OpenSSH9.4p1 Debian 1

SSH-2.0-OpenSSH_9.4p1 Debian-1
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBIBzkPiZ+KUFo2xuEKNZUWq
sWQOMPP7hheG2zS5Udf5NrbU7cQRFxgY3lBc55O+lrAdiTih45GMLLV0qqJelug=
Fingerprint: 56:76:3e:b6:ea:63:0c:69:85:cf:52:b3:04:aa:d8:c4

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

Cobalt Strike Beacon

HTTP/1.1 404 Not Found
Date: Thu, 13 Jun 2024 10:05:52 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/plain


Cobalt Strike Beacon:
  x86:
    beacon_type: HTTPS
    dns-beacon.strategy_fail_seconds: -1
    dns-beacon.strategy_fail_x: -1
    dns-beacon.strategy_rotate_seconds: -1
    http-get.client:
      Host: www.bing.com
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
      Cookie: DUP=Q=GpO1nJpMnam4UllEfmeMdg2&T=283767088&A=1&IG
      q
      go=Search
      qs=bs
      form=QBRE
    http-get.uri: 182.92.216.171,/search/
    http-get.verb: GET
    http-post.client:
      Host: www.bing.com
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
      Cookie: DUP=Q=GpO1nJpMnam4UllEfmeMdg2&T=283767088&A=1&IG
      q
      go=Search
      qs=bs
      form
    http-post.uri: /Search/
    http-post.verb: GET
    http_post_chunk: 96
    jitter: 37
    maxgetsize: 4195812
    port: 443
    post-ex.spawnto_x64: %windir%\sysnative\dllhost.exe
    post-ex.spawnto_x86: %windir%\syswow64\dllhost.exe
    process-inject.allocator: 1
    process-inject.execute:
      ntdll:RtlUserThreadStart
      CreateThread
      NtQueueApcThread-s
      CreateRemoteThread
      RtlCreateUserThread
    process-inject.min_alloc: 17500
    process-inject.startrwx: 4
    process-inject.stub: ae5afcfee8026674dc8f3b4f2da46c7f
    process-inject.userwx: 32
    proxy.behavior: 2 (Use IE settings)
    server.publickey_md5: 05fa1fd4fc448022e19cd62e5bd51c6f
    sleeptime: 15000
    stage.cleanup: 1
    useragent_header: Mozilla/5.0 (compatible, MSIE 11, Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
    uses_cookies: 1
    watermark: 987654321
  x64:
    beacon_type: HTTPS
    dns-beacon.strategy_fail_seconds: -1
    dns-beacon.strategy_fail_x: -1
    dns-beacon.strategy_rotate_seconds: -1
    http-get.client:
      Host: www.bing.com
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
      Cookie: DUP=Q=GpO1nJpMnam4UllEfmeMdg2&T=283767088&A=1&IG
      q
      go=Search
      qs=bs
      form=QBRE
    http-get.uri: 182.92.216.171,/search/
    http-get.verb: GET
    http-post.client:
      Host: www.bing.com
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
      Cookie: DUP=Q=GpO1nJpMnam4UllEfmeMdg2&T=283767088&A=1&IG
      q
      go=Search
      qs=bs
      form
    http-post.uri: /Search/
    http-post.verb: GET
    http_post_chunk: 96
    jitter: 37
    maxgetsize: 4195812
    port: 443
    post-ex.spawnto_x64: %windir%\sysnative\dllhost.exe
    post-ex.spawnto_x86: %windir%\syswow64\dllhost.exe
    process-inject.allocator: 1
    process-inject.execute:
      ntdll:RtlUserThreadStart
      CreateThread
      NtQueueApcThread-s
      CreateRemoteThread
      RtlCreateUserThread
    process-inject.min_alloc: 17500
    process-inject.startrwx: 4
    process-inject.stub: ae5afcfee8026674dc8f3b4f2da46c7f
    process-inject.userwx: 32
    proxy.behavior: 2 (Use IE settings)
    server.publickey_md5: 05fa1fd4fc448022e19cd62e5bd51c6f
    sleeptime: 15000
    stage.cleanup: 1
    useragent_header: Mozilla/5.0 (compatible, MSIE 11, Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
    uses_cookies: 1
    watermark: 987654321

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7692634157410349288 (0x6ac1ba02437af0e8)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=www.bing.com
        Validity
            Not Before: May 22 11:25:57 2024 GMT
            Not After : May 22 11:25:57 2025 GMT
        Subject: C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=www.bing.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:8c:c4:07:b0:62:bd:af:c0:b5:74:a8:11:17:1e:
                    28:b6:33:85:88:92:d9:e8:88:bc:d7:5b:a4:a9:4c:
                    db:48:5b:1b:ad:2b:60:d7:24:b7:82:61:cd:7e:55:
                    ba:3a:0b:9c:09:70:97:a8:d1:c9:88:ae:88:c8:ec:
                    7b:56:d6:8a:90:05:10:a5:a5:34:94:e2:fd:6e:92:
                    88:3c:57:19:a1:1b:dd:8a:7b:b3:e1:1e:22:32:02:
                    f4:67:5d:14:6c:37:5e:78:57:fa:70:ee:f2:b2:ec:
                    49:c0:91:a8:15:35:05:a8:db:0f:de:3f:53:05:de:
                    83:c7:83:75:4b:22:5f:b9:86:d3:91:d2:42:c7:5e:
                    c8:a2:1a:5f:18:93:db:ef:04:79:17:0d:9a:8c:46:
                    1d:0d:fe:95:3c:46:9d:53:15:8b:e8:e5:48:c8:b8:
                    75:25:d9:db:86:6e:a6:8c:46:3d:5b:5f:85:73:3b:
                    af:92:27:29:ff:21:08:ab:f2:37:1e:f5:f2:8d:65:
                    c4:73:5b:46:07:d7:87:99:8d:eb:eb:be:d3:54:5f:
                    95:e7:6e:84:a7:67:b5:0b:54:bb:f5:de:98:d4:0e:
                    29:1d:7c:23:43:4a:47:d1:19:fb:e2:a7:90:9d:9a:
                    36:b8:5e:72:7c:a9:08:b8:af:ee:08:01:12:83:90:
                    2c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                73:83:A1:4D:CC:7C:02:89:EC:28:47:F7:F8:7F:F3:46:DA:B6:16:B7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0f:7a:8a:91:ce:02:df:45:1b:62:c2:3c:71:7b:89:be:d7:d9:
        1e:14:5a:f0:36:57:d5:35:d9:8f:0a:d9:1b:69:db:7c:48:d3:
        1f:08:2c:61:74:a4:35:de:41:5d:7e:83:ff:28:86:56:32:da:
        af:4d:1b:c2:89:d3:6f:88:ce:7b:13:a5:28:90:af:c0:bc:14:
        72:fe:b4:61:8f:0b:59:02:ce:b6:70:01:2d:5a:36:20:e5:2d:
        ec:8a:f0:82:ff:28:94:9d:83:36:df:fc:f0:89:6a:c7:61:52:
        f0:36:45:f2:6e:d4:aa:6c:83:d4:0c:43:c1:d5:5d:25:a3:da:
        97:a9:cd:3a:51:b9:82:3a:25:2d:84:6f:ad:1c:c7:ec:c8:0c:
        4e:a9:53:b8:bb:ca:db:c3:98:84:c4:8f:c3:f2:12:38:ab:ad:
        24:b6:a1:45:0c:69:9b:af:d0:ef:fc:82:81:c8:fe:42:eb:ac:
        a6:a7:d3:47:fb:5b:f0:92:16:a3:0d:34:61:eb:3e:c2:c2:59:
        a5:b7:da:c9:42:3f:dd:fb:d7:4f:1f:43:65:9e:13:a9:24:ef:
        7e:09:ea:4b:b1:3c:c4:dd:07:d2:63:39:7c:00:b9:bc:e5:07:
        6d:15:84:ec:3b:c2:27:c8:d4:d7:1d:1e:ff:03:6e:f7:ae:4a:
        c2:db:d6:5e