928609965 | 2024-05-09T10:42:24.729442
21 /
tcp
220 Serv-U FTP Server v15.1 ready...
530 Sorry, no ANONYMOUS access allowed.
214-The following commands are recognized (* => unimplemented).
OPTS CLNT CSID NOOP HELP FEAT HOST USER PASS
REIN QUIT ACCT* SMNT* SITE ABOR SYST STAT AUTH
PBSZ PROT CCC SSCN CWD XCWD CDUP XCUP PWD
XPWD MKD XMKD RMD XRMD RMDA DSIZ AVBL PORT
EPRT PASV EPSV TYPE STRU MODE RETR STOR APPE
STOU THMB ALLO REST SIZE RNFR RNTO DELE XDEL
MDTM MFMT MFCT MFF XCRC XMD5 XSHA1 XSHA256 XSHA512
COMB LIST NLST MLST MLSD
214 End
211-Extensions supported
UTF8
OPTS MODE;MLST;UTF8
CLNT
CSID Name; Version;
HOST domain
SITE PSWD;SET;ZONE;CHMOD;MSG;EXEC;HELP
AUTH TLS;SSL;TLS-C;TLS-P;
PBSZ
PROT
CCC
SSCN
RMDA directoryname
DSIZ
AVBL
EPRT
EPSV
MODE Z
THMB BMP|JPEG|GIF|TIFF|PNG max_width max_height pathname
REST STREAM
SIZE
MDTM
MDTM YYYYMMDDHHMMSS[+-TZ];filename
MFMT
MFCT
MFF Create;Modify;
XCRC filename;start;end
XMD5 filename;start;end
XSHA1 filename;start;end
XSHA256 filename;start;end
XSHA512 filename;start;end
COMB target;source_list
MLST Type*;Size*;Create;Modify*;Perm;Win32.ea;Win32.dt;Win32.dl
211 End (for details use "HELP commmand" where command is the command of interest)
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=WI, L=Helenville, O=Rhino Software, Inc., OU=Software Development, CN=ftp.Serv-U.com
Validity
Not Before: Apr 29 15:53:05 2009 GMT
Not After : Apr 27 15:53:05 2019 GMT
Subject: C=US, ST=WI, L=Helenville, O=Rhino Software, Inc., OU=Software Development, CN=ftp.Serv-U.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:c2:87:da:9d:72:fd:62:f5:8e:a7:0f:0a:6c:a4:
b6:96:d4:ea:2c:76:ba:ed:3a:5d:2d:ee:e8:a8:7f:
6f:d0:62:cd:11:4e:64:f5:0d:54:73:d0:3d:12:37:
07:8d:8e:d0:7f:e7:4e:bd:a4:56:8d:32:d8:44:87:
9f:75:80:da:e7:8a:9c:72:d8:50:36:67:3e:f1:e5:
fb:f4:bf:f0:1b:4e:39:93:ba:32:b5:e0:66:03:06:
f3:10:4c:0e:7c:8c:67:f5:35:64:67:d3:e0:a4:26:
f8:42:a9:8e:1e:ca:59:18:81:77:67:e1:8e:50:80:
64:18:a0:4b:cd:f4:fe:b3:75
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
2a:1d:4e:32:3d:96:9a:dd:3d:59:81:24:5e:4e:64:cb:2f:c5:
70:e2:4a:ef:8c:97:a8:76:60:94:7d:0c:09:39:a0:9d:19:da:
60:ee:6e:71:27:a5:46:df:16:94:36:a2:a1:dd:34:39:3f:65:
69:0b:a2:59:74:9a:77:64:e7:bd:27:04:3d:8e:6e:59:29:be:
51:73:d9:36:13:e3:fa:e2:44:27:8d:a0:0d:20:5c:25:7d:b8:
a5:f3:95:de:da:45:83:83:80:af:bf:06:7e:9e:83:82:dc:44:
e5:7e:c0:d7:ed:0f:54:24:7d:e1:ed:0c:30:58:1d:36:2f:91:
67:98
35651489 | 2024-05-17T20:36:41.918984
22 /
tcp
SSH-2.0-Serv-U_15.1.6.25
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAAAgQDCh9qdcv1i9Y6nDwpspLaW1OosdrrtOl0t7uiof2/QYs0R
TmT1DVRz0D0SNweNjtB/5069pFaNMthEh591gNrnipxy2FA2Zz7x5fv0v/AbTjmTujK14GYDBvMQ
TA58jGf1NWRn0+CkJvhCqY4eylkYgXdn4Y5QgGQYoEvN9P6zdQ==
Fingerprint: e4:dd:11:2e:82:34:ab:62:59:1c:c8:62:1d:4b:48:99
Kex Algorithms:
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group14-sha1
diffie-hellman-group1-sha1
Server Host Key Algorithms:
ssh-rsa
Encryption Algorithms:
aes128-cbc
rijndael128-cbc
3des-cbc
blowfish-cbc
aes192-cbc
rijndael192-cbc
aes256-cbc
rijndael256-cbc
rijndael-cbc@lysator.liu.se
cast128-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
MAC Algorithms:
hmac-md5
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-256-96
hmac-sha2-512
hmac-sha2-512-96
Compression Algorithms:
zlib
none
1359724819 | 2024-05-17T21:04:00.901458
111 /
tcp
Portmap
Program Version Protocol Port
portmapper 2 udp 111
portmapper 3 udp 111
portmapper 4 udp 111
portmapper 2 tcp 111
portmapper 3 tcp 111
portmapper 4 tcp 111
nfs 2 tcp 2049
nfs 3 tcp 2049
nfs 2 udp 2049
nfs 3 udp 2049
nfs 4 tcp 2049
mountd 1 tcp 2049
mountd 2 tcp 2049
mountd 3 tcp 2049
mountd 1 udp 2049
mountd 2 udp 2049
mountd 3 udp 2049
nlockmgr 1 tcp 2049
nlockmgr 2 tcp 2049
nlockmgr 3 tcp 2049
nlockmgr 4 tcp 2049
nlockmgr 1 udp 2049
nlockmgr 2 udp 2049
nlockmgr 3 udp 2049
nlockmgr 4 udp 2049
status 1 tcp 2049
status 1 udp 2049
1359724819 | 2024-04-30T04:18:31.951131
111 /
udp
Portmap
Program Version Protocol Port
portmapper 2 udp 111
portmapper 3 udp 111
portmapper 4 udp 111
portmapper 2 tcp 111
portmapper 3 tcp 111
portmapper 4 tcp 111
nfs 2 tcp 2049
nfs 3 tcp 2049
nfs 2 udp 2049
nfs 3 udp 2049
nfs 4 tcp 2049
mountd 1 tcp 2049
mountd 2 tcp 2049
mountd 3 tcp 2049
mountd 1 udp 2049
mountd 2 udp 2049
mountd 3 udp 2049
nlockmgr 1 tcp 2049
nlockmgr 2 tcp 2049
nlockmgr 3 tcp 2049
nlockmgr 4 tcp 2049
nlockmgr 1 udp 2049
nlockmgr 2 udp 2049
nlockmgr 3 udp 2049
nlockmgr 4 udp 2049
status 1 tcp 2049
status 1 udp 2049
-1016726299 | 2024-05-14T11:03:17.738028
902 /
tcp
220 VMware Authentication Daemon Version 1.10: SSL Required, ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e9:32:0d:5d:6c:b6:ab:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, L=Palo Alto, OU=VMware, CN=VMware/emailAddress=none@vmware.com
Validity
Not Before: Dec 31 04:19:57 2020 GMT
Not After : Dec 31 04:19:57 2021 GMT
Subject: C=US, L=Palo Alto, OU=VMware, CN=VMware/emailAddress=none@vmware.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c5:e8:f3:79:66:1e:b0:ec:ca:ec:f1:59:79:04:
70:54:a9:92:eb:c6:cd:13:92:44:2a:ce:d6:7b:ce:
43:59:67:12:78:d0:44:dd:69:05:d6:b0:fa:a3:ba:
d2:d6:33:1c:c1:d1:31:1e:b5:b9:79:26:58:9e:33:
64:dd:60:74:50:d3:ff:28:9a:d7:04:2d:a6:3e:e4:
58:c9:f8:01:a5:e0:35:b9:65:b0:50:44:c5:0f:bb:
35:27:0a:66:ac:df:9f:32:00:7a:b3:1c:ce:dc:24:
81:a8:cd:31:32:86:bc:98:e9:42:fe:8d:7c:9c:89:
b6:09:77:38:d7:08:ba:7e:69:3a:97:25:7f:e6:af:
f8:03:76:32:b4:d0:61:c4:e7:c9:fb:b3:19:58:9f:
16:72:e9:cd:34:78:9e:fd:59:f1:2f:e4:4f:57:dc:
e7:13:b3:4a:e3:d6:7a:16:eb:5d:34:a0:88:dc:12:
99:16:87:2e:f6:88:40:c2:e6:72:9f:d2:d9:19:0d:
d0:8c:dc:94:83:1d:65:ad:88:48:8e:9f:1e:3e:0d:
b7:80:ec:a6:83:ee:fb:56:93:8f:dd:bf:63:57:a5:
3e:2d:32:85:4b:d9:5f:d3:40:04:c9:06:6e:2a:27:
cb:8c:df:68:90:0f:7f:0b:2d:5a:87:a0:43:7e:8a:
11:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E6:7C:59:F8:34:8C:A1:AC:28:61:52:EF:D7:75:5E:03:0C:DF:7D
X509v3 Authority Key Identifier:
keyid:79:E6:7C:59:F8:34:8C:A1:AC:28:61:52:EF:D7:75:5E:03:0C:DF:7D
DirName:/C=US/L=Palo Alto/OU=VMware/CN=VMware/emailAddress=none@vmware.com
serial:E9:32:0D:5D:6C:B6:AB:7C
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
4d:6e:8d:a5:48:56:3e:67:b8:07:04:a9:ce:61:be:93:e3:0e:
26:92:66:bf:27:4c:dd:a8:2f:60:fa:68:5d:04:ad:86:83:46:
13:be:be:f1:b1:a3:ee:ee:b6:c5:9c:22:aa:18:ac:66:e2:31:
5d:89:ff:2c:68:f3:84:68:5f:73:b5:92:cb:9b:cd:69:79:67:
b5:a1:c3:24:59:09:f8:3a:3c:5d:2a:09:95:11:bf:22:7b:86:
3a:ed:38:0d:ff:a8:b4:d6:09:47:06:3d:d0:b3:d2:ae:bd:fc:
13:5a:d0:ff:5a:0d:70:4c:94:b2:62:73:34:32:98:19:80:9e:
52:1a:ab:66:d7:a3:d6:e5:da:75:91:ce:1c:e2:41:f0:a6:b6:
ba:c0:41:63:66:b8:e5:07:8b:48:22:74:1a:f1:96:93:97:d2:
4a:8c:3b:ab:4e:e0:e7:7d:aa:1b:43:e8:3a:02:29:46:d7:d5:
85:af:19:ba:93:65:42:a8:b1:b5:4e:b8:0a:1a:39:87:3a:b6:
f4:3f:0e:34:7c:2d:af:93:36:9f:ea:8f:59:76:a1:3f:70:2c:
a9:75:2c:a3:0b:14:df:66:47:90:c9:07:cf:53:53:4a:1d:1c:
03:67:53:5a:72:fb:7b:ec:43:fb:47:45:12:1f:07:fc:c0:e4:
48:dd:18:b4
-135124240 | 2024-05-01T15:08:01.490312
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809)
OS Build: 10.0.17763
Target Name: VAGONRDSERVER
NetBIOS Domain Name: VAGONRDSERVER
NetBIOS Computer Name: VAGONRDSERVER
DNS Domain Name: VAGONRDSERVER
FQDN: VAGONRDSERVER
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c0:99:9d:04:ca:68:87:4f:be:b9:23:39:91:ef:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=VAGONRDSERVER
Validity
Not Before: Apr 13 03:56:58 2024 GMT
Not After : Oct 13 03:56:58 2024 GMT
Subject: CN=VAGONRDSERVER
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:46:ea:43:52:14:0c:df:03:03:8e:8b:0c:2b:
87:47:38:22:3d:1e:51:4f:36:7e:4c:16:fd:b8:8c:
36:86:73:7e:41:6b:30:52:79:1d:fe:6a:20:aa:c2:
ee:15:0f:0e:19:3d:4a:6f:0a:61:cd:a3:4f:10:de:
1b:2b:62:57:db:fe:e9:cc:89:39:02:2e:bf:b1:f8:
40:2f:f0:72:e2:19:ab:52:ac:b9:bd:ad:78:e9:74:
b3:b4:4b:6f:4d:ac:7c:10:e4:d1:56:22:cc:af:74:
f7:b5:3c:1a:95:4b:0e:2e:59:5e:98:52:df:a0:12:
53:a7:d0:b3:d9:73:af:cd:16:8a:76:f1:a5:90:f7:
03:62:e2:d0:ad:0e:78:97:e7:13:4a:8e:6c:c0:91:
7d:cd:ab:79:da:bd:56:16:7f:aa:25:c6:16:cd:1c:
bf:4a:e3:80:24:8e:60:13:cc:44:de:4b:09:73:ad:
1f:0e:75:72:be:cc:09:e3:10:82:ef:4c:4c:0a:d1:
85:b9:dd:02:ee:62:42:93:38:87:21:7c:5d:fd:cc:
7f:0e:e3:e9:1d:d5:e7:83:37:a6:50:fd:ac:bf:cf:
21:be:0a:e2:8a:2c:98:39:43:c1:f8:88:af:f8:1a:
1b:69:3c:a6:67:fd:6b:6c:a0:67:e2:bd:c8:57:3c:
e2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
be:c3:9d:7e:c4:cf:21:6e:be:37:23:eb:d6:5f:b9:ab:bb:79:
64:d1:4e:ec:02:f1:5c:46:1b:f4:d0:21:3e:5f:3a:43:dc:13:
0a:71:bc:40:53:d0:bf:8e:d9:f9:98:98:52:80:91:5c:88:13:
b8:3b:4b:35:96:d6:e9:a7:37:1f:bd:23:e5:e0:12:d3:bd:27:
56:bd:77:7a:32:4f:cb:78:20:d6:dd:4c:ab:31:27:4e:3e:c0:
83:4e:db:3e:d8:db:e9:eb:4e:41:e9:6d:2f:d9:06:1a:c1:95:
29:db:b4:8d:b8:dd:35:37:64:5a:cb:ef:10:69:25:60:4c:06:
dd:e5:27:bd:16:c3:b0:e0:4c:b4:4a:6e:32:f2:7b:33:c1:63:
db:71:c0:e0:bf:c5:af:f0:19:9d:ca:d6:39:58:e6:04:6a:90:
9e:af:24:60:2b:ae:a5:bb:30:55:23:10:03:f8:0b:53:8d:46:
91:4c:aa:6a:2d:6b:8c:04:7f:e5:2f:13:e2:29:32:2d:db:f8:
35:2c:76:79:c7:79:75:3a:0f:c9:01:51:8d:b4:2c:74:d1:67:
b8:95:8e:11:ee:5e:4a:cf:21:8d:e5:d3:46:de:b4:eb:8a:93:
7c:36:20:55:18:75:3f:da:df:0c:88:05:c2:00:86:18:fa:19:
48:4f:a4:7c
1355394294 | 2024-04-29T08:37:47.959015
8090 /
tcp
HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Mon, 29 Apr 2024 08:37:47 GMT
Content-Length: 1157
