simon/CTF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init htb

Browse Source 
old htb folders
This commit is contained in:
Simon
2023-08-29 21:53:22 +02:00
parent 62ab804867
commit 82b0759f1e
21891 changed files with 6277643 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
HTB/flight/results/flight.htb/report/local.txt Normal file
View File

68
HTB/flight/results/flight.htb/report/notes.txt Normal file
View File

@@ -0,0 +1,68 @@
[*] kerberos-sec found on tcp/88.
[*] msrpc found on tcp/135.
[*] netbios-ssn found on tcp/139.
[*] ldap found on tcp/389.
[*] microsoft-ds found on tcp/445.
[*] kpasswd5 found on tcp/464.
[*] ncacn_http found on tcp/593.
[*] tcpwrapped found on tcp/636.
[*] ldap found on tcp/3268.
[*] tcpwrapped found on tcp/3269.
[*] wsman found on tcp/5985.
[*] mc-nmf found on tcp/9389.
[*] msrpc found on tcp/49667.
[*] ncacn_http found on tcp/49673.
[*] msrpc found on tcp/49674.
[*] msrpc found on tcp/49690.
[*] msrpc found on tcp/49699.

0
HTB/flight/results/flight.htb/report/proof.txt Normal file
View File

64
HTB/flight/results/flight.htb/scans/_commands.log Normal file
View File

@@ -0,0 +1,64 @@
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN "/home/kali/htb/flight/results/flight.htb/scans/_quick_tcp_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/xml/_quick_tcp_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN "/home/kali/htb/flight/results/flight.htb/scans/_full_tcp_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/xml/_full_tcp_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sU -A --top-ports 100 -oN "/home/kali/htb/flight/results/flight.htb/scans/_top_100_udp_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/xml/_top_100_udp_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sV -p 88 --script="banner,krb5-enum-users" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp88/tcp_88_kerberos_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp88/xml/tcp_88_kerberos_nmap.xml" flight.htb
impacket-getArch -target flight.htb
nmap -vv --reason -Pn -T4 -sV -p 135 --script="banner,msrpc-enum,rpc-grind,rpcinfo" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp135/tcp_135_rpc_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp135/xml/tcp_135_rpc_nmap.xml" flight.htb
impacket-rpcdump -port 135 flight.htb
enum4linux -a -M -l -d flight.htb 2>&1
nbtscan -rvh 10.10.11.187 2>&1
nmap -vv --reason -Pn -T4 -sV -p 139 --script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp139/tcp_139_smb_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp139/xml/tcp_139_smb_nmap.xml" flight.htb
smbclient -L //flight.htb -N -I flight.htb 2>&1
smbmap -H flight.htb -P 139 2>&1
nmap -vv --reason -Pn -T4 -sV -p 389 --script="banner,(ldap* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp389/tcp_389_ldap_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp389/xml/tcp_389_ldap_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sV -p 445 --script="banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp445/tcp_445_smb_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp445/xml/tcp_445_smb_nmap.xml" flight.htb
smbmap -H flight.htb -P 445 2>&1
nmap -vv --reason -Pn -T4 -sV -p 464 --script="banner,krb5-enum-users" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp464/tcp_464_kerberos_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp464/xml/tcp_464_kerberos_nmap.xml" flight.htb
impacket-rpcdump -port 593 flight.htb
smbmap -u null -p "" -H flight.htb -P 139 2>&1
smbmap -u null -p "" -H flight.htb -P 445 2>&1
smbmap -H flight.htb -P 139 -R 2>&1
smbmap -H flight.htb -P 445 -R 2>&1
smbmap -u null -p "" -H flight.htb -P 139 -R 2>&1
smbmap -u null -p "" -H flight.htb -P 445 -R 2>&1
smbmap -H flight.htb -P 139 -x "ipconfig /all" 2>&1
smbmap -H flight.htb -P 445 -x "ipconfig /all" 2>&1
smbmap -u null -p "" -H flight.htb -P 139 -x "ipconfig /all" 2>&1
smbmap -u null -p "" -H flight.htb -P 445 -x "ipconfig /all" 2>&1
nmap -vv --reason -Pn -T4 -sV -p 3268 --script="banner,(ldap* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp3268/tcp_3268_ldap_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp3268/xml/tcp_3268_ldap_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sV -p 49667 --script="banner,msrpc-enum,rpc-grind,rpcinfo" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp49667/tcp_49667_rpc_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp49667/xml/tcp_49667_rpc_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sV -p 49674 --script="banner,msrpc-enum,rpc-grind,rpcinfo" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp49674/tcp_49674_rpc_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp49674/xml/tcp_49674_rpc_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sV -p 49690 --script="banner,msrpc-enum,rpc-grind,rpcinfo" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp49690/tcp_49690_rpc_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp49690/xml/tcp_49690_rpc_nmap.xml" flight.htb
nmap -vv --reason -Pn -T4 -sV -p 49699 --script="banner,msrpc-enum,rpc-grind,rpcinfo" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp49699/tcp_49699_rpc_nmap.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp49699/xml/tcp_49699_rpc_nmap.xml" flight.htb

73
HTB/flight/results/flight.htb/scans/_full_tcp_nmap.txt Normal file
View File

@@ -0,0 +1,73 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:29:46 2023 as: nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN /home/kali/htb/flight/results/flight.htb/scans/_full_tcp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_full_tcp_nmap.xml flight.htb
adjust_timeouts2: packet supposedly had rtt of -198805 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -198805 microseconds. Ignoring time.
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.029s latency).
Scanned at 2023-02-08 13:29:47 CET for 238s
Not shown: 65518 filtered tcp ports (no-response)
PORT STATE SERVICE REASON VERSION
88/tcp open kerberos-sec syn-ack ttl 127 Microsoft Windows Kerberos (server time: 2023-02-08 19:31:53Z)
135/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
139/tcp open netbios-ssn syn-ack ttl 127 Microsoft Windows netbios-ssn
389/tcp open ldap syn-ack ttl 127 Microsoft Windows Active Directory LDAP (Domain: flight.htb0., Site: Default-First-Site-Name)
445/tcp open microsoft-ds? syn-ack ttl 127
464/tcp open kpasswd5? syn-ack ttl 127
593/tcp open ncacn_http syn-ack ttl 127 Microsoft Windows RPC over HTTP 1.0
636/tcp open tcpwrapped syn-ack ttl 127
3268/tcp open ldap syn-ack ttl 127 Microsoft Windows Active Directory LDAP (Domain: flight.htb0., Site: Default-First-Site-Name)
3269/tcp open tcpwrapped syn-ack ttl 127
5985/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
9389/tcp open mc-nmf syn-ack ttl 127 .NET Message Framing
49667/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
49673/tcp open ncacn_http syn-ack ttl 127 Microsoft Windows RPC over HTTP 1.0
49674/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
49690/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
49699/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
No OS matches for host
TCP/IP fingerprint:
SCAN(V=7.93%E=4%D=2/8%OT=88%CT=%CU=%PV=Y%DS=2%DC=T%G=N%TM=63E396A9%P=x86_64-pc-linux-gnu)
SEQ(SP=105%GCD=1%ISR=10A%TS=U)
SEQ(SP=105%GCD=1%ISR=10A%II=I%TS=U)
OPS(O1=M54BNW8NNS%O2=M54BNW8NNS%O3=M54BNW8%O4=M54BNW8NNS%O5=M54BNW8NNS%O6=M54BNNS)
WIN(W1=FFFF%W2=FFFF%W3=FFFF%W4=FFFF%W5=FFFF%W6=FF70)
ECN(R=Y%DF=Y%TG=80%W=FFFF%O=M54BNW8NNS%CC=Y%Q=)
T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)
T2(R=N)
T3(R=N)
T4(R=N)
U1(R=N)
IE(R=Y%DFI=N%TG=80%CD=Z)
Network Distance: 2 hops
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: Busy server or unknown class
Service Info: Host: G0; OS: Windows; CPE: cpe:/o:microsoft:windows
Host script results:
| p2p-conficker:
| Checking for Conficker.C or higher...
| Check 1 (port 32072/tcp): CLEAN (Timeout)
| Check 2 (port 24095/tcp): CLEAN (Timeout)
| Check 3 (port 29173/udp): CLEAN (Timeout)
| Check 4 (port 44855/udp): CLEAN (Timeout)
|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
| smb2-security-mode:
| 311:
|_ Message signing enabled and required
| smb2-time:
| date: 2023-02-08T19:33:09
|_ start_date: N/A
|_clock-skew: 7h00m00s
TRACEROUTE (using port 135/tcp)
HOP RTT ADDRESS
1 24.75 ms 10.10.16.1
2 24.76 ms flight.htb (10.10.11.187)
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:33:45 2023 -- 1 IP address (1 host up) scanned in 239.12 seconds

82
HTB/flight/results/flight.htb/scans/_manual_commands.txt Normal file
View File

@@ -0,0 +1,82 @@
[*] msrpc on tcp/135
[-] RPC Client:
rpcclient -p 135 -U "" flight.htb
[*] netbios-ssn on tcp/139
[-] Bruteforce SMB
crackmapexec smb flight.htb --port=139 -u "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -p "/usr/share/seclists/Passwords/darkweb2017-top100.txt"
[-] Nmap scans for SMB vulnerabilities that could potentially cause a DoS if scanned (according to Nmap). Be careful:
nmap -vv --reason -Pn -T4 -sV -p 139 --script="smb-vuln-* and dos" --script-args="unsafe=1" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp139/tcp_139_smb_vulnerabilities.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp139/xml/tcp_139_smb_vulnerabilities.xml" flight.htb
[*] ldap on tcp/389
[-] ldapsearch command (modify before running):
ldapsearch -x -D "<username>" -w "<password>" -H ldap://flight.htb:389 -b "dc=example,dc=com" -s sub "(objectclass=*)" 2>&1 | tee > "/home/kali/htb/flight/results/flight.htb/scans/tcp389/tcp_389_ldap_all-entries.txt"
[*] microsoft-ds on tcp/445
[-] Bruteforce SMB
crackmapexec smb flight.htb --port=445 -u "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -p "/usr/share/seclists/Passwords/darkweb2017-top100.txt"
[-] Lookup SIDs
impacket-lookupsid '[username]:[password]@flight.htb'
[-] Nmap scans for SMB vulnerabilities that could potentially cause a DoS if scanned (according to Nmap). Be careful:
nmap -vv --reason -Pn -T4 -sV -p 445 --script="smb-vuln-* and dos" --script-args="unsafe=1" -oN "/home/kali/htb/flight/results/flight.htb/scans/tcp445/tcp_445_smb_vulnerabilities.txt" -oX "/home/kali/htb/flight/results/flight.htb/scans/tcp445/xml/tcp_445_smb_vulnerabilities.xml" flight.htb
[*] ldap on tcp/3268
[-] ldapsearch command (modify before running):
ldapsearch -x -D "<username>" -w "<password>" -H ldap://flight.htb:3268 -b "dc=example,dc=com" -s sub "(objectclass=*)" 2>&1 | tee > "/home/kali/htb/flight/results/flight.htb/scans/tcp3268/tcp_3268_ldap_all-entries.txt"
[*] wsman on tcp/5985
[-] Bruteforce logins:
crackmapexec winrm flight.htb -d '<domain>' -u '/usr/share/seclists/Usernames/top-usernames-shortlist.txt' -p '/usr/share/seclists/Passwords/darkweb2017-top100.txt'
[-] Check login (requires credentials):
crackmapexec winrm flight.htb -d '<domain>' -u '<username>' -p '<password>'
[-] Evil WinRM (gem install evil-winrm):
evil-winrm -u '<user>' -p '<password>' -i flight.htb
evil-winrm -u '<user>' -H '<hash>' -i flight.htb
[*] msrpc on tcp/49667
[-] RPC Client:
rpcclient -p 49667 -U "" flight.htb
[*] msrpc on tcp/49674
[-] RPC Client:
rpcclient -p 49674 -U "" flight.htb
[*] msrpc on tcp/49690
[-] RPC Client:
rpcclient -p 49690 -U "" flight.htb
[*] msrpc on tcp/49699
[-] RPC Client:
rpcclient -p 49699 -U "" flight.htb

2
HTB/flight/results/flight.htb/scans/_patterns.log Normal file
View File

@@ -0,0 +1,2 @@
Identified Architecture: 64-bit

49
HTB/flight/results/flight.htb/scans/_quick_tcp_nmap.txt Normal file
View File

@@ -0,0 +1,49 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:29:46 2023 as: nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN /home/kali/htb/flight/results/flight.htb/scans/_quick_tcp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_quick_tcp_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.026s latency).
Scanned at 2023-02-08 13:29:47 CET for 90s
Not shown: 992 filtered tcp ports (no-response)
PORT STATE SERVICE REASON VERSION
88/tcp open kerberos-sec syn-ack ttl 127 Microsoft Windows Kerberos (server time: 2023-02-08 19:29:59Z)
135/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
139/tcp open netbios-ssn syn-ack ttl 127 Microsoft Windows netbios-ssn
389/tcp open ldap syn-ack ttl 127 Microsoft Windows Active Directory LDAP (Domain: flight.htb0., Site: Default-First-Site-Name)
445/tcp open microsoft-ds? syn-ack ttl 127
464/tcp open kpasswd5? syn-ack ttl 127
593/tcp open ncacn_http syn-ack ttl 127 Microsoft Windows RPC over HTTP 1.0
636/tcp open tcpwrapped syn-ack ttl 127
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: WAP|phone
Running: Linux 2.4.X|2.6.X, Sony Ericsson embedded
OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22 cpe:/h:sonyericsson:u8i_vivaz
OS details: Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22), Sony Ericsson U8i Vivaz mobile phone
TCP/IP fingerprint:
OS:SCAN(V=7.93%E=4%D=2/8%OT=88%CT=%CU=%PV=Y%G=N%TM=63E39615%P=x86_64-pc-lin
OS:ux-gnu)ECN(R=N)T1(R=N)T2(R=N)T3(R=N)T4(R=N)U1(R=N)IE(R=N)
Service Info: Host: G0; OS: Windows; CPE: cpe:/o:microsoft:windows
Host script results:
| p2p-conficker:
| Checking for Conficker.C or higher...
| Check 1 (port 32072/tcp): CLEAN (Timeout)
| Check 2 (port 24095/tcp): CLEAN (Timeout)
| Check 3 (port 29173/udp): CLEAN (Timeout)
| Check 4 (port 44855/udp): CLEAN (Timeout)
|_ 0/4 checks are positive: Host is CLEAN or ports are blocked
|_clock-skew: 7h00m00s
| smb2-time:
| date: 2023-02-08T19:30:41
|_ start_date: N/A
| smb2-security-mode:
| 311:
|_ Message signing enabled and required
TRACEROUTE (using port 135/tcp)
HOP RTT ADDRESS
1 24.91 ms 10.10.16.1
2 ... 30
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:31:17 2023 -- 1 IP address (1 host up) scanned in 90.67 seconds

1
HTB/flight/results/flight.htb/scans/_top_100_udp_nmap.txt Normal file
View File

@@ -0,0 +1 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:29:46 2023 as: nmap -vv --reason -Pn -T4 -sU -A --top-ports 100 -oN /home/kali/htb/flight/results/flight.htb/scans/_top_100_udp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_top_100_udp_nmap.xml flight.htb

6
HTB/flight/results/flight.htb/scans/tcp135/tcp_135_rpc_architecture.txt Normal file
View File

@@ -0,0 +1,6 @@
Impacket v0.10.1.dev1+20230120.30447.442d79c2 - Copyright 2022 Fortra
[*] Gathering OS architecture for 1 machines
[*] Socket connect timeout set to 2 secs
flight.htb is 64-bit

12
HTB/flight/results/flight.htb/scans/tcp135/tcp_135_rpc_nmap.txt Normal file
View File

@@ -0,0 +1,12 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv --reason -Pn -T4 -sV -p 135 --script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp135/tcp_135_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp135/xml/tcp_135_rpc_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.10s latency).
Scanned at 2023-02-08 13:31:18 CET for 21s
PORT STATE SERVICE REASON VERSION
135/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:31:39 2023 -- 1 IP address (1 host up) scanned in 22.51 seconds

959
HTB/flight/results/flight.htb/scans/tcp135/tcp_135_rpc_rpcdump.txt Normal file
View File

@@ -0,0 +1,959 @@
Impacket v0.10.1.dev1+20230120.30447.442d79c2 - Copyright 2022 Fortra
[*] Retrieving endpoint list from flight.htb
Protocol: [MS-RSP]: Remote Shutdown Protocol
Provider: wininit.exe
UUID : D95AFE70-A6D5-4259-822E-2C84DA1DDB0D v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49664]
ncalrpc:[WindowsShutdown]
ncacn_np:\\G0[\PIPE\InitShutdown]
ncalrpc:[WMsgKRpc08B400]
Protocol: N/A
Provider: winlogon.exe
UUID : 76F226C3-EC14-4325-8A99-6A46348418AF v1.0
Bindings:
ncalrpc:[WindowsShutdown]
ncacn_np:\\G0[\PIPE\InitShutdown]
ncalrpc:[WMsgKRpc08B400]
ncalrpc:[WMsgKRpc08D0C1]
Protocol: N/A
Provider: N/A
UUID : D09BDEB5-6171-4A34-BFE2-06FA82652568 v1.0
Bindings:
ncalrpc:[csebpub]
ncalrpc:[LRPC-eaea958c7807bd669d]
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
ncalrpc:[LRPC-45c646a279b43cd0b9]
Protocol: N/A
Provider: N/A
UUID : 697DCDA9-3BA9-4EB2-9247-E11F1901B0D2 v1.0
Bindings:
ncalrpc:[LRPC-eaea958c7807bd669d]
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 9B008953-F195-4BF9-BDE0-4471971E58ED v1.0
Bindings:
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : DD59071B-3215-4C59-8481-972EDADC0F6A v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0D47017B-B33B-46AD-9E18-FE96456C5078 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 95406F0B-B239-4318-91BB-CEA3A46FF0DC v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 4ED8ABCC-F1E2-438B-981F-BB0E8ABC010C v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0FF1F646-13BB-400A-AB50-9A78F2B7A85A v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 6982A06E-5FE2-46B1-B39C-A2C545BFA069 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 082A3471-31B6-422A-B931-A54401960C62 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : FAE436B0-B864-4A87-9EDA-298547CD82F2 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : E53D94CA-7464-4839-B044-09A2FB8B3AE5 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 178D84BE-9291-4994-82C6-3F909ACA5A03 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 4DACE966-A243-4450-AE3F-9B7BCB5315B8 v2.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 1832BCF6-CAB8-41D4-85D2-C9410764F75A v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : C521FACF-09A9-42C5-B155-72388595CBF0 v0.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 2C7FD9CE-E706-4B40-B412-953107EF9BB0 v0.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 88ABCBC3-34EA-76AE-8215-767520655A23 v0.0
Bindings:
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 76C217BC-C8B4-4201-A745-373AD9032B1A v1.0
Bindings:
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 55E6B932-1979-45D6-90C5-7F6270724112 v1.0
Bindings:
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 857FB1BE-084F-4FB5-B59C-4B2C4BE5F0CF v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : B8CADBAF-E84B-46B9-84F2-6F71C03F9E55 v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 20C40295-8DBA-48E6-AEBF-3E78EF3BB144 v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 2513BCBE-6CD4-4348-855E-7EFB3C336DD3 v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0D3E2735-CEA0-4ECC-A9E2-41A2D81AED4E v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : C605F9FB-F0A3-4E2A-A073-73560F8D9E3E v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 1B37CA91-76B1-4F5E-A3C7-2ABFC61F2BB0 v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 8BFC3BE1-6DEF-4E2D-AF74-7C47CD0ADE4A v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 2D98A740-581D-41B9-AA0D-A88B9D5CE938 v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0361AE94-0316-4C6C-8AD8-C594375800E2 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 5824833B-3C1A-4AD2-BDFD-C31D19E23ED2 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : BDAA0970-413B-4A3E-9E5D-F6DC9D7E0760 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 3B338D89-6CFA-44B8-847E-531531BC9992 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 8782D3B9-EBBD-4644-A3D8-E8725381919B v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 085B0334-E454-4D91-9B8C-4134F9E793F3 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 4BEC6BB8-B5C2-4B6F-B2C1-5DA5CF92D0D9 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: sysntfy.dll
UUID : C9AC6DB5-82B7-4E55-AE8A-E464ED7B4277 v1.0 Impl friendly name
Bindings:
ncalrpc:[LRPC-d42ac87658992ae2f6]
ncalrpc:[LRPC-a922bdbb7e5407e9d3]
ncalrpc:[IUserProfile2]
ncalrpc:[LRPC-1304b6fec9fb8953ac]
ncalrpc:[senssvc]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: nsisvc.dll
UUID : 7EA70BCF-48AF-4F6A-8968-6A440754D5FA v1.0 NSI server endpoint
Bindings:
ncalrpc:[LRPC-6b137b06500f4c33e4]
Protocol: N/A
Provider: N/A
UUID : E40F7B57-7A25-4CD3-A135-7F7D3DF9D16B v1.0 Network Connection Broker server endpoint
Bindings:
ncalrpc:[LRPC-c81a868489ef097ce6]
ncalrpc:[OLEDFD360977513F89AE0BCEED163D0]
ncalrpc:[LRPC-171d3ee97e364eb3e1]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
Protocol: N/A
Provider: N/A
UUID : 880FD55E-43B9-11E0-B1A8-CF4EDFD72085 v1.0 KAPI Service endpoint
Bindings:
ncalrpc:[LRPC-c81a868489ef097ce6]
ncalrpc:[OLEDFD360977513F89AE0BCEED163D0]
ncalrpc:[LRPC-171d3ee97e364eb3e1]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
Protocol: N/A
Provider: N/A
UUID : 5222821F-D5E2-4885-84F1-5F6185A0EC41 v1.0 Network Connection Broker server endpoint for NCB Reset module
Bindings:
ncalrpc:[LRPC-171d3ee97e364eb3e1]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
Protocol: N/A
Provider: N/A
UUID : A500D4C6-0DD1-4543-BC0C-D5F93486EAF8 v1.0
Bindings:
ncalrpc:[LRPC-271dc2a21a5aa0d93b]
ncalrpc:[LRPC-45c646a279b43cd0b9]
Protocol: N/A
Provider: dhcpcsvc.dll
UUID : 3C4728C5-F0AB-448B-BDA1-6CE01EB0A6D5 v1.0 DHCP Client LRPC Endpoint
Bindings:
ncalrpc:[dhcpcsvc]
ncalrpc:[dhcpcsvc6]
Protocol: N/A
Provider: dhcpcsvc6.dll
UUID : 3C4728C5-F0AB-448B-BDA1-6CE01EB0A6D6 v1.0 DHCPv6 Client LRPC Endpoint
Bindings:
ncalrpc:[dhcpcsvc6]
Protocol: [MS-EVEN6]: EventLog Remoting Protocol
Provider: wevtsvc.dll
UUID : F6BEAFF7-1E19-4FBB-9F8F-B89E2018337C v1.0 Event log TCPIP
Bindings:
ncacn_ip_tcp:10.10.11.187[49665]
ncacn_np:\\G0[\pipe\eventlog]
ncalrpc:[eventlog]
Protocol: N/A
Provider: gpsvc.dll
UUID : 2EB08E3E-639F-4FBA-97B1-14F878961076 v1.0 Group Policy RPC Interface
Bindings:
ncalrpc:[LRPC-f3761b0b26b937f351]
Protocol: N/A
Provider: N/A
UUID : 3A9EF155-691D-4449-8D05-09AD57031823 v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49666]
ncalrpc:[LRPC-bd1da2e4492b26dbf0]
ncalrpc:[ubpmtaskhostchannel]
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
Provider: schedsvc.dll
UUID : 86D35949-83C9-4044-B424-DB363231FD0C v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49666]
ncalrpc:[LRPC-bd1da2e4492b26dbf0]
ncalrpc:[ubpmtaskhostchannel]
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: N/A
Provider: N/A
UUID : 33D84484-3626-47EE-8C6F-E7E98B113BE1 v2.0
Bindings:
ncalrpc:[LRPC-bd1da2e4492b26dbf0]
ncalrpc:[ubpmtaskhostchannel]
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
Provider: taskcomp.dll
UUID : 378E52B0-C0A9-11CF-822D-00AA0051E40F v1.0
Bindings:
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
Provider: taskcomp.dll
UUID : 1FF70682-0A51-30E8-076D-740BE8CEE98B v1.0
Bindings:
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: N/A
Provider: schedsvc.dll
UUID : 0A74EF1C-41A4-4E06-83AE-DC74FB1CDD53 v1.0
Bindings:
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: N/A
Provider: MPSSVC.dll
UUID : 2FB92682-6599-42DC-AE13-BD2CA89BD11C v1.0 Fw APIs
Bindings:
ncalrpc:[LRPC-d5622d147b6179cd49]
ncalrpc:[LRPC-cb5bb66fbb9dbd3679]
ncalrpc:[LRPC-795876b16d424d97bd]
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: N/A
UUID : F47433C3-3E9D-4157-AAD4-83AA1F5C2D4C v1.0 Fw APIs
Bindings:
ncalrpc:[LRPC-cb5bb66fbb9dbd3679]
ncalrpc:[LRPC-795876b16d424d97bd]
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: MPSSVC.dll
UUID : 7F9D11BF-7FB9-436B-A812-B2D50C5D4C03 v1.0 Fw APIs
Bindings:
ncalrpc:[LRPC-795876b16d424d97bd]
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: BFE.DLL
UUID : DD490425-5325-4565-B774-7E27D6C09C24 v1.0 Base Firewall Engine API
Bindings:
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: N/A
UUID : 7F1343FE-50A9-4927-A778-0C5859517BAC v1.0 DfsDs service
Bindings:
ncacn_np:\\G0[\PIPE\wkssvc]
ncalrpc:[LRPC-3e642009d554092db4]
Protocol: N/A
Provider: N/A
UUID : EB081A0D-10EE-478A-A1DD-50995283E7A8 v3.0 Witness Client Test Interface
Bindings:
ncalrpc:[LRPC-3e642009d554092db4]
Protocol: N/A
Provider: N/A
UUID : F2C9B409-C1C9-4100-8639-D8AB1486694A v1.0 Witness Client Upcall Server
Bindings:
ncalrpc:[LRPC-3e642009d554092db4]
Protocol: N/A
Provider: N/A
UUID : 3473DD4D-2E88-4006-9CBA-22570909DD10 v5.1 WinHttp Auto-Proxy Service
Bindings:
ncalrpc:[cb42aa91-2931-47f3-ada9-45df9180d2ad]
ncalrpc:[LRPC-7008e18f8166a9b1a0]
Protocol: N/A
Provider: N/A
UUID : 0D3C7F20-1C8D-4654-A1B3-51563B298BDA v1.0 UserMgrCli
Bindings:
ncalrpc:[LRPC-dc10c32a2d449ded8a]
ncalrpc:[OLE8965A0C5A83544FD5C7EDC7BA48C]
Protocol: N/A
Provider: N/A
UUID : B18FBAB6-56F8-4702-84E0-41053293A869 v1.0 UserMgrCli
Bindings:
ncalrpc:[LRPC-dc10c32a2d449ded8a]
ncalrpc:[OLE8965A0C5A83544FD5C7EDC7BA48C]
Protocol: N/A
Provider: N/A
UUID : C2D1B5DD-FA81-4460-9DD6-E7658B85454B v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : F44E62AF-DAB1-44C2-8013-049A9DE417D6 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : 7AEB6705-3AE6-471A-882D-F39C109EDC12 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : E7F76134-9EF5-4949-A2D6-3368CC0988F3 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : B37F900A-EAE4-4304-A2AB-12BB668C0188 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : ABFB6CA3-0C5E-4734-9285-0AEE72FE8D1C v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : C49A5A70-8A7F-4E70-BA16-1E8F1F193EF1 v1.0 Adh APIs
Bindings:
ncalrpc:[OLE11ED2776AA435DA20CD0334C15D2]
ncalrpc:[TeredoControl]
ncalrpc:[TeredoDiagnostics]
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: N/A
UUID : C36BE077-E14B-4FE9-8ABC-E856EF4F048B v1.0 Proxy Manager client server endpoint
Bindings:
ncalrpc:[TeredoControl]
ncalrpc:[TeredoDiagnostics]
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: N/A
UUID : 2E6035B2-E8F1-41A7-A044-656B439C4C34 v1.0 Proxy Manager provider server endpoint
Bindings:
ncalrpc:[TeredoControl]
ncalrpc:[TeredoDiagnostics]
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: iphlpsvc.dll
UUID : 552D076A-CB29-4E44-8B6A-D15E59E2C0AF v1.0 IP Transition Configuration endpoint
Bindings:
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: N/A
UUID : 51A227AE-825B-41F2-B4A9-1AC9557A1018 v1.0 Ngc Pop Key Service
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: N/A
UUID : 8FB74744-B2FF-4C00-BE0D-9EF9A191FE1B v1.0 Ngc Pop Key Service
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: N/A
UUID : B25A52BF-E5DD-4F4A-AEA6-8CA7272A0E86 v2.0 KeyIso
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-NRPC]: Netlogon Remote Protocol
Provider: netlogon.dll
UUID : 12345678-1234-ABCD-EF00-01234567CFFB v1.0
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-RAA]: Remote Authorization API Protocol
Provider: N/A
UUID : 0B1C2170-5732-4E0E-8CD3-D9B16F3B84D7 v0.0 RemoteAccessCheck
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote
Provider: lsasrv.dll
UUID : 12345778-1234-ABCD-EF00-0123456789AB v0.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
Provider: samsrv.dll
UUID : 12345778-1234-ABCD-EF00-0123456789AC v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol
Provider: ntdsai.dll
UUID : E3514235-4B06-11D1-AB04-00C04FC2DCD2 v4.0 MS NT Directory DRS Interface
Bindings:
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: N/A
UUID : 1A0D010F-1C33-432C-B0F5-8CF4E8053099 v1.0 IdSegSrv service
Bindings:
ncalrpc:[LRPC-9b07363cf1a8a7807e]
Protocol: N/A
Provider: srvsvc.dll
UUID : 98716D03-89AC-44C7-BB8C-285824E51C4A v1.0 XactSrv service
Bindings:
ncalrpc:[LRPC-9b07363cf1a8a7807e]
Protocol: N/A
Provider: N/A
UUID : DF4DF73A-C52D-4E3A-8003-8437FDF8302A v0.0 WM_WindowManagerRPC\Server
Bindings:
ncalrpc:[LRPC-dee8bcf7c373ba0737]
Protocol: [MS-PCQ]: Performance Counter Query Protocol
Provider: regsvc.dll
UUID : DA5A86C5-12C2-4943-AB30-7F74A813D853 v1.0 RemoteRegistry Perflib Interface
Bindings:
ncacn_np:\\G0[\PIPE\winreg]
Protocol: [MS-RRP]: Windows Remote Registry Protocol
Provider: regsvc.dll
UUID : 338CD001-2244-31F1-AAAA-900038001003 v1.0 RemoteRegistry Interface
Bindings:
ncacn_np:\\G0[\PIPE\winreg]
Protocol: [MS-SCMR]: Service Control Manager Remote Protocol
Provider: services.exe
UUID : 367ABB81-9844-35F1-AD32-98F038001003 v2.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49682]
Protocol: N/A
Provider: N/A
UUID : 98CD761E-E77D-41C8-A3C0-0FB756D90EC2 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : D22895EF-AFF4-42C5-A5B2-B14466D34AB4 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : E38F5360-8572-473E-B696-1B46873BEEAB v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : 95095EC8-32EA-4EB0-A3E2-041F97B36168 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : FD8BE72B-A9CD-4B2C-A9CA-4DED242FBE4D v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : 4C9DBF19-D39E-4BB9-90EE-8F7179B20283 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : 2F5F6521-CB55-1059-B446-00DF0BCE31DB v1.0 Unimodem LRPC Endpoint
Bindings:
ncalrpc:[unimdmsvc]
ncalrpc:[tapsrvlpc]
ncacn_np:\\G0[\pipe\tapsrv]
Protocol: N/A
Provider: N/A
UUID : 650A7E26-EAB8-5533-CE43-9C1DFCE11511 v1.0 Vpn APIs
Bindings:
ncalrpc:[LRPC-25948deb3eab9cce74]
ncalrpc:[VpnikeRpc]
ncalrpc:[RasmanLrpc]
ncacn_np:\\G0[\PIPE\ROUTER]
Protocol: [MS-CMPO]: MSDTC Connection Manager:
Provider: msdtcprx.dll
UUID : 906B0CE0-C70B-1067-B317-00DD010662DA v1.0
Bindings:
ncalrpc:[LRPC-4828e437dec9196bfb]
ncalrpc:[OLEEEE03E7F54BEE90C0B5D8266C5A2]
ncalrpc:[LRPC-7f9871fdbf96c50a23]
ncalrpc:[LRPC-7f9871fdbf96c50a23]
ncalrpc:[LRPC-7f9871fdbf96c50a23]
Protocol: N/A
Provider: sysmain.dll
UUID : B58AA02E-2884-4E97-8176-4EE06D794184 v1.0
Bindings:
ncalrpc:[LRPC-8f04274777bbe4405e]
Protocol: N/A
Provider: N/A
UUID : 5C9A4CD7-BA75-45D2-9898-1773B3D1E5F1 v1.0 Device Install Service RPC Interface
Bindings:
ncalrpc:[LRPC-f6a37759cf8efeb780]
Protocol: N/A
Provider: N/A
UUID : F3F09FFD-FBCF-4291-944D-70AD6E0E73BB v1.0
Bindings:
ncalrpc:[LRPC-580f76660eedd99d22]
Protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
Provider: dns.exe
UUID : 50ABC2A4-574D-40B3-9D66-EE4FD5FBA076 v5.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49690]
Protocol: N/A
Provider: N/A
UUID : 572E35B4-1344-4565-96A1-F5DF3BFA89BB v1.0 LiveIdSvcNotify RPC Interface
Bindings:
ncalrpc:[liveidsvcnotify]
Protocol: N/A
Provider: N/A
UUID : FAF2447B-B348-4FEB-8DBE-BEEE5B7F7778 v1.0 OnlineProviderCert RPC Interface
Bindings:
ncalrpc:[LRPC-6cd4557761c5ac60d7]
Protocol: N/A
Provider: N/A
UUID : CC105610-DA03-467E-BC73-5B9E2937458D v1.0 LiveIdSvc RPC Interface
Bindings:
ncalrpc:[LRPC-6cd4557761c5ac60d7]
Protocol: N/A
Provider: N/A
UUID : 64D1D045-F675-460B-8A94-570246B36DAB v1.0 CLIPSVC Default RPC Interface
Bindings:
ncalrpc:[ClipServiceTransportEndpoint-00001]
Protocol: [MS-FRS2]: Distributed File System Replication Protocol
Provider: dfsrmig.exe
UUID : 897E2E5F-93F3-4376-9C9C-FD2277495C27 v1.0 Frs2 Service
Bindings:
ncacn_ip_tcp:10.10.11.187[49699]
ncalrpc:[OLE6F73794928FBD5A0F4C50E8E733F]
Protocol: N/A
Provider: nrpsrv.dll
UUID : 30ADC50C-5CBC-46CE-9A0E-91914789E23C v1.0 NRP server endpoint
Bindings:
ncalrpc:[LRPC-e235c6840a1b7fa925]
[*] Received 419 endpoints.

37
HTB/flight/results/flight.htb/scans/tcp135/xml/tcp_135_rpc_nmap.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 135 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp135/tcp_135_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp135/xml/tcp_135_rpc_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 135 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp135/tcp_135_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp135/xml/tcp_135_rpc_nmap.xml flight.htb" start="1675859477" startstr="Wed Feb 8 13:31:17 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="135"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="SYN Stealth Scan" time="1675859478"/>
<taskend task="SYN Stealth Scan" time="1675859478" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859478"/>
<taskend task="Service scan" time="1675859484" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859484"/>
<taskend task="NSE" time="1675859499"/>
<taskbegin task="NSE" time="1675859499"/>
<taskend task="NSE" time="1675859499"/>
<host starttime="1675859478" endtime="1675859499"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="135"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
</ports>
<times srtt="101464" rttvar="101464" to="507320"/>
</host>
<taskbegin task="NSE" time="1675859499"/>
<taskend task="NSE" time="1675859499"/>
<taskbegin task="NSE" time="1675859499"/>
<taskend task="NSE" time="1675859499"/>
<runstats><finished time="1675859499" timestr="Wed Feb 8 13:31:39 2023" summary="Nmap done at Wed Feb 8 13:31:39 2023; 1 IP address (1 host up) scanned in 22.51 seconds" elapsed="22.51" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

139
HTB/flight/results/flight.htb/scans/tcp139/enum4linux.txt Normal file
View File

@@ -0,0 +1,139 @@
Starting enum4linux v0.9.1 ( http://labs.portcullis.co.uk/application/enum4linux/ ) on Wed Feb 8 13:31:17 2023
 =========================================( Target Information )=========================================
Target ........... flight.htb
RID Range ........ 500-550,1000-1050
Username ......... ''
Password ......... ''
Known Usernames .. administrator, guest, krbtgt, domain admins, root, bin, none
 =============================( Enumerating Workgroup/Domain on flight.htb )=============================

[E] Can't find workgroup/domain

 =================================( Nbtstat Information for flight.htb )=================================
Looking up status of 10.10.11.187
No reply from 10.10.11.187
 ====================================( Session Check on flight.htb )====================================

[+] Server flight.htb allows sessions using username '', password ''

 ============================( Getting information via LDAP for flight.htb )============================

[+] flight.htb appears to be a child DC

 =================================( Getting domain SID for flight.htb )=================================
Domain Name: flight
Domain Sid: S-1-5-21-4078382237-1492182817-2568127209

[+] Host is part of a domain (not a workgroup)

 ====================================( OS information on flight.htb )====================================

[E] Can't get OS info with smbclient

[+] Got OS info for flight.htb from srvinfo:
do_cmd: Could not initialise srvsvc. Error was NT_STATUS_ACCESS_DENIED
 ========================================( Users on flight.htb )========================================

[E] Couldn't find users using querydispinfo: NT_STATUS_ACCESS_DENIED


[E] Couldn't find users using enumdomusers: NT_STATUS_ACCESS_DENIED

 =================================( Machine Enumeration on flight.htb )=================================

[E] Not implemented in this version of enum4linux.

 ==================================( Share Enumeration on flight.htb )==================================
do_connect: Connection to flight.htb failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)
Sharename Type Comment
--------- ---- -------
Reconnecting with SMB1 for workgroup listing.
Unable to connect with SMB1 -- no workgroup available

[+] Attempting to map shares on flight.htb

 =============================( Password Policy Information for flight.htb )=============================

[E] Unexpected error from polenum:

[+] Attaching to flight.htb using a NULL share
[+] Trying protocol 139/SMB...
[!] Protocol failed: Cannot request session (Called Name:FLIGHT.HTB)
[+] Trying protocol 445/SMB...
[!] Protocol failed: SAMR SessionError: code: 0xc0000022 - STATUS_ACCESS_DENIED - {Access Denied} A process has requested access to an object but has not been granted those access rights.

[E] Failed to get password policy with rpcclient

 ========================================( Groups on flight.htb )========================================

[+] Getting builtin groups:

[+]  Getting builtin group memberships:

[+]  Getting local groups:

[+]  Getting local group memberships:

[+]  Getting domain groups:

[+]  Getting domain group memberships:

 ===================( Users on flight.htb via RID cycling (RIDS: 500-550,1000-1050) )===================

[E] Couldn't get SID: NT_STATUS_ACCESS_DENIED. RID cycling not possible.

 ================================( Getting printer info for flight.htb )================================
do_cmd: Could not initialise spoolss. Error was NT_STATUS_ACCESS_DENIED
enum4linux complete on Wed Feb 8 13:31:44 2023

3
HTB/flight/results/flight.htb/scans/tcp139/nbtscan.txt Normal file
View File

@@ -0,0 +1,3 @@
Doing NBT name scan for addresses from 10.10.11.187

8
HTB/flight/results/flight.htb/scans/tcp139/smbclient.txt Normal file
View File

@@ -0,0 +1,8 @@
do_connect: Connection to flight.htb failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)
Anonymous login successful
Sharename Type Comment
--------- ---- -------
Reconnecting with SMB1 for workgroup listing.
Unable to connect with SMB1 -- no workgroup available

2
HTB/flight/results/flight.htb/scans/tcp139/smbmap-execute-command.txt Normal file
View File

@@ -0,0 +1,2 @@
[!] Authentication error on flight.htb

2
HTB/flight/results/flight.htb/scans/tcp139/smbmap-list-contents.txt Normal file
View File

@@ -0,0 +1,2 @@
[!] Authentication error on flight.htb

2
HTB/flight/results/flight.htb/scans/tcp139/smbmap-share-permissions.txt Normal file
View File

@@ -0,0 +1,2 @@
[!] Authentication error on flight.htb

22
HTB/flight/results/flight.htb/scans/tcp139/tcp_139_smb_nmap.txt Normal file
View File

@@ -0,0 +1,22 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv --reason -Pn -T4 -sV -p 139 "--script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN /home/kali/htb/flight/results/flight.htb/scans/tcp139/tcp_139_smb_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp139/xml/tcp_139_smb_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.11s latency).
Scanned at 2023-02-08 13:31:18 CET for 41s
PORT STATE SERVICE REASON VERSION
139/tcp open netbios-ssn syn-ack ttl 127 Microsoft Windows netbios-ssn
|_smb-enum-services: ERROR: Script execution failed (use -d to debug)
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Host script results:
|_smb-protocols: No dialects accepted. Something may be blocking the responses
|_smb-mbenum: ERROR: Script execution failed (use -d to debug)
|_smb-print-text: false
|_smb2-security-mode: SMB: Couldn't find a NetBIOS name that works for the server. Sorry!
|_smb2-capabilities: SMB: Couldn't find a NetBIOS name that works for the server. Sorry!
|_smb-vuln-ms10-061: SMB: Couldn't find a NetBIOS name that works for the server. Sorry!
|_smb2-time: ERROR: Script execution failed (use -d to debug)
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:31:59 2023 -- 1 IP address (1 host up) scanned in 41.56 seconds

44
HTB/flight/results/flight.htb/scans/tcp139/xml/tcp_139_smb_nmap.xml Normal file
View File

@@ -0,0 +1,44 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 139 &quot;-&#45;script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)&quot; -oN /home/kali/htb/flight/results/flight.htb/scans/tcp139/tcp_139_smb_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp139/xml/tcp_139_smb_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 139 &quot;-&#45;script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)&quot; -oN /home/kali/htb/flight/results/flight.htb/scans/tcp139/tcp_139_smb_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp139/xml/tcp_139_smb_nmap.xml flight.htb" start="1675859477" startstr="Wed Feb 8 13:31:17 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="139"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="SYN Stealth Scan" time="1675859478"/>
<taskend task="SYN Stealth Scan" time="1675859478" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859478"/>
<taskend task="Service scan" time="1675859485" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859485"/>
<taskprogress task="NSE" time="1675859516" percent="98.57" remaining="1" etc="1675859516"/>
<taskend task="NSE" time="1675859516"/>
<taskbegin task="NSE" time="1675859516"/>
<taskend task="NSE" time="1675859519"/>
<taskbegin task="NSE" time="1675859519"/>
<taskend task="NSE" time="1675859519"/>
<host starttime="1675859478" endtime="1675859519"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="139"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="netbios-ssn" product="Microsoft Windows netbios-ssn" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service><script id="smb-enum-services" output="ERROR: Script execution failed (use -d to debug)"/></port>
</ports>
<hostscript><script id="smb-protocols" output="No dialects accepted. Something may be blocking the responses"/><script id="smb-mbenum" output="ERROR: Script execution failed (use -d to debug)"/><script id="smb-print-text" output="false">false</script><script id="smb2-security-mode" output="SMB: Couldn&apos;t find a NetBIOS name that works for the server. Sorry!">false</script><script id="smb2-capabilities" output="SMB: Couldn&apos;t find a NetBIOS name that works for the server. Sorry!">false</script><script id="smb-vuln-ms10-061" output="SMB: Couldn&apos;t find a NetBIOS name that works for the server. Sorry!">false</script><script id="smb2-time" output="ERROR: Script execution failed (use -d to debug)"/></hostscript><times srtt="109673" rttvar="109673" to="548365"/>
</host>
<taskbegin task="NSE" time="1675859519"/>
<taskend task="NSE" time="1675859519"/>
<taskbegin task="NSE" time="1675859519"/>
<taskend task="NSE" time="1675859519"/>
<taskbegin task="NSE" time="1675859519"/>
<taskend task="NSE" time="1675859519"/>
<runstats><finished time="1675859519" timestr="Wed Feb 8 13:31:59 2023" summary="Nmap done at Wed Feb 8 13:31:59 2023; 1 IP address (1 host up) scanned in 41.56 seconds" elapsed="41.56" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

108
HTB/flight/results/flight.htb/scans/tcp3268/tcp_3268_ldap_nmap.txt Normal file
View File

@@ -0,0 +1,108 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv --reason -Pn -T4 -sV -p 3268 "--script=banner,(ldap* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN /home/kali/htb/flight/results/flight.htb/scans/tcp3268/tcp_3268_ldap_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp3268/xml/tcp_3268_ldap_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.087s latency).
Scanned at 2023-02-08 13:33:46 CET for 17s
PORT STATE SERVICE REASON VERSION
3268/tcp open ldap syn-ack ttl 127 Microsoft Windows Active Directory LDAP (Domain: flight.htb, Site: Default-First-Site-Name)
| ldap-rootdse:
| LDAP Results
| <ROOT>
| domainFunctionality: 7
| forestFunctionality: 7
| domainControllerFunctionality: 7
| rootDomainNamingContext: DC=flight,DC=htb
| ldapServiceName: flight.htb:g0$@FLIGHT.HTB
| isGlobalCatalogReady: TRUE
| supportedSASLMechanisms: GSSAPI
| supportedSASLMechanisms: GSS-SPNEGO
| supportedSASLMechanisms: EXTERNAL
| supportedSASLMechanisms: DIGEST-MD5
| supportedLDAPVersion: 3
| supportedLDAPVersion: 2
| supportedLDAPPolicies: MaxPoolThreads
| supportedLDAPPolicies: MaxPercentDirSyncRequests
| supportedLDAPPolicies: MaxDatagramRecv
| supportedLDAPPolicies: MaxReceiveBuffer
| supportedLDAPPolicies: InitRecvTimeout
| supportedLDAPPolicies: MaxConnections
| supportedLDAPPolicies: MaxConnIdleTime
| supportedLDAPPolicies: MaxPageSize
| supportedLDAPPolicies: MaxBatchReturnMessages
| supportedLDAPPolicies: MaxQueryDuration
| supportedLDAPPolicies: MaxDirSyncDuration
| supportedLDAPPolicies: MaxTempTableSize
| supportedLDAPPolicies: MaxResultSetSize
| supportedLDAPPolicies: MinResultSets
| supportedLDAPPolicies: MaxResultSetsPerConn
| supportedLDAPPolicies: MaxNotificationPerConn
| supportedLDAPPolicies: MaxValRange
| supportedLDAPPolicies: MaxValRangeTransitive
| supportedLDAPPolicies: ThreadMemoryLimit
| supportedLDAPPolicies: SystemMemoryLimitPercent
| supportedControl: 1.2.840.113556.1.4.319
| supportedControl: 1.2.840.113556.1.4.801
| supportedControl: 1.2.840.113556.1.4.473
| supportedControl: 1.2.840.113556.1.4.528
| supportedControl: 1.2.840.113556.1.4.417
| supportedControl: 1.2.840.113556.1.4.619
| supportedControl: 1.2.840.113556.1.4.841
| supportedControl: 1.2.840.113556.1.4.529
| supportedControl: 1.2.840.113556.1.4.805
| supportedControl: 1.2.840.113556.1.4.521
| supportedControl: 1.2.840.113556.1.4.970
| supportedControl: 1.2.840.113556.1.4.1338
| supportedControl: 1.2.840.113556.1.4.474
| supportedControl: 1.2.840.113556.1.4.1339
| supportedControl: 1.2.840.113556.1.4.1340
| supportedControl: 1.2.840.113556.1.4.1413
| supportedControl: 2.16.840.1.113730.3.4.9
| supportedControl: 2.16.840.1.113730.3.4.10
| supportedControl: 1.2.840.113556.1.4.1504
| supportedControl: 1.2.840.113556.1.4.1852
| supportedControl: 1.2.840.113556.1.4.802
| supportedControl: 1.2.840.113556.1.4.1907
| supportedControl: 1.2.840.113556.1.4.1948
| supportedControl: 1.2.840.113556.1.4.1974
| supportedControl: 1.2.840.113556.1.4.1341
| supportedControl: 1.2.840.113556.1.4.2026
| supportedControl: 1.2.840.113556.1.4.2064
| supportedControl: 1.2.840.113556.1.4.2065
| supportedControl: 1.2.840.113556.1.4.2066
| supportedControl: 1.2.840.113556.1.4.2090
| supportedControl: 1.2.840.113556.1.4.2205
| supportedControl: 1.2.840.113556.1.4.2204
| supportedControl: 1.2.840.113556.1.4.2206
| supportedControl: 1.2.840.113556.1.4.2211
| supportedControl: 1.2.840.113556.1.4.2239
| supportedControl: 1.2.840.113556.1.4.2255
| supportedControl: 1.2.840.113556.1.4.2256
| supportedControl: 1.2.840.113556.1.4.2309
| supportedControl: 1.2.840.113556.1.4.2330
| supportedControl: 1.2.840.113556.1.4.2354
| supportedCapabilities: 1.2.840.113556.1.4.800
| supportedCapabilities: 1.2.840.113556.1.4.1670
| supportedCapabilities: 1.2.840.113556.1.4.1791
| supportedCapabilities: 1.2.840.113556.1.4.1935
| supportedCapabilities: 1.2.840.113556.1.4.2080
| supportedCapabilities: 1.2.840.113556.1.4.2237
| subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=flight,DC=htb
| serverName: CN=G0,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=flight,DC=htb
| schemaNamingContext: CN=Schema,CN=Configuration,DC=flight,DC=htb
| namingContexts: DC=flight,DC=htb
| namingContexts: CN=Configuration,DC=flight,DC=htb
| namingContexts: CN=Schema,CN=Configuration,DC=flight,DC=htb
| namingContexts: DC=DomainDnsZones,DC=flight,DC=htb
| namingContexts: DC=ForestDnsZones,DC=flight,DC=htb
| isSynchronized: TRUE
| highestCommittedUSN: 122951
| dsServiceName: CN=NTDS Settings,CN=G0,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=flight,DC=htb
| dnsHostName: g0.flight.htb
| defaultNamingContext: DC=flight,DC=htb
| currentTime: 20230208193354.0Z
|_ configurationNamingContext: CN=Configuration,DC=flight,DC=htb
Service Info: Host: G0; OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:34:03 2023 -- 1 IP address (1 host up) scanned in 17.34 seconds

43
HTB/flight/results/flight.htb/scans/tcp3268/xml/tcp_3268_ldap_nmap.xml Normal file
View File

File diff suppressed because one or more lines are too long

108
HTB/flight/results/flight.htb/scans/tcp389/tcp_389_ldap_nmap.txt Normal file
View File

@@ -0,0 +1,108 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv --reason -Pn -T4 -sV -p 389 "--script=banner,(ldap* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN /home/kali/htb/flight/results/flight.htb/scans/tcp389/tcp_389_ldap_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp389/xml/tcp_389_ldap_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.10s latency).
Scanned at 2023-02-08 13:31:18 CET for 17s
PORT STATE SERVICE REASON VERSION
389/tcp open ldap syn-ack ttl 127 Microsoft Windows Active Directory LDAP (Domain: flight.htb, Site: Default-First-Site-Name)
| ldap-rootdse:
| LDAP Results
| <ROOT>
| domainFunctionality: 7
| forestFunctionality: 7
| domainControllerFunctionality: 7
| rootDomainNamingContext: DC=flight,DC=htb
| ldapServiceName: flight.htb:g0$@FLIGHT.HTB
| isGlobalCatalogReady: TRUE
| supportedSASLMechanisms: GSSAPI
| supportedSASLMechanisms: GSS-SPNEGO
| supportedSASLMechanisms: EXTERNAL
| supportedSASLMechanisms: DIGEST-MD5
| supportedLDAPVersion: 3
| supportedLDAPVersion: 2
| supportedLDAPPolicies: MaxPoolThreads
| supportedLDAPPolicies: MaxPercentDirSyncRequests
| supportedLDAPPolicies: MaxDatagramRecv
| supportedLDAPPolicies: MaxReceiveBuffer
| supportedLDAPPolicies: InitRecvTimeout
| supportedLDAPPolicies: MaxConnections
| supportedLDAPPolicies: MaxConnIdleTime
| supportedLDAPPolicies: MaxPageSize
| supportedLDAPPolicies: MaxBatchReturnMessages
| supportedLDAPPolicies: MaxQueryDuration
| supportedLDAPPolicies: MaxDirSyncDuration
| supportedLDAPPolicies: MaxTempTableSize
| supportedLDAPPolicies: MaxResultSetSize
| supportedLDAPPolicies: MinResultSets
| supportedLDAPPolicies: MaxResultSetsPerConn
| supportedLDAPPolicies: MaxNotificationPerConn
| supportedLDAPPolicies: MaxValRange
| supportedLDAPPolicies: MaxValRangeTransitive
| supportedLDAPPolicies: ThreadMemoryLimit
| supportedLDAPPolicies: SystemMemoryLimitPercent
| supportedControl: 1.2.840.113556.1.4.319
| supportedControl: 1.2.840.113556.1.4.801
| supportedControl: 1.2.840.113556.1.4.473
| supportedControl: 1.2.840.113556.1.4.528
| supportedControl: 1.2.840.113556.1.4.417
| supportedControl: 1.2.840.113556.1.4.619
| supportedControl: 1.2.840.113556.1.4.841
| supportedControl: 1.2.840.113556.1.4.529
| supportedControl: 1.2.840.113556.1.4.805
| supportedControl: 1.2.840.113556.1.4.521
| supportedControl: 1.2.840.113556.1.4.970
| supportedControl: 1.2.840.113556.1.4.1338
| supportedControl: 1.2.840.113556.1.4.474
| supportedControl: 1.2.840.113556.1.4.1339
| supportedControl: 1.2.840.113556.1.4.1340
| supportedControl: 1.2.840.113556.1.4.1413
| supportedControl: 2.16.840.1.113730.3.4.9
| supportedControl: 2.16.840.1.113730.3.4.10
| supportedControl: 1.2.840.113556.1.4.1504
| supportedControl: 1.2.840.113556.1.4.1852
| supportedControl: 1.2.840.113556.1.4.802
| supportedControl: 1.2.840.113556.1.4.1907
| supportedControl: 1.2.840.113556.1.4.1948
| supportedControl: 1.2.840.113556.1.4.1974
| supportedControl: 1.2.840.113556.1.4.1341
| supportedControl: 1.2.840.113556.1.4.2026
| supportedControl: 1.2.840.113556.1.4.2064
| supportedControl: 1.2.840.113556.1.4.2065
| supportedControl: 1.2.840.113556.1.4.2066
| supportedControl: 1.2.840.113556.1.4.2090
| supportedControl: 1.2.840.113556.1.4.2205
| supportedControl: 1.2.840.113556.1.4.2204
| supportedControl: 1.2.840.113556.1.4.2206
| supportedControl: 1.2.840.113556.1.4.2211
| supportedControl: 1.2.840.113556.1.4.2239
| supportedControl: 1.2.840.113556.1.4.2255
| supportedControl: 1.2.840.113556.1.4.2256
| supportedControl: 1.2.840.113556.1.4.2309
| supportedControl: 1.2.840.113556.1.4.2330
| supportedControl: 1.2.840.113556.1.4.2354
| supportedCapabilities: 1.2.840.113556.1.4.800
| supportedCapabilities: 1.2.840.113556.1.4.1670
| supportedCapabilities: 1.2.840.113556.1.4.1791
| supportedCapabilities: 1.2.840.113556.1.4.1935
| supportedCapabilities: 1.2.840.113556.1.4.2080
| supportedCapabilities: 1.2.840.113556.1.4.2237
| subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=flight,DC=htb
| serverName: CN=G0,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=flight,DC=htb
| schemaNamingContext: CN=Schema,CN=Configuration,DC=flight,DC=htb
| namingContexts: DC=flight,DC=htb
| namingContexts: CN=Configuration,DC=flight,DC=htb
| namingContexts: CN=Schema,CN=Configuration,DC=flight,DC=htb
| namingContexts: DC=DomainDnsZones,DC=flight,DC=htb
| namingContexts: DC=ForestDnsZones,DC=flight,DC=htb
| isSynchronized: TRUE
| highestCommittedUSN: 122951
| dsServiceName: CN=NTDS Settings,CN=G0,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=flight,DC=htb
| dnsHostName: g0.flight.htb
| defaultNamingContext: DC=flight,DC=htb
| currentTime: 20230208193126.0Z
|_ configurationNamingContext: CN=Configuration,DC=flight,DC=htb
Service Info: Host: G0; OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:31:35 2023 -- 1 IP address (1 host up) scanned in 17.61 seconds

43
HTB/flight/results/flight.htb/scans/tcp389/xml/tcp_389_ldap_nmap.xml Normal file
View File

File diff suppressed because one or more lines are too long

2
HTB/flight/results/flight.htb/scans/tcp445/smbmap-execute-command.txt Normal file
View File

@@ -0,0 +1,2 @@
[!] Authentication error on flight.htb

2
HTB/flight/results/flight.htb/scans/tcp445/smbmap-list-contents.txt Normal file
View File

@@ -0,0 +1,2 @@
[!] Authentication error on flight.htb

2
HTB/flight/results/flight.htb/scans/tcp445/smbmap-share-permissions.txt Normal file
View File

@@ -0,0 +1,2 @@
[!] Authentication error on flight.htb

50
HTB/flight/results/flight.htb/scans/tcp445/tcp_445_smb_nmap.txt Normal file
View File

@@ -0,0 +1,50 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv --reason -Pn -T4 -sV -p 445 "--script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN /home/kali/htb/flight/results/flight.htb/scans/tcp445/tcp_445_smb_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp445/xml/tcp_445_smb_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.073s latency).
Scanned at 2023-02-08 13:31:18 CET for 51s
PORT STATE SERVICE REASON VERSION
445/tcp open microsoft-ds? syn-ack ttl 127
|_smb-enum-services: ERROR: Script execution failed (use -d to debug)
Host script results:
| smb-protocols:
| dialects:
| 202
| 210
| 300
| 302
|_ 311
| smb2-capabilities:
| 202:
| Distributed File System
| 210:
| Distributed File System
| Leasing
| Multi-credit operations
| 300:
| Distributed File System
| Leasing
| Multi-credit operations
| 302:
| Distributed File System
| Leasing
| Multi-credit operations
| 311:
| Distributed File System
| Leasing
|_ Multi-credit operations
| smb2-time:
| date: 2023-02-08T19:31:46
|_ start_date: N/A
|_smb-print-text: false
| smb-mbenum:
|_ ERROR: Failed to connect to browser service: Could not negotiate a connection:SMB: Failed to receive bytes: ERROR
| smb2-security-mode:
| 311:
|_ Message signing enabled and required
|_smb-vuln-ms10-061: Could not negotiate a connection:SMB: Failed to receive bytes: ERROR
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:32:09 2023 -- 1 IP address (1 host up) scanned in 52.21 seconds

79
HTB/flight/results/flight.htb/scans/tcp445/xml/tcp_445_smb_nmap.xml Normal file
View File

@@ -0,0 +1,79 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 445 &quot;-&#45;script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)&quot; -oN /home/kali/htb/flight/results/flight.htb/scans/tcp445/tcp_445_smb_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp445/xml/tcp_445_smb_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 445 &quot;-&#45;script=banner,(nbstat or smb* or ssl*) and not (brute or broadcast or dos or external or fuzzer)&quot; -oN /home/kali/htb/flight/results/flight.htb/scans/tcp445/tcp_445_smb_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp445/xml/tcp_445_smb_nmap.xml flight.htb" start="1675859477" startstr="Wed Feb 8 13:31:17 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="445"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="SYN Stealth Scan" time="1675859478"/>
<taskend task="SYN Stealth Scan" time="1675859478" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859478"/>
<taskend task="Service scan" time="1675859487" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859487"/>
<taskprogress task="NSE" time="1675859518" percent="94.29" remaining="2" etc="1675859520"/>
<taskend task="NSE" time="1675859528"/>
<taskbegin task="NSE" time="1675859528"/>
<taskend task="NSE" time="1675859529"/>
<taskbegin task="NSE" time="1675859529"/>
<taskend task="NSE" time="1675859529"/>
<host starttime="1675859478" endtime="1675859529"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="445"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="microsoft-ds" method="table" conf="3"/><script id="smb-enum-services" output="ERROR: Script execution failed (use -d to debug)"/></port>
</ports>
<hostscript><script id="smb-protocols" output="&#xa; dialects: &#xa; 202&#xa; 210&#xa; 300&#xa; 302&#xa; 311"><table key="dialects">
<elem>202</elem>
<elem>210</elem>
<elem>300</elem>
<elem>302</elem>
<elem>311</elem>
</table>
</script><script id="smb2-capabilities" output="&#xa; 202: &#xa; Distributed File System&#xa; 210: &#xa; Distributed File System&#xa; Leasing&#xa; Multi-credit operations&#xa; 300: &#xa; Distributed File System&#xa; Leasing&#xa; Multi-credit operations&#xa; 302: &#xa; Distributed File System&#xa; Leasing&#xa; Multi-credit operations&#xa; 311: &#xa; Distributed File System&#xa; Leasing&#xa; Multi-credit operations"><table key="202">
<elem>Distributed File System</elem>
</table>
<table key="210">
<elem>Distributed File System</elem>
<elem>Leasing</elem>
<elem>Multi-credit operations</elem>
</table>
<table key="300">
<elem>Distributed File System</elem>
<elem>Leasing</elem>
<elem>Multi-credit operations</elem>
</table>
<table key="302">
<elem>Distributed File System</elem>
<elem>Leasing</elem>
<elem>Multi-credit operations</elem>
</table>
<table key="311">
<elem>Distributed File System</elem>
<elem>Leasing</elem>
<elem>Multi-credit operations</elem>
</table>
</script><script id="smb2-time" output="&#xa; date: 2023-02-08T19:31:46&#xa; start_date: N/A"><elem key="date">2023-02-08T19:31:46</elem>
<elem key="start_date">N/A</elem>
</script><script id="smb-print-text" output="false">false</script><script id="smb-mbenum" output="&#xa; ERROR: Failed to connect to browser service: Could not negotiate a connection:SMB: Failed to receive bytes: ERROR"/><script id="smb2-security-mode" output="&#xa; 311: &#xa; Message signing enabled and required"><table key="311">
<elem>Message signing enabled and required</elem>
</table>
</script><script id="smb-vuln-ms10-061" output="Could not negotiate a connection:SMB: Failed to receive bytes: ERROR">false</script></hostscript><times srtt="72767" rttvar="72767" to="363835"/>
</host>
<taskbegin task="NSE" time="1675859529"/>
<taskend task="NSE" time="1675859529"/>
<taskbegin task="NSE" time="1675859529"/>
<taskend task="NSE" time="1675859529"/>
<taskbegin task="NSE" time="1675859529"/>
<taskend task="NSE" time="1675859529"/>
<runstats><finished time="1675859529" timestr="Wed Feb 8 13:32:09 2023" summary="Nmap done at Wed Feb 8 13:32:09 2023; 1 IP address (1 host up) scanned in 52.21 seconds" elapsed="52.21" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

11
HTB/flight/results/flight.htb/scans/tcp464/tcp_464_kerberos_nmap.txt Normal file
View File

@@ -0,0 +1,11 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv --reason -Pn -T4 -sV -p 464 --script=banner,krb5-enum-users -oN /home/kali/htb/flight/results/flight.htb/scans/tcp464/tcp_464_kerberos_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp464/xml/tcp_464_kerberos_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.12s latency).
Scanned at 2023-02-08 13:31:18 CET for 19s
PORT STATE SERVICE REASON VERSION
464/tcp open kpasswd5? syn-ack ttl 127
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:31:37 2023 -- 1 IP address (1 host up) scanned in 20.43 seconds

37
HTB/flight/results/flight.htb/scans/tcp464/xml/tcp_464_kerberos_nmap.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 464 -&#45;script=banner,krb5-enum-users -oN /home/kali/htb/flight/results/flight.htb/scans/tcp464/tcp_464_kerberos_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp464/xml/tcp_464_kerberos_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 464 -&#45;script=banner,krb5-enum-users -oN /home/kali/htb/flight/results/flight.htb/scans/tcp464/tcp_464_kerberos_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp464/xml/tcp_464_kerberos_nmap.xml flight.htb" start="1675859477" startstr="Wed Feb 8 13:31:17 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="464"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="NSE" time="1675859478"/>
<taskend task="NSE" time="1675859478"/>
<taskbegin task="SYN Stealth Scan" time="1675859478"/>
<taskend task="SYN Stealth Scan" time="1675859478" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859478"/>
<taskend task="Service scan" time="1675859487" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859487"/>
<taskend task="NSE" time="1675859497"/>
<taskbegin task="NSE" time="1675859497"/>
<taskend task="NSE" time="1675859497"/>
<host starttime="1675859478" endtime="1675859497"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="464"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="kpasswd5" method="table" conf="3"/></port>
</ports>
<times srtt="115443" rttvar="115443" to="577215"/>
</host>
<taskbegin task="NSE" time="1675859497"/>
<taskend task="NSE" time="1675859497"/>
<taskbegin task="NSE" time="1675859497"/>
<taskend task="NSE" time="1675859497"/>
<runstats><finished time="1675859497" timestr="Wed Feb 8 13:31:37 2023" summary="Nmap done at Wed Feb 8 13:31:37 2023; 1 IP address (1 host up) scanned in 20.43 seconds" elapsed="20.43" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

12
HTB/flight/results/flight.htb/scans/tcp49667/tcp_49667_rpc_nmap.txt Normal file
View File

@@ -0,0 +1,12 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv --reason -Pn -T4 -sV -p 49667 --script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49667/tcp_49667_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49667/xml/tcp_49667_rpc_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.050s latency).
Scanned at 2023-02-08 13:33:46 CET for 71s
PORT STATE SERVICE REASON VERSION
49667/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:34:57 2023 -- 1 IP address (1 host up) scanned in 71.32 seconds

37
HTB/flight/results/flight.htb/scans/tcp49667/xml/tcp_49667_rpc_nmap.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 49667 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49667/tcp_49667_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49667/xml/tcp_49667_rpc_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 49667 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49667/tcp_49667_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49667/xml/tcp_49667_rpc_nmap.xml flight.htb" start="1675859626" startstr="Wed Feb 8 13:33:46 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="49667"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="SYN Stealth Scan" time="1675859626"/>
<taskend task="SYN Stealth Scan" time="1675859626" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859626"/>
<taskend task="Service scan" time="1675859682" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859682"/>
<taskend task="NSE" time="1675859697"/>
<taskbegin task="NSE" time="1675859697"/>
<taskend task="NSE" time="1675859697"/>
<host starttime="1675859626" endtime="1675859697"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="49667"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
</ports>
<times srtt="49780" rttvar="49780" to="248900"/>
</host>
<taskbegin task="NSE" time="1675859697"/>
<taskend task="NSE" time="1675859697"/>
<taskbegin task="NSE" time="1675859697"/>
<taskend task="NSE" time="1675859697"/>
<runstats><finished time="1675859697" timestr="Wed Feb 8 13:34:57 2023" summary="Nmap done at Wed Feb 8 13:34:57 2023; 1 IP address (1 host up) scanned in 71.32 seconds" elapsed="71.32" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

12
HTB/flight/results/flight.htb/scans/tcp49674/tcp_49674_rpc_nmap.txt Normal file
View File

@@ -0,0 +1,12 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv --reason -Pn -T4 -sV -p 49674 --script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49674/tcp_49674_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49674/xml/tcp_49674_rpc_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.038s latency).
Scanned at 2023-02-08 13:33:46 CET for 70s
PORT STATE SERVICE REASON VERSION
49674/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:34:56 2023 -- 1 IP address (1 host up) scanned in 70.47 seconds

37
HTB/flight/results/flight.htb/scans/tcp49674/xml/tcp_49674_rpc_nmap.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 49674 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49674/tcp_49674_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49674/xml/tcp_49674_rpc_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 49674 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49674/tcp_49674_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49674/xml/tcp_49674_rpc_nmap.xml flight.htb" start="1675859626" startstr="Wed Feb 8 13:33:46 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="49674"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="SYN Stealth Scan" time="1675859626"/>
<taskend task="SYN Stealth Scan" time="1675859626" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859626"/>
<taskend task="Service scan" time="1675859681" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859681"/>
<taskend task="NSE" time="1675859696"/>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<host starttime="1675859626" endtime="1675859696"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="49674"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
</ports>
<times srtt="38030" rttvar="38030" to="190150"/>
</host>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<runstats><finished time="1675859696" timestr="Wed Feb 8 13:34:56 2023" summary="Nmap done at Wed Feb 8 13:34:56 2023; 1 IP address (1 host up) scanned in 70.47 seconds" elapsed="70.47" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

12
HTB/flight/results/flight.htb/scans/tcp49690/tcp_49690_rpc_nmap.txt Normal file
View File

@@ -0,0 +1,12 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv --reason -Pn -T4 -sV -p 49690 --script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49690/tcp_49690_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49690/xml/tcp_49690_rpc_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.041s latency).
Scanned at 2023-02-08 13:33:46 CET for 70s
PORT STATE SERVICE REASON VERSION
49690/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:34:56 2023 -- 1 IP address (1 host up) scanned in 70.45 seconds

37
HTB/flight/results/flight.htb/scans/tcp49690/xml/tcp_49690_rpc_nmap.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 49690 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49690/tcp_49690_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49690/xml/tcp_49690_rpc_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 49690 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49690/tcp_49690_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49690/xml/tcp_49690_rpc_nmap.xml flight.htb" start="1675859626" startstr="Wed Feb 8 13:33:46 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="49690"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="SYN Stealth Scan" time="1675859626"/>
<taskend task="SYN Stealth Scan" time="1675859626" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859626"/>
<taskend task="Service scan" time="1675859681" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859681"/>
<taskend task="NSE" time="1675859696"/>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<host starttime="1675859626" endtime="1675859696"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="49690"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
</ports>
<times srtt="40579" rttvar="40579" to="202895"/>
</host>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<runstats><finished time="1675859696" timestr="Wed Feb 8 13:34:56 2023" summary="Nmap done at Wed Feb 8 13:34:56 2023; 1 IP address (1 host up) scanned in 70.45 seconds" elapsed="70.45" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

12
HTB/flight/results/flight.htb/scans/tcp49699/tcp_49699_rpc_nmap.txt Normal file
View File

@@ -0,0 +1,12 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv --reason -Pn -T4 -sV -p 49699 --script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49699/tcp_49699_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49699/xml/tcp_49699_rpc_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.028s latency).
Scanned at 2023-02-08 13:33:46 CET for 70s
PORT STATE SERVICE REASON VERSION
49699/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:34:56 2023 -- 1 IP address (1 host up) scanned in 70.74 seconds

37
HTB/flight/results/flight.htb/scans/tcp49699/xml/tcp_49699_rpc_nmap.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:33:46 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 49699 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49699/tcp_49699_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49699/xml/tcp_49699_rpc_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 49699 -&#45;script=banner,msrpc-enum,rpc-grind,rpcinfo -oN /home/kali/htb/flight/results/flight.htb/scans/tcp49699/tcp_49699_rpc_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp49699/xml/tcp_49699_rpc_nmap.xml flight.htb" start="1675859626" startstr="Wed Feb 8 13:33:46 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="49699"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="NSE" time="1675859626"/>
<taskend task="NSE" time="1675859626"/>
<taskbegin task="SYN Stealth Scan" time="1675859626"/>
<taskend task="SYN Stealth Scan" time="1675859626" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859626"/>
<taskend task="Service scan" time="1675859681" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859681"/>
<taskend task="NSE" time="1675859696"/>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<host starttime="1675859626" endtime="1675859696"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="49699"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
</ports>
<times srtt="28342" rttvar="28342" to="141710"/>
</host>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<taskbegin task="NSE" time="1675859696"/>
<taskend task="NSE" time="1675859696"/>
<runstats><finished time="1675859696" timestr="Wed Feb 8 13:34:56 2023" summary="Nmap done at Wed Feb 8 13:34:56 2023; 1 IP address (1 host up) scanned in 70.74 seconds" elapsed="70.74" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

959
HTB/flight/results/flight.htb/scans/tcp593/tcp_593_rpc_rpcdump.txt Normal file
View File

@@ -0,0 +1,959 @@
Impacket v0.10.1.dev1+20230120.30447.442d79c2 - Copyright 2022 Fortra
[*] Retrieving endpoint list from flight.htb
Protocol: [MS-RSP]: Remote Shutdown Protocol
Provider: wininit.exe
UUID : D95AFE70-A6D5-4259-822E-2C84DA1DDB0D v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49664]
ncalrpc:[WindowsShutdown]
ncacn_np:\\G0[\PIPE\InitShutdown]
ncalrpc:[WMsgKRpc08B400]
Protocol: N/A
Provider: winlogon.exe
UUID : 76F226C3-EC14-4325-8A99-6A46348418AF v1.0
Bindings:
ncalrpc:[WindowsShutdown]
ncacn_np:\\G0[\PIPE\InitShutdown]
ncalrpc:[WMsgKRpc08B400]
ncalrpc:[WMsgKRpc08D0C1]
Protocol: N/A
Provider: N/A
UUID : D09BDEB5-6171-4A34-BFE2-06FA82652568 v1.0
Bindings:
ncalrpc:[csebpub]
ncalrpc:[LRPC-eaea958c7807bd669d]
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
ncalrpc:[LRPC-45c646a279b43cd0b9]
Protocol: N/A
Provider: N/A
UUID : 697DCDA9-3BA9-4EB2-9247-E11F1901B0D2 v1.0
Bindings:
ncalrpc:[LRPC-eaea958c7807bd669d]
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 9B008953-F195-4BF9-BDE0-4471971E58ED v1.0
Bindings:
ncalrpc:[LRPC-01b88287415d9e2835]
ncalrpc:[LRPC-b01354e79948514740]
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : DD59071B-3215-4C59-8481-972EDADC0F6A v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0D47017B-B33B-46AD-9E18-FE96456C5078 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 95406F0B-B239-4318-91BB-CEA3A46FF0DC v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 4ED8ABCC-F1E2-438B-981F-BB0E8ABC010C v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0FF1F646-13BB-400A-AB50-9A78F2B7A85A v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 6982A06E-5FE2-46B1-B39C-A2C545BFA069 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 082A3471-31B6-422A-B931-A54401960C62 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : FAE436B0-B864-4A87-9EDA-298547CD82F2 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : E53D94CA-7464-4839-B044-09A2FB8B3AE5 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 178D84BE-9291-4994-82C6-3F909ACA5A03 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 4DACE966-A243-4450-AE3F-9B7BCB5315B8 v2.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 1832BCF6-CAB8-41D4-85D2-C9410764F75A v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : C521FACF-09A9-42C5-B155-72388595CBF0 v0.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 2C7FD9CE-E706-4B40-B412-953107EF9BB0 v0.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 88ABCBC3-34EA-76AE-8215-767520655A23 v0.0
Bindings:
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 76C217BC-C8B4-4201-A745-373AD9032B1A v1.0
Bindings:
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 55E6B932-1979-45D6-90C5-7F6270724112 v1.0
Bindings:
ncalrpc:[LRPC-9be150d2fa623d5dac]
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 857FB1BE-084F-4FB5-B59C-4B2C4BE5F0CF v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : B8CADBAF-E84B-46B9-84F2-6F71C03F9E55 v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 20C40295-8DBA-48E6-AEBF-3E78EF3BB144 v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 2513BCBE-6CD4-4348-855E-7EFB3C336DD3 v1.0
Bindings:
ncalrpc:[LRPC-68cb410a43dd1a672b]
ncalrpc:[OLEA4DD5C6DE2C9F6292CBD2A5C4693]
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0D3E2735-CEA0-4ECC-A9E2-41A2D81AED4E v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : C605F9FB-F0A3-4E2A-A073-73560F8D9E3E v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 1B37CA91-76B1-4F5E-A3C7-2ABFC61F2BB0 v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 8BFC3BE1-6DEF-4E2D-AF74-7C47CD0ADE4A v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 2D98A740-581D-41B9-AA0D-A88B9D5CE938 v1.0
Bindings:
ncalrpc:[LRPC-ffaa703478816eb163]
ncalrpc:[actkernel]
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 0361AE94-0316-4C6C-8AD8-C594375800E2 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 5824833B-3C1A-4AD2-BDFD-C31D19E23ED2 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : BDAA0970-413B-4A3E-9E5D-F6DC9D7E0760 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 3B338D89-6CFA-44B8-847E-531531BC9992 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 8782D3B9-EBBD-4644-A3D8-E8725381919B v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 085B0334-E454-4D91-9B8C-4134F9E793F3 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: N/A
UUID : 4BEC6BB8-B5C2-4B6F-B2C1-5DA5CF92D0D9 v1.0
Bindings:
ncalrpc:[umpo]
Protocol: N/A
Provider: sysntfy.dll
UUID : C9AC6DB5-82B7-4E55-AE8A-E464ED7B4277 v1.0 Impl friendly name
Bindings:
ncalrpc:[LRPC-d42ac87658992ae2f6]
ncalrpc:[LRPC-a922bdbb7e5407e9d3]
ncalrpc:[IUserProfile2]
ncalrpc:[LRPC-1304b6fec9fb8953ac]
ncalrpc:[senssvc]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: nsisvc.dll
UUID : 7EA70BCF-48AF-4F6A-8968-6A440754D5FA v1.0 NSI server endpoint
Bindings:
ncalrpc:[LRPC-6b137b06500f4c33e4]
Protocol: N/A
Provider: N/A
UUID : E40F7B57-7A25-4CD3-A135-7F7D3DF9D16B v1.0 Network Connection Broker server endpoint
Bindings:
ncalrpc:[LRPC-c81a868489ef097ce6]
ncalrpc:[OLEDFD360977513F89AE0BCEED163D0]
ncalrpc:[LRPC-171d3ee97e364eb3e1]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
Protocol: N/A
Provider: N/A
UUID : 880FD55E-43B9-11E0-B1A8-CF4EDFD72085 v1.0 KAPI Service endpoint
Bindings:
ncalrpc:[LRPC-c81a868489ef097ce6]
ncalrpc:[OLEDFD360977513F89AE0BCEED163D0]
ncalrpc:[LRPC-171d3ee97e364eb3e1]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
Protocol: N/A
Provider: N/A
UUID : 5222821F-D5E2-4885-84F1-5F6185A0EC41 v1.0 Network Connection Broker server endpoint for NCB Reset module
Bindings:
ncalrpc:[LRPC-171d3ee97e364eb3e1]
ncalrpc:[LRPC-f0299d6e783aaf1f02]
Protocol: N/A
Provider: N/A
UUID : A500D4C6-0DD1-4543-BC0C-D5F93486EAF8 v1.0
Bindings:
ncalrpc:[LRPC-271dc2a21a5aa0d93b]
ncalrpc:[LRPC-45c646a279b43cd0b9]
Protocol: N/A
Provider: dhcpcsvc.dll
UUID : 3C4728C5-F0AB-448B-BDA1-6CE01EB0A6D5 v1.0 DHCP Client LRPC Endpoint
Bindings:
ncalrpc:[dhcpcsvc]
ncalrpc:[dhcpcsvc6]
Protocol: N/A
Provider: dhcpcsvc6.dll
UUID : 3C4728C5-F0AB-448B-BDA1-6CE01EB0A6D6 v1.0 DHCPv6 Client LRPC Endpoint
Bindings:
ncalrpc:[dhcpcsvc6]
Protocol: [MS-EVEN6]: EventLog Remoting Protocol
Provider: wevtsvc.dll
UUID : F6BEAFF7-1E19-4FBB-9F8F-B89E2018337C v1.0 Event log TCPIP
Bindings:
ncacn_ip_tcp:10.10.11.187[49665]
ncacn_np:\\G0[\pipe\eventlog]
ncalrpc:[eventlog]
Protocol: N/A
Provider: gpsvc.dll
UUID : 2EB08E3E-639F-4FBA-97B1-14F878961076 v1.0 Group Policy RPC Interface
Bindings:
ncalrpc:[LRPC-f3761b0b26b937f351]
Protocol: N/A
Provider: N/A
UUID : 3A9EF155-691D-4449-8D05-09AD57031823 v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49666]
ncalrpc:[LRPC-bd1da2e4492b26dbf0]
ncalrpc:[ubpmtaskhostchannel]
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
Provider: schedsvc.dll
UUID : 86D35949-83C9-4044-B424-DB363231FD0C v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49666]
ncalrpc:[LRPC-bd1da2e4492b26dbf0]
ncalrpc:[ubpmtaskhostchannel]
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: N/A
Provider: N/A
UUID : 33D84484-3626-47EE-8C6F-E7E98B113BE1 v2.0
Bindings:
ncalrpc:[LRPC-bd1da2e4492b26dbf0]
ncalrpc:[ubpmtaskhostchannel]
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
Provider: taskcomp.dll
UUID : 378E52B0-C0A9-11CF-822D-00AA0051E40F v1.0
Bindings:
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
Provider: taskcomp.dll
UUID : 1FF70682-0A51-30E8-076D-740BE8CEE98B v1.0
Bindings:
ncacn_np:\\G0[\PIPE\atsvc]
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: N/A
Provider: schedsvc.dll
UUID : 0A74EF1C-41A4-4E06-83AE-DC74FB1CDD53 v1.0
Bindings:
ncalrpc:[LRPC-6892903aca29b37505]
Protocol: N/A
Provider: MPSSVC.dll
UUID : 2FB92682-6599-42DC-AE13-BD2CA89BD11C v1.0 Fw APIs
Bindings:
ncalrpc:[LRPC-d5622d147b6179cd49]
ncalrpc:[LRPC-cb5bb66fbb9dbd3679]
ncalrpc:[LRPC-795876b16d424d97bd]
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: N/A
UUID : F47433C3-3E9D-4157-AAD4-83AA1F5C2D4C v1.0 Fw APIs
Bindings:
ncalrpc:[LRPC-cb5bb66fbb9dbd3679]
ncalrpc:[LRPC-795876b16d424d97bd]
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: MPSSVC.dll
UUID : 7F9D11BF-7FB9-436B-A812-B2D50C5D4C03 v1.0 Fw APIs
Bindings:
ncalrpc:[LRPC-795876b16d424d97bd]
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: BFE.DLL
UUID : DD490425-5325-4565-B774-7E27D6C09C24 v1.0 Base Firewall Engine API
Bindings:
ncalrpc:[LRPC-f8299f6d45d1323cc8]
Protocol: N/A
Provider: N/A
UUID : 7F1343FE-50A9-4927-A778-0C5859517BAC v1.0 DfsDs service
Bindings:
ncacn_np:\\G0[\PIPE\wkssvc]
ncalrpc:[LRPC-3e642009d554092db4]
Protocol: N/A
Provider: N/A
UUID : EB081A0D-10EE-478A-A1DD-50995283E7A8 v3.0 Witness Client Test Interface
Bindings:
ncalrpc:[LRPC-3e642009d554092db4]
Protocol: N/A
Provider: N/A
UUID : F2C9B409-C1C9-4100-8639-D8AB1486694A v1.0 Witness Client Upcall Server
Bindings:
ncalrpc:[LRPC-3e642009d554092db4]
Protocol: N/A
Provider: N/A
UUID : 3473DD4D-2E88-4006-9CBA-22570909DD10 v5.1 WinHttp Auto-Proxy Service
Bindings:
ncalrpc:[cb42aa91-2931-47f3-ada9-45df9180d2ad]
ncalrpc:[LRPC-7008e18f8166a9b1a0]
Protocol: N/A
Provider: N/A
UUID : 0D3C7F20-1C8D-4654-A1B3-51563B298BDA v1.0 UserMgrCli
Bindings:
ncalrpc:[LRPC-dc10c32a2d449ded8a]
ncalrpc:[OLE8965A0C5A83544FD5C7EDC7BA48C]
Protocol: N/A
Provider: N/A
UUID : B18FBAB6-56F8-4702-84E0-41053293A869 v1.0 UserMgrCli
Bindings:
ncalrpc:[LRPC-dc10c32a2d449ded8a]
ncalrpc:[OLE8965A0C5A83544FD5C7EDC7BA48C]
Protocol: N/A
Provider: N/A
UUID : C2D1B5DD-FA81-4460-9DD6-E7658B85454B v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : F44E62AF-DAB1-44C2-8013-049A9DE417D6 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : 7AEB6705-3AE6-471A-882D-F39C109EDC12 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : E7F76134-9EF5-4949-A2D6-3368CC0988F3 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : B37F900A-EAE4-4304-A2AB-12BB668C0188 v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : ABFB6CA3-0C5E-4734-9285-0AEE72FE8D1C v1.0
Bindings:
ncalrpc:[LRPC-ca85d06685a65ba274]
ncalrpc:[OLE582D6E281AFD258E722254D71BE7]
Protocol: N/A
Provider: N/A
UUID : C49A5A70-8A7F-4E70-BA16-1E8F1F193EF1 v1.0 Adh APIs
Bindings:
ncalrpc:[OLE11ED2776AA435DA20CD0334C15D2]
ncalrpc:[TeredoControl]
ncalrpc:[TeredoDiagnostics]
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: N/A
UUID : C36BE077-E14B-4FE9-8ABC-E856EF4F048B v1.0 Proxy Manager client server endpoint
Bindings:
ncalrpc:[TeredoControl]
ncalrpc:[TeredoDiagnostics]
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: N/A
UUID : 2E6035B2-E8F1-41A7-A044-656B439C4C34 v1.0 Proxy Manager provider server endpoint
Bindings:
ncalrpc:[TeredoControl]
ncalrpc:[TeredoDiagnostics]
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: iphlpsvc.dll
UUID : 552D076A-CB29-4E44-8B6A-D15E59E2C0AF v1.0 IP Transition Configuration endpoint
Bindings:
ncalrpc:[LRPC-7177221a448905f907]
Protocol: N/A
Provider: N/A
UUID : 51A227AE-825B-41F2-B4A9-1AC9557A1018 v1.0 Ngc Pop Key Service
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: N/A
UUID : 8FB74744-B2FF-4C00-BE0D-9EF9A191FE1B v1.0 Ngc Pop Key Service
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: N/A
UUID : B25A52BF-E5DD-4F4A-AEA6-8CA7272A0E86 v2.0 KeyIso
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-NRPC]: Netlogon Remote Protocol
Provider: netlogon.dll
UUID : 12345678-1234-ABCD-EF00-01234567CFFB v1.0
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-RAA]: Remote Authorization API Protocol
Provider: N/A
UUID : 0B1C2170-5732-4E0E-8CD3-D9B16F3B84D7 v0.0 RemoteAccessCheck
Bindings:
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
ncalrpc:[NETLOGON_LRPC]
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote
Provider: lsasrv.dll
UUID : 12345778-1234-ABCD-EF00-0123456789AB v0.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
Provider: samsrv.dll
UUID : 12345778-1234-ABCD-EF00-0123456789AC v1.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49674]
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol
Provider: ntdsai.dll
UUID : E3514235-4B06-11D1-AB04-00C04FC2DCD2 v4.0 MS NT Directory DRS Interface
Bindings:
ncacn_np:\\G0[\pipe\8c2c69a49b2a9c0f]
ncacn_http:10.10.11.187[49673]
ncalrpc:[NTDS_LPC]
ncalrpc:[OLEB1739E5EFEAE991423D80F58FECF]
ncacn_ip_tcp:10.10.11.187[49667]
ncalrpc:[samss lpc]
ncalrpc:[SidKey Local End Point]
ncalrpc:[protected_storage]
ncalrpc:[lsasspirpc]
ncalrpc:[lsapolicylookup]
ncalrpc:[LSA_EAS_ENDPOINT]
ncalrpc:[lsacap]
ncalrpc:[LSARPC_ENDPOINT]
ncalrpc:[securityevent]
ncalrpc:[audit]
ncacn_np:\\G0[\pipe\lsass]
Protocol: N/A
Provider: N/A
UUID : 1A0D010F-1C33-432C-B0F5-8CF4E8053099 v1.0 IdSegSrv service
Bindings:
ncalrpc:[LRPC-9b07363cf1a8a7807e]
Protocol: N/A
Provider: srvsvc.dll
UUID : 98716D03-89AC-44C7-BB8C-285824E51C4A v1.0 XactSrv service
Bindings:
ncalrpc:[LRPC-9b07363cf1a8a7807e]
Protocol: N/A
Provider: N/A
UUID : DF4DF73A-C52D-4E3A-8003-8437FDF8302A v0.0 WM_WindowManagerRPC\Server
Bindings:
ncalrpc:[LRPC-dee8bcf7c373ba0737]
Protocol: [MS-PCQ]: Performance Counter Query Protocol
Provider: regsvc.dll
UUID : DA5A86C5-12C2-4943-AB30-7F74A813D853 v1.0 RemoteRegistry Perflib Interface
Bindings:
ncacn_np:\\G0[\PIPE\winreg]
Protocol: [MS-RRP]: Windows Remote Registry Protocol
Provider: regsvc.dll
UUID : 338CD001-2244-31F1-AAAA-900038001003 v1.0 RemoteRegistry Interface
Bindings:
ncacn_np:\\G0[\PIPE\winreg]
Protocol: [MS-SCMR]: Service Control Manager Remote Protocol
Provider: services.exe
UUID : 367ABB81-9844-35F1-AD32-98F038001003 v2.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49682]
Protocol: N/A
Provider: N/A
UUID : 98CD761E-E77D-41C8-A3C0-0FB756D90EC2 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : D22895EF-AFF4-42C5-A5B2-B14466D34AB4 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : E38F5360-8572-473E-B696-1B46873BEEAB v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : 95095EC8-32EA-4EB0-A3E2-041F97B36168 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : FD8BE72B-A9CD-4B2C-A9CA-4DED242FBE4D v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : 4C9DBF19-D39E-4BB9-90EE-8F7179B20283 v1.0
Bindings:
ncalrpc:[LRPC-c593fd8f2b2d962184]
Protocol: N/A
Provider: N/A
UUID : 2F5F6521-CB55-1059-B446-00DF0BCE31DB v1.0 Unimodem LRPC Endpoint
Bindings:
ncalrpc:[unimdmsvc]
ncalrpc:[tapsrvlpc]
ncacn_np:\\G0[\pipe\tapsrv]
Protocol: N/A
Provider: N/A
UUID : 650A7E26-EAB8-5533-CE43-9C1DFCE11511 v1.0 Vpn APIs
Bindings:
ncalrpc:[LRPC-25948deb3eab9cce74]
ncalrpc:[VpnikeRpc]
ncalrpc:[RasmanLrpc]
ncacn_np:\\G0[\PIPE\ROUTER]
Protocol: [MS-CMPO]: MSDTC Connection Manager:
Provider: msdtcprx.dll
UUID : 906B0CE0-C70B-1067-B317-00DD010662DA v1.0
Bindings:
ncalrpc:[LRPC-4828e437dec9196bfb]
ncalrpc:[OLEEEE03E7F54BEE90C0B5D8266C5A2]
ncalrpc:[LRPC-7f9871fdbf96c50a23]
ncalrpc:[LRPC-7f9871fdbf96c50a23]
ncalrpc:[LRPC-7f9871fdbf96c50a23]
Protocol: N/A
Provider: sysmain.dll
UUID : B58AA02E-2884-4E97-8176-4EE06D794184 v1.0
Bindings:
ncalrpc:[LRPC-8f04274777bbe4405e]
Protocol: N/A
Provider: N/A
UUID : 5C9A4CD7-BA75-45D2-9898-1773B3D1E5F1 v1.0 Device Install Service RPC Interface
Bindings:
ncalrpc:[LRPC-f6a37759cf8efeb780]
Protocol: N/A
Provider: N/A
UUID : F3F09FFD-FBCF-4291-944D-70AD6E0E73BB v1.0
Bindings:
ncalrpc:[LRPC-580f76660eedd99d22]
Protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
Provider: dns.exe
UUID : 50ABC2A4-574D-40B3-9D66-EE4FD5FBA076 v5.0
Bindings:
ncacn_ip_tcp:10.10.11.187[49690]
Protocol: N/A
Provider: N/A
UUID : 572E35B4-1344-4565-96A1-F5DF3BFA89BB v1.0 LiveIdSvcNotify RPC Interface
Bindings:
ncalrpc:[liveidsvcnotify]
Protocol: N/A
Provider: N/A
UUID : FAF2447B-B348-4FEB-8DBE-BEEE5B7F7778 v1.0 OnlineProviderCert RPC Interface
Bindings:
ncalrpc:[LRPC-6cd4557761c5ac60d7]
Protocol: N/A
Provider: N/A
UUID : CC105610-DA03-467E-BC73-5B9E2937458D v1.0 LiveIdSvc RPC Interface
Bindings:
ncalrpc:[LRPC-6cd4557761c5ac60d7]
Protocol: N/A
Provider: N/A
UUID : 64D1D045-F675-460B-8A94-570246B36DAB v1.0 CLIPSVC Default RPC Interface
Bindings:
ncalrpc:[ClipServiceTransportEndpoint-00001]
Protocol: [MS-FRS2]: Distributed File System Replication Protocol
Provider: dfsrmig.exe
UUID : 897E2E5F-93F3-4376-9C9C-FD2277495C27 v1.0 Frs2 Service
Bindings:
ncacn_ip_tcp:10.10.11.187[49699]
ncalrpc:[OLE6F73794928FBD5A0F4C50E8E733F]
Protocol: N/A
Provider: nrpsrv.dll
UUID : 30ADC50C-5CBC-46CE-9A0E-91914789E23C v1.0 NRP server endpoint
Bindings:
ncalrpc:[LRPC-e235c6840a1b7fa925]
[*] Received 419 endpoints.

2
HTB/flight/results/flight.htb/scans/tcp5985/tcp_5985_winrm-detection.txt Normal file
View File

@@ -0,0 +1,2 @@
WinRM was possibly detected running on tcp port 5985.
Check _manual_commands.txt for manual commands you can run against this service.

12
HTB/flight/results/flight.htb/scans/tcp88/tcp_88_kerberos_nmap.txt Normal file
View File

@@ -0,0 +1,12 @@
# Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv --reason -Pn -T4 -sV -p 88 --script=banner,krb5-enum-users -oN /home/kali/htb/flight/results/flight.htb/scans/tcp88/tcp_88_kerberos_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp88/xml/tcp_88_kerberos_nmap.xml flight.htb
Nmap scan report for flight.htb (10.10.11.187)
Host is up, received user-set (0.13s latency).
Scanned at 2023-02-08 13:31:18 CET for 16s
PORT STATE SERVICE REASON VERSION
88/tcp open kerberos-sec syn-ack ttl 127 Microsoft Windows Kerberos (server time: 2023-02-08 19:31:26Z)
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Feb 8 13:31:34 2023 -- 1 IP address (1 host up) scanned in 17.39 seconds

37
HTB/flight/results/flight.htb/scans/tcp88/xml/tcp_88_kerberos_nmap.xml Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:31:17 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 88 -&#45;script=banner,krb5-enum-users -oN /home/kali/htb/flight/results/flight.htb/scans/tcp88/tcp_88_kerberos_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp88/xml/tcp_88_kerberos_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 88 -&#45;script=banner,krb5-enum-users -oN /home/kali/htb/flight/results/flight.htb/scans/tcp88/tcp_88_kerberos_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/tcp88/xml/tcp_88_kerberos_nmap.xml flight.htb" start="1675859477" startstr="Wed Feb 8 13:31:17 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="88"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859477"/>
<taskend task="NSE" time="1675859477"/>
<taskbegin task="NSE" time="1675859477"/>
<taskend task="NSE" time="1675859477"/>
<taskbegin task="SYN Stealth Scan" time="1675859477"/>
<taskend task="SYN Stealth Scan" time="1675859478" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675859478"/>
<taskend task="Service scan" time="1675859484" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675859484"/>
<taskend task="NSE" time="1675859494"/>
<taskbegin task="NSE" time="1675859494"/>
<taskend task="NSE" time="1675859494"/>
<host starttime="1675859478" endtime="1675859494"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="88"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="kerberos-sec" product="Microsoft Windows Kerberos" extrainfo="server time: 2023-02-08 19:31:26Z" ostype="Windows" method="probed" conf="10"><cpe>cpe:/a:microsoft:kerberos</cpe><cpe>cpe:/o:microsoft:windows</cpe></service></port>
</ports>
<times srtt="130072" rttvar="130072" to="650360"/>
</host>
<taskbegin task="NSE" time="1675859494"/>
<taskend task="NSE" time="1675859494"/>
<taskbegin task="NSE" time="1675859494"/>
<taskend task="NSE" time="1675859494"/>
<runstats><finished time="1675859494" timestr="Wed Feb 8 13:31:34 2023" summary="Nmap done at Wed Feb 8 13:31:34 2023; 1 IP address (1 host up) scanned in 17.39 seconds" elapsed="17.39" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

92
HTB/flight/results/flight.htb/scans/xml/_full_tcp_nmap.xml Normal file
View File

@@ -0,0 +1,92 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:29:46 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -p- -oN /home/kali/htb/flight/results/flight.htb/scans/_full_tcp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_full_tcp_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -p- -oN /home/kali/htb/flight/results/flight.htb/scans/_full_tcp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_full_tcp_nmap.xml flight.htb" start="1675859386" startstr="Wed Feb 8 13:29:46 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="65535" services="1-65535"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="SYN Stealth Scan" time="1675859387"/>
<taskprogress task="SYN Stealth Scan" time="1675859418" percent="5.71" remaining="512" etc="1675859930"/>
<taskprogress task="SYN Stealth Scan" time="1675859448" percent="14.94" remaining="348" etc="1675859795"/>
<taskprogress task="SYN Stealth Scan" time="1675859478" percent="56.53" remaining="70" etc="1675859548"/>
<taskend task="SYN Stealth Scan" time="1675859506" extrainfo="65535 total ports"/>
<taskbegin task="Service scan" time="1675859506"/>
<taskend task="Service scan" time="1675859568" extrainfo="17 services on 1 host"/>
<taskbegin task="Traceroute" time="1675859573"/>
<taskend task="Traceroute" time="1675859573"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1675859573"/>
<taskend task="Parallel DNS resolution of 1 host." time="1675859584"/>
<taskbegin task="NSE" time="1675859584"/>
<taskprogress task="NSE" time="1675859615" percent="99.96" remaining="1" etc="1675859615"/>
<taskend task="NSE" time="1675859624"/>
<taskbegin task="NSE" time="1675859624"/>
<taskend task="NSE" time="1675859625"/>
<taskbegin task="NSE" time="1675859625"/>
<taskend task="NSE" time="1675859625"/>
<host starttime="1675859387" endtime="1675859625"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><extraports state="filtered" count="65518">
<extrareasons reason="no-response" count="65518" proto="tcp" ports="1-87,89-134,136-138,140-388,390-444,446-463,465-592,594-635,637-3267,3270-5984,5986-9388,9390-49666,49668-49672,49675-49689,49691-49698,49700-65535"/>
</extraports>
<port protocol="tcp" portid="88"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="kerberos-sec" product="Microsoft Windows Kerberos" extrainfo="server time: 2023-02-08 19:31:53Z" ostype="Windows" method="probed" conf="10"><cpe>cpe:/a:microsoft:kerberos</cpe><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="135"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="139"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="netbios-ssn" product="Microsoft Windows netbios-ssn" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="389"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="ldap" product="Microsoft Windows Active Directory LDAP" extrainfo="Domain: flight.htb0., Site: Default-First-Site-Name" hostname="G0" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="445"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="microsoft-ds" method="table" conf="3"/></port>
<port protocol="tcp" portid="464"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="kpasswd5" method="table" conf="3"/></port>
<port protocol="tcp" portid="593"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="ncacn_http" product="Microsoft Windows RPC over HTTP" version="1.0" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="636"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="tcpwrapped" method="probed" conf="8"/></port>
<port protocol="tcp" portid="3268"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="ldap" product="Microsoft Windows Active Directory LDAP" extrainfo="Domain: flight.htb0., Site: Default-First-Site-Name" hostname="G0" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="3269"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="tcpwrapped" method="probed" conf="8"/></port>
<port protocol="tcp" portid="5985"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="http" product="Microsoft HTTPAPI httpd" version="2.0" extrainfo="SSDP/UPnP" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service><script id="http-server-header" output="Microsoft-HTTPAPI/2.0"><elem>Microsoft-HTTPAPI/2.0</elem>
</script><script id="http-title" output="Not Found"><elem key="title">Not Found</elem>
</script></port>
<port protocol="tcp" portid="9389"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="mc-nmf" product=".NET Message Framing" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="49667"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="49673"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="ncacn_http" product="Microsoft Windows RPC over HTTP" version="1.0" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="49674"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="49690"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="49699"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
</ports>
<os><portused state="open" proto="tcp" portid="88"/>
<osfingerprint fingerprint="SCAN(V=7.93%E=4%D=2/8%OT=88%CT=%CU=%PV=Y%DS=2%DC=T%G=N%TM=63E396A9%P=x86_64-pc-linux-gnu)&#xa;SEQ(SP=105%GCD=1%ISR=10A%TS=U)&#xa;SEQ(SP=105%GCD=1%ISR=10A%II=I%TS=U)&#xa;OPS(O1=M54BNW8NNS%O2=M54BNW8NNS%O3=M54BNW8%O4=M54BNW8NNS%O5=M54BNW8NNS%O6=M54BNNS)&#xa;WIN(W1=FFFF%W2=FFFF%W3=FFFF%W4=FFFF%W5=FFFF%W6=FF70)&#xa;ECN(R=Y%DF=Y%TG=80%W=FFFF%O=M54BNW8NNS%CC=Y%Q=)&#xa;T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)&#xa;T2(R=N)&#xa;T3(R=N)&#xa;T4(R=N)&#xa;U1(R=N)&#xa;IE(R=Y%DFI=N%TG=80%CD=Z)&#xa;"/>
</os>
<distance value="2"/>
<tcpsequence index="261" difficulty="Good luck!" values="E9E31085,386F9668,1B0BFCF5,484CC0F5,66E91B4F,EDA48C79"/>
<ipidsequence class="Busy server or unknown class" values="DA8C,DA8F,DA90,DBAF,DBB3,DBB4"/>
<tcptssequence class="none returned (unsupported)"/>
<hostscript><script id="p2p-conficker" output="&#xa; Checking for Conficker.C or higher...&#xa; Check 1 (port 32072/tcp): CLEAN (Timeout)&#xa; Check 2 (port 24095/tcp): CLEAN (Timeout)&#xa; Check 3 (port 29173/udp): CLEAN (Timeout)&#xa; Check 4 (port 44855/udp): CLEAN (Timeout)&#xa; 0/4 checks are positive: Host is CLEAN or ports are blocked&#xa;"/><script id="smb2-security-mode" output="&#xa; 311: &#xa; Message signing enabled and required"><table key="311">
<elem>Message signing enabled and required</elem>
</table>
</script><script id="smb2-time" output="&#xa; date: 2023-02-08T19:33:09&#xa; start_date: N/A"><elem key="date">2023-02-08T19:33:09</elem>
<elem key="start_date">N/A</elem>
</script><script id="clock-skew" output="7h00m00s"><elem key="stddev">0</elem>
<elem key="count">1</elem>
<elem key="mean">25200</elem>
<elem key="median">25200</elem>
</script></hostscript><trace port="135" proto="tcp">
<hop ttl="1" ipaddr="10.10.16.1" rtt="24.75"/>
<hop ttl="2" ipaddr="10.10.11.187" rtt="24.76" host="flight.htb"/>
</trace>
<times srtt="29062" rttvar="6883" to="100000"/>
</host>
<taskbegin task="NSE" time="1675859625"/>
<taskend task="NSE" time="1675859625"/>
<taskbegin task="NSE" time="1675859625"/>
<taskend task="NSE" time="1675859625"/>
<taskbegin task="NSE" time="1675859625"/>
<taskend task="NSE" time="1675859625"/>
<runstats><finished time="1675859625" timestr="Wed Feb 8 13:33:45 2023" summary="Nmap done at Wed Feb 8 13:33:45 2023; 1 IP address (1 host up) scanned in 239.12 seconds" elapsed="239.12" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

82
HTB/flight/results/flight.htb/scans/xml/_quick_tcp_nmap.xml Normal file
View File

@@ -0,0 +1,82 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:29:46 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -oN /home/kali/htb/flight/results/flight.htb/scans/_quick_tcp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_quick_tcp_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -oN /home/kali/htb/flight/results/flight.htb/scans/_quick_tcp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_quick_tcp_nmap.xml flight.htb" start="1675859386" startstr="Wed Feb 8 13:29:46 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="SYN Stealth Scan" time="1675859387"/>
<taskend task="SYN Stealth Scan" time="1675859391" extrainfo="1000 total ports"/>
<taskbegin task="Service scan" time="1675859391"/>
<taskend task="Service scan" time="1675859413" extrainfo="8 services on 1 host"/>
<taskbegin task="Traceroute" time="1675859416"/>
<taskend task="Traceroute" time="1675859425"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1675859425"/>
<taskend task="Parallel DNS resolution of 1 host." time="1675859436"/>
<taskbegin task="NSE" time="1675859436"/>
<taskprogress task="NSE" time="1675859467" percent="99.91" remaining="1" etc="1675859467"/>
<taskend task="NSE" time="1675859476"/>
<taskbegin task="NSE" time="1675859476"/>
<taskend task="NSE" time="1675859477"/>
<taskbegin task="NSE" time="1675859477"/>
<taskend task="NSE" time="1675859477"/>
<host starttime="1675859387" endtime="1675859477"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.187" addrtype="ipv4"/>
<hostnames>
<hostname name="flight.htb" type="user"/>
<hostname name="flight.htb" type="PTR"/>
</hostnames>
<ports><extraports state="filtered" count="992">
<extrareasons reason="no-response" count="992" proto="tcp" ports="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,89-90,99-100,106,109-111,113,119,125,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,406-407,416-417,425,427,443-444,458,465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,616-617,625,631,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
</extraports>
<port protocol="tcp" portid="88"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="kerberos-sec" product="Microsoft Windows Kerberos" extrainfo="server time: 2023-02-08 19:29:59Z" ostype="Windows" method="probed" conf="10"><cpe>cpe:/a:microsoft:kerberos</cpe><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="135"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="139"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="netbios-ssn" product="Microsoft Windows netbios-ssn" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="389"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="ldap" product="Microsoft Windows Active Directory LDAP" extrainfo="Domain: flight.htb0., Site: Default-First-Site-Name" hostname="G0" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="445"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="microsoft-ds" method="table" conf="3"/></port>
<port protocol="tcp" portid="464"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="kpasswd5" method="table" conf="3"/></port>
<port protocol="tcp" portid="593"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="ncacn_http" product="Microsoft Windows RPC over HTTP" version="1.0" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
<port protocol="tcp" portid="636"><state state="open" reason="syn-ack" reason_ttl="127"/><service name="tcpwrapped" method="probed" conf="8"/></port>
</ports>
<os><portused state="open" proto="tcp" portid="88"/>
<osmatch name="Tomato 1.28 (Linux 2.4.20)" accuracy="100" line="46908">
<osclass type="WAP" vendor="Linux" osfamily="Linux" osgen="2.4.X" accuracy="100"><cpe>cpe:/o:linux:linux_kernel:2.4.20</cpe></osclass>
</osmatch>
<osmatch name="Tomato firmware (Linux 2.6.22)" accuracy="100" line="61639">
<osclass type="WAP" vendor="Linux" osfamily="Linux" osgen="2.6.X" accuracy="100"><cpe>cpe:/o:linux:linux_kernel:2.6.22</cpe></osclass>
</osmatch>
<osmatch name="Sony Ericsson U8i Vivaz mobile phone" accuracy="100" line="99090">
<osclass type="phone" vendor="Sony Ericsson" osfamily="embedded" accuracy="100"><cpe>cpe:/h:sonyericsson:u8i_vivaz</cpe></osclass>
</osmatch>
<osfingerprint fingerprint="OS:SCAN(V=7.93%E=4%D=2/8%OT=88%CT=%CU=%PV=Y%G=N%TM=63E39615%P=x86_64-pc-lin&#xa;OS:ux-gnu)ECN(R=N)T1(R=N)T2(R=N)T3(R=N)T4(R=N)U1(R=N)IE(R=N)&#xa;"/>
</os>
<hostscript><script id="p2p-conficker" output="&#xa; Checking for Conficker.C or higher...&#xa; Check 1 (port 32072/tcp): CLEAN (Timeout)&#xa; Check 2 (port 24095/tcp): CLEAN (Timeout)&#xa; Check 3 (port 29173/udp): CLEAN (Timeout)&#xa; Check 4 (port 44855/udp): CLEAN (Timeout)&#xa; 0/4 checks are positive: Host is CLEAN or ports are blocked&#xa;"/><script id="clock-skew" output="7h00m00s"><elem key="median">25200</elem>
<elem key="mean">25200</elem>
<elem key="count">1</elem>
<elem key="stddev">0</elem>
</script><script id="smb2-time" output="&#xa; date: 2023-02-08T19:30:41&#xa; start_date: N/A"><elem key="date">2023-02-08T19:30:41</elem>
<elem key="start_date">N/A</elem>
</script><script id="smb2-security-mode" output="&#xa; 311: &#xa; Message signing enabled and required"><table key="311">
<elem>Message signing enabled and required</elem>
</table>
</script></hostscript><trace port="135" proto="tcp">
<hop ttl="1" ipaddr="10.10.16.1" rtt="24.91"/>
</trace>
<times srtt="25992" rttvar="5130" to="100000"/>
</host>
<taskbegin task="NSE" time="1675859477"/>
<taskend task="NSE" time="1675859477"/>
<taskbegin task="NSE" time="1675859477"/>
<taskend task="NSE" time="1675859477"/>
<taskbegin task="NSE" time="1675859477"/>
<taskend task="NSE" time="1675859477"/>
<runstats><finished time="1675859477" timestr="Wed Feb 8 13:31:17 2023" summary="Nmap done at Wed Feb 8 13:31:17 2023; 1 IP address (1 host up) scanned in 90.67 seconds" elapsed="90.67" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

66
HTB/flight/results/flight.htb/scans/xml/_top_100_udp_nmap.xml Normal file
View File

@@ -0,0 +1,66 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Wed Feb 8 13:29:46 2023 as: nmap -vv -&#45;reason -Pn -T4 -sU -A -&#45;top-ports 100 -oN /home/kali/htb/flight/results/flight.htb/scans/_top_100_udp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_top_100_udp_nmap.xml flight.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sU -A -&#45;top-ports 100 -oN /home/kali/htb/flight/results/flight.htb/scans/_top_100_udp_nmap.txt -oX /home/kali/htb/flight/results/flight.htb/scans/xml/_top_100_udp_nmap.xml flight.htb" start="1675859386" startstr="Wed Feb 8 13:29:46 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="udp" protocol="udp" numservices="100" services="7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201,65024"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="NSE" time="1675859387"/>
<taskend task="NSE" time="1675859387"/>
<taskbegin task="UDP Scan" time="1675859387"/>
<taskend task="UDP Scan" time="1675859399" extrainfo="100 total ports"/>
<taskbegin task="Service scan" time="1675859399"/>
<taskprogress task="Service scan" time="1675859496" percent="2.00" remaining="4754" etc="1675864249"/>
<taskprogress task="Service scan" time="1675859594" percent="32.00" remaining="415" etc="1675860008"/>
<taskprogress task="Service scan" time="1675859691" percent="62.00" remaining="179" etc="1675859870"/>
<taskprogress task="Service scan" time="1675859789" percent="92.00" remaining="34" etc="1675859823"/>
<taskend task="Service scan" time="1675859789" extrainfo="100 services on 1 host"/>
<taskbegin task="Traceroute" time="1675859793"/>
<taskend task="Traceroute" time="1675859793"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1675859793"/>
<taskend task="Parallel DNS resolution of 1 host." time="1675859804"/>
<taskbegin task="NSE" time="1675859804"/>
<taskprogress task="NSE" time="1675859835" percent="98.57" remaining="1" etc="1675859835"/>
<taskprogress task="NSE" time="1675859865" percent="98.59" remaining="1" etc="1675859866"/>
<taskprogress task="NSE" time="1675859895" percent="98.62" remaining="2" etc="1675859896"/>
<taskprogress task="NSE" time="1675859925" percent="98.67" remaining="2" etc="1675859927"/>
<taskprogress task="NSE" time="1675859955" percent="98.68" remaining="3" etc="1675859957"/>
<taskprogress task="NSE" time="1675859985" percent="98.69" remaining="3" etc="1675859987"/>
<taskprogress task="NSE" time="1675860015" percent="98.75" remaining="3" etc="1675860018"/>
<taskprogress task="NSE" time="1675860045" percent="98.79" remaining="3" etc="1675860048"/>
<taskprogress task="NSE" time="1675860075" percent="98.83" remaining="4" etc="1675860078"/>
<taskprogress task="NSE" time="1675860105" percent="98.86" remaining="4" etc="1675860108"/>
<taskprogress task="NSE" time="1675860135" percent="98.88" remaining="4" etc="1675860139"/>
<taskprogress task="NSE" time="1675860165" percent="98.91" remaining="4" etc="1675860169"/>
<taskprogress task="NSE" time="1675860195" percent="98.92" remaining="5" etc="1675860199"/>
<taskprogress task="NSE" time="1675860225" percent="98.96" remaining="5" etc="1675860229"/>
<taskprogress task="NSE" time="1675860255" percent="99.00" remaining="5" etc="1675860260"/>
<taskprogress task="NSE" time="1675860285" percent="99.05" remaining="5" etc="1675860290"/>
<taskprogress task="NSE" time="1675860315" percent="99.07" remaining="5" etc="1675860320"/>
<taskprogress task="NSE" time="1675860345" percent="99.08" remaining="6" etc="1675860350"/>
<taskprogress task="NSE" time="1675860375" percent="99.11" remaining="6" etc="1675860380"/>
<taskprogress task="NSE" time="1675860405" percent="99.16" remaining="6" etc="1675860410"/>
<taskprogress task="NSE" time="1675860435" percent="99.18" remaining="6" etc="1675860440"/>
<taskprogress task="NSE" time="1675860465" percent="99.23" remaining="6" etc="1675860470"/>
<taskprogress task="NSE" time="1675860495" percent="99.26" remaining="6" etc="1675860500"/>
<taskprogress task="NSE" time="1675860525" percent="99.27" remaining="6" etc="1675860530"/>
<taskprogress task="NSE" time="1675860555" percent="99.32" remaining="6" etc="1675860560"/>
<taskprogress task="NSE" time="1675860585" percent="99.36" remaining="6" etc="1675860590"/>
<taskprogress task="NSE" time="1675860615" percent="99.40" remaining="5" etc="1675860620"/>
<taskprogress task="NSE" time="1675860645" percent="99.42" remaining="5" etc="1675860650"/>
<taskprogress task="NSE" time="1675860675" percent="99.44" remaining="5" etc="1675860680"/>
<taskprogress task="NSE" time="1675860705" percent="99.48" remaining="5" etc="1675860710"/>
<taskprogress task="NSE" time="1675860735" percent="99.50" remaining="5" etc="1675860740"/>
<taskprogress task="NSE" time="1675860765" percent="99.56" remaining="5" etc="1675860769"/>
<taskprogress task="NSE" time="1675860795" percent="99.58" remaining="5" etc="1675860799"/>
<taskprogress task="NSE" time="1675860826" percent="99.61" remaining="5" etc="1675860830"/>
<taskprogress task="NSE" time="1675861010" percent="99.63" remaining="5" etc="1675861015"/>
<taskprogress task="NSE" time="1675861046" percent="99.64" remaining="5" etc="1675861051"/>
<taskprogress task="NSE" time="1675861088" percent="99.64" remaining="5" etc="1675861093"/>
<taskprogress task="NSE" time="1675861123" percent="99.64" remaining="5" etc="1675861128"/>
<taskprogress task="NSE" time="1675861153" percent="99.64" remaining="5" etc="1675861158"/>