Apache 2.4.62
tcp/443 tcp/80 tcp/8089
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df372350d40013922645c7572645c7572645c757
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ IPC$ nobody
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df372350d4001392d4001392d4001392d4001392
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ IPC$
Open service 114.32.84.245:445
2024-09-15 23:51
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 114.32.84.245:445
2024-09-13 23:34
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 114.32.84.245:21
2024-09-12 06:35
220 (vsFTPd 3.0.3) 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS.
Open service 114.32.84.245:445
2024-09-12 01:02
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 114.32.84.245:80
2024-09-12 00:23
HTTP/1.1 403 Forbidden Date: Thu, 12 Sep 2024 00:23:40 GMT Server: Apache/2.4.62 (Debian) Content-Length: 278 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 403 Forbidden <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> <hr> <address>Apache/2.4.62 (Debian) Server at 114.32.84.245 Port 80</address> </body></html>
Open service 114.32.84.245:445
2024-09-11 09:48
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 114.32.84.245:8080
2024-09-10 05:40
HTTP/1.1 302 Found Connection: close Location: http://114.32.84.245/steve/manager/home
Open service 114.32.84.245:8089
2024-09-10 04:35
HTTP/1.1 403 Forbidden Date: Tue, 10 Sep 2024 04:35:55 GMT Server: Apache/2.4.62 (Debian) Content-Length: 278 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 403 Forbidden <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> <hr> <address>Apache/2.4.62 (Debian) Server at 114.32.84.245 Port 80</address> </body></html>
Open service 114.32.84.245:443
2024-09-09 22:32
HTTP/1.1 200 OK Date: Mon, 09 Sep 2024 22:32:10 GMT Server: Apache/2.4.62 (Debian) Last-Modified: Sun, 15 May 2022 05:58:07 GMT ETag: "131-5df06977c30c2" Accept-Ranges: bytes Content-Length: 305 Vary: Accept-Encoding Connection: close Content-Type: text/html <html> <body> <div id="root">Test</div> <script> var host = 'wss://foluswen.com:8018/websocket.php'; var socket = new WebSocket(host); socket.onmessage = function(e) { document.getElementById('root').innerHTML = e.data; }; </script> </body> </html>