Microsoft-IIS 10.0
tcp/443 tcp/80
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767d3962741c23bfd32f75afa13ebf23ba0c0b0e8226b38af346
Found open SMB shares with Guest login ADMIN$ C$ IPC$ Updates$ Users
Open service 193.124.115.141:445
2024-05-22 21:52
SMB NTLMSSP handshake results: Found Windows 10.0 build 14393 NbComputerName: NIRVANA07-U2161 NbDomainName: NIRVANA07-U2161 DNSComputerName: nirvana07-u216187 DNSDomainName: nirvana07-u216187
Open service 193.124.115.141:445
2024-05-12 19:05
SMB NTLMSSP handshake results: Found Windows 10.0 build 14393 NbComputerName: NIRVANA07-U2161 NbDomainName: NIRVANA07-U2161 DNSComputerName: nirvana07-u216187 DNSDomainName: nirvana07-u216187
Open service 193.124.115.141:445
2024-05-08 13:43
SMB NTLMSSP handshake results: Found Windows 10.0 build 14393 NbComputerName: NIRVANA07-U2161 NbDomainName: NIRVANA07-U2161 DNSComputerName: nirvana07-u216187 DNSDomainName: nirvana07-u216187
Open service 193.124.115.141:80 · xn--174-5cdal1d4ajls.xn--p1ai
2024-05-07 15:17
HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Location: https://xn--174-5cdal1d4ajls.xn--p1ai/ Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Tue, 07 May 2024 15:17:44 GMT Connection: close Content-Length: 155 Page title: Object moved <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="https://xn--174-5cdal1d4ajls.xn--p1ai/">here</a>.</h2> </body></html>
Open service 193.124.115.141:443 · xn--174-5cdal1d4ajls.xn--p1ai
2024-05-07 15:17
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/10.0 Set-Cookie: ASP.NET_SessionId=zvb23gpkkdtmhgwxul3p2bsg; path=/; HttpOnly; SameSite=Lax X-AspNetMvc-Version: 5.2 X-Frame-Options: SAMEORIGIN X-AspNet-Version: 4.0.30319 Set-Cookie: ASP.NET_SessionId=zvb23gpkkdtmhgwxul3p2bsg; path=/; HttpOnly; SameSite=Lax Set-Cookie: __RequestVerificationToken=OSOGoCKvnQly150MrHrDJ7AZlHPzttaD4SH7r_-NZQK26heYAmRQjLeEFD1ZLz-Hj4Sr7eKJwqpWfKYMf9tZZL3fPjuF71ZED1iSH9gzXFg1; path=/; HttpOnly X-Powered-By: ASP.NET Date: Tue, 07 May 2024 15:17:48 GMT Connection: close Content-Length: 17976 <!DOCTYPE html> <html lang="ru"> <head> <meta charset="utf-8"> <title></title> <meta name="description" content=""> <meta name="keywords" content=""> <link rel="icon" href="/favicon.ico" type="image/x-icon"> <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes"> <meta name="MobileOptimized" content="320"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="cleartype" content="on"> <meta name="format-detection" content="telephone=no"> <link href="/Content/css?v=IJWu6Y313aFoLafaGPpa7G2woIwcF8YhHO-WA-0GTa81" rel="stylesheet"/> <!--<link href="/Content/override.css" type="text/css" rel="stylesheet" />--> <link href="https://cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/4.7.95/css/materialdesignicons.css" rel="stylesheet" /> <link href="https://fonts.googleapis.com/css?family=Rubik&subset=cyrillic" rel="stylesheet"> <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous"> <script src="https://code.jquery.com/jquery-3.3.1.min.js"></script> <style> .abs-center-x { position: absolute; left: 50%; transform: translateX(-50%); } </style> </head> <body> <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script> <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script> <header> <link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet"/> <nav class="navbar navbar-expand-lg navbar-light"> <div class="container"> <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarNavAltMarkup"> <span class="navbar-toggler-icon"></span> </button> <a class="navbar-brand" href="/"> <img src="/Img/logo.png" width="60" height="60" class="d-inline-block align-top" alt=""> </a> <div class="navbar-collapse collapse" id="navbarNavAltMarkup"> <ul class="navbar-nav nav-fill w-100"> <li class="nav-item"> <a class="nav-item nav-link active" href="#"> <a href="/">Забронировать рейс</a> </a> </li> <li class="nav-item"> <a class="nav-item nav-link" href="#"> <a href="/account/login">Вход в личный кабинет</a> </a> </li> <li class="nav-item"> <a class="nav-item nav-link" href="#"> <a href="/account/register">Регистрация</a> </a> </li> <li class="nav-item"> <a class="nav-item nav-link" href="#"> <a href="/page/rules">Правила перевозки</a> </a> </li> <li class="nav-item"> <a class="nav-item nav-link active" href="#"> <a href="/booking/change-culture/1">UA</a> </a> </li> </ul> </div> </div> </nav> </header> <div class="center-bl">
Open service 193.124.115.141:445
2024-04-30 19:32
SMB NTLMSSP handshake results: Found Windows 10.0 build 14393 NbComputerName: NIRVANA07-U2161 NbDomainName: NIRVANA07-U2161 DNSComputerName: nirvana07-u216187 DNSDomainName: nirvana07-u216187
Open service 193.124.115.141:445
2024-04-28 18:08
SMB NTLMSSP handshake results: Found Windows 10.0 build 14393 NbComputerName: NIRVANA07-U2161 NbDomainName: NIRVANA07-U2161 DNSComputerName: nirvana07-u216187 DNSDomainName: nirvana07-u216187