1 | | - | <?xml version="1.0" encoding="UTF-8"?> |
2 | | - | <!DOCTYPE nmaprun> |
3 | | - | <?xml-stylesheet href="file:///opt/homebrew/bin/../share/nmap/nmap.xsl" type="text/xsl"?> |
4 | | - | <!-- Nmap 7.92 scan initiated Thu Mar 16 21:51:36 2023 as: nmap -T4 -sV -O --script=vuln,vulners -oX nmap.xml 192.168.86.33 --> |
5 | | - | <nmaprun scanner="nmap" args="nmap -T4 -sV -O --script=vuln,vulners -oX nmap.xml 192.168.86.33" start="1679021496" startstr="Thu Mar 16 21:51:36 2023" version="7.92" xmloutputversion="1.05"> |
6 | | - | <scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/> |
7 | | - | <verbose level="0"/> |
8 | | - | <debugging level="0"/> |
9 | | - | <prescript><script id="broadcast-avahi-dos" output="
 Discovered hosts:
 224.0.0.251
 After NULL UDP avahi packet DoS (CVE-2011-1002).
 Hosts are all up (not vulnerable).
"/></prescript><hosthint><status state="up" reason="arp-response" reason_ttl="0"/> |
10 | | - | <address addr="192.168.86.33" addrtype="ipv4"/> |
11 | | - | <address addr="54:A0:50:70:AE:E0" addrtype="mac" vendor="Asustek Computer"/> |
12 | | - | <hostnames> |
13 | | - | </hostnames> |
14 | | - | </hosthint> |
15 | | - | <host starttime="1679021532" endtime="1679021611"><status state="up" reason="arp-response" reason_ttl="0"/> |
16 | | - | <address addr="192.168.86.33" addrtype="ipv4"/> |
17 | | - | <address addr="54:A0:50:70:AE:E0" addrtype="mac" vendor="Asustek Computer"/> |
18 | | - | <hostnames> |
19 | | - | <hostname name="sans-sec460.lan" type="PTR"/> |
20 | | - | </hostnames> |
21 | | - | <ports><extraports state="closed" count="995"> |
22 | | - | <extrareasons reason="reset" count="995" proto="tcp" ports="1,3-4,6-7,9,13,17,19-21,23-26,30,32-33,37,42-43,49,53,70,79,81-85,88-90,99-100,106,109-111,113,119,125,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-444,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/> |
23 | | - | </extraports> |
24 | | - | <port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="ssh" product="OpenSSH" version="for_Windows_8.0" extrainfo="protocol 2.0" method="probed" conf="10"><cpe>cpe:/a:openbsd:openssh:for_windows_8.0</cpe></service></port> |
25 | | - | <port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="http" product="nginx" version="1.13.5" method="probed" conf="10"><cpe>cpe:/a:igor_sysoev:nginx:1.13.5</cpe></service><script id="http-csrf" output="Couldn't find any CSRF vulnerabilities."/><script id="http-dombased-xss" output="Couldn't find any DOM based XSS."/><script id="http-server-header" output="nginx/1.13.5"><elem>nginx/1.13.5</elem> |
26 | | - | </script><script id="http-vuln-cve2011-3192" output="
 VULNERABLE:
 Apache byterange filter DoS
 State: VULNERABLE
 IDs: CVE:CVE-2011-3192 BID:49303
 The Apache web server is vulnerable to a denial of service attack when numerous
 overlapping byte ranges are requested.
 Disclosure date: 2011-08-19
 References:
 https://www.tenable.com/plugins/nessus/55976
 https://seclists.org/fulldisclosure/2011/Aug/175
 https://www.securityfocus.com/bid/49303
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
"><table key="CVE-2011-3192"> |
27 | | - | <elem key="title">Apache byterange filter DoS</elem> |
28 | | - | <elem key="state">VULNERABLE</elem> |
29 | | - | <table key="ids"> |
30 | | - | <elem>CVE:CVE-2011-3192</elem> |
31 | | - | <elem>BID:49303</elem> |
32 | | - | </table> |
33 | | - | <table key="description"> |
34 | | - | <elem>The Apache web server is vulnerable to a denial of service attack when numerous
overlapping byte ranges are requested.</elem> |
35 | | - | </table> |
36 | | - | <table key="dates"> |
37 | | - | <table key="disclosure"> |
38 | | - | <elem key="year">2011</elem> |
39 | | - | <elem key="month">08</elem> |
40 | | - | <elem key="day">19</elem> |
41 | | - | </table> |
42 | | - | </table> |
43 | | - | <elem key="disclosure">2011-08-19</elem> |
44 | | - | <table key="refs"> |
45 | | - | <elem>https://www.tenable.com/plugins/nessus/55976</elem> |
46 | | - | <elem>https://seclists.org/fulldisclosure/2011/Aug/175</elem> |
47 | | - | <elem>https://www.securityfocus.com/bid/49303</elem> |
48 | | - | <elem>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192</elem> |
49 | | - | </table> |
50 | | - | </table> |
51 | | - | </script><script id="http-stored-xss" output="Couldn't find any stored XSS vulnerabilities."/></port> |
52 | | - | <port protocol="tcp" portid="135"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port> |
53 | | - | <port protocol="tcp" portid="139"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="netbios-ssn" product="Microsoft Windows netbios-ssn" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port> |
54 | | - | <port protocol="tcp" portid="445"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="microsoft-ds" product="Microsoft Windows 7 - 10 microsoft-ds" extrainfo="workgroup: WORKGROUP" hostname="SANS-SEC460" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port> |
55 | | - | </ports> |
56 | | - | <os><portused state="open" proto="tcp" portid="22"/> |
57 | | - | <portused state="closed" proto="tcp" portid="1"/> |
58 | | - | <portused state="closed" proto="udp" portid="34367"/> |
59 | | - | <osmatch name="Microsoft Windows 10 1507 - 1607" accuracy="100" line="69497"> |
60 | | - | <osclass type="general purpose" vendor="Microsoft" osfamily="Windows" osgen="10" accuracy="100"><cpe>cpe:/o:microsoft:windows_10</cpe></osclass> |
61 | | - | </osmatch> |
62 | | - | </os> |
63 | | - | <uptime seconds="614551" lastboot="Thu Mar 9 18:11:00 2023"/> |
64 | | - | <distance value="1"/> |
65 | | - | <tcpsequence index="250" difficulty="Good luck!" values="10DF7179,D3717665,BC0EC2A5,9AFA091D,D14D10FA,F2827789"/> |
66 | | - | <ipidsequence class="Incremental" values="6BF3,6BF4,6BF6,6BF7,6BF8,6BF9"/> |
67 | | - | <tcptssequence class="1000HZ" values="24A030FA,24A03158,24A031BF,24A03226,24A0328E,24A032F7"/> |
68 | | - | <hostscript><script id="smb-vuln-ms10-054" output="false">false</script><script id="smb-vuln-ms17-010" output="
 VULNERABLE:
 Remote Code Execution vulnerability in Microsoft SMBv1 servers (ms17-010)
 State: VULNERABLE
 IDs: CVE:CVE-2017-0143
 Risk factor: HIGH
 A critical remote code execution vulnerability exists in Microsoft SMBv1
 servers (ms17-010).
 
 Disclosure date: 2017-03-14
 References:
 https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
 https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143
"><table key="CVE-2017-0143"> |
69 | | - | <elem key="title">Remote Code Execution vulnerability in Microsoft SMBv1 servers (ms17-010)</elem> |
70 | | - | <elem key="state">VULNERABLE</elem> |
71 | | - | <table key="ids"> |
72 | | - | <elem>CVE:CVE-2017-0143</elem> |
73 | | - | </table> |
74 | | - | <table key="description"> |
75 | | - | <elem>A critical remote code execution vulnerability exists in Microsoft SMBv1
 servers (ms17-010).
 </elem> |
76 | | - | </table> |
77 | | - | <table key="dates"> |
78 | | - | <table key="disclosure"> |
79 | | - | <elem key="year">2017</elem> |
80 | | - | <elem key="month">03</elem> |
81 | | - | <elem key="day">14</elem> |
82 | | - | </table> |
83 | | - | </table> |
84 | | - | <elem key="disclosure">2017-03-14</elem> |
85 | | - | <table key="refs"> |
86 | | - | <elem>https://technet.microsoft.com/en-us/library/security/ms17-010.aspx</elem> |
87 | | - | <elem>https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/</elem> |
88 | | - | <elem>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143</elem> |
89 | | - | </table> |
90 | | - | </table> |
91 | | - | </script><script id="samba-vuln-cve-2012-1182" output="NT_STATUS_ACCESS_DENIED">false</script><script id="smb-vuln-ms10-061" output="NT_STATUS_ACCESS_DENIED">false</script></hostscript><times srtt="7338" rttvar="995" to="100000"/> |
92 | | - | </host> |
93 | | - | <runstats><finished time="1679021611" timestr="Thu Mar 16 21:53:31 2023" summary="Nmap done at Thu Mar 16 21:53:31 2023; 1 IP address (1 host up) scanned in 115.20 seconds" elapsed="115.20" exit="success"/><hosts up="1" down="0" total="1"/> |
94 | | - | </runstats> |
95 | | - | </nmaprun> |
96 | | - | |