MiniServ 1.979
tcp/10000
TwistedWeb 20.3.0dev0
tcp/443
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df372350d4001392847ba6ad0ddef8cc519d7d85
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ IPC$ HP_LaserJet_400_M401dn_ECDC61_24 HP_LaserJet_Pro_MFP_M125nw_06D97E_ mn
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df372350d4001392847ba6ad0ddef8cc5d001d53
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ IPC$ HP_LaserJet_400_M401dn_ECDC61_24 HP_LaserJet_Pro_MFP_M125nw_06D97E_ reception_MAC_UGSH0_NEWS_MPOOZA mn
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df372350d4001392b57f700fb57f700fb57f700f
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ IPC$ mn
Open service 81.199.19.221:445
2024-09-15 23:52
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 81.199.19.221:445
2024-09-13 23:39
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 81.199.19.221:445
2024-09-12 01:30
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 81.199.19.221:10000
2024-09-11 04:43
HTTP/1.0 200 Document follows Date: Wed, 11 Sep 2024 04:43:50 GMT Server: MiniServ/1.979 Connection: close Auth-type: auth-required=1 Set-Cookie: redirect=1; path=/; secure; httpOnly Set-Cookie: testing=1; path=/; secure; httpOnly X-Frame-Options: SAMEORIGIN Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self'; child-src 'self' X-Content-Type-Options: nosniff X-no-links: 1 Content-type: text/html; Charset=UTF-8 Page title: Login to Webmin <!DOCTYPE HTML> <html data-bgs="gainsboro" class="session_login"> <head> <noscript> <style> html[data-bgs="gainsboro"] { background-color: #d6d6d6; } html[data-bgs="nightRider"] { background-color: #1a1c20; } html[data-bgs="nightRider"] div[data-noscript] { color: #979ba080; } html[data-slider-fixed='1'] { margin-right: 0 !important; } body > div[data-noscript] ~ * { display: none !important; } div[data-noscript] { visibility: hidden; animation: 2s noscript-fadein; animation-delay: 1s; text-align: center; animation-fill-mode: forwards; } @keyframes noscript-fadein { 0% { opacity: 0; } 100% { visibility: visible; opacity: 1; } } </style> <div data-noscript> <div class="fa fa-3x fa-exclamation-triangle margined-top-20 text-danger"></div> <h2>JavaScript is disabled</h2> <p>Please enable javascript and refresh the page</p> </div> </noscript> <meta charset="utf-8"> <link data-link-ref rel="apple-touch-icon" sizes="180x180" href="/images/favicons/webmin/apple-touch-icon.png"> <link data-link-ref rel="icon" type="image/png" sizes="32x32" href="/images/favicons/webmin/favicon-32x32.png"> <link data-link-ref rel="icon" type="image/png" sizes="192x192" href="/images/favicons/webmin/android-chrome-192x192.png"> <link data-link-ref rel="icon" type="image/png" sizes="16x16" href="/images/favicons/webmin/favicon-16x16.png"> <link data-link-ref crossorigin="use-credentials" rel="manifest" href="/images/favicons/webmin/manifest.json"> <link data-link-ref rel="mask-icon" href="/images/favicons/webmin/safari-pinned-tab.svg" color=""> <meta data-link-ref name="msapplication-TileImage" content="/images/favicons/webmin/mstile-144x144.png"> <meta name="msapplication-TileColor" content=""> <meta name="theme-color" content=""> <title>Login to Webmin</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="/unauthenticated/css/bundle.min.css?19819999999999901" rel="stylesheet"> <script>document.addEventListener("DOMContentLoaded", function(event) {var a=document.querySelectorAll('input[type="password"]');i=0; for(length=a.length;i<length;i++){var b=document.createElement("span"),d=30<a[i].offsetHeight?1:0;b.classList.add("input_warning_caps");b.setAttribute("title","Caps Lock");d&&b.classList.add("large");a[i].classList.add("use_input_warning_caps");a[i].parentNode.insertBefore(b,a[i].nextSibling);a[i].addEventListener("blur",function(){this.nextSibling.classList.remove("visible")});a[i].addEventListener("keydown",function(c){"function"===typeof c.getModifierState&&((state=20===c.keyCode?!c.getModifierState("CapsLock"): c.getModifierState("CapsLock"))?this.nextSibling.classList.add("visible"):this.nextSibling.classList.remove("visible"))})};});function spinner() {var x = document.querySelector('button i.fa-sign-in:not(.invisible)') || document.querySelector('button i.fa-qrcode:not(.invisible)'),s = '<span class="cspinner_container"><span class="cspinner"><span class="cspinner-icon white small"></span></span></span>';if(x){x.classList.add("invisible"); x.insertAdjacentHTML('afterend', s);x.parentNode.classList.add("disabled");x.parentNode.disabled=true}}setTimeout(function(){if(navigator&&navigator.oscpu){var t=navigator.oscpu,i=document.querySelector("html"),e="data-platform";t.indexOf("Linux")>-1?i.setAttribute(e,"linux"):t.indexOf("Windows")>-1&&i.setAttribute(e,"windows")}});</script> <link href="/unauthenticated/css/fonts-roboto.min.css?19819999999999901" rel="stylesheet"> </head> <body class="session_login" > <div class="container session_login" data-dcontainer="1"> <form class="form-signin session_login clearfix" action="/session_login.cgi" method="post" role="form" onsubmit="spinner()"> <i class="wbm-webmin"></i><h2 class="form-signin-heading"><span> Webmin</span></h2> <p class="form-signin-paragraph">You must enter a username and password to login to the server on<strong> 81.199.19.221</strong></p> <div class="input-group form-group"> <span class="input-group-addon"><i class="fa fa-fw fa-user"></i></span> <input type="text" name="user" class="form-control session_login" placeholder="Username"
Open service 81.199.19.221:443
2024-09-10 12:12
HTTP/1.1 302 Found Connection: close Content-Type: text/html; charset=utf-8 X-Frame-Options: SAMEORIGIN Server: TwistedWeb/20.3.0dev0 Date: Tue, 10 Sep 2024 12:12:43 GMT Location: https://81.199.19.221/__session_start__ Content-Length: 0 Set-Cookie: openvpn_sess_add0b45aaa9272005d6a816edb2abf50=27c24c8d4139a8bc30dc667c5dd3da40; Expires=Tue, 10 Sep 2024 12:42:43 GMT; Path=/; Secure; HttpOnly
Open service 81.199.19.221:22
2024-09-10 07:19