GeneralInformation

Hostnames	178.209.189.197.reverse.xneelo.net
Domains	xneelo.net
Country	South Africa
City	Johannesburg
Organization	xneelo-tscolo
ISP	Xneelo (Pty) Ltd
ASN	AS37153

Vulnerabilities

CVE-2020-0796

10.0A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

OpenPorts

135 445 1433 1434 5985

1944584462 | 2024-05-11T00:16:11.884256

135 / tcp

Microsoft RPC Endpoint Mapper

51a227ae-825b-41f2-b4a9-1ac9557a1018
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 197.189.209.178:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\I-LAB\pipe\lsass

8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 197.189.209.178:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\I-LAB\pipe\lsass

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 197.189.209.178:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\I-LAB\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 197.189.209.178:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\I-LAB\pipe\lsass

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 197.189.209.178:49665
  ncalrpc: WindowsShutdown
  ncacn_np: \\I-LAB\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0AF850

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\I-LAB\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0AF850
  ncalrpc: WMsgKRpc010FD51
  ncalrpc: WMsgKRpc01D47C32
  ncalrpc: WMsgKRpc012B85B26
  ncalrpc: WMsgKRpc0B6C07A98
  ncalrpc: WMsgKRpc3B2F16E6520
  ncalrpc: WMsgKRpc41DE7883227
  ncalrpc: WMsgKRpc43E131BB82C
  ncalrpc: WMsgKRpc43E41F1EB2B
  ncalrpc: WMsgKRpc459895F4531
  ncalrpc: WMsgKRpc4659462F232

fc48cd89-98d6-4628-9839-86f7a3e4161a
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: csebpub
  ncalrpc: LRPC-ee4c6c54acd6fe2e61
  ncalrpc: LRPC-532054839d5da38e62
  ncalrpc: LRPC-23d11e348eda6fde6e
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

d09bdeb5-6171-4a34-bfe2-06fa82652568
  version: v1.0
  ncalrpc: csebpub
  ncalrpc: LRPC-ee4c6c54acd6fe2e61
  ncalrpc: LRPC-532054839d5da38e62
  ncalrpc: LRPC-23d11e348eda6fde6e
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-532054839d5da38e62
  ncalrpc: LRPC-23d11e348eda6fde6e
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-23d11e348eda6fde6e
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-c02c86b20116e552f3
  ncalrpc: LRPC-af9f69c358a2123f4b

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-ee4c6c54acd6fe2e61
  ncalrpc: LRPC-532054839d5da38e62
  ncalrpc: LRPC-23d11e348eda6fde6e
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-532054839d5da38e62
  ncalrpc: LRPC-23d11e348eda6fde6e
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

0d47017b-b33b-46ad-9e18-fe96456c5078
  version: v1.0
  ncalrpc: umpo

95406f0b-b239-4318-91bb-cea3a46ff0dc
  version: v1.0
  ncalrpc: umpo

4ed8abcc-f1e2-438b-981f-bb0e8abc010c
  version: v1.0
  ncalrpc: umpo

0ff1f646-13bb-400a-ab50-9a78f2b7a85a
  version: v1.0
  ncalrpc: umpo

6982a06e-5fe2-46b1-b39c-a2c545bfa069
  version: v1.0
  ncalrpc: umpo

082a3471-31b6-422a-b931-a54401960c62
  version: v1.0
  ncalrpc: umpo

fae436b0-b864-4a87-9eda-298547cd82f2
  version: v1.0
  ncalrpc: umpo

e53d94ca-7464-4839-b044-09a2fb8b3ae5
  version: v1.0
  ncalrpc: umpo

178d84be-9291-4994-82c6-3f909aca5a03
  version: v1.0
  ncalrpc: umpo

4dace966-a243-4450-ae3f-9b7bcb5315b8
  version: v2.0
  ncalrpc: umpo

1832bcf6-cab8-41d4-85d2-c9410764f75a
  version: v1.0
  ncalrpc: umpo

c521facf-09a9-42c5-b155-72388595cbf0
  version: v0.0
  ncalrpc: umpo

2c7fd9ce-e706-4b40-b412-953107ef9bb0
  version: v0.0
  ncalrpc: umpo

88abcbc3-34ea-76ae-8215-767520655a23
  version: v0.0
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

76c217bc-c8b4-4201-a745-373ad9032b1a
  version: v1.0
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

55e6b932-1979-45d6-90c5-7f6270724112
  version: v1.0
  ncalrpc: LRPC-2a60ec2467b558e505
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
  version: v1.0
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

20c40295-8dba-48e6-aebf-3e78ef3bb144
  version: v2.0
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

2513bcbe-6cd4-4348-855e-7efb3c336dd3
  version: v2.0
  ncalrpc: OLE6D3DB8E7D7B9B0F4B291D481C918
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: LRPC-197c9d73f48bb813db
  ncalrpc: actkernel
  ncalrpc: umpo

dd59071b-3215-4c59-8481-972edadc0f6a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

0361ae94-0316-4c6c-8ad8-c594375800e2
  version: v1.0
  ncalrpc: umpo

5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
  version: v1.0
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-cae09e1f96f379b675
  ncalrpc: LRPC-3f6101db8d320b3760
  ncalrpc: IUserProfile2
  ncalrpc: LRPC-8d3ec5d6008e72994b
  ncalrpc: senssvc
  ncalrpc: LRPC-10381bc89d94477b30

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  ncalrpc: LRPC-1323064fc3fbca065f

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: LRPC-8ee11d354a8599e4fa
  ncalrpc: OLEF9D1F199F0EEA4A48B12F22374DF
  ncalrpc: LRPC-c02c86b20116e552f3

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  ncalrpc: LRPC-9af647368c1bacaded

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-c40d4ef21c8ed13da6
  ncalrpc: LRPC-af9f69c358a2123f4b

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 197.189.209.178:49666
  ncacn_np: \\I-LAB\pipe\eventlog
  ncalrpc: eventlog

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-2a5c81ddc323a50e81

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-516371b06cc0e45c61

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 197.189.209.178:49667
  ncalrpc: LRPC-c7581f25d175a79c19
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\I-LAB\PIPE\atsvc
  ncalrpc: LRPC-ae441eb82038583cf5

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 197.189.209.178:49667
  ncalrpc: LRPC-c7581f25d175a79c19
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\I-LAB\PIPE\atsvc
  ncalrpc: LRPC-ae441eb82038583cf5

33d84484-3626-47ee-8c6f-e7e98b113be1
  version: v2.0
  ncalrpc: LRPC-c7581f25d175a79c19
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\I-LAB\PIPE\atsvc
  ncalrpc: LRPC-ae441eb82038583cf5

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\I-LAB\PIPE\atsvc
  ncalrpc: LRPC-ae441eb82038583cf5

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\I-LAB\PIPE\atsvc
  ncalrpc: LRPC-ae441eb82038583cf5

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: LRPC-ae441eb82038583cf5

3f787932-3452-4363-8651-6ea97bb373bb
  version: v1.0
  annotation: NSP Rpc Interface
  ncalrpc: LRPC-672ecca540d86035c8
  ncalrpc: OLE8A9BF04D49F64532AF2A971872D3

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-7a50b28f89b5a88d9d
  ncalrpc: DNSResolver

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: 3686b414-9efd-4624-a044-19d49929ed40
  ncalrpc: LRPC-61952e6e181ac464ff

13560fa9-8c09-4b56-a1fd-04d083b9b2a1
  version: v1.0
  ncalrpc: LRPC-b6c8db5c761f6161df
  ncalrpc: OLE188249B9673DD4AE35564F63C6AB

c2d1b5dd-fa81-4460-9dd6-e7658b85454b
  version: v1.0
  ncalrpc: LRPC-b6c8db5c761f6161df
  ncalrpc: OLE188249B9673DD4AE35564F63C6AB

f44e62af-dab1-44c2-8013-049a9de417d6
  version: v1.0
  ncalrpc: LRPC-b6c8db5c761f6161df
  ncalrpc: OLE188249B9673DD4AE35564F63C6AB

b37f900a-eae4-4304-a2ab-12bb668c0188
  version: v1.0
  ncalrpc: LRPC-b6c8db5c761f6161df
  ncalrpc: OLE188249B9673DD4AE35564F63C6AB

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  ncalrpc: LRPC-b6c8db5c761f6161df
  ncalrpc: OLE188249B9673DD4AE35564F63C6AB

0d3c7f20-1c8d-4654-a1b3-51563b298bda
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-4993eaa197ffb4bc88
  ncalrpc: OLEAAA070556C47F290ED0AB115333A

b18fbab6-56f8-4702-84e0-41053293a869
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-4993eaa197ffb4bc88
  ncalrpc: OLEAAA070556C47F290ED0AB115333A

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-2e10afd71835ae1fd4

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\I-LAB\PIPE\wkssvc
  ncalrpc: LRPC-a9a2d11b8c06a244eb

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-a9a2d11b8c06a244eb

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-a9a2d11b8c06a244eb

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-a8b1ae5a5a7ddce41e
  ncalrpc: LRPC-e1558a05ac20df2850
  ncalrpc: LRPC-8e08a3fdb99242c4cc
  ncalrpc: LRPC-59263abdb4e9e3024f

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-e1558a05ac20df2850
  ncalrpc: LRPC-8e08a3fdb99242c4cc
  ncalrpc: LRPC-59263abdb4e9e3024f

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-8e08a3fdb99242c4cc
  ncalrpc: LRPC-59263abdb4e9e3024f

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-59263abdb4e9e3024f

29770a8f-829b-4158-90a2-78cd488501f7
  version: v1.0
  ncacn_ip_tcp: 197.189.209.178:49669
  ncacn_np: \\I-LAB\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: OLE04B8C973240141A38ACED6C38309
  ncalrpc: LRPC-10381bc89d94477b30

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 197.189.209.178:49668
  ncalrpc: LRPC-f266b947bf0842627f

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 197.189.209.178:49668
  ncalrpc: LRPC-f266b947bf0842627f

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 197.189.209.178:49668
  ncalrpc: LRPC-f266b947bf0842627f

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 197.189.209.178:49668
  ncalrpc: LRPC-f266b947bf0842627f

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 197.189.209.178:49668
  ncalrpc: LRPC-f266b947bf0842627f

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-80cab1153a9b4a1615

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-80cab1153a9b4a1615

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-80cab1153a9b4a1615

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncalrpc: LRPC-80cab1153a9b4a1615

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncalrpc: LRPC-a8a24ebc28bac540f9

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: LRPC-2fb9d2d7274716751b

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncalrpc: LRPC-3476f05fe6ace0e5b1

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncalrpc: LRPC-3476f05fe6ace0e5b1

650a7e26-eab8-5533-ce43-9c1dfce11511
  version: v1.0
  annotation: Vpn APIs
  ncalrpc: LRPC-a0d50fbc64a7ed42c2
  ncalrpc: VpnikeRpc
  ncalrpc: RasmanLrpc
  ncacn_np: \\I-LAB\PIPE\ROUTER

1d45e083-478f-437c-9618-3594ced8c235
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

98cd761e-e77d-41c8-a3c0-0fb756d90ec2
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

d22895ef-aff4-42c5-a5b2-b14466d34ab4
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

e38f5360-8572-473e-b696-1b46873beeab
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

95095ec8-32ea-4eb0-a3e2-041f97b36168
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

4c9dbf19-d39e-4bb9-90ee-8f7179b20283
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

d4051bde-9cdd-4910-b393-4aa85ec3c482
  version: v1.0
  ncalrpc: LRPC-7d123a7390b5fc4f31
  ncalrpc: OLE53EA6003A792F1AF539A8CB7951C

7df1ceae-de4e-4e6f-ab14-49636e7c2052
  version: v1.0
  ncalrpc: LRPC-a0896dc960cd0ca40e

6b5bdd1e-528c-422c-af8c-a4079be4fe48
  version: v1.0
  annotation: Remote Fw APIs
  protocol: [MS-FASP]: Firewall and Advanced Security Protocol
  provider: FwRemoteSvr.dll
  ncacn_ip_tcp: 197.189.209.178:49670

3d267954-eeb7-11d1-b94e-00c04fa3080d
  version: v1.0
  provider: lserver.dll
  ncacn_ip_tcp: 197.189.209.178:49672
  ncacn_np: \\I-LAB\pipe\HydraLsPipe
  ncalrpc: LRPC-79ecda83d0f3553099

f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
  version: v1.0
  ncalrpc: LRPC-bc19bc7007845e6f31
  ncalrpc: LRPC-e61a140fbf293a150b
  ncalrpc: LRPC-51798e0f5cb5822140
  ncalrpc: LRPC-e01d37b327787ef5e0
  ncalrpc: LRPC-a1612a150c7f27c432
  ncalrpc: LRPC-f6d5af26080eb72262
  ncalrpc: LRPC-1e8cad0a75c4d542fe
  ncalrpc: LRPC-edc9000ef39d39f11b
  ncalrpc: LRPC-f08b1800cf5a266a93
  ncalrpc: LRPC-080ac5ef46960dd97c

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 197.189.209.178:49678

509bc7ae-77be-4ee8-b07c-0d096bb44345
  version: v1.0
  ncalrpc: LRPC-1f71c1fde872e4267c
  ncalrpc: OLEBE3C88255A8C1B77DE9D6D0F3506

5c9a4cd7-ba75-45d2-9898-1773b3d1e5f1
  version: v1.0
  annotation: Device Install Service RPC Interface
  ncalrpc: LRPC-45cc91f64ac34b9598

d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
  version: v0.0
  ncalrpc: LRPC-156c027adb75ba06af

d8140e00-5c46-4ae6-80ac-2f9a76df224c
  version: v0.0
  ncalrpc: LRPC-156c027adb75ba06af

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc01D47C32
  ncalrpc: WMsgKRpc012B85B26
  ncalrpc: WMsgKRpc0B6C07A98
  ncalrpc: WMsgKRpc3B2F16E6520
  ncalrpc: WMsgKRpc41DE7883227
  ncalrpc: WMsgKRpc43E131BB82C
  ncalrpc: WMsgKRpc43E41F1EB2B
  ncalrpc: WMsgKRpc459895F4531
  ncalrpc: WMsgKRpc4659462F232

b1ef227e-dfa5-421e-82bb-67a6a129c496
  version: v0.0
  ncalrpc: LRPC-ae366e26ea15117b73
  ncalrpc: OLEBDB7239565A0EB2320927CE3BE00
  ncalrpc: LRPC-85e76e89d710016cd8
  ncalrpc: OLE01B0A7223A75D7FA0D30DDBDD751
  ncalrpc: LRPC-a4080c5053ffd4cd72
  ncalrpc: OLE9D0FEB361E2B9307EC6A2129DC3B
  ncalrpc: LRPC-ae1a66ce09312d79be
  ncalrpc: OLE5BCCE49FE64FEEC7923A7B09A2C3
  ncalrpc: LRPC-8d8c0d4130dd3ba2b2
  ncalrpc: OLE0F3DEBC9E65708305AB9DAF49708
  ncalrpc: LRPC-a17ec49390356f1659
  ncalrpc: OLE9FBBBC63D5CE4B0653F943B8A917
  ncalrpc: LRPC-1cd1c9a75f43cd95b5
  ncalrpc: OLE7BD24A819895FAC63F1189B36547
  ncalrpc: LRPC-b5ff9fce99957ad3e5
  ncalrpc: OLE8B735B9AFC2A16DC92AD3B41BC9D
  ncalrpc: LRPC-a715a22bb32ee340dd
  ncalrpc: OLE33287F09BE43FB52908477554497

0fc77b1a-95d8-4a2e-a0c0-cff54237462b
  version: v0.0
  ncalrpc: LRPC-ae366e26ea15117b73
  ncalrpc: OLEBDB7239565A0EB2320927CE3BE00
  ncalrpc: LRPC-85e76e89d710016cd8
  ncalrpc: OLE01B0A7223A75D7FA0D30DDBDD751
  ncalrpc: LRPC-a4080c5053ffd4cd72
  ncalrpc: OLE9D0FEB361E2B9307EC6A2129DC3B
  ncalrpc: LRPC-ae1a66ce09312d79be
  ncalrpc: OLE5BCCE49FE64FEEC7923A7B09A2C3
  ncalrpc: LRPC-8d8c0d4130dd3ba2b2
  ncalrpc: OLE0F3DEBC9E65708305AB9DAF49708
  ncalrpc: LRPC-a17ec49390356f1659
  ncalrpc: OLE9FBBBC63D5CE4B0653F943B8A917
  ncalrpc: LRPC-1cd1c9a75f43cd95b5
  ncalrpc: OLE7BD24A819895FAC63F1189B36547
  ncalrpc: LRPC-b5ff9fce99957ad3e5
  ncalrpc: OLE8B735B9AFC2A16DC92AD3B41BC9D
  ncalrpc: LRPC-a715a22bb32ee340dd
  ncalrpc: OLE33287F09BE43FB52908477554497

8ec21e98-b5ce-4916-a3d6-449fa428a007
  version: v0.0
  ncalrpc: LRPC-ae366e26ea15117b73
  ncalrpc: OLEBDB7239565A0EB2320927CE3BE00
  ncalrpc: LRPC-85e76e89d710016cd8
  ncalrpc: OLE01B0A7223A75D7FA0D30DDBDD751
  ncalrpc: LRPC-a4080c5053ffd4cd72
  ncalrpc: OLE9D0FEB361E2B9307EC6A2129DC3B
  ncalrpc: LRPC-ae1a66ce09312d79be
  ncalrpc: OLE5BCCE49FE64FEEC7923A7B09A2C3
  ncalrpc: LRPC-8d8c0d4130dd3ba2b2
  ncalrpc: OLE0F3DEBC9E65708305AB9DAF49708
  ncalrpc: LRPC-a17ec49390356f1659
  ncalrpc: OLE9FBBBC63D5CE4B0653F943B8A917
  ncalrpc: LRPC-1cd1c9a75f43cd95b5
  ncalrpc: OLE7BD24A819895FAC63F1189B36547
  ncalrpc: LRPC-b5ff9fce99957ad3e5
  ncalrpc: OLE8B735B9AFC2A16DC92AD3B41BC9D
  ncalrpc: LRPC-a715a22bb32ee340dd
  ncalrpc: OLE33287F09BE43FB52908477554497

0767a036-0d22-48aa-ba69-b619480f38cb
  version: v1.0
  annotation: PcaSvc
  provider: pcasvc.dll
  ncalrpc: LRPC-dd7864ff82a999c5e3

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-269ab55c8446209599
  ncalrpc: LRPC-269ab55c8446209599
  ncalrpc: LRPC-269ab55c8446209599
  ncalrpc: LRPC-4e7c93b4f4748a5491
  ncalrpc: OLE1AB629E03EC20D3C1C1785E7C748

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-304af89aafe83d6295

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-304af89aafe83d6295

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-304af89aafe83d6295

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-304af89aafe83d6295

0497b57d-2e66-424f-a0c6-157cd5d41700
  version: v1.0
  annotation: AppInfo
  ncalrpc: LRPC-304af89aafe83d6295

bf4dc912-e52f-4904-8ebe-9317c1bdd497
  version: v1.0
  ncalrpc: LRPC-c1b6883b35c7917039
  ncalrpc: OLE345B5CD7537244234CAACE9C35A7

a4b8d482-80ce-40d6-934d-b22a01a44fe7
  version: v1.0
  annotation: LicenseManager
  ncalrpc: LicenseServiceEndpoint

8c7daf44-b6dc-11d1-9a4c-0020af6e7c57
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: appmgmts.dll
  ncalrpc: LRPC-ed865b99aa35728956

c503f532-443a-4c69-8300-ccd1fbdb3839
  version: v2.0
  ncalrpc: LRPC-dce4670938ce9917ef
  ncalrpc: OLE5A5AFAF48E344D79790DA91ED01B

43890c94-bfd7-4655-ad6a-b4a68397cdcb
  version: v0.0
  ncalrpc: LRPC-1e4d763d0873c3d0c0
  ncalrpc: LRPC-61bc1186ed5bdb6ace
  ncalrpc: LRPC-d33bc8167829ea7612

c8ba73d2-3d55-429c-8e9a-c44f006f69fc
  version: v0.0
  ncalrpc: LRPC-1e4d763d0873c3d0c0
  ncalrpc: LRPC-61bc1186ed5bdb6ace
  ncalrpc: LRPC-d33bc8167829ea7612

e8748f69-a2a4-40df-9366-62dbeb696e26
  version: v0.0
  ncalrpc: LRPC-1e4d763d0873c3d0c0
  ncalrpc: LRPC-61bc1186ed5bdb6ace
  ncalrpc: LRPC-d33bc8167829ea7612

-1166656618 | 2024-05-06T08:48:22.698330

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 2
  Capabilities: raw-mode

661565755 | 2024-05-06T00:11:50.687017

1433 / tcp

MS-SQL NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: I-LAB
  NetBIOS Domain Name: I-LAB
  NetBIOS Computer Name: I-LAB
  DNS Domain Name: i-Lab
  FQDN: i-Lab

2107682086 | 2024-05-13T10:54:26.701502

1434 / udp

SQL Server Browser Service:
  Instance #1:
    Server Name: I-LAB
    Instance Name: MSSQLSERVER
    Is Clustered: False
    Version: 15.0.2000.5
    TCP Port: 1433
    Named Pipe: \\I-LAB\pipe\sql\query
    Version Name: MS-SQL Server 2019 RTM

1489525118 | 2024-05-02T11:54:12.810464

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 02 May 2024 11:53:55 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: I-LAB
  NetBIOS Domain Name: I-LAB
  NetBIOS Computer Name: I-LAB
  DNS Domain Name: i-Lab
  FQDN: i-Lab

197.189.209.178

Last Seen: 2024-05-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1944584462 | 2024-05-11T00:16:11.884256
135 / tcp

Microsoft RPC Endpoint Mapper

-1166656618 | 2024-05-06T08:48:22.698330
445 / tcp

661565755 | 2024-05-06T00:11:50.687017
1433 / tcp

MS-SQL Server 2019 RTM15.0.2000.0

2107682086 | 2024-05-13T10:54:26.701502
1434 / udp

SQL Server Browser Service

1489525118 | 2024-05-02T11:54:12.810464
5985 / tcp

WinRM

Products

Pricing

Contact Us

197.189.209.178

Last Seen: 2024-05-13

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1944584462 | 2024-05-11T00:16:11.884256 135 / tcp

Microsoft RPC Endpoint Mapper

-1166656618 | 2024-05-06T08:48:22.698330 445 / tcp

661565755 | 2024-05-06T00:11:50.687017 1433 / tcp

MS-SQL Server 2019 RTM15.0.2000.0

2107682086 | 2024-05-13T10:54:26.701502 1434 / udp

SQL Server Browser Service

1489525118 | 2024-05-02T11:54:12.810464 5985 / tcp

WinRM

Products

Pricing

Contact Us

1944584462 | 2024-05-11T00:16:11.884256
135 / tcp

-1166656618 | 2024-05-06T08:48:22.698330
445 / tcp

661565755 | 2024-05-06T00:11:50.687017
1433 / tcp

2107682086 | 2024-05-13T10:54:26.701502
1434 / udp

1489525118 | 2024-05-02T11:54:12.810464
5985 / tcp