GeneralInformation

Country	United States
City	Santa Clara
Organization	Asia Pacific Network Information Center, Pty. Ltd.
ISP	Tencent Building, Kejizhongyi Avenue
ASN	AS132203

Vulnerabilities

CVE-2020-0796

10.0A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

OpenPorts

21 135 445 3306 3389 5985 8888

-1521289231 | 2024-05-15T00:21:06.483140

21 / tcp

220 FileZilla Server version 0.9.46 beta written by Tim Kosse (Tim.Kosse@gmx.de) Please visit http://sourceforge.
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   P@SW   PASS   PASV   PBSZ   PORT   PROT   PWD 
   QUIT   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE
   STOR   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD
   XPWD   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 UTF8
 CLNT
 MFMT
211 End

604521265 | 2024-05-17T16:02:56.893390

135 / tcp

Microsoft RPC Endpoint Mapper

51a227ae-825b-41f2-b4a9-1ac9557a1018
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 10.0.4.8:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\10_0_4_8\pipe\lsass

8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 10.0.4.8:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\10_0_4_8\pipe\lsass

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 10.0.4.8:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\10_0_4_8\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 10.0.4.8:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\10_0_4_8\pipe\lsass

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 10.0.4.8:49665
  ncalrpc: WindowsShutdown
  ncacn_np: \\10_0_4_8\PIPE\InitShutdown
  ncalrpc: WMsgKRpc04E9E0

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\10_0_4_8\PIPE\InitShutdown
  ncalrpc: WMsgKRpc04E9E0
  ncalrpc: WMsgKRpc051D11
  ncalrpc: WMsgKRpc04FF202

fc48cd89-98d6-4628-9839-86f7a3e4161a
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: csebpub
  ncalrpc: LRPC-bb4b1757bc4e3aa1de
  ncalrpc: LRPC-7304649979902983a9
  ncalrpc: LRPC-1623f9a0504da95a6f
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

d09bdeb5-6171-4a34-bfe2-06fa82652568
  version: v1.0
  ncalrpc: csebpub
  ncalrpc: LRPC-bb4b1757bc4e3aa1de
  ncalrpc: LRPC-7304649979902983a9
  ncalrpc: LRPC-1623f9a0504da95a6f
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-7304649979902983a9
  ncalrpc: LRPC-1623f9a0504da95a6f
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-1623f9a0504da95a6f
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-c03c382f8da0132be1
  ncalrpc: LRPC-be407cd3ad5e7985ae

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-bb4b1757bc4e3aa1de
  ncalrpc: LRPC-7304649979902983a9
  ncalrpc: LRPC-1623f9a0504da95a6f
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-7304649979902983a9
  ncalrpc: LRPC-1623f9a0504da95a6f
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

0d47017b-b33b-46ad-9e18-fe96456c5078
  version: v1.0
  ncalrpc: umpo

95406f0b-b239-4318-91bb-cea3a46ff0dc
  version: v1.0
  ncalrpc: umpo

4ed8abcc-f1e2-438b-981f-bb0e8abc010c
  version: v1.0
  ncalrpc: umpo

0ff1f646-13bb-400a-ab50-9a78f2b7a85a
  version: v1.0
  ncalrpc: umpo

6982a06e-5fe2-46b1-b39c-a2c545bfa069
  version: v1.0
  ncalrpc: umpo

082a3471-31b6-422a-b931-a54401960c62
  version: v1.0
  ncalrpc: umpo

fae436b0-b864-4a87-9eda-298547cd82f2
  version: v1.0
  ncalrpc: umpo

e53d94ca-7464-4839-b044-09a2fb8b3ae5
  version: v1.0
  ncalrpc: umpo

178d84be-9291-4994-82c6-3f909aca5a03
  version: v1.0
  ncalrpc: umpo

4dace966-a243-4450-ae3f-9b7bcb5315b8
  version: v2.0
  ncalrpc: umpo

1832bcf6-cab8-41d4-85d2-c9410764f75a
  version: v1.0
  ncalrpc: umpo

c521facf-09a9-42c5-b155-72388595cbf0
  version: v0.0
  ncalrpc: umpo

2c7fd9ce-e706-4b40-b412-953107ef9bb0
  version: v0.0
  ncalrpc: umpo

88abcbc3-34ea-76ae-8215-767520655a23
  version: v0.0
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

76c217bc-c8b4-4201-a745-373ad9032b1a
  version: v1.0
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

55e6b932-1979-45d6-90c5-7f6270724112
  version: v1.0
  ncalrpc: LRPC-328bcdc602d3183da4
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
  version: v1.0
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

20c40295-8dba-48e6-aebf-3e78ef3bb144
  version: v2.0
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

2513bcbe-6cd4-4348-855e-7efb3c336dd3
  version: v2.0
  ncalrpc: OLEB0CE8B4ED83743432A8B884AD81E
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: LRPC-5fae0c42dab63284f1
  ncalrpc: actkernel
  ncalrpc: umpo

dd59071b-3215-4c59-8481-972edadc0f6a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

0361ae94-0316-4c6c-8ad8-c594375800e2
  version: v1.0
  ncalrpc: umpo

5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
  version: v1.0
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-1158bf73a65c650a9f
  ncalrpc: LRPC-8261a900d1d16dc139
  ncalrpc: IUserProfile2
  ncalrpc: LRPC-94ee1d8acb2e487ef4
  ncalrpc: senssvc
  ncalrpc: LRPC-0f4a6c707f353107f8

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  ncalrpc: LRPC-e2ace9dc691ad5ea70

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: LRPC-7d44e3a8043b82ad34
  ncalrpc: OLE5825F0AB4087E19324D9D26CEA1D
  ncalrpc: LRPC-c03c382f8da0132be1

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  ncalrpc: LRPC-04c0bd191408e7bcef

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-2f708a991740c34415
  ncalrpc: LRPC-be407cd3ad5e7985ae

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 10.0.4.8:49666
  ncacn_np: \\10_0_4_8\pipe\eventlog
  ncalrpc: eventlog

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-a8a8f711eb7c8fbb28

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-95e52dca12c987ce87

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 10.0.4.8:49667
  ncalrpc: LRPC-ea65904987028182b6
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\10_0_4_8\PIPE\atsvc
  ncalrpc: LRPC-7ffc40c48f98cfab82

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 10.0.4.8:49667
  ncalrpc: LRPC-ea65904987028182b6
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\10_0_4_8\PIPE\atsvc
  ncalrpc: LRPC-7ffc40c48f98cfab82

33d84484-3626-47ee-8c6f-e7e98b113be1
  version: v2.0
  ncalrpc: LRPC-ea65904987028182b6
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\10_0_4_8\PIPE\atsvc
  ncalrpc: LRPC-7ffc40c48f98cfab82

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\10_0_4_8\PIPE\atsvc
  ncalrpc: LRPC-7ffc40c48f98cfab82

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\10_0_4_8\PIPE\atsvc
  ncalrpc: LRPC-7ffc40c48f98cfab82

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: LRPC-7ffc40c48f98cfab82

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-7535ea58d876e97abb
  ncalrpc: DNSResolver

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-2343602cd6eb391563

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: ec96c150-7174-47d8-8201-1ef0e298d38d
  ncalrpc: LRPC-455b47a5a72ed01305

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\10_0_4_8\PIPE\wkssvc
  ncalrpc: LRPC-1b57f6808d38f877b9

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-1b57f6808d38f877b9

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-1b57f6808d38f877b9

3f787932-3452-4363-8651-6ea97bb373bb
  version: v1.0
  annotation: NSP Rpc Interface
  ncalrpc: LRPC-a434024e5bc2672f9d
  ncalrpc: OLE83B131E92ABF74B11F9DA2A67906

13560fa9-8c09-4b56-a1fd-04d083b9b2a1
  version: v1.0
  ncalrpc: LRPC-8e9c3bc42facf2d285
  ncalrpc: OLE8F20DED3EF2FA400E324CB8A62DB

c2d1b5dd-fa81-4460-9dd6-e7658b85454b
  version: v1.0
  ncalrpc: LRPC-8e9c3bc42facf2d285
  ncalrpc: OLE8F20DED3EF2FA400E324CB8A62DB

f44e62af-dab1-44c2-8013-049a9de417d6
  version: v1.0
  ncalrpc: LRPC-8e9c3bc42facf2d285
  ncalrpc: OLE8F20DED3EF2FA400E324CB8A62DB

b37f900a-eae4-4304-a2ab-12bb668c0188
  version: v1.0
  ncalrpc: LRPC-8e9c3bc42facf2d285
  ncalrpc: OLE8F20DED3EF2FA400E324CB8A62DB

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  ncalrpc: LRPC-8e9c3bc42facf2d285
  ncalrpc: OLE8F20DED3EF2FA400E324CB8A62DB

29770a8f-829b-4158-90a2-78cd488501f7
  version: v1.0
  ncacn_ip_tcp: 10.0.4.8:49668
  ncacn_np: \\10_0_4_8\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-0f4a6c707f353107f8

0d3c7f20-1c8d-4654-a1b3-51563b298bda
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-9374eb0b459b59523d
  ncalrpc: OLE13769774BBAFE106910FE33C248C

b18fbab6-56f8-4702-84e0-41053293a869
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-9374eb0b459b59523d
  ncalrpc: OLE13769774BBAFE106910FE33C248C

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-f1216497389561e686
  ncalrpc: LRPC-bd815879f76681246e
  ncalrpc: LRPC-071536ee87b927c874
  ncalrpc: LRPC-87eb10a6f91f2b250a

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-bd815879f76681246e
  ncalrpc: LRPC-071536ee87b927c874
  ncalrpc: LRPC-87eb10a6f91f2b250a

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-071536ee87b927c874
  ncalrpc: LRPC-87eb10a6f91f2b250a

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-87eb10a6f91f2b250a

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncalrpc: LRPC-3fba451ddeda3e1940

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncalrpc: OLE9CB17B4E3272CCBE928BE9C869D4
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-80e5a3c1e43796ece3

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-80e5a3c1e43796ece3

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-80e5a3c1e43796ece3

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncalrpc: LRPC-80e5a3c1e43796ece3

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncalrpc: LRPC-8e4daa142d494f4c99

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncalrpc: LRPC-8e4daa142d494f4c99

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: LRPC-b2635612a6246ac61c

98cd761e-e77d-41c8-a3c0-0fb756d90ec2
  version: v1.0
  ncalrpc: LRPC-83f0098a4713e536d4
  ncalrpc: OLE006DC15283C118BE56FF9EA084B8

d22895ef-aff4-42c5-a5b2-b14466d34ab4
  version: v1.0
  ncalrpc: LRPC-83f0098a4713e536d4
  ncalrpc: OLE006DC15283C118BE56FF9EA084B8

e38f5360-8572-473e-b696-1b46873beeab
  version: v1.0
  ncalrpc: LRPC-83f0098a4713e536d4
  ncalrpc: OLE006DC15283C118BE56FF9EA084B8

95095ec8-32ea-4eb0-a3e2-041f97b36168
  version: v1.0
  ncalrpc: LRPC-83f0098a4713e536d4
  ncalrpc: OLE006DC15283C118BE56FF9EA084B8

fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
  version: v1.0
  ncalrpc: LRPC-83f0098a4713e536d4
  ncalrpc: OLE006DC15283C118BE56FF9EA084B8

4c9dbf19-d39e-4bb9-90ee-8f7179b20283
  version: v1.0
  ncalrpc: LRPC-83f0098a4713e536d4
  ncalrpc: OLE006DC15283C118BE56FF9EA084B8

d4051bde-9cdd-4910-b393-4aa85ec3c482
  version: v1.0
  ncalrpc: LRPC-83f0098a4713e536d4
  ncalrpc: OLE006DC15283C118BE56FF9EA084B8

7df1ceae-de4e-4e6f-ab14-49636e7c2052
  version: v1.0
  ncalrpc: LRPC-718b2ba5be0bdd78c8

6b5bdd1e-528c-422c-af8c-a4079be4fe48
  version: v1.0
  annotation: Remote Fw APIs
  protocol: [MS-FASP]: Firewall and Advanced Security Protocol
  provider: FwRemoteSvr.dll
  ncacn_ip_tcp: 10.0.4.8:49677
  ncalrpc: ipsec

650a7e26-eab8-5533-ce43-9c1dfce11511
  version: v1.0
  annotation: Vpn APIs
  ncalrpc: LRPC-41aa211ab76468babf
  ncalrpc: VpnikeRpc
  ncalrpc: RasmanLrpc
  ncacn_np: \\10_0_4_8\PIPE\ROUTER

f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
  version: v1.0
  ncalrpc: LRPC-cf37d0cdf5c5ac510b
  ncalrpc: LRPC-2fac8d430a4ed84204

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 10.0.4.8:49687

509bc7ae-77be-4ee8-b07c-0d096bb44345
  version: v1.0
  ncalrpc: LRPC-416ba98f591acc71e6
  ncalrpc: OLEE38DC2AA0B619CE304E541CB6B73

d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
  version: v0.0
  ncalrpc: LRPC-bd9c9573c15d65b1c7

d8140e00-5c46-4ae6-80ac-2f9a76df224c
  version: v0.0
  ncalrpc: LRPC-bd9c9573c15d65b1c7

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc04FF202

b1ef227e-dfa5-421e-82bb-67a6a129c496
  version: v0.0
  ncalrpc: LRPC-ddff4f3ff60550c5e9
  ncalrpc: OLEDD921F7FDCD219AE540B4F27C9D5

0fc77b1a-95d8-4a2e-a0c0-cff54237462b
  version: v0.0
  ncalrpc: LRPC-ddff4f3ff60550c5e9
  ncalrpc: OLEDD921F7FDCD219AE540B4F27C9D5

8ec21e98-b5ce-4916-a3d6-449fa428a007
  version: v0.0
  ncalrpc: LRPC-ddff4f3ff60550c5e9
  ncalrpc: OLEDD921F7FDCD219AE540B4F27C9D5

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-9c181472585ea2920c

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-9c181472585ea2920c

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-9c181472585ea2920c

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-9c181472585ea2920c

0497b57d-2e66-424f-a0c6-157cd5d41700
  version: v1.0
  annotation: AppInfo
  ncalrpc: LRPC-9c181472585ea2920c

0767a036-0d22-48aa-ba69-b619480f38cb
  version: v1.0
  annotation: PcaSvc
  provider: pcasvc.dll
  ncalrpc: LRPC-d5f9b7d3211f914279

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-74ca6b07cc8c53329f
  ncalrpc: LRPC-74ca6b07cc8c53329f
  ncalrpc: LRPC-74ca6b07cc8c53329f

a4b8d482-80ce-40d6-934d-b22a01a44fe7
  version: v1.0
  annotation: LicenseManager
  ncalrpc: LicenseServiceEndpoint

bf4dc912-e52f-4904-8ebe-9317c1bdd497
  version: v1.0
  ncalrpc: LRPC-2ba758a702ada242f9
  ncalrpc: OLEC9F75A7B7E61F5A3F25894BB6846

c503f532-443a-4c69-8300-ccd1fbdb3839
  version: v2.0
  ncalrpc: LRPC-f7beb6a1458c54c6fe
  ncalrpc: OLE899791F94AD811F10384146EA5CA

-1166656618 | 2024-05-17T21:09:47.934020

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 2
  Capabilities: raw-mode

2131906928 | 2024-05-10T01:12:20.194412

3306 / tcp

MySQL:
  Error Message: Host '224.67.140.238' is not allowed to connect to this MySQL server
  Error Code: 1130

-385667236 | 2024-05-13T08:55:27.142636

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: 10_0_4_8
  NetBIOS Domain Name: 10_0_4_8
  NetBIOS Computer Name: 10_0_4_8
  DNS Domain Name: 10_0_4_8
  FQDN: 10_0_4_8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:f9:a8:92:ed:08:92:9b:4f:0a:b2:11:6b:ae:22:26
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=\x001\x000\x00_\x000\x00_\x004\x00_\x008
        Validity
            Not Before: Jan 25 13:18:58 2024 GMT
            Not After : Jul 26 13:18:58 2024 GMT
        Subject: CN=\x001\x000\x00_\x000\x00_\x004\x00_\x008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:da:6b:ed:cd:43:cb:20:64:7b:57:71:a7:ad:
                    ff:c9:e2:52:11:0c:e4:bd:7c:cd:3f:27:26:5f:76:
                    ff:45:f1:d5:fd:c4:7f:a3:c6:c6:dd:68:bf:a0:52:
                    d1:c6:60:4a:1f:d1:e6:68:0a:06:33:fd:35:bb:34:
                    99:37:fa:7a:e3:e0:cb:e5:15:95:52:c4:db:79:2c:
                    58:c0:88:a9:25:7a:ae:e6:a0:3e:6d:c4:3a:d4:af:
                    2e:a9:c0:31:82:a0:df:bd:d0:04:9a:c6:35:75:17:
                    b8:51:76:c6:da:d3:3a:4a:8a:ff:86:a9:7c:fb:ec:
                    17:2e:4f:e1:aa:37:a0:5b:5a:8e:70:5b:00:e5:e2:
                    60:64:36:47:3f:fb:f4:53:f3:0c:ed:c3:56:9c:a6:
                    40:13:f4:2b:5e:43:88:5b:f0:5c:f0:25:71:b3:12:
                    04:77:a5:d6:fa:d0:65:a0:99:9c:7a:09:ca:1a:f7:
                    30:34:c2:42:e1:33:bb:4e:59:7a:f1:e4:1e:b5:d3:
                    d2:05:0b:57:d4:9e:cd:7a:b6:b9:4a:b2:13:00:46:
                    4a:f7:73:b1:de:b3:94:12:48:e4:fb:3f:54:64:45:
                    16:8b:da:13:a8:32:17:88:b3:94:1e:7a:23:22:b2:
                    ea:d8:2b:c3:d1:db:2d:6b:43:30:db:80:9a:1a:58:
                    66:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a0:d8:ef:8a:f9:e7:c3:0b:11:bf:b8:fa:49:6e:12:a5:e8:b5:
        67:ce:52:d5:37:90:55:cb:73:78:50:c6:17:9c:f9:03:69:ff:
        7e:89:0a:ca:ca:77:6d:ab:b6:98:c2:bb:48:62:82:29:a0:69:
        ab:a6:82:af:46:21:ea:b7:93:40:ca:51:ea:ec:f4:1e:cd:f8:
        6e:af:f7:c6:70:b9:e8:e3:2b:ce:8b:ab:eb:00:3f:54:1a:6a:
        51:3d:5a:05:23:23:1f:de:35:6d:d0:74:0b:9a:fa:55:26:68:
        c9:48:60:a8:7e:2a:1d:9e:ba:50:6a:e9:14:48:17:2a:86:b6:
        d8:e0:a6:5e:80:02:4f:83:03:1d:2a:e7:69:48:02:cd:c1:04:
        22:53:9a:ab:73:04:d7:ad:b6:c1:01:b8:12:05:4e:8c:a2:72:
        ae:16:cc:e8:3d:03:25:f2:9b:79:88:35:98:ee:89:bc:0d:d6:
        e0:80:06:e2:a8:1e:e9:31:21:81:26:d1:6d:20:39:11:88:fe:
        07:53:03:6e:68:67:03:b3:75:e3:ce:44:b6:6f:d3:bd:4c:05:
        fb:93:cd:01:d5:a2:af:53:cf:fb:c6:dd:7a:62:e4:77:f7:8f:
        76:d8:9d:d0:c0:f1:12:e0:f4:2d:eb:a2:92:83:93:38:66:79:
        44:06:5e:8a

1489525118 | 2024-05-13T08:31:45.895681

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 13 May 2024 08:31:45 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: 10_0_4_8
  NetBIOS Domain Name: 10_0_4_8
  NetBIOS Computer Name: 10_0_4_8
  DNS Domain Name: 10_0_4_8
  FQDN: 10_0_4_8

-85749389 | 2024-05-05T22:13:11.057634

8888 / tcp

HTTP/1.1 404 NOT FOUND
Content-Type: text/html
Content-Length: 138
Server: nginx
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: a0dc94b2d26a0e55a73a8a2e2b0f7404=faf06c87-a1af-40ea-9015-4954a9f1ec41.nXhuINL7SCxlDt747D33FvLTesQ; Expires=Mon, 06-May-2024 22:13:10 GMT; HttpOnly; Path=/
Date: Sun, 05 May 2024 22:13:10 GMT

43.153.109.213

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1521289231 | 2024-05-15T00:21:06.483140
21 / tcp

604521265 | 2024-05-17T16:02:56.893390
135 / tcp

Microsoft RPC Endpoint Mapper

-1166656618 | 2024-05-17T21:09:47.934020
445 / tcp

2131906928 | 2024-05-10T01:12:20.194412
3306 / tcp

MySQL

-385667236 | 2024-05-13T08:55:27.142636
3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-05-13T08:31:45.895681
5985 / tcp

WinRM

-85749389 | 2024-05-05T22:13:11.057634
8888 / tcp

nginx

Products

Pricing

Contact Us

43.153.109.213

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1521289231 | 2024-05-15T00:21:06.483140 21 / tcp

604521265 | 2024-05-17T16:02:56.893390 135 / tcp

Microsoft RPC Endpoint Mapper

-1166656618 | 2024-05-17T21:09:47.934020 445 / tcp

2131906928 | 2024-05-10T01:12:20.194412 3306 / tcp

MySQL

-385667236 | 2024-05-13T08:55:27.142636 3389 / tcp

Remote Desktop Protocol

1489525118 | 2024-05-13T08:31:45.895681 5985 / tcp

WinRM

-85749389 | 2024-05-05T22:13:11.057634 8888 / tcp

nginx

Products

Pricing

Contact Us

-1521289231 | 2024-05-15T00:21:06.483140
21 / tcp

604521265 | 2024-05-17T16:02:56.893390
135 / tcp

-1166656618 | 2024-05-17T21:09:47.934020
445 / tcp

2131906928 | 2024-05-10T01:12:20.194412
3306 / tcp

-385667236 | 2024-05-13T08:55:27.142636
3389 / tcp

1489525118 | 2024-05-13T08:31:45.895681
5985 / tcp

-85749389 | 2024-05-05T22:13:11.057634
8888 / tcp