Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767d3962741c23bfd32f75afa13e817ad4de068ebcbeb5be5506
Found open SMB shares with Guest login ADMIN$ C$ D D$ E E$ IPC$ Users
Severity: high
Fingerprint: 22420ce026fa767d3962741c23bfd32f75f972be9c7aff3f949fd069269e1e04
Found open SMB shares with Guest login ADMIN$ C C$ D D$ Data E E$ IPC$ print$ SAG Infotech TallyPrime2 Users
Open service 59.144.124.219:445
2024-06-19 22:37
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:445
2024-06-17 21:52
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:445
2024-06-15 23:01
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:445
2024-06-14 14:01
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:80
2024-06-14 01:31
HTTP/1.1 200 OK Content-Length: 18389 Accept-Ranges: bytes Content-Type: text/html; charset=UTF-8 X-XSS-Protection: 1; mode=block ETag: 77979fb9777457133 Date: Fri, 14 Jun 2024 01:30:10 GMT Expires: Sat, 15 Jun 2024 01:30:10 GMT Cache-Control: no-cache, must-revalidate, private, max-age=86400 Last-Modified: Wed, 03 Apr 2024 08:31:28 GMT Connection: close Page title: Web Access <!-- TEMPLATEVALUES]|[v1]|[Photo]|[Logon]|[127.0.0.1]|[3389]|[Web Access]|[Log on]|[#21183D]|[33, 24, 61]|[#FFFFFF]|[Verdana, Geneva, sans-serif]|[Connecting People and Systems Through Internet]|[13]|[#0A8AB1]|[software/java/img/header_web.png]|[software/java/img/footer.png]|[User name:]|[Password:]|[Domain:]|[Log on]|[]|[]|[]|[false]|[true]|[as_browser]|[remoteapp2+html5]|[true]|[false]|[false]|[true]|[text]|[7]|[32]|[4]|[0]|[15]|[true]|[yes]|[true]|[true]|[false]|[]|[Remote Applications Portal]|[Applications]|[Log Off]|[#AAAAAA]|[#CCCCCC]|[4]|[11]|[11]|[8]|[32]|[11]|[City]|[]|[2-step verification:]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[ --> <!doctype html> <html> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="X-Frame-Options" content="DENY" /> <meta http-equiv="X-XSS-Protection" content="1; mode=block" /> <meta http-equiv="cache-control" content="max-age=0" /> <meta http-equiv="cache-control" content="no-cache" /> <meta http-equiv="expires" content="0" /> <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" /> <meta http-equiv="pragma" content="no-cache" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Web Access</title> <script type="text/javascript" src="software/java/third/jws.js"></script> <script type="text/javascript" src="software/java/third/sha256.js"></script> <script type="text/javascript" src="software/remoteapp2.js"></script> <script type="text/javascript"> // --------------- Page Configuration --------------- var page_configuration = new Array(); page_configuration["access_type"] = "remoteapp2+html5"; // Client Type (specify the client to use with "remoteapp2" or "html5" (legacy client types: "java", "remoteapp") ; or let the user choose between several clients with "remoteapp2+html5") page_configuration["is_standard"] = true; // Standard Logon Web Page (do not edit this parameter - support only) page_configuration["show_domain"] = false; // Show a Domain field (true if it must be displayed, false otherwise) page_configuration["is_webcredentials"] = false; // Logon using WebCredentials (true if it is, false otherwise) page_configuration["allow_empty_password"] = false; // Allow empty Password field - only intended for WebCredentials (true if it allowed, false otherwise) page_configuration["show_password"] = true; // Show a Password field (true if it must be displayed, false otherwise) page_configuration["remember_credentials"] = true; // Remember login and domain in a cookie (true if must be remembered, false otherwise) page_configuration["applications_portal"] = ""; // Display Application Portal after logon ("your_page_applications.html" to display the application portal, "" to start remote connection directly after logon) // --------------- End of Page Configuration --------------- // --------------- Access Configuration --------------- var user = ""; // Login to use when connecting to the remote server (leave "" to use the login typed in this page) var pass = ""; // Password to use when connecting to the remote server (leave "" to use the password typed in this page) var domain = ""; // Domain to use when connecting to the remote server (leave "" to use the domain typed in this page) var server = "127.0.0.1"; // Server to connect to (leave "" to use localhost and/or the server chosen in this page) var port = ""; // Port to connect to (leave "" to use localhost and/or the port of the server chosen in this page) var lang = "as_browser"; // Language to use var serverhtml5 = "127.0.0.1"; // Server to connect to, when using HTML5 client var porthtml5 = "2024"; var cmdline = ""; // Optional text that will be put in the s
Open service 59.144.124.219:80
2024-06-13 01:22
HTTP/1.1 200 OK Content-Length: 18389 Accept-Ranges: bytes Content-Type: text/html; charset=UTF-8 X-XSS-Protection: 1; mode=block ETag: 77979fb9777457133 Date: Thu, 13 Jun 2024 01:21:48 GMT Expires: Fri, 14 Jun 2024 01:21:48 GMT Cache-Control: no-cache, must-revalidate, private, max-age=86400 Last-Modified: Wed, 03 Apr 2024 08:31:28 GMT Connection: close Page title: Web Access <!-- TEMPLATEVALUES]|[v1]|[Photo]|[Logon]|[127.0.0.1]|[3389]|[Web Access]|[Log on]|[#21183D]|[33, 24, 61]|[#FFFFFF]|[Verdana, Geneva, sans-serif]|[Connecting People and Systems Through Internet]|[13]|[#0A8AB1]|[software/java/img/header_web.png]|[software/java/img/footer.png]|[User name:]|[Password:]|[Domain:]|[Log on]|[]|[]|[]|[false]|[true]|[as_browser]|[remoteapp2+html5]|[true]|[false]|[false]|[true]|[text]|[7]|[32]|[4]|[0]|[15]|[true]|[yes]|[true]|[true]|[false]|[]|[Remote Applications Portal]|[Applications]|[Log Off]|[#AAAAAA]|[#CCCCCC]|[4]|[11]|[11]|[8]|[32]|[11]|[City]|[]|[2-step verification:]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[ --> <!doctype html> <html> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="X-Frame-Options" content="DENY" /> <meta http-equiv="X-XSS-Protection" content="1; mode=block" /> <meta http-equiv="cache-control" content="max-age=0" /> <meta http-equiv="cache-control" content="no-cache" /> <meta http-equiv="expires" content="0" /> <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" /> <meta http-equiv="pragma" content="no-cache" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Web Access</title> <script type="text/javascript" src="software/java/third/jws.js"></script> <script type="text/javascript" src="software/java/third/sha256.js"></script> <script type="text/javascript" src="software/remoteapp2.js"></script> <script type="text/javascript"> // --------------- Page Configuration --------------- var page_configuration = new Array(); page_configuration["access_type"] = "remoteapp2+html5"; // Client Type (specify the client to use with "remoteapp2" or "html5" (legacy client types: "java", "remoteapp") ; or let the user choose between several clients with "remoteapp2+html5") page_configuration["is_standard"] = true; // Standard Logon Web Page (do not edit this parameter - support only) page_configuration["show_domain"] = false; // Show a Domain field (true if it must be displayed, false otherwise) page_configuration["is_webcredentials"] = false; // Logon using WebCredentials (true if it is, false otherwise) page_configuration["allow_empty_password"] = false; // Allow empty Password field - only intended for WebCredentials (true if it allowed, false otherwise) page_configuration["show_password"] = true; // Show a Password field (true if it must be displayed, false otherwise) page_configuration["remember_credentials"] = true; // Remember login and domain in a cookie (true if must be remembered, false otherwise) page_configuration["applications_portal"] = ""; // Display Application Portal after logon ("your_page_applications.html" to display the application portal, "" to start remote connection directly after logon) // --------------- End of Page Configuration --------------- // --------------- Access Configuration --------------- var user = ""; // Login to use when connecting to the remote server (leave "" to use the login typed in this page) var pass = ""; // Password to use when connecting to the remote server (leave "" to use the password typed in this page) var domain = ""; // Domain to use when connecting to the remote server (leave "" to use the domain typed in this page) var server = "127.0.0.1"; // Server to connect to (leave "" to use localhost and/or the server chosen in this page) var port = ""; // Port to connect to (leave "" to use localhost and/or the port of the server chosen in this page) var lang = "as_browser"; // Language to use var serverhtml5 = "127.0.0.1"; // Server to connect to, when using HTML5 client var porthtml5 = "2024"; var cmdline = ""; // Optional text that will be put in the s
Open service 59.144.124.219:445
2024-06-11 21:47
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:445
2024-06-09 21:31
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:445
2024-06-07 22:04
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:445
2024-06-05 20:17
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:445
2024-06-03 21:25
SMB NTLMSSP handshake results: Found Windows 6.3 build 9600 NbComputerName: TALLYSERVER NbDomainName: TALLYSERVER DNSComputerName: tallyserver DNSDomainName: tallyserver
Open service 59.144.124.219:443
2024-06-02 11:45
HTTP/1.1 200 OK Content-Length: 18389 Accept-Ranges: bytes Content-Type: text/html; charset=UTF-8 X-XSS-Protection: 1; mode=block ETag: 77979fb9777457133 Date: Sun, 02 Jun 2024 11:45:33 GMT Expires: Mon, 03 Jun 2024 11:45:33 GMT Cache-Control: no-cache, must-revalidate, private, max-age=86400 Last-Modified: Wed, 03 Apr 2024 08:31:28 GMT Connection: close Page title: Web Access <!-- TEMPLATEVALUES]|[v1]|[Photo]|[Logon]|[127.0.0.1]|[3389]|[Web Access]|[Log on]|[#21183D]|[33, 24, 61]|[#FFFFFF]|[Verdana, Geneva, sans-serif]|[Connecting People and Systems Through Internet]|[13]|[#0A8AB1]|[software/java/img/header_web.png]|[software/java/img/footer.png]|[User name:]|[Password:]|[Domain:]|[Log on]|[]|[]|[]|[false]|[true]|[as_browser]|[remoteapp2+html5]|[true]|[false]|[false]|[true]|[text]|[7]|[32]|[4]|[0]|[15]|[true]|[yes]|[true]|[true]|[false]|[]|[Remote Applications Portal]|[Applications]|[Log Off]|[#AAAAAA]|[#CCCCCC]|[4]|[11]|[11]|[8]|[32]|[11]|[City]|[]|[2-step verification:]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[]|[ --> <!doctype html> <html> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="X-Frame-Options" content="DENY" /> <meta http-equiv="X-XSS-Protection" content="1; mode=block" /> <meta http-equiv="cache-control" content="max-age=0" /> <meta http-equiv="cache-control" content="no-cache" /> <meta http-equiv="expires" content="0" /> <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" /> <meta http-equiv="pragma" content="no-cache" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Web Access</title> <script type="text/javascript" src="software/java/third/jws.js"></script> <script type="text/javascript" src="software/java/third/sha256.js"></script> <script type="text/javascript" src="software/remoteapp2.js"></script> <script type="text/javascript"> // --------------- Page Configuration --------------- var page_configuration = new Array(); page_configuration["access_type"] = "remoteapp2+html5"; // Client Type (specify the client to use with "remoteapp2" or "html5" (legacy client types: "java", "remoteapp") ; or let the user choose between several clients with "remoteapp2+html5") page_configuration["is_standard"] = true; // Standard Logon Web Page (do not edit this parameter - support only) page_configuration["show_domain"] = false; // Show a Domain field (true if it must be displayed, false otherwise) page_configuration["is_webcredentials"] = false; // Logon using WebCredentials (true if it is, false otherwise) page_configuration["allow_empty_password"] = false; // Allow empty Password field - only intended for WebCredentials (true if it allowed, false otherwise) page_configuration["show_password"] = true; // Show a Password field (true if it must be displayed, false otherwise) page_configuration["remember_credentials"] = true; // Remember login and domain in a cookie (true if must be remembered, false otherwise) page_configuration["applications_portal"] = ""; // Display Application Portal after logon ("your_page_applications.html" to display the application portal, "" to start remote connection directly after logon) // --------------- End of Page Configuration --------------- // --------------- Access Configuration --------------- var user = ""; // Login to use when connecting to the remote server (leave "" to use the login typed in this page) var pass = ""; // Password to use when connecting to the remote server (leave "" to use the password typed in this page) var domain = ""; // Domain to use when connecting to the remote server (leave "" to use the domain typed in this page) var server = "127.0.0.1"; // Server to connect to (leave "" to use localhost and/or the server chosen in this page) var port = ""; // Port to connect to (leave "" to use localhost and/or the port of the server chosen in this page) var lang = "as_browser"; // Language to use var serverhtml5 = "127.0.0.1"; // Server to connect to, when using HTML5 client var porthtml5 = "2024"; var cmdline = ""; // Optional text that will be put in the s