Microsoft-IIS 8.5
tcp/80
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767d3962741c23bfd32f75afa13e8639061d9c1f76946c43048e
Found open SMB shares with Guest login ADMIN$ C$ ChiPath DbSource IPC$
Open service 210.64.62.185:445
2024-09-27 23:14
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-09-25 20:19
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-09-23 21:42
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-09-15 21:58
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-09-13 22:32
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-09-11 23:48
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:80
2024-09-11 03:22
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Mon, 05 Jun 2017 09:50:51 GMT Accept-Ranges: bytes ETag: "41b6b537e1ddd21:0" Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Wed, 11 Sep 2024 03:22:44 GMT Connection: close Content-Length: 701 Page title: IIS Windows Server <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>IIS Windows Server</title> <style type="text/css"> <!-- body { color:#000000; background-color:#0072C6; margin:0; } #container { margin-left:auto; margin-right:auto; text-align:center; } a img { border:none; } --> </style> </head> <body> <div id="container"> <a href="http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409"><img src="iis-85.png" alt="IIS" width="960" height="600" /></a> </div> </body> </html>
Open service 210.64.62.185:21
2024-09-10 06:43
220 Microsoft FTP Service 500 Command not understood. 500 Command not understood. 500 Command not understood. 500 Command not understood. 214-The following commands are recognized (* ==>'s unimplemented). ABOR ACCT ADAT * ALLO APPE AUTH CCC CDUP CWD DELE ENC * EPRT EPSV FEAT HELP HOST LANG LIST MDTM MIC * MKD MODE NLST NOOP OPTS PASS PASV PBSZ PORT PROT PWD QUIT REIN REST RETR RMD RNFR RNTO SITE SIZE SMNT STAT STOR STOU STRU SYST TYPE USER XCUP XCWD XMKD XPWD XRMD 214 HELP command successful. 500 Command not understood. 500 Command not understood. 500 Command not understood.
Open service 210.64.62.185:445
2024-09-10 02:27
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-09-09 23:08
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-09-07 20:21
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER
Open service 210.64.62.185:445
2024-08-17 22:42
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: CHI-SERVER NbDomainName: CHI-SERVER DNSComputerName: CHI-SERVER DNSDomainName: CHI-SERVER