Not shown: 65515 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 2f:0c:83:e2:7f:3b:32:f5:0a:7a:09:60:6e:5d:70:de (RSA) |_ 256 c7:e3:c7:1b:db:1e:b5:8f:5d:46:bc:52:af:fb:92:31 (ECDSA) 80/tcp open http nginx |http-favicon: Unknown favicon MD5: 338BC68699BE91158CF059FE4451B6A6 | http-methods: | Supported Methods: GET HEAD POST | http-robots.txt: 22 disallowed entries (15 shown) | /edit/ /answers/ /form-templates/ | /form-templates/static/ /uploads/ /grid/ /excel/ /admin/ /admn/ /opt/ /lib/ |/wizards/ /tests/ /ipns/ /min/ |_http-server-header: nginx |_http-title: Temporarily Unavailable 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 443/tcp open ssl/http nginx |http-server-header: nginx |_http-title: 502 Bad Gateway | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater ManchestecountryName=GB | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-09-08T00:00:00 | Not valid after: 2017-09-08T23:59:59 | MD5: b917 e845 d082 bf0b c812 3b1d ac1f 8270 |_SHA-1: ee03 560f 0ad9 6763 107d 88f4 fa14 cebe 6875 1205 |_ssl-date: TLS randomness does not represent time | tls-nextprotoneg: | http/1.1 445/tcp open netbios-ssn Samba smbd 4.3.11-Ubuntu (workgroup: WORKGROUP) 668/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 2f:0c:83:e2:7f:3b:32:f5:0a:7a:09:60:6e:5d:70:de (RSA) | 256 c7:e3:c7:1b:db:1e:b5:8f:5d:46:bc:52:af:fb:92:31 (ECDSA) 3306/tcp open mysql MySQL 5.7.18-0ubuntu0.16.04.1 | mysql-info: | Protocol: 53 | Version: .7.18-0ubuntu0.16.04.1 | Thread ID: 2394 | Capabilities flags: 63487 | Some Capabilities: LongPassword, Support41Auth, Speaks41ProtocolOld, SupportsTransactions, IgnoreSpaceBeforeParenthesis, LongColumnFlag, ODBCClient, FoundRows, ConnectWithDatabase, DontAllowDatabaseTableColumn, SupportsLoadDataLocal, IgnoreSigpipes, Speaks41ProtocolNew, InteractiveClient, SupportsCompression | Status: Autocommit | Salt: F;]~
\n\x20\x20\x20\x20net SF:data\x20dashboard\n\x20\x20\x20\x20\n\n\x20\x20\x20\x20\n\x20\ SF:x20\x20\x20\n\x20\x20\x20\x20\n\x20\x20\x20 SF:\x20\n\x20\x20\x20\x20\n\x20\x20\x20\x20\n\x20\x SF:20\x20\x20\n SF:\n\x20\x20\x20\x20\x20, NetBIOS MAC: (unknown) | Names: | TR-DEV1<00> Flags: | TR-DEV1<03> Flags: | TR-DEV1<20> Flags: | \x01\x02MSBROWSE\x02<01> Flags: | WORKGROUP<00> Flags: | WORKGROUP<1d> Flags: |_ WORKGROUP<1e> Flags: | smb-os-discovery: | OS: Windows 6.1 (Samba 4.3.11-Ubuntu) | Computer name: tr-dev1 | NetBIOS computer name: TR-DEV1 |_ System time: 2017-06-20T03:35:56-04:00 | smb-security-mode: | accountused: guest | authentication_level: user | challenge_response: supported | message_signing: disabled (dangerous, but default) |_smbv2-enabled: Server supports SMBv2 protocol do you guys see anything interesting in this nmap scan? and also what i do here is completely legit and supervised through out the whole process.i am an intern in a company where they expect me to get into their small server used for some internall stuffs. I dont have that much prior experince in this regard. So far i have check out versions of apps running on the server to see if i could exploit them. I checked them on google, although openssh version 7.2p2 was seemingly vulnerable, i couldnt manage to perform the exploits i have found on exploit-database.com.(i read the codes to figure out what it was doing and try to optimize a bit. but didnt seem to work out.) Also there is an samba smbd 3.X 4.X running on port 139 that i tried to exploit again using the exploits on exploit-database.com and againt none was successful. So could you please give me some help/advice on what i should do next, what to look for. ( meanwhile i also read a book about this and googling all around.) have a nice day. edit: it look so messy but when i try to edit it, it seems perfectly alligned, sorry for the mess
This episode shows how NoSQL applications could be easily hacked with the no.1 threat on the internet -- injection attacks, from password guessing to authentication bypassing. Let's fix these ... The Super Mario Effect - Tricking Your Brain into Learning More Mark Rober TEDxPenn - Duration: 15:09. TEDx Talks Recommended for you Here I'll talk about URI Routing in ASP.NET Web API. Convention Based Routing, Attribute Routing and Routing Variations. Help me know if you want more videos... In this Power BI Tutorial, Adam shows how you can easily work with JSON data within Power BI. Working with JSON data in Power BI Desktop is one of the best-k... In this video, we're finally going to work on schema design and figure out the relationships between models, including users, chats, and messages. We'll start by declaring GraphQL types and ...