows Server 2008 SP1 (86%)

    1038. No exact OS matches for host (test conditions non-ideal).1039. Network Distance: 1 hop1040. Service Info: OS: Windows1041.1042. TRACEROUTE1043. HOP RTT ADDRESS1044. 1 53.54 ms jeff.thinc.local (192.168.11.223)1045.1046. Nmap scan report for ubuntu7.thinc.local (192.168.11.224)1047. Host is up (0.050s latency).1048. Not shown: 1990 closed ports1049. PORT STATE SERVICE VERSION1050. 22/tcp open ssh OpenSSH 4.6p1 Debian 5build1 (protocol 2.0)1051. | ssh-hostkey: 1024 f3:6e:87:04:ea:2d:b3:60:ff:42:ad:26:67:17:94:d5 (DSA)1052. |_2048 bb:03:ce:ed:13:f1:9a:9e:36:03:e2:af:ca:b2:35:04 (RSA)1053. 80/tcp open http Apache httpd 2.2.4 ((Ubuntu)

    PHP/5.2.3-1ubuntu6)1054. | http-methods: Potentially risky methods: TRACE1055. |_See http://nmap.org/nsedoc/scripts/http-methods.html1056. |_html-title: Site doesn't have a title (text/html).1057. 110/tcp open pop3 Dovecot pop3d1058. |_pop3-capabilities: OK(K) CAPA RESP-CODES UIDL PIPELINING STLS TOP SASL1059. 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: MSHOME)1060. 143/tcp open imap Dovecot imapd1061. |_imap-capabilities: LOGIN-REFERRALS LOGINDISABLED UNSELECT THREAD=REFERENCES

    STARTTLS IMAP4rev1 NAMESPACE SORT CHILDREN LITERAL+ IDLE SASL-IR MULTIAPPEND1062. 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: MSHOME)1063. 993/tcp open ssl/imaps?1064. |_sslv2: server still supports SSLv21065. 995/tcp open ssl/pop3 Dovecot pop3d1066. |_pop3-capabilities: OK(K) CAPA RESP-CODES UIDL PIPELINING USER TOP SASL(PLAIN)1067. |_sslv2: server still supports SSLv21068. 137/udp open netbios-ns Microsoft Windows XP netbios-ssn1069. 138/udp open|filtered netbios-dgm1070. MAC Address: 00:50:56:BC:4F:CB (VMware)1071. Device type: WAP|general purpose|remote management|webcam|printer1072. Running (JUST GUESSING) : Linux 2.6.X|2.4.X (96%), Linksys Linux 2.4.X (94%),

    Dell embedded (94%), Linksys embedded (92%), AXIS Linux 2.6.X (92%), Epson embedded (92%), D-Link embedded (91%)

    1073. Aggressive OS guesses: OpenWrt Kamikaze 7.09 (Linux 2.6.22) (96%), Linux 2.6.22 (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (94%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%), Dell Integrated Remote Access Controller (iDRAC6) (94%), Linux 2.4.21 - 2.4.31 (likely embedded) (94%), Linux 2.6.15 - 2.6.23 (embedded) (94%), Linux 2.6.15 - 2.6.30 (94%), Dell Remote Access Controller 5 (DRAC 5) (92%), Linux 2.4.27 (92%)

    1074. No exact OS matches for host (test conditions non-ideal).1075. Network Distance: 1 hop1076. Service Info: Host: UBUNTU05; OSs: Linux, Windows1077.1078. Host script results:1079. |_smbv2-enabled: Server doesn't support SMBv2 protocol1080. |_nbstat: NetBIOS name: UBUNTU05, NetBIOS user: , NetBIOS MAC: 1081. | smb-os-discovery: 1082. | OS: Unix (Samba 3.0.26a)1083. | Name: MSHOME\Unknown1084. |_ System time: 2010-09-19 05:28:46 UTC-41085.1086. TRACEROUTE1087. HOP RTT ADDRESS1088. 1 50.49 ms ubuntu7.thinc.local (192.168.11.224)1089.1090. Nmap scan report for 192.168.11.2261091. Host is up (0.051s latency).1092. Not shown: 1000 open|filtered ports, 998 filtered ports1093. PORT STATE SERVICE VERSION1094. 21/tcp open ftp GuildFTPd1095. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)1096. |_ftp-bounce: bounce working!

    Page 18 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1097. 3389/tcp open microsoft-rdp Microsoft Terminal Service1098. MAC Address: 00:50:56:BC:33:58 (VMware)1099. Warning: OSScan results may be unreliable because we could not find at least 1

    open and 1 closed port1100. Device type: general purpose1101. Running (JUST GUESSING) : Microsoft Windows 2003|XP|2000 (91%)1102. Aggressive OS guesses: Microsoft Windows Server 2003 SP2 (91%), Microsoft Windows

    XP SP2 or Server 2003 SP2 (91%), Microsoft Windows 2000 or Server 2003 SP1 (87%), Microsoft Windows Server 2003 Enterprise Edition (85%), Microsoft Windows Server 2003 R2 SP2 (85%), Microsoft Windows Server 2003 SP1 (85%)

    1103. No exact OS matches for host (test conditions non-ideal).1104. Network Distance: 1 hop1105. Service Info: OS: Windows1106.1107. TRACEROUTE1108. HOP RTT ADDRESS1109. 1 50.99 ms 192.168.11.2261110.1111. Nmap scan report for websql.thinc.local (192.168.11.227)1112. Host is up (0.051s latency).1113. Not shown: 1978 closed ports1114. PORT STATE SERVICE VERSION1115. 21/tcp open ftp Microsoft ftpd 5.01116. |_ftp-anon: Anonymous FTP login allowed (FTP code 230)1117. 25/tcp open smtp Microsoft ESMTP 5.0.2195.53291118. | smtp-commands: mail.barak.net.il Hello [192.168.10.129], AUTH GSSAPI NTLM

    LOGIN, AUTH=LOGIN, TURN, ATRN, SIZE 2097152, ETRN, PIPELINING, DSN, ENHANCEDSTATUSCODES, 8bitmime, BINARYMIME, CHUNKING, VRFY, OK

    1119. |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH TURN ATRN ETRN BDAT VRFY

    1120. 80/tcp open http Microsoft IIS httpd 5.01121. |_html-title: Login1122. | http-methods: Potentially risky methods: TRACE COPY PROPFIND SEARCH LOCK UNLOCK

    DELETE PUT MOVE MKCOL PROPPATCH1123. |_See http://nmap.org/nsedoc/scripts/http-methods.html1124. 135/tcp open msrpc Microsoft Windows RPC1125. 139/tcp open netbios-ssn1126. 443/tcp open https?1127. 445/tcp open microsoft-ds Microsoft Windows 2000 microsoft-ds1128. 1025/tcp open msrpc Microsoft Windows RPC1129. 1026/tcp open mstask Microsoft mstask (task server -

    c:\winnt\system32\Mstask.exe)1130. 1028/tcp open msrpc Microsoft Windows RPC1131. 3372/tcp open msdtc Microsoft Distributed Transaction

    Coordinator1132. 5800/tcp open vnc-http RealVNC 4.0 (Resolution 400x250; VNC TCP

    port: 5900)1133. 5900/tcp open vnc VNC (protocol 3.8)1134. |_realvnc-auth-bypass: Vulnerable1135. 135/udp open msrpc?1136. 137/udp open netbios-ns Microsoft Windows netbios-ssn (workgroup:

    WORKGROUP)1137. 138/udp open|filtered netbios-dgm1138. 161/udp open snmp SNMPv1 server (public)1139. | snmp-sysdescr: Hardware: x86 Family 6 Model 7 Stepping 10 AT/AT COMPATIBLE -

    Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)1140. |_ System uptime: 0 days, 5:37:53.19 (2027319 timeticks)1141. | snmp-processes: 1142. | System Idle Process1143. | PID: 11144. | System1145. | PID: 81146. | smss.exe1147. | PID: 1641148. | csrss.exe1149. | PID: 1881150. | WINLOGON.EXE1151. | PID: 2081152. | services.exe1153. | PID: 2361154. | LSASS.EXE

    Page 19 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1155. | PID: 2481156. | svchost.exe1157. | PID: 4521158. | SPOOLSV.EXE1159. | PID: 4801160. | msdtc.exe1161. | PID: 5081162. | svchost.exe1163. | PID: 6121164. | FreeSSHDService1165. | PID: 6241166. | LLSSRV.EXE1167. | PID: 6681168. | sqlservr.exe1169. | PID: 7001170. | regsvc.exe1171. | PID: 7881172. | mstask.exe1173. | PID: 8041174. | dllhost.exe1175. | PID: 8361176. | snmp.exe1177. | PID: 8441178. | VMwareService.e1179. | PID: 8961180. | winmgmt.exe1181. | PID: 9521182. | winvnc4.exe1183. | PID: 9641184. | svchost.exe1185. | PID: 9761186. | inetinfo.exe1187. | PID: 9961188. | mssearch.exe1189. | PID: 10121190. | dfssvc.exe1191. | PID: 12481192. | dllhost.exe1193. | PID: 12601194. | sqlagent.exe1195. | PID: 13241196. | svchost.exe1197. |_ PID: 15401198. | snmp-netstat: 1199. | TCP 0.0.0.0:21 0.0.0.0:21121200. | TCP 0.0.0.0:25 0.0.0.0:186201201. | TCP 0.0.0.0:80 0.0.0.0:512411202. | TCP 0.0.0.0:135 0.0.0.0:186381203. | TCP 0.0.0.0:443 0.0.0.0:349971204. | TCP 0.0.0.0:445 0.0.0.0:595691205. | TCP 0.0.0.0:1025 0.0.0.0:267171206. | TCP 0.0.0.0:1026 0.0.0.0:22861207. | TCP 0.0.0.0:1028 0.0.0.0:22241208. | TCP 0.0.0.0:1032 0.0.0.0:103961209. | TCP 0.0.0.0:1037 0.0.0.0:186861210. | TCP 0.0.0.0:3372 0.0.0.0:104541211. | TCP 0.0.0.0:4444 0.0.0.0:185861212. | TCP 0.0.0.0:4444 0.0.0.0:348441213. | TCP 0.0.0.0:4444 0.0.0.0:594501214. | TCP 0.0.0.0:5800 0.0.0.0:186441215. | TCP 0.0.0.0:5900 0.0.0.0:349651216. | TCP 0.0.0.0:6532 0.0.0.0:103061217. | TCP 0.0.0.0:60000 0.0.0.0:267331218. | TCP 127.0.0.1:27900 0.0.0.0:349471219. | TCP 192.168.11.227:80 192.168.10.129:349511220. | TCP 192.168.11.227:80 192.168.10.129:349611221. | TCP 192.168.11.227:80 192.168.10.129:473221222. | TCP 192.168.11.227:80 192.168.10.129:473941223. | TCP 192.168.11.227:80 192.168.10.129:473971224. | TCP 192.168.11.227:139 0.0.0.0:349621225. | TCP 192.168.11.227:443 192.168.10.129:39572

    Page 20 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1226. | TCP 192.168.11.227:443 192.168.10.129:404221227. | TCP 192.168.11.227:443 192.168.10.129:404231228. | TCP 192.168.11.227:443 192.168.10.129:404241229. | TCP 192.168.11.227:443 192.168.10.129:404341230. | TCP 192.168.11.227:443 192.168.10.129:404351231. | TCP 192.168.11.227:443 192.168.10.129:404361232. | TCP 192.168.11.227:1037 192.168.10.165:44441233. | TCP 192.168.11.227:4444 192.168.10.165:382611234. | TCP 192.168.11.227:4444 192.168.10.165:558041235. | TCP 192.168.11.227:27900 0.0.0.0:267761236. | UDP 0.0.0.0:135 *:*1237. | UDP 0.0.0.0:161 *:*1238. | UDP 0.0.0.0:445 *:*1239. | UDP 0.0.0.0:1031 *:*1240. | UDP 0.0.0.0:1434 *:*1241. | UDP 0.0.0.0:3456 *:*1242. | UDP 192.168.11.227:137 *:*1243. | UDP 192.168.11.227:138 *:*1244. |_ UDP 192.168.11.227:500 *:*1245. | snmp-win32-services: 1246. | Alerter1247. | Automatic Updates1248. | COM+ Event System1249. | Computer Browser1250. | DHCP Client1251. | DNS Client1252. | Distributed File System1253. | Distributed Link Tracking Client1254. | Distributed Transaction Coordinator1255. | Event Log1256. | FTP Publishing Service1257. | FreeSSHDService1258. | IIS Admin Service1259. | IPSEC Policy Agent1260. | License Logging Service1261. | Logical Disk Manager1262. | MSSQLSERVER1263. | Messenger1264. | Microsoft Search1265. | NT LM Security Support Provider1266. | Plug and Play1267. | Print Spooler1268. | Protected Storage1269. | Remote Procedure Call (RPC)1270. | Remote Registry Service1271. | Removable Storage1272. | RunAs Service1273. | SNMP Service1274. | SQLSERVERAGENT1275. | Security Accounts Manager1276. | Server1277. | Simple Mail Transport Protocol (SMTP)1278. | System Event Notification1279. | TCP/IP NetBIOS Helper Service1280. | Task Scheduler1281. | Telephony1282. | VMware Tools Service1283. | VNC Server Version 41284. | Windows Management Instrumentation1285. | Windows Management Instrumentation Driver Extensions1286. | Workstation1287. |_ World Wide Web Publishing Service1288. | snmp-win32-users: 1289. | Administrator1290. | Guest1291. | IUSR_SRV21292. | IWAM_SRV21293. | OS55471294. | TsInternetUser1295. | admin1296. | alice

    Page 21 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1297. | backup1298. | david1299. | hacker1300. | john1301. | lisa1302. | mark1303. |_ sqlusr1304. 445/udp open|filtered microsoft-ds1305. 500/udp open|filtered isakmp1306. 1030/udp open|filtered iad11307. 1434/udp open ms-sql-m Microsoft SQL Server 8.00.194 (ServerName:

    SRV2; TCPPort: 27900)1308. | ms-sql-info: Discovered Microsoft SQL Server 20001309. | Server name: SRV21310. | Server version: 8.00.1941311. | Instance name: MSSQLSERVER1312. | TCP Port: 279001313. |_ Could not retrieve actual version information1314. 3456/udp open|filtered IISrpc-or-vat1315. 1 service unrecognized despite returning data. If you know the service/version,

    please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

    1316. SF-Port135-UDP:V=5.35DC1%I=7%D=9/19%Time=4C961683%P=i686-pc-linux-gnu%r(Ke1317. SF:rberos,54,"\x04\x06\x20\0\x10\0\0\x03\x02\x01\x05\xa2\x03\x02\x01\n\xa41318. SF:\x81\^0\\\xa0\x07\x03\x05\0P\x80\0\x10\xa2\x04\x1b\x02NM\xa3\x170\x15\x1319. SF:a0\x03\x02\x01\0\xa1\x0e0\x0c\x1b\x06krbtg\x1b\xe5\x92LM\xa5\x11\x18\x01320. SF:f197001010\x04\x0000\0Z\x08\0\0\x1c");1321. MAC Address: 00:50:56:BC:20:67 (VMware)1322. Device type: general purpose|media device|printer1323. Running (JUST GUESSING) : Microsoft Windows 2000|XP|2003|NT (95%), Motorola

    Windows PocketPC/CE (85%), Ricoh embedded (85%)1324. Aggressive OS guesses: Microsoft Windows 2000 SP4 (95%), Microsoft Windows 2000

    SP0 (93%), Microsoft Windows XP (93%), Microsoft Windows XP SP3 (91%), Microsoft Windows 2000 SP4 or Windows XP SP2 or SP3 (91%), Microsoft Windows Server 2003 SP1 or SP2 (90%), Microsoft Windows Server 2003 SP2 (90%), Microsoft Windows 2000 SP2 (90%), Microsoft Windows XP SP2 (89%), Microsoft Windows XP SP2 or SP3 (88%)

    1325. No exact OS matches for host (test conditions non-ideal).1326. Network Distance: 1 hop1327. Service Info: Hosts: mail.barak.net.il, SRV2; OS: Windows1328.1329. Host script results:1330. | smb-os-discovery: 1331. | OS: Windows 2000 (Windows 2000 LAN Manager)1332. | Name: WORKGROUP\SRV21333. |_ System time: 2010-09-19 05:27:36 UTC+21334. |_smbv2-enabled: Server doesn't support SMBv2 protocol1335. |_nbstat: NetBIOS name: SRV2, NetBIOS user: , NetBIOS MAC:

    00:50:56:bc:20:67 (VMware)1336.1337. TRACEROUTE1338. HOP RTT ADDRESS1339. 1 51.44 ms websql.thinc.local (192.168.11.227)1340.1341. Nmap scan report for mail.thinc.local (192.168.11.229)1342. Host is up (0.052s latency).1343. Not shown: 1981 closed ports1344. PORT STATE SERVICE VERSION1345. 25/tcp open smtp hMailServer smtpd1346. 80/tcp open http Microsoft IIS httpd 6.01347. |_html-title: mail.thinc.local - /1348. | http-methods: Potentially risky methods: TRACE DELETE COPY MOVE PROPFIND

    PROPPATCH SEARCH MKCOL LOCK UNLOCK PUT1349. |_See http://nmap.org/nsedoc/scripts/http-methods.html1350. 110/tcp open pop3 hMailServer pop3d1351. |_pop3-capabilities: capa1352. 135/tcp open msrpc Microsoft Windows RPC1353. 139/tcp open netbios-ssn1354. 143/tcp open imap hMailServer imapd1355. |_imap-capabilities: IMAP4 ACL QUOTA SORT IMAP4rev1 RIGHTS=texk IDLE NAMESPACE

    CHILDREN1356. 445/tcp open microsoft-ds Microsoft Windows 2003 or 2008 microsoft-ds

    Page 22 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1357. 1027/tcp open msrpc Microsoft Windows RPC1358. 3389/tcp open microsoft-rdp Microsoft Terminal Service1359. 123/udp open|filtered ntp1360. 137/udp open netbios-ns Microsoft Windows NT netbios-ssn (workgroup:

    THINC)1361. 138/udp open|filtered netbios-dgm1362. 445/udp open|filtered microsoft-ds1363. 500/udp open|filtered isakmp1364. 1025/udp open|filtered blackjack1365. 1026/udp open|filtered win-rpc1366. 1028/udp open|filtered ms-lsa1367. 1029/udp open|filtered unknown1368. 4500/udp open|filtered nat-t-ike1369. MAC Address: 00:50:56:BC:7B:D9 (VMware)1370. Device type: general purpose|media device1371. Running (JUST GUESSING) : Microsoft Windows 2003|XP|2000 (95%), Motorola Windows

    PocketPC/CE (90%)1372. Aggressive OS guesses: Microsoft Windows Server 2003 SP1 or SP2 (95%), Microsoft

    Windows Server 2003 SP2 (94%), Microsoft Windows XP SP3 (94%), Microsoft Windows XP SP2 (91%), Microsoft Windows XP SP2 or SP3 (90%), Microsoft Windows XP SP2 (firewall disabled) (90%), Motorola VIP1200 digital set top box (Windows CE 5.0) (90%), Microsoft Windows 2000 SP4 (89%), Microsoft Windows 2003 Small Business Server (89%), Microsoft Windows XP Professional SP2 (89%)

    1373. No exact OS matches for host (test conditions non-ideal).1374. Network Distance: 1 hop1375. Service Info: Host: THINCMAIL; OS: Windows1376.1377. Host script results:1378. | smb-os-discovery: 1379. | OS: Windows Server 2003 3790 Service Pack 1 (Windows Server 2003 5.2)1380. | Name: THINC\THINCMAIL1381. |_ System time: 2010-09-19 05:27:01 UTC-51382. |_nbstat: NetBIOS name: THINCMAIL, NetBIOS user: , NetBIOS MAC:

    00:50:56:bc:7b:d9 (VMware)1383. |_smbv2-enabled: Server doesn't support SMBv2 protocol1384.1385. TRACEROUTE1386. HOP RTT ADDRESS1387. 1 51.77 ms mail.thinc.local (192.168.11.229)1388.1389. Nmap scan report for kevin.thinc.local (192.168.11.230)1390. Host is up (0.053s latency).1391. Not shown: 1983 closed ports1392. PORT STATE SERVICE VERSION1393. 80/tcp open http GoAhead-Webs embedded httpd1394. | html-title: HP Power Manager1395. |_Requested resource was http://kevin.thinc.local/index.asp1396. |_http-methods: No Allow or Public header in OPTIONS response (status code 400)1397. 135/tcp open msrpc Microsoft Windows RPC1398. 139/tcp open netbios-ssn1399. 445/tcp open netbios-ssn1400. 3389/tcp open microsoft-rdp Microsoft Terminal Service1401. 49152/tcp open msrpc Microsoft Windows RPC1402. 49153/tcp open msrpc Microsoft Windows RPC1403. 49154/tcp open msrpc Microsoft Windows RPC1404. 49155/tcp open msrpc Microsoft Windows RPC1405. 49158/tcp open msrpc Microsoft Windows RPC1406. 49160/tcp open msrpc Microsoft Windows RPC1407. 123/udp open|filtered ntp1408. 137/udp open netbios-ns Microsoft Windows NT netbios-ssn

    (workgroup: WORKGROUP)1409. 138/udp open|filtered netbios-dgm1410. 500/udp open|filtered isakmp1411. 4500/udp open|filtered nat-t-ike1412. 5355/udp open|filtered unknown1413. MAC Address: 00:50:56:BC:1A:10 (VMware)1414. No exact OS matches for host (If you know what OS is running on it, see

    http://nmap.org/submit/ ).1415. TCP/IP fingerprint:1416. OS:SCAN(V=5.35DC1%D=9/19%OT=80%CT=1%CU=2%PV=Y%DS=1%DC=D%G=Y%M=005056%TM=4C91417. OS:63649%P=i686-pc-linux-gnu)SEQ(SP=106%GCD=1%ISR=10C%TI=I%CI=I%TS=7)SEQ(SP

    Page 23 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1418. OS:=105%GCD=1%ISR=10B%TI=I%CI=I%TS=7)SEQ(SP=106%GCD=1%ISR=10B%TI=I%CI=I%TS=1419. OS:7)SEQ(SP=104%GCD=1%ISR=109%TI=I%CI=I%TS=7)OPS(O1=M538NW8ST11%O2=M538NW8S1420. OS:T11%O3=M538NW8NNT11%O4=M538NW8ST11%O5=M538NW8ST11%O6=M538ST11)WIN(W1=2001421. OS:0%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)ECN(R=Y%DF=Y%T=80%W=2000%O=M531422. OS:8NW8NNS%CC=N%Q=)T1(R=Y%DF=Y%T=80%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(1423. OS:R=Y%DF=Y%T=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=80%W=0%S=Z%A=S+%F1424. OS:=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y1425. OS:%DF=N%T=80%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=N)1426.1427. Network Distance: 1 hop1428. Service Info: Host: KEVIN-PC; OS: Windows1429.1430. Host script results:1431. |_nbstat: NetBIOS name: KEVIN-PC, NetBIOS user: , NetBIOS MAC:

    00:50:56:bc:1a:10 (VMware)1432. | smb-os-discovery: 1433. | OS: Windows 7 Ultimate N 7600 (Windows 7 Ultimate N 6.1)1434. | Name: WORKGROUP\KEVIN-PC1435. |_ System time: 2010-09-19 05:27:18 UTC-71436. |_smbv2-enabled: Server supports SMBv2 protocol1437.1438. TRACEROUTE1439. HOP RTT ADDRESS1440. 1 52.60 ms kevin.thinc.local (192.168.11.230)1441.1442. Nmap scan report for 192.168.11.2311443. Host is up (0.054s latency).1444. Not shown: 1985 closed ports1445. PORT STATE SERVICE VERSION1446. 80/tcp open http Microsoft IIS httpd 6.01447. |_html-title: Login1448. | http-methods: Potentially risky methods: TRACE DELETE COPY MOVE PROPFIND

    PROPPATCH SEARCH MKCOL LOCK UNLOCK PUT1449. |_See http://nmap.org/nsedoc/scripts/http-methods.html1450. 135/tcp open msrpc Microsoft Windows RPC1451. 139/tcp open netbios-ssn1452. 445/tcp open tcpwrapped1453. 1025/tcp open msrpc Microsoft Windows RPC1454. 1433/tcp open ms-sql-s Microsoft SQL Server 2000 8.00.766; SP3a1455. 3389/tcp open microsoft-rdp Microsoft Terminal Service1456. 123/udp open|filtered ntp1457. 137/udp open netbios-ns Microsoft Windows XP netbios-ssn1458. 138/udp open|filtered netbios-dgm1459. 445/udp open|filtered microsoft-ds1460. 500/udp open|filtered isakmp1461. 1026/udp open|filtered win-rpc1462. 1434/udp open ms-sql-m Microsoft SQL Server 8.00.194 (ServerName:

    RALPH; TCPPort: 1433)1463. | ms-sql-info: Discovered Microsoft SQL Server 20001464. | Server name: RALPH1465. | Server version: 8.00.1941466. | Instance name: MSSQLSERVER1467. | TCP Port: 14331468. |_ Could not retrieve actual version information1469. 4500/udp open|filtered nat-t-ike1470. MAC Address: 00:50:56:BC:18:F4 (VMware)1471. No exact OS matches for host (If you know what OS is running on it, see

    http://nmap.org/submit/ ).1472. TCP/IP fingerprint:1473. OS:SCAN(V=5.35DC1%D=9/19%OT=80%CT=1%CU=2%PV=Y%DS=1%DC=D%G=Y%M=005056%TM=4C91474. OS:63649%P=i686-pc-linux-gnu)SEQ(SP=102%GCD=1%ISR=10F%TI=I%CI=I%TS=0)SEQ(SP1475. OS:=100%GCD=1%ISR=10E%TI=I%CI=I%TS=0)SEQ(SP=104%GCD=1%ISR=10D%TI=I%CI=I%TS=1476. OS:0)OPS(O1=M538NW0NNT00NNS%O2=M538NW0NNT00NNS%O3=M538NW0NNT00%O4=M538NW0NN1477. OS:T00NNS%O5=M538NW0NNT00NNS%O6=M538NNT00NNS)WIN(W1=FAF0%W2=FAF0%W3=FAF0%W41478. OS:=FAF0%W5=FAF0%W6=FAF0)ECN(R=Y%DF=N%T=80%W=FAF0%O=M538NW0NNS%CC=N%Q=)T1(R1479. OS:=Y%DF=N%T=80%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=N%T=80%W=0%S=1480. OS:A%A=O%F=R%O=%RD=0%Q=)T5(R=Y%DF=N%T=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=1481. OS:Y%DF=N%T=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N%T=80%IPL=B0%UN1482. OS:=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=N)1483.1484. Network Distance: 1 hop

    Page 24 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1485. Service Info: Host: RALPH; OS: Windows1486.1487. TRACEROUTE1488. HOP RTT ADDRESS1489. 1 53.57 ms 192.168.11.2311490.1491. Nmap scan report for gentoo.thinc.local (192.168.11.234)1492. Host is up (0.058s latency).1493. Not shown: 1993 closed ports1494. PORT STATE SERVICE VERSION1495. 22/tcp open ssh OpenSSH 4.7 (protocol 2.0)1496. | ssh-hostkey: 1024 3e:82:1d:81:b6:28:cf:ce:52:8b:c6:3f:15:6b:22:b9 (DSA)1497. |_2048 92:7b:8e:6c:fb:77:1c:2b:62:42:91:67:7b:82:13:05 (RSA)1498. 80/tcp open http lighttpd 1.4.251499. |_html-title: 404 - Not Found1500. 110/tcp open pop3?1501. 143/tcp open imap Cyrus imapd 2.3.21502. 993/tcp open imaps?1503. 995/tcp open pop3s?1504. 2000/tcp open sieve Cyrus timsieved 2.3.2 (included w/cyrus imap)1505. MAC Address: 00:50:56:BC:17:0F (VMware)1506. Device type: WAP|remote management|firewall|general purpose|router1507. Running (JUST GUESSING) : Linksys Linux 2.4.X (99%), Linux 2.6.X|2.4.X (98%),

    Dell embedded (95%), HID embedded (95%), TP-Link embedded (93%), D-Link embedded (92%), Enterasys embedded (92%)

    1508. Aggressive OS guesses: OpenWrt White Russian 0.9 (Linux 2.4.30) (99%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (98%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (97%), Dell Integrated Remote Access Controller (iDRAC6) (95%), HID EdgePlus Solo ES400 firewall (95%), Linux 2.6.18 - 2.6.27 (95%), Linux 2.6.8 (95%), Linux 2.6.9 - 2.6.27 (95%), Linux 2.4.21 - 2.4.31 (likely embedded) (95%), Linux 2.6.15 - 2.6.23 (embedded) (95%)

    1509. No exact OS matches for host (test conditions non-ideal).1510. Network Distance: 1 hop1511. Service Info: Host: localhost1512.1513. TRACEROUTE1514. HOP RTT ADDRESS1515. 1 57.74 ms gentoo.thinc.local (192.168.11.234)1516.1517. Nmap scan report for pain.thinc.local (192.168.11.235)1518. Host is up (0.053s latency).1519. Not shown: 1996 filtered ports1520. PORT STATE SERVICE VERSION1521. 22/tcp open ssh OpenSSH 4.3 (protocol 2.0)1522. | ssh-hostkey: 1024 ab:a7:86:a8:a0:39:c6:0a:81:0b:f9:ae:6f:4b:51:79 (DSA)1523. |_2048 8b:a5:11:b8:ca:75:9e:8c:a7:17:2c:a3:c9:90:1e:87 (RSA)1524. 80/tcp open http Apache httpd 2.2.3 ((CentOS))1525. | http-methods: Potentially risky methods: TRACE1526. |_See http://nmap.org/nsedoc/scripts/http-methods.html1527. |_html-title: Site doesn't have a title (text/html; charset=UTF-8).1528. 631/tcp closed ipp1529. 631/udp open|filtered ipp1530. MAC Address: 00:50:56:BC:2A:0C (VMware)1531. No exact OS matches for host (If you know what OS is running on it, see

    http://nmap.org/submit/ ).1532. TCP/IP fingerprint:1533. OS:SCAN(V=5.35DC1%D=9/19%OT=22%CT=631%CU=%PV=Y%DS=1%DC=D%G=Y%M=005056%TM=4C1534. OS:963649%P=i686-pc-linux-gnu)SEQ(SP=CD%GCD=1%ISR=D0%TI=Z%CI=Z%II=I%TS=A)SE1535. OS:Q(SP=CC%GCD=1%ISR=D0%TI=Z%CI=Z%II=I%TS=A)SEQ(SP=C9%GCD=1%ISR=C9%TI=Z%CI=1536. OS:Z%II=I%TS=A)SEQ(SP=C9%GCD=1%ISR=C8%TI=Z%CI=Z%II=I%TS=A)OPS(O1=M538ST11NW1537. OS:3%O2=M538ST11NW3%O3=M538NNT11NW3%O4=M538ST11NW3%O5=M538ST11NW3%O6=M538ST1538. OS:11)WIN(W1=16A0%W2=16A0%W3=16A0%W4=16A0%W5=16A0%W6=16A0)ECN(R=Y%DF=Y%TG=41539. OS:0%W=16D0%O=M538NNSNW3%CC=N%Q=)T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)T21540. OS:(R=N)T3(R=N)T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%TG=1541. OS:40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=1542. OS:0%Q=)T7(R=N)U1(R=N)IE(R=Y%DFI=N%TG=40%CD=S)1543.1544. Network Distance: 1 hop1545.1546. TRACEROUTE1547. HOP RTT ADDRESS

    Page 25 of 28Pastebin.com - Printed Paste ID: http://pastebin.com/3S0p6iNV

    05-03-2015http://pastebin.com/print.php?i=3S0p6iNV

  • 1548. 1 53.27 ms pain.thinc.local (192.168.11.235)1549.1550. Nmap scan report for 192.168.11.2361551. Host is up (0.052s latency).1552. Not shown: 1994 closed ports1553. PORT STATE SERVICE VERSION1554. 22/tcp open ssh OpenSSH 4.3p2 Debian 9 (protocol 2.0)1555. | ssh-hostkey: 1024 88:23:98:0d:9d:8a:20:59:35:b8:14:12:14:d5:d0:44 (DSA)1556. |_2048 6b:5d:04:71:76:78:56:96:56:92:a8:02:30:73:ee:fa (RSA)1557. |_auth-owners: root1558. 113/tcp open ident1559. |_auth-owners: identd1560. 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: BOB)1561. |_auth-owners: root1562. 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: BOB)1563. |_auth-owners: root1564. 137/udp open netbios-ns Microsoft Windows XP netbios-ssn1565. 138/udp open|filtered netbios-dgm1566. MAC Address: 00:50:56:BC:37:17 (VMware)1567. Device type: WAP|general purpose|broadband router|router|firewall|remote

    management1568. Running (JUST GUESSING) : Linksys Linux 2.4.X (96%), Linux 2.6.X|2.4.X (95%),

    Linksys embedded (93%), Dell embedded (92%), HID embedded (92%)1569. Aggressive OS guesses: OpenWrt White Russian 0.9 (Linux 2.4.30) (96%), Linux

    2.6.18 - 2.6.27 (95%), Linux 2.6.15 - 2.6.27 (95%), Linux 2.6.16 - 2.6.20 (95%), Linux 2.6.21 (95%), Linux 2.6.21 (Arch Linux 0.8, x86) (95%), Linux 2.6.23 (95%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (95%), Linux 2.6.18 - 2.6.24 (94%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (94%)

    1570. No exact OS matches for host (test conditions non-ideal).1571. Network Distance: 1 hop1572. Service Info: Host: SUFFERENCE; OSs: Linux, Windows1573.1574. Host script results:1575. |_smbv2-enabled: Server doesn't support SMBv2 protocol1576. | smb-os-discovery: 1577. | OS: Unix (Samba 3.0.24)1578. | Name: BOB\Unknown1579. |_ System time: 2010-03-06 10:28:06 UTC-51580. |_nbstat: NetBIOS name: SUFFERENCE, NetBIOS user: , NetBIOS MAC:

    1581.1582. TRACEROUTE1583. HOP RTT ADDRESS1584. 1 51.95 ms 192.168.11.2361585.1586. Nmap scan report for fc4.thinc.local (192.168.11.241)1587. Host is up (0.054s latency).1588. Not shown: 1993 closed ports1589. PORT STATE SERVICE VERSION1590. 22/tcp open ssh OpenSSH 4.0 (protocol 2.0)1591. | ssh-hostkey: 1024 fe:cd:bb:f6:36:d4:59:62:92:b4:10:e4:75:04:43:54 (DSA)1592. |_1024 9a:99:25:75:ac:04:e5:f9:f7:21:c6:f5:88:4f:12:6a (RSA)1593. 111/tcp open rpcbind1594. 10000/tcp open http MiniServ 0.01 (Webmin httpd)1595. |_http-favicon: 1596. |_html-title: Site doesn't have a title (text/html; Charset=iso-8859-1).1597. |_http-methods: No Allow or Public header in OPTIONS response (status code 200)1598. 111/udp open rpcbind 2 (rpc #100000)1599. 631/udp open|filtered ipp1600. 996/udp open|filtered vsinet1601. 10000/udp open webmin (http on TCP port 10000)1602. MAC Address: 00:50:56:BC:4E:50 (VMware)1603. No exact OS matches for host (If you know what OS is running on it, see

    http://nmap.org/submit/ ).1604. TCP/IP fingerprint:1605. OS:SCAN(V=5.35DC1%D=9/19%OT=22%CT=1%CU=2%PV=Y%DS=1%DC=D%G=Y%M=005056%TM=4C91606. OS:63649%P=i686-pc-linux-gnu)SEQ(SP=C4%GCD=1%ISR=CC%TI=Z%CI=Z%II=I%TS=8)SEQ1607. OS:(SP=C7%GCD=1%ISR=CD%TI=Z%CI=Z%II=I%TS=8)SEQ(SP=C5%GCD=1%ISR=CB%TI=Z%CI=Z1608. OS:%II=I%TS=8)SEQ(SP=C7%GCD=1%ISR=CD%TI=Z%CI=Z%TS=8)SEQ(SP=C9%GCD=1%ISR=CC%1609. OS:TI=Z%CI=Z%TS=8)OPS(O1=M538ST11NW5%O2=M538ST11NW5%O3=M538NNT11NW5%O4=


Recommended
Open Source Intelligence (OSINT) for Network Defenders Source Intelligence (OSINT...• OSINT from VirusTotal, Hybrid Analysis, Cisco Talos, Pastebin, and Malware Traffic Analysis

Open Source Intelligence (OSINT) for Network Defenders Source Intelligence (OSINT...• OSINT from VirusTotal, Hybrid Analysis, Cisco Talos, Pastebin, and Malware Traffic Analysis

Documents

More fun using Kautilya or Is it a thumb drive? Is it a ...€¦ · Kautilya ! Payloads are written for teensy without SD Card. ! Pastebin is extensively used. Both for uploads and

More fun using Kautilya or Is it a thumb drive? Is it a ...€¦ · Kautilya ! Payloads are written for teensy without SD Card. ! Pastebin is extensively used. Both for uploads and

Documents

APPLICATION LIST - security Distributor Deutschland ...de.security.westcon.com/documents/56164/Blue Coat_Packetshaper... · NW5-NCP OpenDrive Pastebin Perforce rsync Scribd ... UTI

APPLICATION LIST - security Distributor Deutschland ...de.security.westcon.com/documents/56164/Blue Coat_Packetshaper... · NW5-NCP OpenDrive Pastebin Perforce rsync Scribd ... UTI

Documents

PCI for Pen Testers - SecTor · PCI for Pen Testers ... BitBucket, SourceForge, Pastebin. •Your Client may also have out of scope networks in the Cloud. TESTING TIPS PSC, Inc..

PCI for Pen Testers - SecTor · PCI for Pen Testers ... BitBucket, SourceForge, Pastebin. •Your Client may also have out of scope networks in the Cloud. TESTING TIPS PSC, Inc..

Documents

How’d That End Up On Pastebin - sector.ca Linn... · How’d That End Up On Pastebin Ryan Linn ... –Penetration Testing –Forensics ... • Web Application Firewalls • Web

How’d That End Up On Pastebin - sector.ca Linn... · How’d That End Up On Pastebin Ryan Linn ... –Penetration Testing –Forensics ... • Web Application Firewalls • Web

Documents

CRYPTO-CURRENCY AND BLOCKCHAINS · • The notorious black hat hacker CyberZeist (@cyberzeist2) has broken into the FBI website FBI.gov and leaked data on Pastebin. • NSA's Hackers

CRYPTO-CURRENCY AND BLOCKCHAINS · • The notorious black hat hacker CyberZeist (@cyberzeist2) has broken into the FBI website FBI.gov and leaked data on Pastebin. • NSA's Hackers

Documents

Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

Documents

Evading Defenses with Acidrain, Powershell, … Defenses with Acidrain, Powershell, Github and Pastebin Mike Poor and Jay Beale Adam Crompton, Tyler Robinson and John Sawyer InGuardians

Evading Defenses with Acidrain, Powershell, … Defenses with Acidrain, Powershell, Github and Pastebin Mike Poor and Jay Beale Adam Crompton, Tyler Robinson and John Sawyer InGuardians

Documents