Twiggy
00 min
2025-3-15
Date
Mar 11, 2025 → Mar 11, 2025
Tag
Nmap
Network Scanning
Linux
192.168.160.62

Nmap

notion image
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-11 10:28 EDT Nmap scan report for 192.168.160.62 Host is up (0.057s latency). Not shown: 65529 filtered tcp ports (no-response) PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http 4505/tcp open unknown 4506/tcp open unknown 8000/tcp open http-alt
Nmap done: 1 IP address (1 host up) scanned in 26.49 seconds
Nmap 7.94SVN scan initiated Tue Mar 11 10:29:15 2025 as: /usr/lib/nmap/nmap -p- -Pn -vv -sS -A -T 4 -oN nmap.txt 192.168.160.62 open
Nmap scan report for 192.168.160.62 Host is up, received user-set (0.057s latency). Scanned at 2025-03-11 10:29:16 EDT for 177s Not shown: 65529 filtered tcp ports (no-response) PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 61 OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 44:7d:1a:56:9b:68:ae:f5:3b:f6:38:17:73:16:5d:75 (RSA) | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZz8rKSxgnT5mqHeBPqGlXFj2JJdq21roV/2M8/+0F5/5D1XsaXmbktDpKILFdBcYnLtPxWstxPq+FTbWAJad2uk3BPYWRxidK2dOozE5rKLCyxtkEqs/lO09pM6VKQUi83y5wMwI+9Akkir0AMruuFUSpeCIBt/L98g8OYxzyTsylQATnPxJrrQOWGUQYAvX6jIs25n6d3rmbXk/crg1ZfAVFEHEeR9Y6Bjc2o5YWjMp3XbOZyC4yYseoM6eH2yCSDwu1DzPYrU6cNMfxBf863w1uyhiFk3eIb5jud3kfoxIq6t5JU2DXNhEd4rdXuuinZUSxWiCpHLZ1FCi4tkX5 | 256 1c:78:9d:83:81:52:f4:b0:1d:8e:32:03:cb:a6:18:93 (ECDSA) | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA1gj1q7mOswnou9RvKwuX8S7WFBhz2NlaSIpYPQmM0I/vqb4T459PgJcMaJOE+WmPiMnDSFsyV3C6YszM754Hc= | 256 08:c9:12:d9:7b:98:98:c8:b3:99:7a:19:82:2e:a3:ea (ED25519) |_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzTSyInONbcDxdYULbDvI/HyrQm9m9M5b6Z825jnBEF 53/tcp open domain syn-ack ttl 61 NLnet Labs NSD 80/tcp open http syn-ack ttl 61 nginx 1.16.1 |http-server-header: nginx/1.16.1 | http-methods: | Supported Methods: HEAD 4505/tcp open zmtp syn-ack ttl 61 ZeroMQ ZMTP 2.0 4506/tcp open zmtp syn-ack ttl 61 ZeroMQ ZMTP 2.0 8000/tcp open http syn-ack ttl 61 nginx 1.16.1 |http-open-proxy: Proxy might be redirecting requests | http-methods: | Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx/1.16.1 |_http-title: Site doesn't have a title (application/json). Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose|specialized|storage-misc Running (JUST GUESSING): Linux 3.X|4.X|5.X (91%), Crestron 2-Series (86%), HP embedded (85%), Oracle VM Server 3.X (85%) OS CPE: cpe:/o:linux:linux_kernel:3.13 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5.1 cpe:/o:crestron:2_series cpe:/h:hp:p2000_g3 cpe:/o:oracle:vm_server:3.4.2 cpe:/o:linux:linux_kernel:4.1 OS fingerprint not ideal because: Missing a closed TCP port so results incomplete Aggressive OS guesses: Linux 3.13 (91%), Linux 3.10 - 4.11 (90%), Linux 3.2 - 4.9 (90%), Linux 5.1 (90%), Linux 3.18 (87%), Crestron XPanel control system (86%), Linux 3.16 (86%), HP P2000 G3 NAS device (85%), Oracle VM Server 3.4.2 (Linux 4.1) (85%), Linux 4.4 (85%) No exact OS matches for host (test conditions non-ideal). TCP/IP fingerprint: SCAN(V=7.94SVN%E=4%D=3/11%OT=22%CT=%CU=%PV=Y%DS=4%DC=T%G=N%TM=67D0496D%P=x86_64-pc-linux-gnu) SEQ(SP=106%GCD=1%ISR=10D%TI=Z%II=I%TS=A) OPS(O1=M578ST11NW7%O2=M578ST11NW7%O3=M578NNT11NW7%O4=M578ST11NW7%O5=M578ST11NW7%O6=M578ST11) WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=7120) ECN(R=Y%DF=Y%TG=40%W=7210%O=M578NNSNW7%CC=Y%Q=) T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=) T2(R=N) T3(R=N) T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=) U1(R=N) IE(R=Y%DFI=N%TG=40%CD=S)
Uptime guess: 0.005 days (since Tue Mar 11 10:25:15 2025) Network Distance: 4 hops TCP Sequence Prediction: Difficulty=262 (Good luck!) IP ID Sequence Generation: All zeros
TRACEROUTE (using port 22/tcp) HOP RTT ADDRESS 1 54.37 ms 192.168.45.1 2 54.32 ms 192.168.45.254 3 54.44 ms 192.168.251.1 4 54.45 ms 192.168.160.62

80

notion image
cant access
dirb
notion image

8000

notion image
got this, search in internet
notion image
notion image
it is call salt-sapi, let search if any vulner
notion image
No
we found that actually it is SaltStack service, so let try last one
notion image
notion image
use the arguments try run the POC
notion image
seems cant not
notion image
worked
notion image
cant run command
notion image
python error
192.168.59.62
我的虚拟机有问题
notion image
got it
replace the passwd file and upload it and try login in
notion image
notion image
thought the script display error, but we still get it in
notion image
notion image
 
上一篇
HB
下一篇
AZ-900