MiniServ
tcp/10000
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df37235064a429ca3c63913908a97d49a1d422ed
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ B-Young Interno B-Young Projetos B-Young Tecnologia Arquivos Digitalizados IPC$ Lexmark_MX511de_6_ Lexmark_MX410de_4_ Lexmark_MX511de_2_ Lexmark_MX511de Lexmark_MX511de_8_ Lexmark_MX511de_7_ Samsung_M337x_387x_407x_Series Samsung_M337x_387x_407x_Series_SEC30CDA75D4893_ Lexmark_MX511de_5_
Open service 177.26.126.142:445
2024-09-15 23:49
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 177.26.126.142:445
2024-09-13 23:20
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 177.26.126.142:445
2024-09-11 23:20
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 177.26.126.142:10000
2024-09-11 01:16
HTTP/1.0 200 Document follows Date: Wed, 11 Sep 2024 01:16:59 GMT Server: MiniServ Connection: close Auth-type: auth-required=1 Set-Cookie: redirect=1; path=/; secure; httpOnly Set-Cookie: testing=1; path=/; secure; httpOnly X-Frame-Options: SAMEORIGIN Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; child-src 'self' X-Content-Type-Options: nosniff X-no-links: 1 Content-type: text/html; Charset=UTF-8 Page title: Login to Webmin <!DOCTYPE HTML> <html data-bgs="gainsboro" class="session_login"> <head> <meta name="color-scheme" content="only light"> <noscript> <style> html[data-bgs="gainsboro"] { background-color: #d6d6d6; } html[data-bgs="nightRider"] { background-color: #1a1c20; } html[data-bgs="nightRider"] div[data-noscript] { color: #979ba080; } html[data-slider-fixed='1'] { margin-right: 0 !important; } body > div[data-noscript] ~ * { display: none !important; } div[data-noscript] { visibility: hidden; animation: 2s noscript-fadein; animation-delay: 1s; text-align: center; animation-fill-mode: forwards; } @keyframes noscript-fadein { 0% { opacity: 0; } 100% { visibility: visible; opacity: 1; } } </style> <div data-noscript> <div class="fa fa-3x fa-exclamation-triangle margined-top-20 text-danger"></div> <h2>JavaScript is disabled</h2> <p>Please enable javascript and refresh the page</p> </div> </noscript> <meta charset="utf-8"> <link data-link-ref rel="apple-touch-icon" sizes="180x180" href="/images/favicons/webmin/apple-touch-icon.png"> <link data-link-ref rel="icon" type="image/png" sizes="32x32" href="/images/favicons/webmin/favicon-32x32.png"> <link data-link-ref rel="icon" type="image/png" sizes="192x192" href="/images/favicons/webmin/android-chrome-192x192.png"> <link data-link-ref rel="icon" type="image/png" sizes="16x16" href="/images/favicons/webmin/favicon-16x16.png"> <link data-link-ref rel="mask-icon" href="/images/favicons/webmin/safari-pinned-tab.svg" color="#004090"> <meta data-link-ref name="msapplication-TileImage" content="/images/favicons/webmin/mstile-150x150.png"> <meta name="msapplication-TileColor" content="#004090"> <meta name="theme-color" content="#004090"> <script src="/service-worker.js" type="application/javascript" defer></script> <link data-link-ref crossorigin="use-credentials" rel="manifest" href="/manifest-webmin.json"> <title>Login to Webmin</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="/unauthenticated/css/bundle.min.css?2120700009999999999" rel="stylesheet"> <script>document.addEventListener("DOMContentLoaded", function(event) {var a=document.querySelectorAll('input[type="password"]');i=0; for(length=a.length;i<length;i++){var b=document.createElement("span"),d=30<a[i].offsetHeight?1:0;b.classList.add("input_warning_caps");b.setAttribute("title","Caps Lock");d&&b.classList.add("large");a[i].classList.add("use_input_warning_caps");a[i].parentNode.insertBefore(b,a[i].nextSibling);a[i].addEventListener("blur",function(){this.nextSibling.classList.remove("visible")});a[i].addEventListener("keydown",function(c){"function"===typeof c.getModifierState&&((state=20===c.keyCode?!c.getModifierState("CapsLock"): c.getModifierState("CapsLock"))?this.nextSibling.classList.add("visible"):this.nextSibling.classList.remove("visible"))})};});function spinner() {var x = document.querySelector('button i.fa-sign-in:not(.invisible)') || document.querySelector('button i.fa-qrcode:not(.invisible)'),s = '<span class="cspinner_container"><span class="cspinner"><span class="cspinner-icon white small"></span></span></span>';if(x){x.classList.add("invisible"); x.insertAdjacentHTML('afterend', s);x.parentNode.classList.add("disabled");x.parentNode.disabled=true}}setTimeout(function(){if(navigator&&navigator.oscpu){var t=navigator.oscpu,i=document.querySelector("html"),e="data-platform";t.indexOf("Linux")>-1?i.setAttribute(e,"linux"):t.indexOf("Windows")>-1&&i.setAttribute(e,"windows")}});</script> <link href="/unauthenticated/css/fonts-roboto.min.css?2120700009999999999" rel="stylesheet"> </head> <body class="session_login" > <div class="container session_login" data-dcontainer="1"> <form class="form-signin session_login clearfix" action="/session_login.cgi" method="post" role="form" onsubmit="spinner()"> <i class="wbm-webmin"></i><h2 class="form-signin-heading"><span> Webmin</span></h2> <p class="form-signin-paragraph">You must enter a username and password to login to the server on<strong> 177.26.126.142</strong></p> <div class="input-group form-group"> <input class="form-con
Open service 177.26.126.142:21
2024-09-10 07:46
220 ProFTPD Server (Debian) [::ffff:192.168.15.4]
Open service 177.26.126.142:445
2024-09-10 01:52
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0