___
( _ ) _ __ ___ __ _ _ __
/ _ \| '_ ` _ \ / _` | '_ \
| (_) | | | | | | (_| | |_) |
\___/|_| |_| |_|\__,_| .__/
|_|
[+] Scanning 10.10.137.87 [65535 ports]
[+] Enumerating 10.10.137.87 [21,22,139,445,3128,3333]
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-05-03 06:08 CDT
Nmap scan report for 10.10.137.87
Host is up (0.13s latency).
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 3.0.3
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 5a:4f:fc:b8:c8:76:1c:b5:85:1c:ac:b2:86:41:1c:5a (RSA)
| 256 ac:9d:ec:44:61:0c:28:85:00:88:e9:68:e9:d0:cb:3d (ECDSA)
|_ 256 30:50:cb:70:5a:86:57:22:cb:52:d9:36:34:dc:a5:58 (ED25519)
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 4.3.11-Ubuntu (workgroup: WORKGROUP)
3128/tcp open http-proxy Squid http proxy 3.5.12
|_http-server-header: squid/3.5.12
|_http-title: ERROR: The requested URL could not be retrieved
3333/tcp open http Apache httpd 2.4.18 ((Ubuntu))
|_http-server-header: Apache/2.4.18 (Ubuntu)
|_http-title: Vuln University
Service Info: Host: VULNUNIVERSITY; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
Host script results:
| smb2-time:
| date: 2024-05-03T11:08:53
|_ start_date: N/A
|_clock-skew: mean: 1h20m00s, deviation: 2h18m34s, median: 0s
| smb-security-mode:
| account_used: guest
| authentication_level: user
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
|_nbstat: NetBIOS name: VULNUNIVERSITY, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
| smb-os-discovery:
| OS: Windows 6.1 (Samba 4.3.11-Ubuntu)
| Computer name: vulnuniversity
| NetBIOS computer name: VULNUNIVERSITY\x00
| Domain name: \x00
| FQDN: vulnuniversity
|_ System time: 2024-05-03T07:08:53-04:00
| smb2-security-mode:
| 3:1:1:
|_ Message signing enabled but not required
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 28.46 seconds
[+] Enumerating 10.10.137.87 for vulnerabilities [21,22,139,445,3128,3333]
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-05-03 06:08 CDT
Pre-scan script results:
|_broadcast-avahi-dos: ERROR: Script execution failed (use -d to debug)
Nmap scan report for 10.10.137.87
Host is up (0.13s latency).
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3128/tcp open squid-http
3333/tcp open dec-notes
Host script results:
| smb-vuln-regsvc-dos:
| VULNERABLE:
| Service regsvc in Microsoft Windows systems vulnerable to denial of service
| State: VULNERABLE
| The service regsvc in Microsoft Windows 2000 systems is vulnerable to denial of service caused by a null deference
| pointer. This script will crash the service if it is vulnerable. This vulnerability was discovered by Ron Bowes
| while working on smb-enum-sessions.
|_
|_smb-vuln-ms10-061: false
|_smb-vuln-ms10-054: false
Nmap done: 1 IP address (1 host up) scanned in 40.69 seconds
[+] Completed!
/'___\ /'___\ /'___\
/\ \__/ /\ \__/ __ __ /\ \__/
\ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
\ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
\ \_\ \ \_\ \ \____/ \ \_\
\/_/ \/_/ \/___/ \/_/
v2.1.0-dev
________________________________________________
:: Method : GET
:: URL : http://10.10.137.87:3333/FUZZ
:: Wordlist : FUZZ: /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
:: Follow redirects : false
:: Calibration : false
:: Timeout : 10
:: Threads : 40
:: Matcher : Response status: 200-299,301,302,307,401,403,405,500
________________________________________________
# Attribution-Share Alike 3.0 License. To view a copy of this [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 133ms]
# Suite 300, San Francisco, California, 94105, USA. [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 137ms]
# Copyright 2007 James Fisher [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 137ms]
# [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 138ms]
# [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 138ms]
# or send a letter to Creative Commons, 171 Second Street, [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 139ms]
# Priority ordered case sensative list, where entries were found [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 144ms]
# [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 144ms]
# license, visit http://creativecommons.org/licenses/by-sa/3.0/ [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 144ms]
# on atleast 2 different hosts [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 144ms]
# directory-list-2.3-medium.txt [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 619ms]
images [Status: 301, Size: 320, Words: 20, Lines: 10, Duration: 1618ms]
[Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 1618ms]
# [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 2623ms]
# This work is licensed under the Creative Commons [Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 4635ms]
css [Status: 301, Size: 317, Words: 20, Lines: 10, Duration: 127ms]
js [Status: 301, Size: 316, Words: 20, Lines: 10, Duration: 123ms]
fonts [Status: 301, Size: 319, Words: 20, Lines: 10, Duration: 131ms]
internal [Status: 301, Size: 322, Words: 20, Lines: 10, Duration: 130ms]
[Status: 200, Size: 33014, Words: 8161, Lines: 653, Duration: 154ms]
server-status [Status: 403, Size: 302, Words: 22, Lines: 12, Duration: 128ms]
:: Progress: [220560/220560] :: Job [1/1] :: 315 req/sec :: Duration: [0:12:39] :: Errors: 0 ::
/'___\ /'___\ /'___\
/\ \__/ /\ \__/ __ __ /\ \__/
\ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
\ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
\ \_\ \ \_\ \ \____/ \ \_\
\/_/ \/_/ \/___/ \/_/
v2.1.0-dev
________________________________________________
:: Method : GET
:: URL : http://10.10.100.43:3333/internal/FUZZ
:: Wordlist : FUZZ: /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
:: Follow redirects : false
:: Calibration : false
:: Timeout : 10
:: Threads : 40
:: Matcher : Response status: 200-299,301,302,307,401,403,405,500
________________________________________________
# or send a letter to Creative Commons, 171 Second Street, [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 136ms]
# Suite 300, San Francisco, California, 94105, USA. [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 136ms]
# This work is licensed under the Creative Commons [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 152ms]
# Attribution-Share Alike 3.0 License. To view a copy of this [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 152ms]
# license, visit http://creativecommons.org/licenses/by-sa/3.0/ [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 153ms]
# [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 309ms]
uploads [Status: 301, Size: 330, Words: 20, Lines: 10, Duration: 133ms]
# Copyright 2007 James Fisher [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 2320ms]
# on atleast 2 different hosts [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 2322ms]
# [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 2322ms]
[Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 3312ms]
# directory-list-2.3-medium.txt [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 3357ms]
# Priority ordered case sensative list, where entries were found [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 3393ms]
css [Status: 301, Size: 326, Words: 20, Lines: 10, Duration: 129ms]
# [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 5323ms]
# [Status: 200, Size: 525, Words: 62, Lines: 27, Duration: 5323ms]
