GeneralInformation

Country	China
City	Chengdu
Organization	Chengdu Giant Times Technology Co.,Ltd
ISP	CHINANET SiChuan Telecom Internet Data Center
ASN	AS38283
Operating System	Windows (build 6.1.7601)

Vulnerabilities

CVE-2019-0708

10.0A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

OpenPorts

1433 3389

-1260190455 | 2024-05-15T16:43:38.569894

1433 / tcp

MS-SQL NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: GsWtBWeREs
  NetBIOS Domain Name: GsWtBWeREs
  NetBIOS Computer Name: GsWtBWeREs
  DNS Domain Name: GsWtBWeREs
  FQDN: GsWtBWeREs

-638398372 | 2024-05-12T21:16:20.098879

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x01\x08\x00\x02\x00\x00\x00

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:cb:3c:83:49:29:5d:b6:4a:f4:15:79:43:38:d2:7d
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=GsWtBWeREs
        Validity
            Not Before: Apr  1 11:21:21 2024 GMT
            Not After : Oct  1 11:21:21 2024 GMT
        Subject: CN=GsWtBWeREs
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cd:26:dc:6a:98:ef:fa:22:2d:d3:c5:fe:72:88:
                    c5:28:fd:24:bb:39:a1:62:c4:87:f9:bf:94:80:53:
                    a1:17:a3:92:b4:7b:bc:97:96:17:8d:1d:30:f7:cd:
                    e2:c3:2a:9b:76:dc:7e:d2:f6:9a:2c:a2:a2:68:ab:
                    55:24:c3:f8:dd:b7:bc:74:ef:6b:9e:71:95:ac:44:
                    1f:f3:f4:dd:20:c0:fa:cf:b9:c9:88:56:ef:43:fb:
                    e2:be:84:b8:02:ac:db:92:dd:88:b1:39:ad:f3:13:
                    c7:ed:98:32:81:87:6e:2a:48:cc:38:80:af:8e:a2:
                    2f:24:5f:05:0b:24:89:d5:31:e9:ba:cd:c8:e4:b5:
                    ba:94:91:7e:41:62:24:74:bd:76:da:56:ab:21:b7:
                    58:db:2e:af:ff:bf:4a:bc:03:a5:fb:35:03:4d:27:
                    6b:de:4e:f1:3a:16:a7:3c:60:ae:8d:df:e4:37:2a:
                    4c:90:53:b0:37:d9:fd:20:b4:72:da:76:da:8b:08:
                    d5:fc:8c:c6:f6:0f:32:e2:17:f4:bc:61:64:5b:87:
                    42:64:19:17:35:e7:23:83:c9:59:61:96:ee:98:f1:
                    f4:e9:b0:fc:27:7e:f9:e4:53:40:03:e9:1c:22:94:
                    c5:e5:54:3e:8d:f2:3d:30:39:87:2a:84:42:a1:4a:
                    d5:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        1d:ef:57:48:06:9f:1c:84:cd:ae:24:ab:c7:e1:f9:26:94:93:
        1c:c9:32:d7:55:cf:ef:39:2e:91:2b:c1:58:1d:25:5f:60:91:
        a1:b9:c1:b7:b6:c8:3c:f2:fa:7f:64:3b:1f:b8:e3:d6:c2:c4:
        d7:c9:c0:a3:d8:f9:1d:2e:08:f7:86:c1:d1:47:03:f9:2c:d4:
        18:46:0c:fb:4a:ea:b0:a6:9c:8b:df:b5:a0:c4:9b:0d:db:f9:
        eb:23:c7:81:e2:65:96:b7:18:5f:fe:07:21:95:f0:d6:cf:3d:
        fc:85:07:eb:25:38:73:b3:36:62:1e:7f:a9:96:77:59:b6:2d:
        7c:f0:b1:4e:4f:bf:05:56:22:aa:c3:ef:2a:cf:1e:38:f5:23:
        d1:87:c6:a2:a1:68:f6:81:10:2a:5c:0a:9a:f7:d8:db:20:6d:
        ba:3e:ec:aa:66:0e:cb:12:3f:ca:a6:7f:61:91:1e:6f:91:c1:
        05:6c:15:4e:29:b2:92:3b:96:d2:6e:01:a8:d5:f6:cc:dd:55:
        bf:6e:b2:c7:39:63:74:b7:51:92:92:33:c3:1b:c6:53:21:2f:
        e2:6a:c2:38:d4:de:dc:eb:ad:e4:93:22:fb:cf:60:7d:b6:b0:
        41:ba:68:57:28:4d:05:9f:99:c5:92:e4:f5:84:69:e6:f8:09:
        32:d1:87:58

110.40.20.39

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1260190455 | 2024-05-15T16:43:38.569894
1433 / tcp

MS-SQL Server 2008 R2 SP2RTW/PCU210.50.4000.0

-638398372 | 2024-05-12T21:16:20.098879
3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

110.40.20.39

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1260190455 | 2024-05-15T16:43:38.569894 1433 / tcp

MS-SQL Server 2008 R2 SP2RTW/PCU210.50.4000.0

-638398372 | 2024-05-12T21:16:20.098879 3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

-1260190455 | 2024-05-15T16:43:38.569894
1433 / tcp

-638398372 | 2024-05-12T21:16:20.098879
3389 / tcp