Scribd
Upload
75 views25 pages

Sample Pen Test

This report represents a security audit of a network using Metasploit Pro. It details 35 hosts with 222 services discovered on the network, including operating systems like Windows, Linux, and Mac OS X. Credentials for one service were obtained.

Uploaded by

Adeniyi O
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
75 views25 pages

Sample Pen Test

This report represents a security audit of a network using Metasploit Pro. It details 35 hosts with 222 services discovered on the network, including operating systems like Windows, Linux, and Mac OS X. Credentials for one service were obtained.

Uploaded by

Adeniyi O
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

Metasploit Pro

Detailed Audit Report


Report generated:
Wed, 14 Feb 2018 13:22:10 +0100

Total Pages: 24
Executive Summary
This report represents a security audit performed using Metasploit Pro from Rapid7, Inc. It contains confidential information about
the state of your network. Access to this information by unauthorized personnel may allow them to compromise your network.

During this test, 35 hosts with a total of 222 exposed services were discovered. No modules were successfully run and 1 login
credentials were obtained.

Major Findings
Discovered Operating Systems
Operating System Hosts Services Vulnerabilities
400 M401dn 1 11 0

embedded 1 8 0

Linux 2 18 0

Mac OS X 1 1 0

RouterOS 1 5 0

Unknown 11 518 0

Windows 10 7 64 0

Windows 2008 1 11 0

Windows 7 7 69 0

Windows 8 1 9 0

Windows 8.1 1 10 0

Windows XP 1 6 0

Discovered Hosts
Discovered IP Address Hostname OS Services Vulns
2/14/18 10:10 AM 192.168.60.112 192.168.60.112 Unknown 0 0

2/14/18 10:10 AM 192.168.60.114 192.168.60.114 Mac OS X 1 0

2/14/18 10:10 AM 192.168.60.1 192.168.60.1 RouterOS 5 0

2/14/18 10:10 AM 192.168.60.174 DUROJAIYE-PC Windows 7 10 0

2/14/18 10:10 AM 192.168.60.29 192.168.60.29 Unknown 1 0


2/14/18 10:10 AM 192.168.60.253 __msbrowse__ 400 M401dn 11 0

2/14/18 10:10 AM 192.168.60.38 OLALEKAN-PC Windows 2008 11 0

2/14/18 10:10 AM 192.168.60.144 MSCS Windows XP 6 0

2/14/18 10:10 AM 192.168.60.194 DESKTOP-CJDMO9U Windows 10 3 0

2/14/18 10:10 AM 192.168.60.202 BONDEDDEPT-PC Windows 7 9 0

2/14/18 10:10 AM 192.168.60.137 DESKTOP-RPTHB36 Windows 10 11 0

2/14/18 10:10 AM 192.168.60.133 OLASUNKANMI Windows 8.1 10 0

2/14/18 10:10 AM 192.168.60.130 192.168.60.130 Unknown 0 0

2/14/18 10:10 AM 192.168.60.129 DESKTOP-ASVT66R Windows 10 5 0

2/14/18 10:10 AM 192.168.60.165 MIB-HP Windows 7 9 0

2/14/18 10:10 AM 192.168.60.251 192.168.60.251 embedded 8 0

2/14/18 10:10 AM 192.168.60.139 192.168.60.139 Unknown 0 0

2/14/18 10:10 AM 192.168.60.157 OLUMIDE Windows 8 9 0

2/14/18 10:10 AM 192.168.60.193 192.168.60.193 Unknown 0 0

2/14/18 10:10 AM 192.168.60.141 192.168.60.141 Unknown 8 0

Page 1 of 24
Discovered IP Address Hostname OS Services Vulns
2/14/18 10:10 AM 192.168.60.152 OLUSEYI-PC Windows 7 11 0

2/14/18 10:10 AM 192.168.60.90 wdmycloud Linux 11 0

2/14/18 10:10 AM 192.168.60.3 192.168.60.3 Linux 7 0

2/14/18 10:10 AM 192.168.60.203 EDITH-PC Windows 7 11 0

2/14/18 10:10 AM 192.168.60.186 192.168.60.186 Unknown 0 0

2/14/18 10:10 AM 192.168.60.24 192.168.60.24 Unknown 0 0

2/14/18 10:10 AM 192.168.60.161 HR-MGR Windows 10 10 0

2/14/18 10:10 AM 192.168.60.160 DESKTOP-9BJO1DC Windows 10 10 0

2/14/18 10:10 AM 192.168.60.51 192.168.60.51 Unknown 15 0

2/14/18 10:10 AM 192.168.60.164 LAPTOP-EC1H3G3V Windows 10 9 0

2/14/18 10:10 AM 192.168.60.150 COONLAY-HP Windows 10 16 0

2/14/18 10:10 AM 192.168.60.22 BIODUN-HP Windows 7 8 0

2/14/18 10:10 AM 192.168.60.145 192.168.60.145 Unknown 0 0

2/14/18 10:10 AM 192.168.60.106 BUSOLA-HP Windows 7 11 0

2/14/18 10:10 AM 192.168.60.118 maintenance Unknown 494 0

Page 2 of 24
Credentials (1 total)
Credential Origins Private Types

Plaintext Passwords

Public Private Realm Type Realm Value Origin Hosts Services

admin admin None Service 5 1

admin admin None Service 5 1

admin admin None Service 5 1

Page 3 of 24
Public Private Realm Type Realm Value Origin Hosts Services

admin admin None Service 5 1

admin admin None Service 5 1

Page 4 of 24
Detailed Findings
192.168.60.112 - 192.168.60.112

Discovered: 2018-02-14 10:10:06.041115

Operating System: Unknown

Credentials

Successful Attacks

Web Vulnerabilities

192.168.60.114 - 192.168.60.114

Discovered: 2018-02-14 10:10:12.385202

Operating System: Mac OS X

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

62078 tcp iphone-sync

Web Vulnerabilities

192.168.60.1 - 192.168.60.1

Discovered: 2018-02-14 10:10:15.838511

Operating System: RouterOS

Credentials
Type Origin Logins Service/Port Public Private

Password Service 5 http/80 admin admin

Successful Attacks

Active Services
Port Protocol Name Info

21 tcp ftp 220 Murphy Shipping Router OS FTP server (MikroTik 6.40.3) ready\x0d\x0a

Page 5 of 24
Port Protocol Name Info

22 tcp ssh SSH-2.0-ROSSSH

23 tcp telnet MikroTik v6.40.3 (stable)\x0aLogin:

80 tcp http
2000 tcp cisco-sccp

Web Vulnerabilities

192.168.60.174 - DUROJAIYE-PC

Discovered: 2018-02-14 10:10:19.041808

Operating System: Windows 7

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (183 services)

137 DUROJAIYE-PC:<00>:U :MURPHYSHIPPING:<00>:G :DUROJAIYE-PC:<20>:U


udp netbios
:MURPHYSHIPPING:<1e>:G :d4:85:64:15:26:a7
139 tcp smb
445 Windows 7 Professional SP1 (build:7601) (name:DUROJAIYE-PC)
tcp smb
(domain:MURPHYSHIPPING)
49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 12345778-1234-abcd-ef00-0123456789ac v1.0

49155 tcp dcerpc 58e604e8-9adb-4d2e-a464-3b0683fb1480 v1.0 AppInfo

49164 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49172 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0 Spooler function endpoint

Web Vulnerabilities

192.168.60.29 - 192.168.60.29

Discovered: 2018-02-14 10:10:19.338698

Operating System: Unknown

Credentials

Successful Attacks

Active Services

Page 6 of 24
Web Vulnerabilities

192.168.60.253 - __msbrowse__

Discovered: 2018-02-14 10:10:19.432454

Operating System: 400 M401dn

Credentials
Type Origin Logins Service/Port Public Private

Password Service 5 http/80 admin admin

Successful Attacks

Active Services
Port Protocol Name Info

21 tcp ftp 220 Service ready for new user.\x0d\x0a

23 tcp telnet Type "help or ?" for information.\x0aPassword:

81 tcp hosts2-ns
137 &#x01;&#x02;__MSBROWSE__&#x02;:<01>:G :WORKGROUP:<00>:G
udp netbios
:NPI7FCEB1:<00>:U :00:00:00:00:00:00
161 HP ETHERNET MULTI-
udp snmp
ENVIRONMENT,SN:PHHGC15682,FN:X675856,SVCID:24142,PID:HP LaserJet 400
443 tcp https
515 tcp printer
631 tcp ipp
8080 tcp http Virata-EmWeb/R6_2_1

9100 tcp jetdirect

Web Vulnerabilities

192.168.60.38 - OLALEKAN-PC

Discovered: 2018-02-14 10:10:19.901228

Operating System: Windows 2008

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (155 services)

139 tcp smb


445 tcp smb ()
Page 7 of 24
Port Protocol Name Info

3389 tcp ms-wbt-server


49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 30b044a5-a225-43f0-b3a4-e060df91f9c1 v1.0

49158 tcp dcerpc 12345778-1234-abcd-ef00-0123456789ac v1.0

49159 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0 Spooler function endpoint

49160 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49161 tcp dcerpc 12345678-1234-abcd-ef00-0123456789ab v1.0 IPSec Policy agent endpoint

Web Vulnerabilities

192.168.60.144 - MSCS

Discovered: 2018-02-14 10:10:20.229371

Operating System: Windows XP

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

123 1c030afa00003eb50001e850338d2033de2e883ee8ccd6ddc54f234b71b152f3de2e89f66718
udp ntp
d767de2e89f67318d25e
135 tcp msrpc
137 MSCS:<00>:U :MSCS:<20>:U :MURPHYSHIPPING:<00>:G :MURPHYSHIPPING:<1e>:G
udp netbios
:00:1a:a0:21:22:64
139 tcp smb
445 tcp smb Windows XP (name:MSCS) (domain:MURPHYSHIPPING)

3389 tcp ms-wbt-server

Web Vulnerabilities

192.168.60.194 - DESKTOP-CJDMO9U

Discovered: 2018-02-14 10:10:20.68252

Operating System: Windows 10

Credentials

Successful Attacks

Active Services

Page 8 of 24
Port Protocol Name Info

135 tcp msrpc


139 tcp smb
445 tcp smb Windows 10 Pro (build:16299) (name:DESKTOP-CJDMO9U)

Web Vulnerabilities

192.168.60.202 - BONDEDDEPT-PC

Discovered: 2018-02-14 10:10:21.745077

Operating System: Windows 7

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (115 services)

137 udp netbios BONDEDDEPT-PC:<20>:U :5c:d9:98:f6:5e:ea

139 tcp smb


445 tcp smb ()

49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 98716d03-89ac-44c7-bb8c-285824e51c4a v1.0 XactSrv service

49156 tcp dcerpc 12345778-1234-abcd-ef00-0123456789ac v1.0

49167 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

Web Vulnerabilities

192.168.60.137 - DESKTOP-RPTHB36

Discovered: 2018-02-14 10:10:24.698359

Operating System: Windows 10

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (594 services)

137 DESKTOP-RPTHB36:<20>:U :DESKTOP-RPTHB36:<00>:U :WORKGROUP:<00>:G


udp netbios
:WORKGROUP:<1e>:G :00:0f:fe:57:41:0d
Page 9 of 24
Port Protocol Name Info

139 tcp smb


445 tcp smb Windows 10 Pro (build:16299) (name:DESKTOP-RPTHB36)

5040 tcp unknown


49664 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49665 tcp dcerpc 30adc50c-5cbc-46ce-9a0e-91914789e23c v1.0 NRP server endpoint

49666 tcp dcerpc c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 v1.0 Impl friendly name

49667 tcp dcerpc 51a227ae-825b-41f2-b4a9-1ac9557a1018 v1.0 Ngc Pop Key Service

49680 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0

49728 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

Web Vulnerabilities

192.168.60.133 - OLASUNKANMI

Discovered: 2018-02-14 10:10:27.745396

Operating System: Windows 8.1

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (299 services)

139 tcp smb


445 tcp smb Windows 8.1 Pro (build:9600) (name:OLASUNKANMI) (domain:MURPHYSHIPPING)

49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 30adc50c-5cbc-46ce-9a0e-91914789e23c v1.0 NRP server endpoint

49154 tcp dcerpc 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 v0.0 RemoteAccessCheck

49155 tcp dcerpc 58e604e8-9adb-4d2e-a464-3b0683fb1480 v1.0 AppInfo

49156 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0

49157 tcp dcerpc 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 v0.0 RemoteAccessCheck

49158 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

Web Vulnerabilities

192.168.60.130 - 192.168.60.130

Discovered: 2018-02-14 10:10:30.151775

Operating System: Unknown

Page 10 of 24
Credentials

Successful Attacks

Web Vulnerabilities

192.168.60.129 - DESKTOP-ASVT66R

Discovered: 2018-02-14 10:10:30.323659

Operating System: Windows 10

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp msrpc


137 DESKTOP-ASVT66R:<20>:U :DESKTOP-ASVT66R:<00>:U :WORKGROUP:<00>:G
udp netbios
:WORKGROUP:<1e>:G :00:19:db:72:22:f1
139 tcp smb
445 tcp smb Windows 10 Pro (build:16299) (name:DESKTOP-ASVT66R)

5040 tcp unknown

Web Vulnerabilities

192.168.60.165 - MIB-HP

Discovered: 2018-02-14 10:10:30.54242

Operating System: Windows 7

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (189 services)

139 tcp smb


445 tcp smb Windows 7 (English)

49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 58e604e8-9adb-4d2e-a464-3b0683fb1480 v1.0 AppInfo

49155 tcp dcerpc 12345778-1234-abcd-ef00-0123456789ac v1.0

Page 11 of 24
Port Protocol Name Info

49159 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49161 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0 Spooler function endpoint

Web Vulnerabilities

192.168.60.251 - 192.168.60.251

Discovered: 2018-02-14 10:10:30.823685

Operating System: embedded

Credentials
Type Origin Logins Service/Port Public Private

Password Service 5 http/80 admin admin

Successful Attacks

Active Services
Port Protocol Name Info

23 tcp telnet Type "help or ?" for information.\x0aPassword:

81 tcp hosts2-ns
443 tcp https
515 tcp printer
631 tcp ipp
8080 tcp http Virata-EmWeb/R6_2_1

9100 tcp jetdirect

Web Vulnerabilities

192.168.60.139 - 192.168.60.139

Discovered: 2018-02-14 10:10:32.261262

Operating System: Unknown

Credentials

Successful Attacks

Web Vulnerabilities

Page 12 of 24
192.168.60.157 - OLUMIDE

Discovered: 2018-02-14 10:10:34.527009

Operating System: Windows 8

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (316 services)

139 tcp smb


445 tcp smb Windows 8 Pro (build:9200) (name:OLUMIDE) (domain:MURPHYSHIPPING)

49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 30adc50c-5cbc-46ce-9a0e-91914789e23c v1.0 NRP server endpoint

49154 tcp dcerpc 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 v0.0 RemoteAccessCheck

49155 tcp dcerpc 9b008953-f195-4bf9-bde0-4471971e58ed v1.0

49156 tcp dcerpc 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 v0.0 RemoteAccessCheck

49158 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

Web Vulnerabilities

192.168.60.193 - 192.168.60.193

Discovered: 2018-02-14 10:10:35.183293

Operating System: Unknown

Credentials

Successful Attacks

Web Vulnerabilities

192.168.60.141 - 192.168.60.141

Discovered: 2018-02-14 10:10:35.433306

Operating System: Unknown

Credentials

Page 13 of 24
Successful Attacks

Active Services

Web Vulnerabilities

192.168.60.152 - OLUSEYI-PC

Discovered: 2018-02-14 10:10:36.027088

Operating System: Windows 7

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (243 services)

139 tcp smb


445 Windows 7 Professional SP1 (build:7601) (name:OLUSEYI-PC)
tcp smb
(domain:MURPHYSHIPPING)
3389 tcp ms-wbt-server
49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 58e604e8-9adb-4d2e-a464-3b0683fb1480 v1.0 AppInfo

49157 tcp dcerpc 12345778-1234-abcd-ef00-0123456789ac v1.0

49167 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0 Spooler function endpoint

49201 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49215 tcp dcerpc 12345678-1234-abcd-ef00-0123456789ab v1.0 IPSec Policy agent endpoint

Web Vulnerabilities

192.168.60.90 - wdmycloud

Discovered: 2018-02-14 10:10:36.245849

Operating System: Linux

Credentials
Type Origin Logins Service/Port Public Private

Password Service 5 http/80 admin admin

Successful Attacks

Page 14 of 24
Active Services
Port Protocol Name Info

22 tcp ssh SSH-2.0-OpenSSH_6.0p1 Debian-4

80 tcp http Apache

111 tcp rpcbind


137 WDMYCLOUD:<00>:U :WDMYCLOUD:<03>:U :WDMYCLOUD:<20>:U
udp netbios
:MURPHYSHIPPING:<00>:G :MURPHYSHIPPING:<1e>:G :00:00:00:00:00:00
139 tcp smb
443 tcp https Apache

445 tcp smb Windows 6.1 (Samba 4.3.11)

548 tcp afp AFP name: WDMyCloud, Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3

2049 tcp nfs


9000 tcp cslistener
49152 tcp unknown

Web Vulnerabilities

192.168.60.3 - 192.168.60.3

Discovered: 2018-02-14 10:10:36.855257

Operating System: Linux

Credentials
Type Origin Logins Service/Port Public Private

Password Service 5 http/80 admin admin

Successful Attacks

Active Services
Port Protocol Name Info

21 tcp ftp 220 Welcome to FTP service.\x0d\x0a

53 tcp dns
80 tcp http
8080 tcp http
9000 tcp cslistener
49152 tcp unknown

Web Vulnerabilities

Page 15 of 24
192.168.60.203 - EDITH-PC

Discovered: 2018-02-14 10:10:37.292781

Operating System: Windows 7

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (207 services)

137 EDITH-PC:<20>:U :EDITH-PC:<00>:U :WORKGROUP:<00>:G :WORKGROUP:<1e>:G


udp netbios
:5c:d9:98:f6:1c:cc
139 tcp smb
445 tcp smb Windows 7 (English)

554 tcp rtsp


49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 58e604e8-9adb-4d2e-a464-3b0683fb1480 v1.0 AppInfo

49155 tcp dcerpc b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 v1.0 KeyIso

49156 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0 Spooler function endpoint

49158 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

Web Vulnerabilities

192.168.60.186 - 192.168.60.186

Discovered: 2018-02-14 10:10:37.730303

Operating System: Unknown

Credentials

Successful Attacks

Web Vulnerabilities

192.168.60.24 - 192.168.60.24

Discovered: 2018-02-14 10:10:37.792807

Operating System: Unknown

Credentials
Page 16 of 24
Successful Attacks

Web Vulnerabilities

192.168.60.161 - HR-MGR

Discovered: 2018-02-14 10:10:37.824058

Operating System: Windows 10

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (381 services)

139 tcp smb


445 tcp smb Windows 10 Pro (build:16299) (name:HR-MGR)

5040 tcp unknown


49664 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49665 tcp dcerpc f6beaff7-1e19-4fbb-9f8f-b89e2018337c v1.0 Event log TCPIP

49666 tcp dcerpc 3a9ef155-691d-4449-8d05-09ad57031823 v1.0

49669 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0

49690 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49705 tcp dcerpc 51a227ae-825b-41f2-b4a9-1ac9557a1018 v1.0 Ngc Pop Key Service

Web Vulnerabilities

192.168.60.160 - DESKTOP-9BJO1DC

Discovered: 2018-02-14 10:10:38.089698

Operating System: Windows 10

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (574 services)

139 tcp smb


445 tcp smb Windows 10 (Unknown)

4000 tcp remoteanything

Page 17 of 24
Port Protocol Name Info

49664 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49665 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49666 tcp dcerpc c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 v1.0 Impl friendly name

49686 tcp dcerpc 51a227ae-825b-41f2-b4a9-1ac9557a1018 v1.0 Ngc Pop Key Service

49792 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49840 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0

Web Vulnerabilities

192.168.60.51 - 192.168.60.51

Discovered: 2018-02-14 10:10:38.402214

Operating System: Unknown

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

53 udp dns Microsoft DNS

111 tcp sunrpc 100000 v4

111 100000 v2 UDP(111), 100000 v3 UDP(111), 100000 v4 UDP(111), 100000 v2 TCP(111),


udp portmap
100000 v3 TCP(111), 100000 v4 TCP(111), 100005 v1 TCP(1048), 100005 v2 TCP(1048),
100005 v3 TCP(1048), 100005 v1 UDP(1048), 100005 v2 UDP(1048), 100005 v3
UDP(1048), 100021 v1 TCP(1047), 100021 v2 TCP(1047), 100021 v3 TCP(1047), 100021
v4 TCP(1047), 100021 v1 UDP(1047), 100021 v2 UDP(1047), 100021 v3 UDP(1047),
100021 v4 UDP(1047), 100024 v1 TCP(1039), 100024 v1 UDP(1039), 100003 v2
TCP(2049), 100003 v3 TCP(2049), 100003 v2 UDP(2049), 100003 v3 UDP(2049)
123 1c0104fa00000000000a19884c4f434cde2e81fc1e04c3b4c54f234b71b152f3de2e9e61d385c
udp ntp
9d8de2e9e61d385c9d8
1039 tcp sunrpc 100024 v1

1039 udp sunrpc 100024 v1

1047 udp sunrpc 100021 v4

1047 tcp sunrpc 100021 v4

1048 tcp sunrpc 100005 v3

1048 udp sunrpc 100005 v3

2049 tcp sunrpc 100003 v3

2049 udp sunrpc 100003 v3

Web Vulnerabilities

Page 18 of 24
192.168.60.164 - LAPTOP-EC1H3G3V

Discovered: 2018-02-14 10:10:38.60535

Operating System: Windows 10

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (420 services)

139 tcp smb


445 tcp smb Windows 10 Home (build:16299) (name:LAPTOP-EC1H3G3V)

49664 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49665 tcp dcerpc 51a227ae-825b-41f2-b4a9-1ac9557a1018 v1.0 Ngc Pop Key Service

49666 tcp dcerpc f6beaff7-1e19-4fbb-9f8f-b89e2018337c v1.0 Event log TCPIP

49671 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0

49714 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

50249 tcp dcerpc 3a9ef155-691d-4449-8d05-09ad57031823 v1.0

Web Vulnerabilities

192.168.60.150 - COONLAY-HP

Discovered: 2018-02-14 10:10:38.79286

Operating System: Windows 10

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (405 services)

139 tcp smb


445 tcp smb Windows 10 Home (build:16299) (name:COONLAY-HP)

902 220 VMware Authentication Daemon Version 1.10: SSL Required,


tcp vmauthd
ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported
Certificate:/C=US/L=Palo Alto/OU=VMware/CN=VMware/[email protected]
912 220 VMware Authentication Daemon Version 1.0, ServerDaemonProtocol:SOAP,
tcp vmauthd
MKSDisplayProtocol:VNC , ,
2103 tcp dcerpc 1a9134dd-7b39-45ba-ad88-44d01ca47f28 v1.0 Message Queuing - RemoteRead V1

2105 tcp dcerpc 1a9134dd-7b39-45ba-ad88-44d01ca47f28 v1.0 Message Queuing - RemoteRead V1

Page 19 of 24
Port Protocol Name Info

2107 tcp dcerpc 1a9134dd-7b39-45ba-ad88-44d01ca47f28 v1.0 Message Queuing - RemoteRead V1

15001 tcp unknown


49664 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49665 tcp dcerpc 51a227ae-825b-41f2-b4a9-1ac9557a1018 v1.0 Ngc Pop Key Service

49666 tcp dcerpc f6beaff7-1e19-4fbb-9f8f-b89e2018337c v1.0 Event log TCPIP

49670 tcp dcerpc 3a9ef155-691d-4449-8d05-09ad57031823 v1.0

49671 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0

49746 tcp dcerpc 1a9134dd-7b39-45ba-ad88-44d01ca47f28 v1.0 Message Queuing - RemoteRead V1

49781 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

Web Vulnerabilities

192.168.60.22 - BIODUN-HP

Discovered: 2018-02-14 10:10:39.261635

Operating System: Windows 7

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (106 services)

139 tcp smb


445 Windows 7 Professional SP1 (build:7601) (name:BIODUN-HP)
tcp smb
(domain:MURPHYSHIPPING)
49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 98716d03-89ac-44c7-bb8c-285824e51c4a v1.0 XactSrv service

49158 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49167 tcp dcerpc 12345778-1234-abcd-ef00-0123456789ac v1.0

Web Vulnerabilities

192.168.60.145 - 192.168.60.145

Discovered: 2018-02-14 10:10:39.496022

Operating System: Unknown

Credentials

Page 20 of 24
Successful Attacks

Web Vulnerabilities

192.168.60.106 - BUSOLA-HP

Discovered: 2018-02-14 10:10:39.558526

Operating System: Windows 7

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

135 tcp dcerpc Endpoint Mapper (150 services)

137 BUSOLA-HP:<00>:U :BUSOLA-HP:<20>:U :MURPHYSHIPPING:<00>:G


udp netbios
:MURPHYSHIPPING:<1e>:G :2c:41:38:95:bd:8b
139 tcp smb
445 Windows 7 Professional SP1 (build:7601) (name:BUSOLA-HP)
tcp smb
(domain:MURPHYSHIPPING)
49152 tcp dcerpc d95afe70-a6d5-4259-822e-2c84da1ddb0d v1.0

49153 tcp dcerpc 06bba54a-be05-49f9-b0a0-30f790261023 v1.0 Security Center

49154 tcp dcerpc 98716d03-89ac-44c7-bb8c-285824e51c4a v1.0 XactSrv service

49155 tcp dcerpc 12345778-1234-abcd-ef00-0123456789ac v1.0

49159 tcp dcerpc 367abb81-9844-35f1-ad32-98f038001003 v2.0

49164 tcp dcerpc 12345678-1234-abcd-ef00-0123456789ab v1.0 IPSec Policy agent endpoint

50799 tcp dcerpc 76f03f96-cdfd-44fc-a22c-64950a001209 v1.0 Spooler function endpoint

Web Vulnerabilities

192.168.60.118 - maintenance

Discovered: 2018-02-14 10:10:39.996049

Operating System: Unknown

Credentials

Successful Attacks

Active Services
Port Protocol Name Info

137 MAINTENANCE:<20>:U :MAINTENANCE:<00>:U :WORKGROUP:<00>:G


udp netbios
:WORKGROUP:<1e>:G :f4:b7:e2:ad:82:ff

Page 21 of 24
Web Vulnerabilities

Page 22 of 24
Service Table
Service/Port Instances
smb/139 19

smb/445 19

dcerpc/135 15

netbios/137 10

dcerpc/49152 10

dcerpc/49153 10

dcerpc/49154 10

dcerpc/49155 6

dcerpc/49158 5

dcerpc/49664 5

dcerpc/49665 5

dcerpc/49666 5

dcerpc/49156 4

ftp/21 3

telnet/23 3

http/80 3

msrpc/135 3

https/443 3

ms-wbt-server/3389 3

unknown/5040 3

http/8080 3

dcerpc/49159 3

dcerpc/49167 3

ssh/22 2

hosts2-ns/81 2

ntp/123 2

printer/515 2

ipp/631 2

cslistener/9000 2

jetdirect/9100 2

unknown/49152 2

dcerpc/49157 2

dcerpc/49161 2

dcerpc/49164 2

dcerpc/49671 2

dns/53 1

dns/53 1

rpcbind/111 1

sunrpc/111 1

portmap/111 1

snmp/161 1

afp/548 1

rtsp/554 1
Page 23 of 24
Service/Port Instances
vmauthd/902 1

vmauthd/912 1

sunrpc/1039 1

sunrpc/1039 1

sunrpc/1047 1

sunrpc/1047 1

sunrpc/1048 1

sunrpc/1048 1

cisco-sccp/2000 1

sunrpc/2049 1

nfs/2049 1

sunrpc/2049 1

dcerpc/2103 1

dcerpc/2105 1

dcerpc/2107 1

remoteanything/4000 1

unknown/15001 1

dcerpc/49160 1

dcerpc/49172 1

dcerpc/49201 1

dcerpc/49215 1

dcerpc/49667 1

dcerpc/49669 1

dcerpc/49670 1

dcerpc/49680 1

dcerpc/49686 1

dcerpc/49690 1

dcerpc/49705 1

dcerpc/49714 1

dcerpc/49728 1

dcerpc/49746 1

dcerpc/49781 1

dcerpc/49792 1

dcerpc/49840 1

dcerpc/50249 1

dcerpc/50799 1

iphone-sync/62078 1

Page 24 of 24

You might also like