1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134
| PORT STATE SERVICE REASON VERSION 53/tcp open domain syn-ack ttl 127 Simple DNS Plus 80/tcp open http syn-ack ttl 127 Microsoft IIS httpd 10.0 |_http-favicon: Unknown favicon MD5: 556F31ACD686989B1AFCF382C05846AA |_http-server-header: Microsoft-IIS/10.0 |_http-title: Intelligence | http-methods: | Supported Methods: OPTIONS TRACE GET HEAD POST |_ Potentially risky methods: TRACE 88/tcp open kerberos-sec syn-ack ttl 127 Microsoft Windows Kerberos (server time: 2022-07-30 12:05:46Z) 135/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 139/tcp open netbios-ssn syn-ack ttl 127 Microsoft Windows netbios-ssn 389/tcp open ldap syn-ack ttl 127 Microsoft Windows Active Directory LDAP (Domain: intelligence.htb0., Site: Default-First-Site-Name) | ssl-cert: Subject: commonName=dc.intelligence.htb | Subject Alternative Name: othername:<unsupported>, DNS:dc.intelligence.htb | Issuer: commonName=intelligence-DC-CA/domainComponent=intelligence | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2022-07-30T11:00:26 | Not valid after: 2023-07-30T11:00:26 | MD5: 25ff 5c68 a2e6 3ca9 dcf3 9b41 3ae9 6655 | SHA-1: 5489 e5d4 27b3 2093 dc45 4f62 f15b 3fbe 7565 2de0 | -----BEGIN CERTIFICATE----- | MIIF+zCCBOOgAwIBAgITcQAAAAPPcWVgWptCgAAAAAAAAzANBgkqhkiG9w0BAQsF | ADBQMRMwEQYKCZImiZPyLGQBGRYDaHRiMRwwGgYKCZImiZPyLGQBGRYMaW50ZWxs | aWdlbmNlMRswGQYDVQQDExJpbnRlbGxpZ2VuY2UtREMtQ0EwHhcNMjIwNzMwMTEw | MDI2WhcNMjMwNzMwMTEwMDI2WjAeMRwwGgYDVQQDExNkYy5pbnRlbGxpZ2VuY2Uu | aHRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KqYdwLZP8PO3x/b | vTistEns2pFho+yXV0Zrd+6VxKfleGwi6wfsfGRefTgtI6g/2J0+b/L25vFQ8v54 | TagRyp6j3zz+MQPqNMfhzOa5sk46l8jOAwGqJQUopiR+fGSnNloQ8GX0C2hIiO8d | xHHEtzzmY/aYeEgw4WxcpN8kdERR8raJ8HCy2n/h2kGEHwmNwyIFOpTSgz5qIt2r | lLB114Gg2W2V+v/NO6Xo0K47mYmdDm30yPnb2U/0anqrXy0K4llPZVOggyQfslQl | UbErLo8Ydg/R5FbEE8K91TFe6yYM6XtnUxCfmOQHIHRaTU4X4+ieGC1w+ZA5mOhh | 4bzuyQIDAQABo4IC/jCCAvowLwYJKwYBBAGCNxQCBCIeIABEAG8AbQBhAGkAbgBD | AG8AbgB0AHIAbwBsAGwAZQByMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD | ATAOBgNVHQ8BAf8EBAMCBaAweAYJKoZIhvcNAQkPBGswaTAOBggqhkiG9w0DAgIC | AIAwDgYIKoZIhvcNAwQCAgCAMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAS0wCwYJ | YIZIAWUDBAECMAsGCWCGSAFlAwQBBTAHBgUrDgMCBzAKBggqhkiG9w0DBzAdBgNV | HQ4EFgQUAXKY21Jf7rbyFjYIorNndx6R3PAwHwYDVR0jBBgwFoAUo2aX3GwKIqdG | sKQv+8oXL8nKl8swgdAGA1UdHwSByDCBxTCBwqCBv6CBvIaBuWxkYXA6Ly8vQ049 | aW50ZWxsaWdlbmNlLURDLUNBLENOPWRjLENOPUNEUCxDTj1QdWJsaWMlMjBLZXkl | MjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWludGVs | bGlnZW5jZSxEQz1odGI/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29i | amVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIHJBggrBgEFBQcBAQSBvDCB | uTCBtgYIKwYBBQUHMAKGgalsZGFwOi8vL0NOPWludGVsbGlnZW5jZS1EQy1DQSxD | Tj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049 | Q29uZmlndXJhdGlvbixEQz1pbnRlbGxpZ2VuY2UsREM9aHRiP2NBQ2VydGlmaWNh | dGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MD8GA1Ud | EQQ4MDagHwYJKwYBBAGCNxkBoBIEEIHijfJ5/cVAp3sSUrgFUO2CE2RjLmludGVs | bGlnZW5jZS5odGIwDQYJKoZIhvcNAQELBQADggEBALQGskW7s/dIKd7Z7vEql4Oo | H0+Y3qUp6RiJuB1offcbgI5HuD75tEL7g9Cf2nTEJWp4gf2DFhWKx2LcmuMit8De | 64f9R17rlysaov8PFjq1u7Z1yCumAeK9DlYsGkaiLSNzlsaKYcpXJwdUQlERGO1Z | h2kjhcOYioaDiJEGt2e0WzJgtSIOmUtFarOPTkPWnw8ze0sL2Hg1a0y5GgVt/sc3 | KC04G2kjy1rlDVgAFTIBokYBd2lwWV9sCXJq0jNgNhvaH59ofqLiRt1Pwipk5o1q | /s5+WJrX5zSQG27gWWPephfAdAJWlAEb7MGw6JZGZ47OC+6UxaxSa9B546OZKI4= |_-----END CERTIFICATE----- |_ssl-date: 2022-07-30T12:07:18+00:00; +7h00m00s from scanner time. 445/tcp open microsoft-ds? syn-ack ttl 127 464/tcp open kpasswd5? syn-ack ttl 127 593/tcp open ncacn_http syn-ack ttl 127 Microsoft Windows RPC over HTTP 1.0 636/tcp open ssl/ldap syn-ack ttl 127 Microsoft Windows Active Directory LDAP (Domain: intelligence.htb0., Site: Default-First-Site-Name) | ssl-cert: Subject: commonName=dc.intelligence.htb | Subject Alternative Name: othername:<unsupported>, DNS:dc.intelligence.htb | Issuer: commonName=intelligence-DC-CA/domainComponent=intelligence | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2022-07-30T11:00:26 | Not valid after: 2023-07-30T11:00:26 | MD5: 25ff 5c68 a2e6 3ca9 dcf3 9b41 3ae9 6655 | SHA-1: 5489 e5d4 27b3 2093 dc45 4f62 f15b 3fbe 7565 2de0 | -----BEGIN CERTIFICATE----- | MIIF+zCCBOOgAwIBAgITcQAAAAPPcWVgWptCgAAAAAAAAzANBgkqhkiG9w0BAQsF | ADBQMRMwEQYKCZImiZPyLGQBGRYDaHRiMRwwGgYKCZImiZPyLGQBGRYMaW50ZWxs | aWdlbmNlMRswGQYDVQQDExJpbnRlbGxpZ2VuY2UtREMtQ0EwHhcNMjIwNzMwMTEw | MDI2WhcNMjMwNzMwMTEwMDI2WjAeMRwwGgYDVQQDExNkYy5pbnRlbGxpZ2VuY2Uu | aHRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KqYdwLZP8PO3x/b | vTistEns2pFho+yXV0Zrd+6VxKfleGwi6wfsfGRefTgtI6g/2J0+b/L25vFQ8v54 | TagRyp6j3zz+MQPqNMfhzOa5sk46l8jOAwGqJQUopiR+fGSnNloQ8GX0C2hIiO8d | xHHEtzzmY/aYeEgw4WxcpN8kdERR8raJ8HCy2n/h2kGEHwmNwyIFOpTSgz5qIt2r | lLB114Gg2W2V+v/NO6Xo0K47mYmdDm30yPnb2U/0anqrXy0K4llPZVOggyQfslQl | UbErLo8Ydg/R5FbEE8K91TFe6yYM6XtnUxCfmOQHIHRaTU4X4+ieGC1w+ZA5mOhh | 4bzuyQIDAQABo4IC/jCCAvowLwYJKwYBBAGCNxQCBCIeIABEAG8AbQBhAGkAbgBD | AG8AbgB0AHIAbwBsAGwAZQByMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD | ATAOBgNVHQ8BAf8EBAMCBaAweAYJKoZIhvcNAQkPBGswaTAOBggqhkiG9w0DAgIC | AIAwDgYIKoZIhvcNAwQCAgCAMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAS0wCwYJ | YIZIAWUDBAECMAsGCWCGSAFlAwQBBTAHBgUrDgMCBzAKBggqhkiG9w0DBzAdBgNV | HQ4EFgQUAXKY21Jf7rbyFjYIorNndx6R3PAwHwYDVR0jBBgwFoAUo2aX3GwKIqdG | sKQv+8oXL8nKl8swgdAGA1UdHwSByDCBxTCBwqCBv6CBvIaBuWxkYXA6Ly8vQ049 | aW50ZWxsaWdlbmNlLURDLUNBLENOPWRjLENOPUNEUCxDTj1QdWJsaWMlMjBLZXkl | MjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWludGVs | bGlnZW5jZSxEQz1odGI/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29i | amVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIHJBggrBgEFBQcBAQSBvDCB | uTCBtgYIKwYBBQUHMAKGgalsZGFwOi8vL0NOPWludGVsbGlnZW5jZS1EQy1DQSxD | Tj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049 | Q29uZmlndXJhdGlvbixEQz1pbnRlbGxpZ2VuY2UsREM9aHRiP2NBQ2VydGlmaWNh | dGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MD8GA1Ud | EQQ4MDagHwYJKwYBBAGCNxkBoBIEEIHijfJ5/cVAp3sSUrgFUO2CE2RjLmludGVs | bGlnZW5jZS5odGIwDQYJKoZIhvcNAQELBQADggEBALQGskW7s/dIKd7Z7vEql4Oo | H0+Y3qUp6RiJuB1offcbgI5HuD75tEL7g9Cf2nTEJWp4gf2DFhWKx2LcmuMit8De | 64f9R17rlysaov8PFjq1u7Z1yCumAeK9DlYsGkaiLSNzlsaKYcpXJwdUQlERGO1Z | h2kjhcOYioaDiJEGt2e0WzJgtSIOmUtFarOPTkPWnw8ze0sL2Hg1a0y5GgVt/sc3 | KC04G2kjy1rlDVgAFTIBokYBd2lwWV9sCXJq0jNgNhvaH59ofqLiRt1Pwipk5o1q | /s5+WJrX5zSQG27gWWPephfAdAJWlAEb7MGw6JZGZ47OC+6UxaxSa9B546OZKI4= |_-----END CERTIFICATE----- |_ssl-date: 2022-07-30T12:07:19+00:00; +7h00m00s from scanner time. 5985/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) |_http-server-header: Microsoft-HTTPAPI/2.0 |_http-title: Not Found 9389/tcp open mc-nmf syn-ack ttl 127 .NET Message Framing 49667/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 49689/tcp open ncacn_http syn-ack ttl 127 Microsoft Windows RPC over HTTP 1.0 49690/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 49707/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 49711/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 62578/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC Service Info: Host: DC; OS: Windows; CPE: cpe:/o:microsoft:windows
Host script results: | smb2-time: | date: 2022-07-30T12:06:38 |_ start_date: N/A | smb2-security-mode: | 3.1.1: |_ Message signing enabled and required | p2p-conficker: | Checking for Conficker.C or higher... | Check 1 (port 11589/tcp): CLEAN (Timeout) | Check 2 (port 4953/tcp): CLEAN (Timeout) | Check 3 (port 35882/udp): CLEAN (Timeout) | Check 4 (port 21343/udp): CLEAN (Timeout) |_ 0/4 checks are positive: Host is CLEAN or ports are blocked |_clock-skew: mean: 6h59m59s, deviation: 0s, median: 6h59m59s
|