Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767de22ea8c36c5d6f05bfaa039bf984d35410be6bcfdeea130a
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON TIME CAPSULE Lost Found DATA 2021-11-13 Old Disk 1 Photo Archive Photo Archive 1 Photo Archive 2 Photo Archive Test 1 iPhones Backup completed1 Filmy Video 2 Desktop 2016 11 19 Mamulkin kompiuter SONY HD Camera STUDIJA FOTOLOBIS completed2 Multimedia Download Web Public homes transmission completed incomplete home IPC$
Open service 78.56.105.137:445
2024-09-15 23:52
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 78.56.105.137:445
2024-09-13 23:39
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 78.56.105.137:445
2024-09-12 01:33
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 78.56.105.137:80
2024-09-12 00:20
HTTP/1.1 200 OK Server: http server 1.0 Content-type: text/html; charset=UTF-8 Date: Thu, 12 Sep 2024 00:20:28 GMT Last-modified: Sun, 14 Jul 2024 11:11:22 GMT Accept-Ranges: bytes Connection: close Content-length: 291 <html><head><meta http-equiv="Pragma" content="no-cache"><meta http-equiv="expires" content="0"><script> if(location.hostname.indexOf(':') == -1){location.href='http://'+location.hostname+':'+8080+'/'; }else{location.href='http://['+location.hostname+']:'+8080+'/';} </script></head></html>
Open service 78.56.105.137:8080
2024-09-10 09:41
HTTP/1.1 200 OK Date: Tue, 10 Sep 2024 09:41:03 GMT Server: http server 1.0 Content-type: text/html; charset=UTF-8 Last-modified: Wed, 19 Jun 2024 08:21:11 GMT Accept-Ranges: bytes Content-length: 580 Vary: Accept-Encoding Connection: close <html style="background:#007cef"> <head> <meta http-equiv="expires" content="0"> <script type='text/javascript'> pr=(document.location.protocol == 'https:') ? 'https' : 'http'; pt=(location.port == '') ? '' : ':' + location.port; redirect_suffix = "/redirect.html?count="+Math.random(); if(location.hostname.indexOf(':') == -1) { location.href=pr+"://"+location.hostname+pt+redirect_suffix; } else //could be ipv6 addr { var url = ""; url=pr+"://["+ location.hostname.replace(/[\[\]]/g, '') +"]"+pt+redirect_suffix; location.href = url; } </script> </head> <body> </body> </html>