CTF/HTB/flight/results/flight.htb/scans/tcp139/enum4linux.txt

Starting enum4linux v0.9.1 ( http://labs.portcullis.co.uk/application/enum4linux/ ) on Wed Feb  8 13:31:17 2023

 =========================================( Target Information )=========================================

Target ........... flight.htb
RID Range ........ 500-550,1000-1050
Username ......... ''
Password ......... ''
Known Usernames .. administrator, guest, krbtgt, domain admins, root, bin, none


 =============================( Enumerating Workgroup/Domain on flight.htb )=============================


[E] Can't find workgroup/domain



 =================================( Nbtstat Information for flight.htb )=================================

Looking up status of 10.10.11.187
No reply from 10.10.11.187

 ====================================( Session Check on flight.htb )====================================


[+] Server flight.htb allows sessions using username '', password ''


 ============================( Getting information via LDAP for flight.htb )============================


[+] flight.htb appears to be a child DC


 =================================( Getting domain SID for flight.htb )=================================

Domain Name: flight
Domain Sid: S-1-5-21-4078382237-1492182817-2568127209

[+] Host is part of a domain (not a workgroup)


 ====================================( OS information on flight.htb )====================================


[E] Can't get OS info with smbclient


[+] Got OS info for flight.htb from srvinfo:
do_cmd: Could not initialise srvsvc. Error was NT_STATUS_ACCESS_DENIED


 ========================================( Users on flight.htb )========================================


[E] Couldn't find users using querydispinfo: NT_STATUS_ACCESS_DENIED



[E] Couldn't find users using enumdomusers: NT_STATUS_ACCESS_DENIED


 =================================( Machine Enumeration on flight.htb )=================================


[E] Not implemented in this version of enum4linux.


 ==================================( Share Enumeration on flight.htb )==================================

do_connect: Connection to flight.htb failed (Error NT_STATUS_RESOURCE_NAME_NOT_FOUND)

	Sharename       Type      Comment
	---------       ----      -------
Reconnecting with SMB1 for workgroup listing.
Unable to connect with SMB1 -- no workgroup available

[+] Attempting to map shares on flight.htb


 =============================( Password Policy Information for flight.htb )=============================


[E] Unexpected error from polenum:



[+] Attaching to flight.htb using a NULL share

[+] Trying protocol 139/SMB...

	[!] Protocol failed: Cannot request session (Called Name:FLIGHT.HTB)

[+] Trying protocol 445/SMB...

	[!] Protocol failed: SAMR SessionError: code: 0xc0000022 - STATUS_ACCESS_DENIED - {Access Denied} A process has requested access to an object but has not been granted those access rights.



[E] Failed to get password policy with rpcclient



 ========================================( Groups on flight.htb )========================================


[+] Getting builtin groups:


[+]  Getting builtin group memberships:


[+]  Getting local groups:


[+]  Getting local group memberships:


[+]  Getting domain groups:


[+]  Getting domain group memberships:


 ===================( Users on flight.htb via RID cycling (RIDS: 500-550,1000-1050) )===================


[E] Couldn't get SID: NT_STATUS_ACCESS_DENIED.  RID cycling not possible.


 ================================( Getting printer info for flight.htb )================================

do_cmd: Could not initialise spoolss. Error was NT_STATUS_ACCESS_DENIED


enum4linux complete on Wed Feb  8 13:31:44 2023