Recon

$ nmap -p- --min-rate=1000 -Pn -v 192.168.217.39           
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-26 20:13 CDT
Initiating Parallel DNS resolution of 1 host. at 20:13
Completed Parallel DNS resolution of 1 host. at 20:13, 0.02s elapsed
Initiating Connect Scan at 20:13
Scanning 192.168.217.39 [65535 ports]
Discovered open port 22/tcp on 192.168.217.39
Discovered open port 80/tcp on 192.168.217.39
Discovered open port 993/tcp on 192.168.217.39
Discovered open port 143/tcp on 192.168.217.39
Discovered open port 995/tcp on 192.168.217.39
Discovered open port 139/tcp on 192.168.217.39
Discovered open port 445/tcp on 192.168.217.39
Discovered open port 110/tcp on 192.168.217.39
Increasing send delay for 192.168.217.39 from 0 to 5 due to 41 out of 135 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 5 to 10 due to 31 out of 103 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 10 to 20 due to 18 out of 59 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 20 to 40 due to 46 out of 152 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 40 to 80 due to 60 out of 199 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 80 to 160 due to 58 out of 193 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 160 to 320 due to 64 out of 212 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 320 to 640 due to 61 out of 202 dropped probes since last increase.
Increasing send delay for 192.168.217.39 from 640 to 1000 due to 60 out of 198 dropped probes since last increase.
Connect Scan Timing: About 39.74% done; ETC: 20:14 (0:00:47 remaining)
Completed Connect Scan at 20:14, 72.78s elapsed (65535 total ports)
Nmap scan report for 192.168.217.39
Host is up (0.042s latency).
Not shown: 65527 closed tcp ports (conn-refused)
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
110/tcp open  pop3
139/tcp open  netbios-ssn
143/tcp open  imap
445/tcp open  microsoft-ds
993/tcp open  imaps
995/tcp open  pop3s

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 72.88 seconds

$ nmap -p 22,80,110,139,143,445,993,995 -sC -sV -Pn 192.168.217.39  
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-26 20:16 CDT
Nmap scan report for 192.168.217.39
Host is up (0.047s latency).

PORT    STATE SERVICE     VERSION
22/tcp  open  ssh         OpenSSH 4.6p1 Debian 5build1 (protocol 2.0)
| ssh-hostkey: 
|   1024 f3:6e:87:04:ea:2d:b3:60:ff:42:ad:26:67:17:94:d5 (DSA)
|_  2048 bb:03:ce:ed:13:f1:9a:9e:36:03:e2:af:ca:b2:35:04 (RSA)
80/tcp  open  http        Apache httpd 2.2.4 ((Ubuntu) PHP/5.2.3-1ubuntu6)
|_http-server-header: Apache/2.2.4 (Ubuntu) PHP/5.2.3-1ubuntu6
|_http-title: CS-Cart. Powerful PHP shopping cart software
110/tcp open  pop3        Dovecot pop3d
|_ssl-date: 2024-08-27T01:16:39+00:00; +6s from scanner time.
| sslv2: 
|   SSLv2 supported
|   ciphers: 
|     SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
|     SSL2_RC2_128_CBC_WITH_MD5
|     SSL2_DES_192_EDE3_CBC_WITH_MD5
|     SSL2_RC4_128_EXPORT40_WITH_MD5
|_    SSL2_RC4_128_WITH_MD5
| ssl-cert: Subject: commonName=ubuntu01/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX
| Not valid before: 2008-04-25T02:02:48
|_Not valid after:  2008-05-25T02:02:48
|_pop3-capabilities: UIDL CAPA SASL TOP STLS RESP-CODES PIPELINING
139/tcp open  netbios-ssn Samba smbd 3.X - 4.X (workgroup: MSHOME)
143/tcp open  imap        Dovecot imapd
| sslv2: 
|   SSLv2 supported
|   ciphers: 
|     SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
|     SSL2_RC2_128_CBC_WITH_MD5
|     SSL2_DES_192_EDE3_CBC_WITH_MD5
|     SSL2_RC4_128_EXPORT40_WITH_MD5
|_    SSL2_RC4_128_WITH_MD5
|_imap-capabilities: Capability SORT LITERAL+ SASL-IR completed CHILDREN STARTTLS THREAD=REFERENCES LOGINDISABLEDA0001 LOGIN-REFERRALS NAMESPACE UNSELECT OK IMAP4rev1 MULTIAPPEND IDLE
|_ssl-date: 2024-08-27T01:16:39+00:00; +6s from scanner time.
| ssl-cert: Subject: commonName=ubuntu01/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX
| Not valid before: 2008-04-25T02:02:48
|_Not valid after:  2008-05-25T02:02:48
445/tcp open  netbios-ssn Samba smbd 3.0.26a (workgroup: MSHOME)
993/tcp open  ssl/imap    Dovecot imapd
| ssl-cert: Subject: commonName=ubuntu01/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX
| Not valid before: 2008-04-25T02:02:48
|_Not valid after:  2008-05-25T02:02:48
| sslv2: 
|   SSLv2 supported
|   ciphers: 
|     SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
|     SSL2_RC2_128_CBC_WITH_MD5
|     SSL2_DES_192_EDE3_CBC_WITH_MD5
|     SSL2_RC4_128_EXPORT40_WITH_MD5
|_    SSL2_RC4_128_WITH_MD5
|_ssl-date: 2024-08-27T01:16:39+00:00; +6s from scanner time.
|_imap-capabilities: Capability SORT LITERAL+ SASL-IR completed CHILDREN THREAD=REFERENCES NAMESPACE LOGIN-REFERRALS AUTH=PLAINA0001 UNSELECT OK IMAP4rev1 MULTIAPPEND IDLE
995/tcp open  ssl/pop3    Dovecot pop3d
| ssl-cert: Subject: commonName=ubuntu01/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX
| Not valid before: 2008-04-25T02:02:48
|_Not valid after:  2008-05-25T02:02:48
|_ssl-date: 2024-08-27T01:16:39+00:00; +6s from scanner time.
|_pop3-capabilities: USER UIDL CAPA TOP SASL(PLAIN) RESP-CODES PIPELINING
| sslv2: 
|   SSLv2 supported
|   ciphers: 
|     SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
|     SSL2_RC2_128_CBC_WITH_MD5
|     SSL2_DES_192_EDE3_CBC_WITH_MD5
|     SSL2_RC4_128_EXPORT40_WITH_MD5
|_    SSL2_RC4_128_WITH_MD5
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Host script results:
|_smb2-time: Protocol negotiation failed (SMB2)
|_nbstat: NetBIOS name: PAYDAY, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
| smb-os-discovery: 
|   OS: Unix (Samba 3.0.26a)
|   Computer name: payday
|   NetBIOS computer name: 
|   Domain name: 
|   FQDN: payday
|_  System time: 2024-08-26T21:16:36-04:00
| smb-security-mode: 
|   account_used: guest
|   authentication_level: user
|   challenge_response: supported
|_  message_signing: disabled (dangerous, but default)
|_clock-skew: mean: 40m05s, deviation: 1h37m58s, median: 5s

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 16.17 seconds

PreviousPayDay NextEnumeration

Last updated 1 year ago