Apache 2.4.10
tcp/8081
PRTG
tcp/8080
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767d3962741c23bfd32f75afa13eb25d195ea821ba6c221ed954
Found open SMB shares with Guest login ADMIN$ C$ D$ IPC$ Users
Open service 201.219.117.58:445
2024-06-19 21:49
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:445
2024-06-17 21:47
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:445
2024-06-15 23:32
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:8081
2024-06-15 22:11
HTTP/1.1 200 OK Date: Sat, 15 Jun 2024 22:11:31 GMT Server: Apache/2.4.10 (Win64) Last-Modified: Tue, 12 Jun 2007 01:53:14 GMT ETag: "2e-432abc2b0b680" Accept-Ranges: bytes Content-Length: 46 Connection: close Content-Type: text/html <html><body><h1>It works!</h1></body></html>
Open service 201.219.117.58:445
2024-06-15 07:34
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:8080
2024-06-14 13:59
HTTP/1.1 302 Moved Temporarily Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 0 Date: Fri, 14 Jun 2024 13:59:51 GMT Expires: 0 Cache-Control: no-cache X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Server: PRTG Location: /index.htm
Open service 201.219.117.58:3306
2024-06-13 22:27
MySQL detected
Open service 201.219.117.58:445
2024-06-13 12:22
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:8081
2024-06-13 11:53
HTTP/1.1 200 OK Date: Thu, 13 Jun 2024 11:53:12 GMT Server: Apache/2.4.10 (Win64) Last-Modified: Tue, 12 Jun 2007 01:53:14 GMT ETag: "2e-432abc2b0b680" Accept-Ranges: bytes Content-Length: 46 Connection: close Content-Type: text/html <html><body><h1>It works!</h1></body></html>
Open service 201.219.117.58:8080
2024-06-13 00:11
HTTP/1.1 302 Moved Temporarily Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 0 Date: Thu, 13 Jun 2024 00:11:50 GMT Expires: 0 Cache-Control: no-cache X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Server: PRTG Location: /index.htm
Open service 201.219.117.58:445
2024-06-11 21:00
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:445
2024-06-09 20:15
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:445
2024-06-07 21:19
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT
Open service 201.219.117.58:445
2024-06-05 20:26
SMB NTLMSSP handshake results: Found Windows 6.1 build 7601 NbComputerName: WIN-KHKOK61SNKT NbDomainName: WIN-KHKOK61SNKT DNSComputerName: WIN-KHKOK61SNKT DNSDomainName: WIN-KHKOK61SNKT