Skip to content

Instantly share code, notes, and snippets.

@user0able

user0able/mod7-ethical1

Last active June 16, 2020 03:59
Show Gist options
  • Save user0able/0382eee999021fc80857ae71b24b1efa to your computer and use it in GitHub Desktop.
Save user0able/0382eee999021fc80857ae71b24b1efa to your computer and use it in GitHub Desktop.
Download ZIP
Raw
mod7-ethical1
sudo nmap -A testphp.vulnweb.com
Starting Nmap 7.80 ( https://nmap.org ) at 2020-06-15 23:55 -04
Nmap scan report for testphp.vulnweb.com (176.28.50.165)
Host is up (0.21s latency).
rDNS record for 176.28.50.165: rs202995.rs.hosteurope.de
Not shown: 986 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp ProFTPD 1.3.3e
22/tcp open ssh OpenSSH 5.3p1 Debian 3ubuntu7.1 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 1024 2d:4e:a6:d9:33:4a:f5:cf:fe:7a:e2:55:66:0a:41:ae (DSA)
|_ 2048 a1:7d:bd:2c:5d:9f:02:26:da:52:91:c0:2d:20:2f:3c (RSA)
25/tcp open smtp Postfix smtpd
|_smtp-commands: rs202995.rs.hosteurope.de, PIPELINING, SIZE 10240000, ETRN, STARTTLS, AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
| ssl-cert: Subject: commonName=Parallels Panel/organizationName=Parallels/stateOrProvinceName=Virginia/countryName=US
| Not valid before: 2012-11-09T10:32:06
|_Not valid after: 2013-11-09T10:32:06
|_ssl-date: 1970-03-21T03:44:54+00:00; -50y87d00h11m41s from scanner time.
| sslv2:
| SSLv2 supported
| ciphers:
| SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
| SSL2_DES_64_CBC_WITH_MD5
| SSL2_RC4_128_WITH_MD5
| SSL2_DES_192_EDE3_CBC_WITH_MD5
| SSL2_RC4_128_EXPORT40_WITH_MD5
|_ SSL2_RC2_128_CBC_WITH_MD5
80/tcp open http nginx 1.4.1
|_http-server-header: nginx/1.4.1
|_http-title: Home of Acunetix Art
106/tcp open pop3pw poppassd
110/tcp open pop3 Courier pop3d
|_pop3-capabilities: USER STLS IMPLEMENTATION(Courier Mail Server) UIDL PIPELINING LOGIN-DELAY(10) APOP TOP SASL(LOGIN CRAM-MD5 PLAIN)
| ssl-cert: Subject: commonName=Parallels Panel/organizationName=Parallels/stateOrProvinceName=Virginia/countryName=US
| Not valid before: 2012-11-09T10:32:06
|_Not valid after: 2013-11-09T10:32:06
|_ssl-date: 1970-03-21T03:44:54+00:00; -50y87d00h11m41s from scanner time.
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
143/tcp open imap Plesk Courier imapd
|_imap-capabilities: NAMESPACE CAPABILITY CHILDREN ACL QUOTA THREAD=ORDEREDSUBJECT UIDPLUS THREAD=REFERENCES OK AUTH=PLAIN ACL2=UNION IDLE completed STARTTLSA0001 AUTH=CRAM-MD5 SORT IMAP4rev1
| ssl-cert: Subject: commonName=Parallels Panel/organizationName=Parallels/stateOrProvinceName=Virginia/countryName=US
| Not valid before: 2012-11-09T10:32:06
|_Not valid after: 2013-11-09T10:32:06
|_ssl-date: 1970-03-21T03:44:54+00:00; -50y87d00h11m41s from scanner time.
445/tcp filtered microsoft-ds
465/tcp open ssl/smtp Postfix smtpd
|_smtp-commands: rs202995.rs.hosteurope.de, PIPELINING, SIZE 10240000, ETRN, AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
| ssl-cert: Subject: commonName=Parallels Panel/organizationName=Parallels/stateOrProvinceName=Virginia/countryName=US
| Not valid before: 2012-11-09T10:32:06
|_Not valid after: 2013-11-09T10:32:06
|_ssl-date: 1970-03-21T03:44:53+00:00; -50y87d00h11m41s from scanner time.
993/tcp open ssl/imap Plesk Courier imapd
|_imap-capabilities: NAMESPACE ACL2=UNIONA0001 completed THREAD=REFERENCES OK AUTH=PLAIN CHILDREN ACL AUTH=CRAM-MD5 CAPABILITY IDLE QUOTA IMAP4rev1 SORT THREAD=ORDEREDSUBJECT UIDPLUS
| ssl-cert: Subject: commonName=Parallels Panel/organizationName=Parallels/stateOrProvinceName=Virginia/countryName=US
| Not valid before: 2012-11-09T10:32:06
|_Not valid after: 2013-11-09T10:32:06
|_ssl-date: 1970-03-21T03:44:53+00:00; -50y87d00h11m41s from scanner time.
| sslv2:
| SSLv2 supported
| ciphers:
| SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
| SSL2_DES_64_CBC_WITH_MD5
| SSL2_RC4_128_WITH_MD5
| SSL2_DES_192_EDE3_CBC_WITH_MD5
| SSL2_RC4_128_EXPORT40_WITH_MD5
|_ SSL2_RC2_128_CBC_WITH_MD5
995/tcp open ssl/pop3 Courier pop3d
|_pop3-capabilities: IMPLEMENTATION(Courier Mail Server) USER UIDL PIPELINING LOGIN-DELAY(10) TOP APOP SASL(LOGIN CRAM-MD5 PLAIN)
| ssl-cert: Subject: commonName=Parallels Panel/organizationName=Parallels/stateOrProvinceName=Virginia/countryName=US
| Not valid before: 2012-11-09T10:32:06
|_Not valid after: 2013-11-09T10:32:06
|_ssl-date: 1970-03-21T03:44:54+00:00; -50y87d00h11m40s from scanner time.
| sslv2:
| SSLv2 supported
| ciphers:
| SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
| SSL2_DES_64_CBC_WITH_MD5
| SSL2_RC4_128_WITH_MD5
| SSL2_DES_192_EDE3_CBC_WITH_MD5
| SSL2_RC4_128_EXPORT40_WITH_MD5
|_ SSL2_RC2_128_CBC_WITH_MD5
8443/tcp open http lighttpd
|_http-server-header: sw-cp-server
|_http-title: 404 - Not Found
Aggressive OS guesses: Linux 2.6.31 - 2.6.35 (98%), HP P2000 G3 NAS device (97%), Linux 2.6.32 (97%), Linux 2.6.26 - 2.6.35 (96%), Linux 3.16 - 4.6 (96%), Linux 2.6.32 - 3.13 (96%), AVM FRITZ!Box (FritzOS 6.20) (96%), Linux 2.6.22 - 2.6.36 (95%), Linux 2.6.23 - 2.6.38 (95%), Linux 2.6.8 - 2.6.30 (95%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 12 hops
Service Info: Hosts: rs202995.rs.hosteurope.de, localhost.localdomain; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
Host script results:
|_clock-skew: mean: -18350d00h11m40s, deviation: 0s, median: -18350d00h11m41s
TRACEROUTE (using port 5900/tcp)
HOP RTT ADDRESS
1 3.06 ms 192.168.0.1
2 ...
3 31.16 ms 192.168.14.82
4 31.16 ms 192.168.15.1
5 ...
6 146.12 ms ae0-300G.ar5.MIA1.gblx.net (67.17.99.233)
7 ... 8
9 239.23 ms ae19.cr-vega.sxb1.bb.godaddy.com (213.242.120.246)
10 237.80 ms ae0.100.sr-helios.sxb1.dcnet-emea.godaddy.com (87.230.112.5)
11 237.41 ms rsn0517.rs1.hosteurope.de (5.35.227.35)
12 239.30 ms rs202995.rs.hosteurope.de (176.28.50.165)
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 131.11 seconds
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment