GeneralInformation

Hostnames	vh38.sweb.ru
Domains	sweb.ru
Country	Russian Federation
City	Saint Petersburg
Organization	SpaceWeb
ISP	SpaceWeb Ltd
ASN	AS44112

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

21 22 80 443 3306

-96724338 | 2024-04-11T11:19:26.054479

21 / tcp

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 100 allowed.
220-Local time is now 14:19. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
530 Login authentication failed
214-The following SITE commands are recognized
 ALIAS
 CHMOD
 IDLE
 UTIME
214 Pure-FTPd - http://pureftpd.org/
211-Extensions supported:
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 AUTH TLS
 PBSZ
 PROT
 TVFS
 ESTA
 PASV
 EPSV
 SPSV
 ESTP
211 End.

1118082453 | 2024-04-02T20:18:28.463903

22 / tcp

SSH-2.0-OpenSSH_9.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBENKZ0GFM9ku6lLhQGTxkNLY
oZJdrpUlKK0eRjt17OLXFoSJr0RtdlwYK+yrTw2j5R5fwuvSV9OSlIKdbqSJ4Gc=
Fingerprint: 4a:d3:05:d4:fe:ae:80:73:13:99:50:47:77:38:c5:3b

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	ext-info-s
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1664397634 | 2024-04-15T05:01:56.510729

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.25.4
Date: Mon, 15 Apr 2024 05:01:55 GMT
Content-Type: text/html
Content-Length: 316966
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Wed, 07 Jul 2021 13:59:10 GMT
ETag: "a697c-4d626-5c688f150a780"
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN

-963256725 | 2024-04-13T07:37:53.735774

443 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.25.4
Date: Sat, 13 Apr 2024 07:37:53 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Keep-Alive: timeout=10
Location: http://77.222.56.37/

SSL Certificate

Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number:
            cc:4f:b0:b1:41:75:67:4b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=RU, ST=SPb, L=SPb, O=Test Self SSL Company, OU=Test, CN=test-self-signed.spaceweb.ru/emailAddress=support@sweb.ru
        Validity
            Not Before: May 25 10:09:43 2016 GMT
            Not After : May 24 10:09:43 2016 GMT
        Subject: C=RU, ST=SPb, L=SPb, O=Test Self SSL Company, OU=Test, CN=test-self-signed.spaceweb.ru/emailAddress=support@sweb.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b0:1a:4e:b8:2b:d2:93:1a:f4:22:f4:49:05:da:
                    a5:6e:73:fe:5a:58:25:e2:c2:55:e3:99:79:94:44:
                    8a:1b:9a:09:81:e2:cd:20:a3:3f:63:d5:d7:55:5b:
                    1b:e9:e8:3b:5e:d2:7b:8e:5c:b7:73:5c:ef:d1:0b:
                    51:72:eb:8f:13:5f:b4:56:b0:59:7f:31:7a:4d:27:
                    4f:95:6d:ba:f9:28:3b:70:e4:2b:e1:3b:34:60:8e:
                    e2:ff:7c:db:b2:9f:60:03:87:4c:6d:82:77:74:d1:
                    1e:e4:86:e4:82:3b:56:be:de:17:36:3b:13:25:c4:
                    1a:a6:06:fc:9d:22:62:29:6a:5e:a6:85:93:e1:6a:
                    08:ad:ca:d2:f7:81:8c:54:23:46:9a:0c:81:bd:b4:
                    5f:47:ab:68:c8:e7:4d:23:17:10:c1:72:b8:42:1e:
                    65:5d:1f:f6:7b:c3:ad:a3:79:1e:10:2c:e5:95:b3:
                    b5:54:4f:00:6c:ed:f5:ed:74:ba:f5:4b:ad:29:58:
                    ba:25:6f:c4:a9:b2:b7:1d:64:9f:fa:3c:fe:1b:61:
                    09:6e:31:07:09:98:00:0a:e5:84:97:56:01:eb:2f:
                    02:38:26:a1:bc:bf:b6:bd:ae:25:f7:87:13:51:1e:
                    8b:52:66:31:c7:3f:40:12:3e:b9:81:2d:ae:65:f0:
                    f9:db
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        28:f9:d8:78:98:44:8d:20:6c:17:9e:ae:3e:51:de:91:ac:2b:
        d2:e4:78:ee:f5:24:b1:d5:55:92:5c:4c:53:f3:75:66:2c:8a:
        03:e2:3d:4d:97:c9:e6:e8:62:f8:15:e8:85:a9:0d:06:10:b3:
        14:1c:67:26:69:e4:e1:28:df:41:ef:f3:2b:7a:cc:58:ea:c2:
        94:6e:23:2b:b2:8f:02:ac:da:9e:68:40:c1:0f:d7:f3:cc:c4:
        15:f8:f8:63:c1:81:50:66:16:48:ba:66:b2:8c:a4:1d:ae:70:
        9a:3a:c4:49:51:b7:f9:bb:13:38:8e:1e:c0:34:a2:62:a6:48:
        32:6d:03:ca:a7:93:f4:4a:52:59:1b:13:18:91:24:21:10:9a:
        2f:78:6d:98:b8:46:54:06:26:16:e3:de:cc:b4:8f:e3:25:5b:
        ff:73:76:86:14:dc:fb:87:ae:96:bf:4d:7a:9d:59:86:5d:11:
        87:31:bb:1b:f6:24:67:40:bd:01:5c:e2:a3:c4:1d:2e:19:1b:
        c7:c8:b7:0b:3d:64:a1:09:22:6c:e2:d1:aa:6d:a7:01:c3:a2:
        73:0d:4c:38:b7:e6:95:48:ef:c1:78:ea:d2:e0:c2:1d:dd:77:
        8b:c2:46:7e:53:a6:57:40:4d:32:99:4d:a9:02:44:25:87:6a:
        94:60:72:5b

-51205627 | 2024-04-16T00:20:15.644143

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.6.43-84.3-log
  Capabilities: 63487
  Server Language: 33
  Server Status: 2
  Extended Server Capabilities: 32895
  Authentication Plugin: mysql_native_password

77.222.56.37

Last Seen: 2024-04-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-96724338 | 2024-04-11T11:19:26.054479
21 / tcp

Pure-FTPd

1118082453 | 2024-04-02T20:18:28.463903
22 / tcp

OpenSSH9.6

-1664397634 | 2024-04-15T05:01:56.510729
80 / tcp

nginx1.25.4

-963256725 | 2024-04-13T07:37:53.735774
443 / tcp

nginx1.25.4

-51205627 | 2024-04-16T00:20:15.644143
3306 / tcp

MySQL5.6.43-84.3-log

Products

Pricing

Contact Us

77.222.56.37

Last Seen: 2024-04-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-96724338 | 2024-04-11T11:19:26.054479 21 / tcp

Pure-FTPd

1118082453 | 2024-04-02T20:18:28.463903 22 / tcp

OpenSSH9.6

-1664397634 | 2024-04-15T05:01:56.510729 80 / tcp

nginx1.25.4

-963256725 | 2024-04-13T07:37:53.735774 443 / tcp

nginx1.25.4

-51205627 | 2024-04-16T00:20:15.644143 3306 / tcp

MySQL5.6.43-84.3-log

Products

Pricing

Contact Us

-96724338 | 2024-04-11T11:19:26.054479
21 / tcp

1118082453 | 2024-04-02T20:18:28.463903
22 / tcp

-1664397634 | 2024-04-15T05:01:56.510729
80 / tcp

-963256725 | 2024-04-13T07:37:53.735774
443 / tcp

-51205627 | 2024-04-16T00:20:15.644143
3306 / tcp