simon/CTF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init htb

Browse Source 
old htb folders
This commit is contained in:
Simon
2023-08-29 21:53:22 +02:00
parent 62ab804867
commit 82b0759f1e
21891 changed files with 6277643 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
HTB/encoding/results/scans/_commands.log Normal file
View File

@@ -0,0 +1,78 @@
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN "/home/kali/htb/results/scans/_quick_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_quick_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN "/home/kali/htb/results/scans/_full_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_full_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN "/home/kali/htb/results/scans/_quick_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_quick_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN "/home/kali/htb/results/scans/_full_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_full_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -p 22 --script="banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods" -oN "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_nmap.txt" -oX "/home/kali/htb/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml" 10.129.123.2
feroxbuster -u http://10.129.123.2:80/ -t 50 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x "txt,html,php,asp,aspx,jsp" -v -k -q -e -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_feroxbuster_directory-list-2.3-medium.txt"
curl -sSikf http://10.129.123.2:80/.well-known/security.txt
curl -sSikf http://10.129.123.2:80/robots.txt
curl -sSik http://10.129.123.2:80/
nmap -vv --reason -Pn -T4 -sV -p 80 --script="banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN "/home/kali/htb/results/scans/tcp80/tcp_80_http_nmap.txt" -oX "/home/kali/htb/results/scans/tcp80/xml/tcp_80_http_nmap.xml" 10.129.123.2
curl -sk -o /dev/null -H "Host: IwDcITnyfroNmHvjuTwI.encoding.htb" http://encoding.htb:80/ -w "%{size_download}"
whatweb --color=never --no-errors -a 3 -v http://10.129.123.2:80 2>&1
wkhtmltoimage --format png http://10.129.123.2:80/ /home/kali/htb/results/scans/tcp80/tcp_80_http_screenshot.png
ffuf -u http://encoding.htb:80/ -t 10 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -H "Host: FUZZ.encoding.htb" -fs 1999 -noninteractive -s | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_encoding.htb_vhosts_subdomains-top1million-110000.txt"
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN "/home/kali/htb/results/scans/_quick_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_quick_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN "/home/kali/htb/results/scans/_full_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_full_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -p 22 --script="banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods" -oN "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_nmap.txt" -oX "/home/kali/htb/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml" 10.129.123.2
feroxbuster -u http://10.129.123.2:80/ -t 50 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x "txt,html,php,asp,aspx,jsp" -v -k -q -e -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_feroxbuster_directory-list-2.3-medium.txt"
curl -sSikf http://10.129.123.2:80/.well-known/security.txt
curl -sSikf http://10.129.123.2:80/robots.txt
curl -sSik http://10.129.123.2:80/
nmap -vv --reason -Pn -T4 -sV -p 80 --script="banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN "/home/kali/htb/results/scans/tcp80/tcp_80_http_nmap.txt" -oX "/home/kali/htb/results/scans/tcp80/xml/tcp_80_http_nmap.xml" 10.129.123.2
curl -sk -o /dev/null -H "Host: CaVSHfCVQYqVqvUahOxO.haxtables.htb" http://haxtables.htb:80/ -w "%{size_download}"
whatweb --color=never --no-errors -a 3 -v http://10.129.123.2:80 2>&1
wkhtmltoimage --format png http://10.129.123.2:80/ /home/kali/htb/results/scans/tcp80/tcp_80_http_screenshot.png
ffuf -u http://haxtables.htb:80/ -t 10 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -H "Host: FUZZ.haxtables.htb" -fs 1999 -noninteractive -s | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_haxtables.htb_vhosts_subdomains-top1million-110000.txt"
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN "/home/kali/htb/results/scans/_quick_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_quick_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN "/home/kali/htb/results/scans/_full_tcp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_full_tcp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sU -A --top-ports 100 -oN "/home/kali/htb/results/scans/_top_100_udp_nmap.txt" -oX "/home/kali/htb/results/scans/xml/_top_100_udp_nmap.xml" 10.129.123.2
nmap -vv --reason -Pn -T4 -sV -p 22 --script="banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods" -oN "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_nmap.txt" -oX "/home/kali/htb/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml" 10.129.123.2
feroxbuster -u http://10.129.123.2:80/ -t 10 -w /root/.local/share/AutoRecon/wordlists/dirbuster.txt -x "txt,html,php,asp,aspx,jsp" -v -k -n -q -e -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_feroxbuster_dirbuster.txt"
curl -sSikf http://10.129.123.2:80/.well-known/security.txt
curl -sSikf http://10.129.123.2:80/robots.txt
curl -sSik http://10.129.123.2:80/
nmap -vv --reason -Pn -T4 -sV -p 80 --script="banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN "/home/kali/htb/results/scans/tcp80/tcp_80_http_nmap.txt" -oX "/home/kali/htb/results/scans/tcp80/xml/tcp_80_http_nmap.xml" 10.129.123.2
curl -sk -o /dev/null -H "Host: JqivbBibaLLbuUZdVXDy.haxtables.htb" http://haxtables.htb:80/ -w "%{size_download}"
whatweb --color=never --no-errors -a 3 -v http://10.129.123.2:80 2>&1
wkhtmltoimage --format png http://10.129.123.2:80/ /home/kali/htb/results/scans/tcp80/tcp_80_http_screenshot.png
ffuf -u http://haxtables.htb:80/ -t 10 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -H "Host: FUZZ.haxtables.htb" -fs 1999 -noninteractive -s | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_haxtables.htb_vhosts_subdomains-top1million-110000.txt"

57
HTB/encoding/results/scans/_full_tcp_nmap.txt Normal file
View File

@@ -0,0 +1,57 @@
# Nmap 7.93 scan initiated Sat Jan 28 20:06:56 2023 as: nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN /home/kali/htb/results/scans/_full_tcp_nmap.txt -oX /home/kali/htb/results/scans/xml/_full_tcp_nmap.xml 10.129.123.2
adjust_timeouts2: packet supposedly had rtt of -498094 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -498094 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -201839 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -201839 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -1007316 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -1007316 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -586644 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -586644 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -437252 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -437252 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -233933 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -233933 microseconds. Ignoring time.
Nmap scan report for encoding.htb (10.129.123.2)
Host is up, received user-set (0.026s latency).
Scanned at 2023-01-28 20:06:56 CET for 71s
Not shown: 65533 closed tcp ports (reset)
PORT STATE SERVICE REASON VERSION
22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 256 4fe3a667a227f9118dc30ed773a02c28 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=
| 256 816e78766b8aea7d1babd436b7f8ecc4 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK
80/tcp open http syn-ack ttl 63 Apache httpd 2.4.52 ((Ubuntu))
|_http-title: HaxTables
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: Apache/2.4.52 (Ubuntu)
Aggressive OS guesses: Linux 5.0 (95%), Linux 5.0 - 5.4 (95%), Linux 5.4 (94%), HP P2000 G3 NAS device (93%), Linux 4.15 - 5.6 (93%), Linux 5.3 - 5.4 (93%), Linux 2.6.32 (92%), Infomir MAG-250 set-top box (92%), Ubiquiti AirMax NanoStation WAP (Linux 2.6.32) (92%), Linux 3.7 (92%)
No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=7.93%E=4%D=1/28%OT=22%CT=1%CU=36902%PV=Y%DS=2%DC=T%G=Y%TM=63D5729
OS:7%P=x86_64-pc-linux-gnu)SEQ(SP=105%GCD=1%ISR=10C%TI=Z%CI=Z%II=I%TS=A)SEQ
OS:(SP=106%GCD=1%ISR=10C%TI=Z%CI=Z%TS=A)OPS(O1=M54DST11NW7%O2=M54DST11NW7%O
OS:3=M54DNNT11NW7%O4=M54DST11NW7%O5=M54DST11NW7%O6=M54DST11)WIN(W1=FE88%W2=
OS:FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88)ECN(R=Y%DF=Y%T=40%W=FAF0%O=M54DNNSN
OS:W7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%D
OS:F=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O
OS:=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N
OS:%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)U1(R=N)IE(R=Y%DFI=N
OS:%T=40%CD=S)
Uptime guess: 46.015 days (since Tue Dec 13 19:46:08 2022)
Network Distance: 2 hops
TCP Sequence Prediction: Difficulty=262 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 1025/tcp)
HOP RTT ADDRESS
1 25.62 ms 10.10.14.1
2 26.90 ms encoding.htb (10.129.123.2)
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jan 28 20:08:07 2023 -- 1 IP address (1 host up) scanned in 71.78 seconds

96
HTB/encoding/results/scans/_manual_commands.txt Normal file
View File

@@ -0,0 +1,96 @@
[*] ssh on tcp/22
[-] Bruteforce logins:
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 22 -o "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_hydra.txt" ssh://10.129.123.2
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 22 -O "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_medusa.txt" -M ssh -h 10.129.123.2
[*] http on tcp/80
[-] (feroxbuster) Multi-threaded recursive directory/file enumeration for web servers using various wordlists:
feroxbuster -u http://10.129.123.2:80 -t 50 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x "txt,html,php,asp,aspx,jsp" -v -k -e -o /home/kali/htb/results/scans/tcp80/tcp_80_http_feroxbuster_dirbuster.txt
[-] Credential bruteforcing commands (don't run these without modifying them):
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 80 -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_auth_hydra.txt" http-get://10.129.123.2/path/to/auth/area
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 80 -O "/home/kali/htb/results/scans/tcp80/tcp_80_http_auth_medusa.txt" -M http -h 10.129.123.2 -m DIR:/path/to/auth/area
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 80 -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_form_hydra.txt" http-post-form://10.129.123.2/path/to/login.php:"username=^USER^&password=^PASS^":"invalid-login-message"
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 80 -O "/home/kali/htb/results/scans/tcp80/tcp_80_http_form_medusa.txt" -M web-form -h 10.129.123.2 -m FORM:/path/to/login.php -m FORM-DATA:"post?username=&password=" -m DENY-SIGNAL:"invalid login message"
[-] (nikto) old but generally reliable web server enumeration tool:
nikto -ask=no -h http://10.129.123.2:80 2>&1 | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_nikto.txt"
[-] (wpscan) WordPress Security Scanner (useful if WordPress is found):
wpscan --url http://10.129.123.2:80/ --no-update -e vp,vt,tt,cb,dbe,u,m --plugins-detection aggressive --plugins-version-detection aggressive -f cli-no-color 2>&1 | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_wpscan.txt"
[*] ssh on tcp/22
[-] Bruteforce logins:
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 22 -o "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_hydra.txt" ssh://10.129.123.2
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 22 -O "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_medusa.txt" -M ssh -h 10.129.123.2
[*] http on tcp/80
[-] (feroxbuster) Multi-threaded recursive directory/file enumeration for web servers using various wordlists:
feroxbuster -u http://10.129.123.2:80 -t 50 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x "txt,html,php,asp,aspx,jsp" -v -k -e -o /home/kali/htb/results/scans/tcp80/tcp_80_http_feroxbuster_dirbuster.txt
[-] Credential bruteforcing commands (don't run these without modifying them):
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 80 -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_auth_hydra.txt" http-get://10.129.123.2/path/to/auth/area
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 80 -O "/home/kali/htb/results/scans/tcp80/tcp_80_http_auth_medusa.txt" -M http -h 10.129.123.2 -m DIR:/path/to/auth/area
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 80 -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_form_hydra.txt" http-post-form://10.129.123.2/path/to/login.php:"username=^USER^&password=^PASS^":"invalid-login-message"
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 80 -O "/home/kali/htb/results/scans/tcp80/tcp_80_http_form_medusa.txt" -M web-form -h 10.129.123.2 -m FORM:/path/to/login.php -m FORM-DATA:"post?username=&password=" -m DENY-SIGNAL:"invalid login message"
[-] (nikto) old but generally reliable web server enumeration tool:
nikto -ask=no -h http://10.129.123.2:80 2>&1 | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_nikto.txt"
[-] (wpscan) WordPress Security Scanner (useful if WordPress is found):
wpscan --url http://10.129.123.2:80/ --no-update -e vp,vt,tt,cb,dbe,u,m --plugins-detection aggressive --plugins-version-detection aggressive -f cli-no-color 2>&1 | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_wpscan.txt"
[*] ssh on tcp/22
[-] Bruteforce logins:
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 22 -o "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_hydra.txt" ssh://10.129.123.2
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 22 -O "/home/kali/htb/results/scans/tcp22/tcp_22_ssh_medusa.txt" -M ssh -h 10.129.123.2
[*] http on tcp/80
[-] (feroxbuster) Multi-threaded recursive directory/file enumeration for web servers using various wordlists:
feroxbuster -u http://10.129.123.2:80 -t 10 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x "txt,html,php,asp,aspx,jsp" -v -k -n -e -o /home/kali/htb/results/scans/tcp80/tcp_80_http_feroxbuster_dirbuster.txt
[-] Credential bruteforcing commands (don't run these without modifying them):
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 80 -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_auth_hydra.txt" http-get://10.129.123.2/path/to/auth/area
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 80 -O "/home/kali/htb/results/scans/tcp80/tcp_80_http_auth_medusa.txt" -M http -h 10.129.123.2 -m DIR:/path/to/auth/area
hydra -L "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e nsr -s 80 -o "/home/kali/htb/results/scans/tcp80/tcp_80_http_form_hydra.txt" http-post-form://10.129.123.2/path/to/login.php:"username=^USER^&password=^PASS^":"invalid-login-message"
medusa -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -e ns -n 80 -O "/home/kali/htb/results/scans/tcp80/tcp_80_http_form_medusa.txt" -M web-form -h 10.129.123.2 -m FORM:/path/to/login.php -m FORM-DATA:"post?username=&password=" -m DENY-SIGNAL:"invalid login message"
[-] (nikto) old but generally reliable web server enumeration tool:
nikto -ask=no -h http://10.129.123.2:80 2>&1 | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_nikto.txt"
[-] (wpscan) WordPress Security Scanner (useful if WordPress is found):
wpscan --url http://10.129.123.2:80/ --no-update -e vp,vt,tt,cb,dbe,u,m --plugins-detection aggressive --plugins-version-detection aggressive -f cli-no-color 2>&1 | tee "/home/kali/htb/results/scans/tcp80/tcp_80_http_wpscan.txt"

2
HTB/encoding/results/scans/_patterns.log Normal file
View File

@@ -0,0 +1,2 @@
Identified HTTP Server: Apache/2.4.52 (Ubuntu)

58
HTB/encoding/results/scans/_quick_tcp_nmap.txt Normal file
View File

@@ -0,0 +1,58 @@
# Nmap 7.93 scan initiated Sat Jan 28 20:06:56 2023 as: nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -oN /home/kali/htb/results/scans/_quick_tcp_nmap.txt -oX /home/kali/htb/results/scans/xml/_quick_tcp_nmap.xml 10.129.123.2
adjust_timeouts2: packet supposedly had rtt of -660845 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -660845 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -666152 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -666152 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -583847 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -583847 microseconds. Ignoring time.
Nmap scan report for encoding.htb (10.129.123.2)
Host is up, received user-set (0.028s latency).
Scanned at 2023-01-28 20:06:56 CET for 29s
Not shown: 998 closed tcp ports (reset)
PORT STATE SERVICE REASON VERSION
22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 256 4fe3a667a227f9118dc30ed773a02c28 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=
| 256 816e78766b8aea7d1babd436b7f8ecc4 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK
80/tcp open http syn-ack ttl 63 Apache httpd 2.4.52 ((Ubuntu))
|_http-title: HaxTables
|_http-server-header: Apache/2.4.52 (Ubuntu)
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
Aggressive OS guesses: HP P2000 G3 NAS device (91%), Linux 5.0 (89%), Linux 5.4 (89%), Linux 5.0 - 5.4 (88%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (88%), Linux 3.1 (88%), Linux 3.2 (88%), AXIS 210A or 211 Network Camera (Linux 2.6.17) (87%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (87%), OpenWrt White Russian 0.9 (Linux 2.4.30) (87%)
No exact OS matches for host (test conditions non-ideal).
TCP/IP fingerprint:
SCAN(V=7.93%E=4%D=1/28%OT=22%CT=1%CU=%PV=Y%DS=2%DC=T%G=N%TM=63D5726D%P=x86_64-pc-linux-gnu)
SEQ(SP=FF%GCD=1%ISR=10D%TI=Z%CI=Z%II=I%TS=B)
SEQ(SP=FF%GCD=1%ISR=10D%TI=Z%II=I%TS=A)
OPS(O1=M54DST11NW7%O2=M54DST11NW7%O3=M54DNNT11NW7%O4=M54DST11NW7%O5=M54DST11NW7%O6=M54DST11)
WIN(W1=FE88%W2=FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88)
ECN(R=Y%DF=Y%TG=40%W=FAF0%O=M54DNNSNW7%CC=Y%Q=)
T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
T2(R=N)
T3(R=N)
T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T6(R=N)
T7(R=N)
U1(R=N)
IE(R=Y%DFI=N%TG=40%CD=S)
Uptime guess: 46.015 days (since Tue Dec 13 19:46:08 2022)
Network Distance: 2 hops
TCP Sequence Prediction: Difficulty=255 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 21/tcp)
HOP RTT ADDRESS
1 25.03 ms 10.10.14.1
2 26.51 ms encoding.htb (10.129.123.2)
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jan 28 20:07:25 2023 -- 1 IP address (1 host up) scanned in 29.16 seconds

52
HTB/encoding/results/scans/_top_100_udp_nmap.txt Normal file
View File

@@ -0,0 +1,52 @@
# Nmap 7.93 scan initiated Sat Jan 28 20:06:56 2023 as: nmap -vv --reason -Pn -T4 -sU -A --top-ports 100 -oN /home/kali/htb/results/scans/_top_100_udp_nmap.txt -oX /home/kali/htb/results/scans/xml/_top_100_udp_nmap.xml 10.129.123.2
Warning: 10.129.123.2 giving up on port because retransmission cap hit (6).
Increasing send delay for 10.129.123.2 from 100 to 200 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 10.129.123.2 from 200 to 400 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 10.129.123.2 from 400 to 800 due to 11 out of 11 dropped probes since last increase.
adjust_timeouts2: packet supposedly had rtt of -184576 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -184576 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -303015 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -303015 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -527666 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -527666 microseconds. Ignoring time.
Nmap scan report for encoding.htb (10.129.123.2)
Host is up, received user-set (0.026s latency).
Scanned at 2023-01-28 20:06:56 CET for 244s
Not shown: 84 closed udp ports (port-unreach)
PORT STATE SERVICE REASON VERSION
68/udp open|filtered dhcpc no-response
80/udp open|filtered http no-response
111/udp open|filtered rpcbind no-response
120/udp open|filtered cfdptkt no-response
135/udp open|filtered msrpc no-response
177/udp open|filtered xdmcp no-response
520/udp open|filtered route no-response
593/udp open|filtered http-rpc-epmap no-response
998/udp open|filtered puparp no-response
999/udp open|filtered applix no-response
3703/udp open|filtered adobeserver-3 no-response
4500/udp open|filtered nat-t-ike no-response
49186/udp open|filtered unknown no-response
49190/udp open|filtered unknown no-response
49192/udp open|filtered unknown no-response
49193/udp open|filtered unknown no-response
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SCAN(V=7.93%E=4%D=1/28%OT=%CT=%CU=7%PV=Y%DS=2%DC=T%G=N%TM=63D57344%P=x86_64-pc-linux-gnu)
SEQ(CI=Z%II=I)
SEQ(CI=Z)
T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
IE(R=Y%DFI=N%T=40%CD=S)
Network Distance: 2 hops
TRACEROUTE (using port 49152/udp)
HOP RTT ADDRESS
1 25.83 ms 10.10.14.1
2 26.04 ms encoding.htb (10.129.123.2)
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jan 28 20:11:00 2023 -- 1 IP address (1 host up) scanned in 243.96 seconds

60
HTB/encoding/results/scans/tcp22/tcp_22_ssh_nmap.txt Normal file
View File

@@ -0,0 +1,60 @@
# Nmap 7.93 scan initiated Sat Jan 28 20:07:25 2023 as: nmap -vv --reason -Pn -T4 -sV -p 22 --script=banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods -oN /home/kali/htb/results/scans/tcp22/tcp_22_ssh_nmap.txt -oX /home/kali/htb/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml 10.129.123.2
Nmap scan report for encoding.htb (10.129.123.2)
Host is up, received user-set (0.039s latency).
Scanned at 2023-01-28 20:07:26 CET for 2s
PORT STATE SERVICE REASON VERSION
22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0)
|_banner: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
| ssh2-enum-algos:
| kex_algorithms: (10)
| curve25519-sha256
| curve25519-sha256@libssh.org
| ecdh-sha2-nistp256
| ecdh-sha2-nistp384
| ecdh-sha2-nistp521
| sntrup761x25519-sha512@openssh.com
| diffie-hellman-group-exchange-sha256
| diffie-hellman-group16-sha512
| diffie-hellman-group18-sha512
| diffie-hellman-group14-sha256
| server_host_key_algorithms: (4)
| rsa-sha2-512
| rsa-sha2-256
| ecdsa-sha2-nistp256
| ssh-ed25519
| encryption_algorithms: (6)
| chacha20-poly1305@openssh.com
| aes128-ctr
| aes192-ctr
| aes256-ctr
| aes128-gcm@openssh.com
| aes256-gcm@openssh.com
| mac_algorithms: (10)
| umac-64-etm@openssh.com
| umac-128-etm@openssh.com
| hmac-sha2-256-etm@openssh.com
| hmac-sha2-512-etm@openssh.com
| hmac-sha1-etm@openssh.com
| umac-64@openssh.com
| umac-128@openssh.com
| hmac-sha2-256
| hmac-sha2-512
| hmac-sha1
| compression_algorithms: (2)
| none
|_ zlib@openssh.com
| ssh-auth-methods:
| Supported authentication methods:
| publickey
|_ password
| ssh-hostkey:
| 256 4fe3a667a227f9118dc30ed773a02c28 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=
| 256 816e78766b8aea7d1babd436b7f8ecc4 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jan 28 20:07:28 2023 -- 1 IP address (1 host up) scanned in 2.73 seconds

94
HTB/encoding/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml Normal file
View File

@@ -0,0 +1,94 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Sat Jan 28 20:07:25 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 22 -&#45;script=banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods -oN /home/kali/htb/results/scans/tcp22/tcp_22_ssh_nmap.txt -oX /home/kali/htb/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml 10.129.123.2 -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 22 -&#45;script=banner,ssh2-enum-algos,ssh-hostkey,ssh-auth-methods -oN /home/kali/htb/results/scans/tcp22/tcp_22_ssh_nmap.txt -oX /home/kali/htb/results/scans/tcp22/xml/tcp_22_ssh_nmap.xml 10.129.123.2" start="1674932845" startstr="Sat Jan 28 20:07:25 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="22"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1674932845"/>
<taskend task="NSE" time="1674932845"/>
<taskbegin task="NSE" time="1674932845"/>
<taskend task="NSE" time="1674932845"/>
<taskbegin task="SYN Stealth Scan" time="1674932846"/>
<taskend task="SYN Stealth Scan" time="1674932846" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1674932846"/>
<taskend task="Service scan" time="1674932846" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1674932846"/>
<taskend task="NSE" time="1674932848"/>
<taskbegin task="NSE" time="1674932848"/>
<taskend task="NSE" time="1674932848"/>
<host starttime="1674932846" endtime="1674932848"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.129.123.2" addrtype="ipv4"/>
<hostnames>
<hostname name="encoding.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="63"/><service name="ssh" product="OpenSSH" version="8.9p1 Ubuntu 3ubuntu0.1" extrainfo="Ubuntu Linux; protocol 2.0" ostype="Linux" method="probed" conf="10"><cpe>cpe:/a:openbsd:openssh:8.9p1</cpe><cpe>cpe:/o:linux:linux_kernel</cpe></service><script id="banner" output="SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1"/><script id="ssh2-enum-algos" output="&#xa; kex_algorithms: (10)&#xa; curve25519-sha256&#xa; curve25519-sha256@libssh.org&#xa; ecdh-sha2-nistp256&#xa; ecdh-sha2-nistp384&#xa; ecdh-sha2-nistp521&#xa; sntrup761x25519-sha512@openssh.com&#xa; diffie-hellman-group-exchange-sha256&#xa; diffie-hellman-group16-sha512&#xa; diffie-hellman-group18-sha512&#xa; diffie-hellman-group14-sha256&#xa; server_host_key_algorithms: (4)&#xa; rsa-sha2-512&#xa; rsa-sha2-256&#xa; ecdsa-sha2-nistp256&#xa; ssh-ed25519&#xa; encryption_algorithms: (6)&#xa; chacha20-poly1305@openssh.com&#xa; aes128-ctr&#xa; aes192-ctr&#xa; aes256-ctr&#xa; aes128-gcm@openssh.com&#xa; aes256-gcm@openssh.com&#xa; mac_algorithms: (10)&#xa; umac-64-etm@openssh.com&#xa; umac-128-etm@openssh.com&#xa; hmac-sha2-256-etm@openssh.com&#xa; hmac-sha2-512-etm@openssh.com&#xa; hmac-sha1-etm@openssh.com&#xa; umac-64@openssh.com&#xa; umac-128@openssh.com&#xa; hmac-sha2-256&#xa; hmac-sha2-512&#xa; hmac-sha1&#xa; compression_algorithms: (2)&#xa; none&#xa; zlib@openssh.com"><table key="kex_algorithms">
<elem>curve25519-sha256</elem>
<elem>curve25519-sha256@libssh.org</elem>
<elem>ecdh-sha2-nistp256</elem>
<elem>ecdh-sha2-nistp384</elem>
<elem>ecdh-sha2-nistp521</elem>
<elem>sntrup761x25519-sha512@openssh.com</elem>
<elem>diffie-hellman-group-exchange-sha256</elem>
<elem>diffie-hellman-group16-sha512</elem>
<elem>diffie-hellman-group18-sha512</elem>
<elem>diffie-hellman-group14-sha256</elem>
</table>
<table key="server_host_key_algorithms">
<elem>rsa-sha2-512</elem>
<elem>rsa-sha2-256</elem>
<elem>ecdsa-sha2-nistp256</elem>
<elem>ssh-ed25519</elem>
</table>
<table key="encryption_algorithms">
<elem>chacha20-poly1305@openssh.com</elem>
<elem>aes128-ctr</elem>
<elem>aes192-ctr</elem>
<elem>aes256-ctr</elem>
<elem>aes128-gcm@openssh.com</elem>
<elem>aes256-gcm@openssh.com</elem>
</table>
<table key="mac_algorithms">
<elem>umac-64-etm@openssh.com</elem>
<elem>umac-128-etm@openssh.com</elem>
<elem>hmac-sha2-256-etm@openssh.com</elem>
<elem>hmac-sha2-512-etm@openssh.com</elem>
<elem>hmac-sha1-etm@openssh.com</elem>
<elem>umac-64@openssh.com</elem>
<elem>umac-128@openssh.com</elem>
<elem>hmac-sha2-256</elem>
<elem>hmac-sha2-512</elem>
<elem>hmac-sha1</elem>
</table>
<table key="compression_algorithms">
<elem>none</elem>
<elem>zlib@openssh.com</elem>
</table>
</script><script id="ssh-auth-methods" output="&#xa; Supported authentication methods: &#xa; publickey&#xa; password"><table key="Supported authentication methods">
<elem>publickey</elem>
<elem>password</elem>
</table>
</script><script id="ssh-hostkey" output="&#xa; 256 4fe3a667a227f9118dc30ed773a02c28 (ECDSA)&#xa;ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=&#xa; 256 816e78766b8aea7d1babd436b7f8ecc4 (ED25519)&#xa;ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK"><table>
<elem key="fingerprint">4fe3a667a227f9118dc30ed773a02c28</elem>
<elem key="type">ecdsa-sha2-nistp256</elem>
<elem key="key">AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=</elem>
<elem key="bits">256</elem>
</table>
<table>
<elem key="fingerprint">816e78766b8aea7d1babd436b7f8ecc4</elem>
<elem key="type">ssh-ed25519</elem>
<elem key="key">AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK</elem>
<elem key="bits">256</elem>
</table>
</script></port>
</ports>
<times srtt="39071" rttvar="39071" to="195355"/>
</host>
<taskbegin task="NSE" time="1674932848"/>
<taskend task="NSE" time="1674932848"/>
<taskbegin task="NSE" time="1674932848"/>
<taskend task="NSE" time="1674932848"/>
<runstats><finished time="1674932848" timestr="Sat Jan 28 20:07:28 2023" summary="Nmap done at Sat Jan 28 20:07:28 2023; 1 IP address (1 host up) scanned in 2.73 seconds" elapsed="2.73" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

1
HTB/encoding/results/scans/tcp80/ferox-http_api_haxtables_htb-1674933786.state Normal file
View File

@@ -0,0 +1 @@
{"scans":[{"id":"a57702627b854c1c90ad3f96ec543203","url":"http://api.haxtables.htb/","normalized_url":"http://api.haxtables.htb/","scan_type":"Directory","status":"Running","num_requests":30000},{"id":"6809b17a31a54a36b557f8cf36b3e463","url":"http://api.haxtables.htb/v2/","normalized_url":"http://api.haxtables.htb/v2/","scan_type":"Directory","status":"Complete","num_requests":30000},{"id":"e94a0fafa13a47819bc2bf530faad678","url":"http://api.haxtables.htb/v3/","normalized_url":"http://api.haxtables.htb/v3/","scan_type":"Directory","status":"Complete","num_requests":30000},{"id":"2f4dbdcce1364f6099c72ab7ac0b0127","url":"http://api.haxtables.htb/v1/","normalized_url":"http://api.haxtables.htb/v1/","scan_type":"Directory","status":"Complete","num_requests":30000}],"config":{"type":"configuration","wordlist":"/usr/share/seclists/Discovery/Web-Content/raft-medium-directories.txt","config":"/etc/feroxbuster/ferox-config.toml","proxy":"","replay_proxy":"","target_url":"http://api.haxtables.htb","status_codes":[200,204,301,302,307,308,401,403,405,500],"replay_codes":[200,204,301,302,307,308,401,403,405,500],"filter_status":[],"threads":50,"timeout":7,"verbosity":0,"silent":false,"quiet":false,"auto_bail":false,"auto_tune":false,"json":false,"output":"","debug_log":"","user_agent":"feroxbuster/2.7.3","random_agent":false,"redirects":false,"insecure":false,"extensions":[],"methods":["GET"],"data":[],"headers":{},"queries":[],"no_recursion":false,"extract_links":false,"add_slash":false,"stdin":false,"depth":4,"scan_limit":0,"parallel":0,"rate_limit":0,"filter_size":[],"filter_line_count":[],"filter_word_count":[],"filter_regex":[],"dont_filter":false,"resumed":false,"resume_from":"","save_state":true,"time_limit":"","filter_similar":[],"url_denylist":[],"regex_denylist":[],"collect_extensions":false,"dont_collect":["tif","tiff","ico","cur","bmp","webp","svg","png","jpg","jpeg","jfif","gif","avif","apng","pjpeg","pjp","mov","wav","mpg","mpeg","mp3","mp4","m4a","m4p","m4v","ogg","webm","ogv","oga","flac","aac","3gp","css","zip","xls","xml","gz","tgz"],"collect_backups":false,"collect_words":false,"force_recursion":false},"responses":[{"type":"response","url":"http://api.haxtables.htb/","original_url":"http://api.haxtables.htb","path":"/","wildcard":false,"status":200,"method":"GET","content_length":0,"line_count":0,"word_count":0,"headers":{"server":"Apache/2.4.52 (Ubuntu)","content-type":"text/html; charset=UTF-8","content-length":"0","date":"Sat, 28 Jan 2023 19:22:46 GMT"},"extension":""},{"type":"response","url":"http://api.haxtables.htb/v2","original_url":"http://api.haxtables.htb","path":"/v2","wildcard":false,"status":301,"method":"GET","content_length":319,"line_count":9,"word_count":28,"headers":{"server":"Apache/2.4.52 (Ubuntu)","content-type":"text/html; charset=iso-8859-1","location":"http://api.haxtables.htb/v2/","date":"Sat, 28 Jan 2023 19:22:46 GMT","content-length":"319"},"extension":""},{"type":"response","url":"http://api.haxtables.htb/v3","original_url":"http://api.haxtables.htb","path":"/v3","wildcard":false,"status":301,"method":"GET","content_length":319,"line_count":9,"word_count":28,"headers":{"content-length":"319","content-type":"text/html; charset=iso-8859-1","date":"Sat, 28 Jan 2023 19:22:46 GMT","server":"Apache/2.4.52 (Ubuntu)","location":"http://api.haxtables.htb/v3/"},"extension":""},{"type":"response","url":"http://api.haxtables.htb/v1","original_url":"http://api.haxtables.htb","path":"/v1","wildcard":false,"status":301,"method":"GET","content_length":319,"line_count":9,"word_count":28,"headers":{"server":"Apache/2.4.52 (Ubuntu)","content-type":"text/html; charset=iso-8859-1","date":"Sat, 28 Jan 2023 19:22:46 GMT","content-length":"319","location":"http://api.haxtables.htb/v1/"},"extension":""},{"type":"response","url":"http://api.haxtables.htb/server-status","original_url":"http://api.haxtables.htb","path":"/server-status","wildcard":false,"status":403,"method":"GET","content_length":282,"line_count":9,"word_count":28,"headers":{"content-length":"282","date":"Sat, 28 Jan 2023 19:22:48 GMT","server":"Apache/2.4.52 (Ubuntu)","content-type":"text/html; charset=iso-8859-1"},"extension":""}],"statistics":{"type":"statistics","timeouts":0,"requests":7411,"expected_per_scan":30000,"total_expected":120000,"errors":12,"successes":7,"redirects":3,"client_errors":7389,"server_errors":0,"total_scans":4,"initial_targets":0,"links_extracted":0,"extensions_collected":0,"status_200s":7,"status_301s":3,"status_302s":0,"status_401s":0,"status_403s":1,"status_429s":0,"status_500s":0,"status_503s":0,"status_504s":0,"status_508s":0,"wildcards_filtered":0,"responses_filtered":0,"resources_discovered":5,"url_format_errors":0,"redirection_errors":0,"connection_errors":0,"request_errors":12,"directory_scan_times":[],"total_runtime":[0.0]},"collected_extensions":[],"filters":[]}

56
HTB/encoding/results/scans/tcp80/tcp_80_http_curl.html Normal file
View File

@@ -0,0 +1,56 @@
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:07:09 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>HaxTables</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
<link rel="stylesheet" href="assets/css/main.css">
<script src="./assets/js/main.js"></script>
</head>
<body>
<h1 align="center">HaxTables</h1>
<br><br>
<div class="container">
<nav class="navbar navbar-inverse">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand" href="/">HaxTables</a>
</div>
<ul class="nav navbar-nav">
<li class="active"><a href="/">Home</a></li>
<li class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">Convertions<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="/index.php?page=string">String</a></li>
<li><a href="/index.php?page=integer">Integer</a></li>
<li><a href="/index.php?page=image">Images</a></li>
</ul>
</li>
<li><a href="#">About us</a></li>
<li><a href="/index.php?page=api">API</a></li>
</ul>
</div>
</nav>
<p align="center">Free online String and Number converter. Just load your input and they will automatically get converted to selected format. A collection of useful utilities for working with String and Integer values. All are simple, free and easy to use. There are no ads, popups or other garbage!</p>
<p align="center">
<img src="../assets/img/index.png">
</p>
</div>
</body>
</html>

0
HTB/encoding/results/scans/tcp80/tcp_80_http_encoding.htb_vhosts_subdomains-top1million-110000.txt Normal file
View File

32
HTB/encoding/results/scans/tcp80/tcp_80_http_feroxbuster_dirbuster.txt Normal file
View File

@@ -0,0 +1,32 @@
403 GET 9l 28w 277c http://10.129.123.2/.htaccess
403 GET 9l 28w 277c http://10.129.123.2/.hta
403 GET 9l 28w 277c http://10.129.123.2/.htpasswd
403 GET 9l 28w 277c http://10.129.123.2/.htaccess.txt
403 GET 9l 28w 277c http://10.129.123.2/.hta.txt
403 GET 9l 28w 277c http://10.129.123.2/.htpasswd.txt
403 GET 9l 28w 277c http://10.129.123.2/.htaccess.html
403 GET 9l 28w 277c http://10.129.123.2/.hta.html
403 GET 9l 28w 277c http://10.129.123.2/.htpasswd.html
403 GET 9l 28w 277c http://10.129.123.2/.htaccess.php
403 GET 9l 28w 277c http://10.129.123.2/.hta.php
403 GET 9l 28w 277c http://10.129.123.2/.htaccess.asp
403 GET 9l 28w 277c http://10.129.123.2/.htpasswd.php
403 GET 9l 28w 277c http://10.129.123.2/.hta.asp
200 GET 2206l 13654w 619037c http://10.129.123.2/assets/img/index.png
403 GET 9l 28w 277c http://10.129.123.2/.htpasswd.asp
403 GET 9l 28w 277c http://10.129.123.2/.htaccess.aspx
403 GET 9l 28w 277c http://10.129.123.2/.hta.aspx
403 GET 9l 28w 277c http://10.129.123.2/.htpasswd.aspx
403 GET 9l 28w 277c http://10.129.123.2/.htaccess.jsp
403 GET 9l 28w 277c http://10.129.123.2/.hta.jsp
200 GET 48l 137w 0c http://10.129.123.2/index.php
403 GET 9l 28w 277c http://10.129.123.2/.htpasswd.jsp
200 GET 167l 329w 3025c http://10.129.123.2/assets/css/main.css
200 GET 31l 80w 1019c http://10.129.123.2/assets/js/main.js
200 GET 48l 137w 0c http://10.129.123.2/
403 GET 9l 28w 277c http://10.129.123.2/.html
403 GET 9l 28w 277c http://10.129.123.2/.php
301 GET 9l 28w 313c http://10.129.123.2/assets => http://10.129.123.2/assets/
200 GET 1l 2w 0c http://10.129.123.2/handler.php
301 GET 9l 28w 315c http://10.129.123.2/includes => http://10.129.123.2/includes/
403 GET 9l 28w 277c http://10.129.123.2/server-status

32
HTB/encoding/results/scans/tcp80/tcp_80_http_feroxbuster_directory-list-2.3-medium.txt Normal file
View File

@@ -0,0 +1,32 @@
200 GET 48l 137w 0c http://10.129.123.2/index.php
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/css/ (Apache)
200 GET 167l 329w 3025c http://10.129.123.2/assets/css/main.css
200 GET 31l 80w 1019c http://10.129.123.2/assets/js/main.js
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/js/ (Apache)
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/ (Apache)
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/img (Apache)
200 GET 2206l 13654w 619037c http://10.129.123.2/assets/img/index.png
200 GET 48l 137w 0c http://10.129.123.2/
301 GET 9l 28w 313c http://10.129.123.2/assets => http://10.129.123.2/assets/
403 GET 9l 28w 277c http://10.129.123.2/.html
403 GET 9l 28w 277c http://10.129.123.2/.php
301 GET 9l 28w 315c http://10.129.123.2/includes => http://10.129.123.2/includes/
200 GET 5l 53w 375c http://10.129.123.2/includes/index.html
200 GET 1l 2w 20c http://10.129.123.2/includes/image.html
200 GET 110l 344w 3672c http://10.129.123.2/includes/api.html
200 GET 48l 137w 0c http://10.129.123.2/index.php
200 GET 31l 80w 1019c http://10.129.123.2/assets/js/main.js
200 GET 167l 329w 3025c http://10.129.123.2/assets/css/main.css
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/css/ (Apache)
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/js/ (Apache)
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/ (Apache)
200 GET 2206l 13654w 619037c http://10.129.123.2/assets/img/index.png
200 GET 48l 137w 0c http://10.129.123.2/
403 GET 9l 28w 277c http://10.129.123.2/.html
MSG 0.000 feroxbuster::heuristics detected directory listing: http://10.129.123.2/assets/img/ (Apache)
403 GET 9l 28w 277c http://10.129.123.2/.php
301 GET 9l 28w 313c http://10.129.123.2/assets => http://10.129.123.2/assets/
301 GET 9l 28w 315c http://10.129.123.2/includes => http://10.129.123.2/includes/
200 GET 5l 53w 375c http://10.129.123.2/includes/index.html
200 GET 1l 2w 20c http://10.129.123.2/includes/image.html
200 GET 110l 344w 3672c http://10.129.123.2/includes/api.html

2
HTB/encoding/results/scans/tcp80/tcp_80_http_haxtables.htb_vhosts_subdomains-top1million-110000.txt Normal file
View File

@@ -0,0 +1,2 @@
api
image

140
HTB/encoding/results/scans/tcp80/tcp_80_http_nmap.txt Normal file
View File

@@ -0,0 +1,140 @@
# Nmap 7.93 scan initiated Sat Jan 28 20:07:25 2023 as: nmap -vv --reason -Pn -T4 -sV -p 80 "--script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN /home/kali/htb/results/scans/tcp80/tcp_80_http_nmap.txt -oX /home/kali/htb/results/scans/tcp80/xml/tcp_80_http_nmap.xml 10.129.123.2
Nmap scan report for encoding.htb (10.129.123.2)
Host is up, received user-set (0.025s latency).
Scanned at 2023-01-28 20:07:26 CET for 160s
Bug in http-security-headers: no string output.
PORT STATE SERVICE REASON VERSION
80/tcp open http syn-ack ttl 63 Apache httpd 2.4.52 ((Ubuntu))
|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
|_http-mobileversion-checker: No mobile version detected.
|_http-server-header: Apache/2.4.52 (Ubuntu)
|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
| http-referer-checker:
| Spidering limited to: maxpagecount=30
| https://ajax.googleapis.com:443/ajax/libs/jquery/3.6.0/jquery.min.js
|_ https://maxcdn.bootstrapcdn.com:443/bootstrap/3.4.1/js/bootstrap.min.js
|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
|_http-fetch: Please enter the complete path of the directory to save data in.
|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
|_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
|_http-feed: Couldn't find any feeds.
|_http-jsonp-detection: Couldn't find any JSONP endpoints.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
| http-useragent-tester:
| Status for browser useragent: 200
| Allowed User Agents:
| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
| libwww
| lwp-trivial
| libcurl-agent/1.0
| PHP/
| Python-urllib/2.5
| GT::WWW
| Snoopy
| MFC_Tear_Sample
| HTTP::Lite
| PHPCrawl
| URI::Fetch
| Zend_Http_Client
| http client
| PECL::HTTP
| Wget/1.13.4 (linux-gnu)
|_ WWW-Mechanize/1.34
| http-headers:
| Date: Sat, 28 Jan 2023 19:07:19 GMT
| Server: Apache/2.4.52 (Ubuntu)
| Connection: close
| Content-Type: text/html; charset=UTF-8
|
|_ (Request type: HEAD)
| http-comments-displayer:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=encoding.htb
|
| Path: http://encoding.htb:80/assets/css/main.css
| Line number: 29
| Comment:
| /* The textarea itself */
|
| Path: http://encoding.htb:80/assets/css/main.css
| Line number: 14
| Comment:
| /* Containing areas */
|
| Path: http://encoding.htb:80/assets/css/main.css
| Line number: 41
| Comment:
| /* The status bar */
|
| Path: http://encoding.htb:80/assets/css/main.css
| Line number: 1
| Comment:
| /* Import Google Font */
|
| Path: http://encoding.htb:80/assets/css/main.css
| Line number: 63
| Comment:
| /* The submit button */
|
| Path: http://encoding.htb:80/assets/css/main.css
| Line number: 4
| Comment:
|_ /* RESET */
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-errors: Couldn't find any error pages.
| http-fileupload-exploiter:
|
| Couldn't find a file-type field.
|
|_ Couldn't find a file-type field.
| http-sitemap-generator:
| Directory structure:
| /
| Other: 1; php: 1
| /assets/css/
| css: 1
| /assets/img/
| png: 1
| /assets/js/
| js: 1
| Longest directory structure:
| Depth: 2
| Dir: /assets/img/
| Total files found (by extension):
|_ Other: 1; css: 1; js: 1; php: 1; png: 1
|_http-date: Sat, 28 Jan 2023 19:07:18 GMT; -18s from local time.
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
| http-traceroute:
| HTML title
| Hop #1: 400 Proxy Error
| Hop #2: HaxTables
| Hop #3: HaxTables
| Status Code
| Hop #1: 400
| Hop #2: 200
| Hop #3: 200
| content-type
| Hop #1: text/html; charset=iso-8859-1
| Hop #2: text/html; charset=UTF-8
| Hop #3: text/html; charset=UTF-8
| content-length
| Hop #1: 424
| Hop #2
|_ Hop #3
|_http-title: HaxTables
|_http-malware-host: Host appears to be clean
| http-enum:
|_ /includes/: Potentially interesting folder
| http-php-version: Logo query returned unknown hash 6f7d4fa5b2f90ff61821fd1e824a06fa
|_Credits query returned unknown hash 6f7d4fa5b2f90ff61821fd1e824a06fa
|_http-config-backup: ERROR: Script execution failed (use -d to debug)
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-chrono: Request times for /; avg: 172.22ms; min: 158.15ms; max: 186.15ms
| http-vhosts:
|_128 names had status 200
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jan 28 20:10:06 2023 -- 1 IP address (1 host up) scanned in 160.94 seconds

BIN
HTB/encoding/results/scans/tcp80/tcp_80_http_screenshot.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.3 MiB

71
HTB/encoding/results/scans/tcp80/tcp_80_http_whatweb.txt Normal file
View File

@@ -0,0 +1,71 @@
WhatWeb report for http://10.129.123.2:80
Status : 200 OK
Title : HaxTables
IP : 10.129.123.2
Country : RESERVED, ZZ
Summary : Apache[2.4.52], Bootstrap[3.4.1], HTML5, HTTPServer[Ubuntu Linux][Apache/2.4.52 (Ubuntu)], JQuery[3.6.0], Script, X-UA-Compatible[IE=edge]
Detected Plugins:
[ Apache ]
The Apache HTTP Server Project is an effort to develop and
maintain an open-source HTTP server for modern operating
systems including UNIX and Windows NT. The goal of this
project is to provide a secure, efficient and extensible
server that provides HTTP services in sync with the current
HTTP standards.
Version : 2.4.52 (from HTTP Server Header)
Google Dorks: (3)
Website : http://httpd.apache.org/
[ Bootstrap ]
Bootstrap is an open source toolkit for developing with
HTML, CSS, and JS.
Version : 3.4.1
Version : 3.4.1
Website : https://getbootstrap.com/
[ HTML5 ]
HTML version 5, detected by the doctype declaration
[ HTTPServer ]
HTTP server header string. This plugin also attempts to
identify the operating system from the server header.
OS : Ubuntu Linux
String : Apache/2.4.52 (Ubuntu) (from server string)
[ JQuery ]
A fast, concise, JavaScript that simplifies how to traverse
HTML documents, handle events, perform animations, and add
AJAX.
Version : 3.6.0
Website : http://jquery.com/
[ Script ]
This plugin detects instances of script HTML elements and
returns the script language/type.
[ X-UA-Compatible ]
This plugin retrieves the X-UA-Compatible value from the
HTTP header and meta http-equiv tag. - More Info:
http://msdn.microsoft.com/en-us/library/cc817574.aspx
String : IE=edge
HTTP Headers:
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 19:07:10 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 814
Connection: close
Content-Type: text/html; charset=UTF-8

84
HTB/encoding/results/scans/tcp80/xml/tcp_80_http_nmap.xml Normal file
View File

@@ -0,0 +1,84 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Sat Jan 28 20:07:25 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 80 &quot;-&#45;script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)&quot; -oN /home/kali/htb/results/scans/tcp80/tcp_80_http_nmap.txt -oX /home/kali/htb/results/scans/tcp80/xml/tcp_80_http_nmap.xml 10.129.123.2 -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 80 &quot;-&#45;script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)&quot; -oN /home/kali/htb/results/scans/tcp80/tcp_80_http_nmap.txt -oX /home/kali/htb/results/scans/tcp80/xml/tcp_80_http_nmap.xml 10.129.123.2" start="1674932845" startstr="Sat Jan 28 20:07:25 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="80"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1674932846"/>
<taskend task="NSE" time="1674932846"/>
<taskbegin task="NSE" time="1674932846"/>
<taskend task="NSE" time="1674932846"/>
<taskbegin task="NSE" time="1674932846"/>
<taskend task="NSE" time="1674932846"/>
<taskbegin task="SYN Stealth Scan" time="1674932846"/>
<taskend task="SYN Stealth Scan" time="1674932846" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1674932846"/>
<taskend task="Service scan" time="1674932852" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1674932852"/>
<taskprogress task="NSE" time="1674932883" percent="99.02" remaining="1" etc="1674932883"/>
<taskprogress task="NSE" time="1674932913" percent="99.67" remaining="1" etc="1674932913"/>
<taskprogress task="NSE" time="1674932943" percent="99.67" remaining="1" etc="1674932943"/>
<taskprogress task="NSE" time="1674932973" percent="99.67" remaining="1" etc="1674932973"/>
<taskprogress task="NSE" time="1674933003" percent="99.67" remaining="1" etc="1674933003"/>
<taskend task="NSE" time="1674933006"/>
<taskbegin task="NSE" time="1674933006"/>
<taskend task="NSE" time="1674933006"/>
<taskbegin task="NSE" time="1674933006"/>
<taskend task="NSE" time="1674933006"/>
<host starttime="1674932846" endtime="1674933006"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.129.123.2" addrtype="ipv4"/>
<hostnames>
<hostname name="encoding.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="63"/><service name="http" product="Apache httpd" version="2.4.52" extrainfo="(Ubuntu)" method="probed" conf="10"><cpe>cpe:/a:apache:http_server:2.4.52</cpe></service><script id="http-drupal-enum" output="Nothing found amongst the top 100 resources,use -&#45;script-args number=&lt;number|all&gt; for deeper analysis)"/><script id="http-mobileversion-checker" output="No mobile version detected."/><script id="http-server-header" output="Apache/2.4.52 (Ubuntu)"><elem>Apache/2.4.52 (Ubuntu)</elem>
</script><script id="http-wordpress-enum" output="Nothing found amongst the top 100 resources,use -&#45;script-args search-limit=&lt;number|all&gt; for deeper analysis)"/><script id="http-vuln-cve2017-1001000" output="ERROR: Script execution failed (use -d to debug)"/><script id="http-referer-checker" output="&#xa;Spidering limited to: maxpagecount=30&#xa; https://ajax.googleapis.com:443/ajax/libs/jquery/3.6.0/jquery.min.js&#xa; https://maxcdn.bootstrapcdn.com:443/bootstrap/3.4.1/js/bootstrap.min.js&#xa;"/><script id="http-wordpress-users" output="[Error] Wordpress installation was not found. We couldn&apos;t find wp-login.php"/><script id="http-fetch" output="Please enter the complete path of the directory to save data in."><elem key="ERROR">Please enter the complete path of the directory to save data in.</elem>
</script><script id="http-devframework" output="Couldn&apos;t determine the underlying framework or CMS. Try increasing &apos;httpspider.maxpagecount&apos; value to spider more pages."/><script id="http-litespeed-sourcecode-download" output="Request with null byte did not work. This web server might not be vulnerable"/><script id="http-feed" output="Couldn&apos;t find any feeds."/><script id="http-jsonp-detection" output="Couldn&apos;t find any JSONP endpoints."/><script id="http-csrf" output="Couldn&apos;t find any CSRF vulnerabilities."/><script id="http-useragent-tester" output="&#xa; Status for browser useragent: 200&#xa; Allowed User Agents: &#xa; Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)&#xa; libwww&#xa; lwp-trivial&#xa; libcurl-agent/1.0&#xa; PHP/&#xa; Python-urllib/2.5&#xa; GT::WWW&#xa; Snoopy&#xa; MFC_Tear_Sample&#xa; HTTP::Lite&#xa; PHPCrawl&#xa; URI::Fetch&#xa; Zend_Http_Client&#xa; http client&#xa; PECL::HTTP&#xa; Wget/1.13.4 (linux-gnu)&#xa; WWW-Mechanize/1.34"><elem key="Status for browser useragent">200</elem>
<table key="Allowed User Agents">
<elem>Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)</elem>
<elem>libwww</elem>
<elem>lwp-trivial</elem>
<elem>libcurl-agent/1.0</elem>
<elem>PHP/</elem>
<elem>Python-urllib/2.5</elem>
<elem>GT::WWW</elem>
<elem>Snoopy</elem>
<elem>MFC_Tear_Sample</elem>
<elem>HTTP::Lite</elem>
<elem>PHPCrawl</elem>
<elem>URI::Fetch</elem>
<elem>Zend_Http_Client</elem>
<elem>http client</elem>
<elem>PECL::HTTP</elem>
<elem>Wget/1.13.4 (linux-gnu)</elem>
<elem>WWW-Mechanize/1.34</elem>
</table>
</script><script id="http-headers" output="&#xa; Date: Sat, 28 Jan 2023 19:07:19 GMT&#xa; Server: Apache/2.4.52 (Ubuntu)&#xa; Connection: close&#xa; Content-Type: text/html; charset=UTF-8&#xa; &#xa; (Request type: HEAD)&#xa;"/><script id="http-comments-displayer" output="&#xa;Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=encoding.htb&#xa; &#xa; Path: http://encoding.htb:80/assets/css/main.css&#xa; Line number: 29&#xa; Comment: &#xa; /* The textarea itself */&#xa; &#xa; Path: http://encoding.htb:80/assets/css/main.css&#xa; Line number: 14&#xa; Comment: &#xa; /* Containing areas */&#xa; &#xa; Path: http://encoding.htb:80/assets/css/main.css&#xa; Line number: 41&#xa; Comment: &#xa; /* The status bar */&#xa; &#xa; Path: http://encoding.htb:80/assets/css/main.css&#xa; Line number: 1&#xa; Comment: &#xa; /* Import Google Font */&#xa; &#xa; Path: http://encoding.htb:80/assets/css/main.css&#xa; Line number: 63&#xa; Comment: &#xa; /* The submit button */&#xa; &#xa; Path: http://encoding.htb:80/assets/css/main.css&#xa; Line number: 4&#xa; Comment: &#xa; /* RESET */&#xa;"/><script id="http-dombased-xss" output="Couldn&apos;t find any DOM based XSS."/><script id="http-errors" output="Couldn&apos;t find any error pages."/><script id="http-fileupload-exploiter" output="&#xa; &#xa; Couldn&apos;t find a file-type field.&#xa; &#xa; Couldn&apos;t find a file-type field."><table>
<elem>Couldn&apos;t find a file-type field.</elem>
</table>
<table>
<elem>Couldn&apos;t find a file-type field.</elem>
</table>
</script><script id="http-sitemap-generator" output="&#xa; Directory structure:&#xa; /&#xa; Other: 1; php: 1&#xa; /assets/css/&#xa; css: 1&#xa; /assets/img/&#xa; png: 1&#xa; /assets/js/&#xa; js: 1&#xa; Longest directory structure:&#xa; Depth: 2&#xa; Dir: /assets/img/&#xa; Total files found (by extension):&#xa; Other: 1; css: 1; js: 1; php: 1; png: 1&#xa;"/><script id="http-date" output="Sat, 28 Jan 2023 19:07:18 GMT; -18s from local time."><elem key="date">2023-01-28T19:07:18+00:00</elem>
<elem key="delta">-18.0</elem>
</script><script id="http-stored-xss" output="Couldn&apos;t find any stored XSS vulnerabilities."/><script id="http-traceroute" output="&#xa; HTML title&#xa; Hop #1: 400 Proxy Error&#xa; Hop #2: HaxTables&#xa; Hop #3: HaxTables&#xa; Status Code&#xa; Hop #1: 400&#xa; Hop #2: 200&#xa; Hop #3: 200&#xa; content-type&#xa; Hop #1: text/html; charset=iso-8859-1&#xa; Hop #2: text/html; charset=UTF-8&#xa; Hop #3: text/html; charset=UTF-8&#xa; content-length&#xa; Hop #1: 424&#xa; Hop #2&#xa; Hop #3&#xa;"/><script id="http-title" output="HaxTables"><elem key="title">HaxTables</elem>
</script><script id="http-malware-host" output="Host appears to be clean"/><script id="http-security-headers" output=""></script><script id="http-enum" output="&#xa; /includes/: Potentially interesting folder&#xa;"/><script id="http-php-version" output="Logo query returned unknown hash 6f7d4fa5b2f90ff61821fd1e824a06fa&#xa;Credits query returned unknown hash 6f7d4fa5b2f90ff61821fd1e824a06fa"/><script id="http-config-backup" output="ERROR: Script execution failed (use -d to debug)"/><script id="http-methods" output="&#xa; Supported Methods: GET HEAD POST OPTIONS"><table key="Supported Methods">
<elem>GET</elem>
<elem>HEAD</elem>
<elem>POST</elem>
<elem>OPTIONS</elem>
</table>
</script><script id="http-chrono" output="Request times for /; avg: 172.22ms; min: 158.15ms; max: 186.15ms"/><script id="http-vhosts" output="&#xa;128 names had status 200"/></port>
</ports>
<times srtt="24650" rttvar="24650" to="123250"/>
</host>
<taskbegin task="NSE" time="1674933006"/>
<taskend task="NSE" time="1674933006"/>
<taskbegin task="NSE" time="1674933006"/>
<taskend task="NSE" time="1674933006"/>
<taskbegin task="NSE" time="1674933006"/>
<taskend task="NSE" time="1674933006"/>
<runstats><finished time="1674933006" timestr="Sat Jan 28 20:10:06 2023" summary="Nmap done at Sat Jan 28 20:10:06 2023; 1 IP address (1 host up) scanned in 160.94 seconds" elapsed="160.94" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

117
HTB/encoding/results/scans/xml/_full_tcp_nmap.xml Normal file
View File

@@ -0,0 +1,117 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Sat Jan 28 20:06:56 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -p- -oN /home/kali/htb/results/scans/_full_tcp_nmap.txt -oX /home/kali/htb/results/scans/xml/_full_tcp_nmap.xml 10.129.123.2 -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -p- -oN /home/kali/htb/results/scans/_full_tcp_nmap.txt -oX /home/kali/htb/results/scans/xml/_full_tcp_nmap.xml 10.129.123.2" start="1674932816" startstr="Sat Jan 28 20:06:56 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="65535" services="1-65535"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="SYN Stealth Scan" time="1674932816"/>
<taskend task="SYN Stealth Scan" time="1674932851" extrainfo="65535 total ports"/>
<taskbegin task="Service scan" time="1674932851"/>
<taskend task="Service scan" time="1674932857" extrainfo="2 services on 1 host"/>
<taskbegin task="Traceroute" time="1674932871"/>
<taskend task="Traceroute" time="1674932871"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1674932871"/>
<taskend task="Parallel DNS resolution of 1 host." time="1674932882"/>
<taskbegin task="NSE" time="1674932882"/>
<taskend task="NSE" time="1674932887"/>
<taskbegin task="NSE" time="1674932887"/>
<taskend task="NSE" time="1674932887"/>
<taskbegin task="NSE" time="1674932887"/>
<taskend task="NSE" time="1674932887"/>
<host starttime="1674932816" endtime="1674932887"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.129.123.2" addrtype="ipv4"/>
<hostnames>
<hostname name="encoding.htb" type="PTR"/>
</hostnames>
<ports><extraports state="closed" count="65533">
<extrareasons reason="reset" count="65533" proto="tcp" ports="1-21,23-79,81-65535"/>
</extraports>
<port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="63"/><service name="ssh" product="OpenSSH" version="8.9p1 Ubuntu 3ubuntu0.1" extrainfo="Ubuntu Linux; protocol 2.0" ostype="Linux" method="probed" conf="10"><cpe>cpe:/a:openbsd:openssh:8.9p1</cpe><cpe>cpe:/o:linux:linux_kernel</cpe></service><script id="ssh-hostkey" output="&#xa; 256 4fe3a667a227f9118dc30ed773a02c28 (ECDSA)&#xa;ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=&#xa; 256 816e78766b8aea7d1babd436b7f8ecc4 (ED25519)&#xa;ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK"><table>
<elem key="bits">256</elem>
<elem key="fingerprint">4fe3a667a227f9118dc30ed773a02c28</elem>
<elem key="type">ecdsa-sha2-nistp256</elem>
<elem key="key">AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=</elem>
</table>
<table>
<elem key="bits">256</elem>
<elem key="fingerprint">816e78766b8aea7d1babd436b7f8ecc4</elem>
<elem key="type">ssh-ed25519</elem>
<elem key="key">AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK</elem>
</table>
</script></port>
<port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="63"/><service name="http" product="Apache httpd" version="2.4.52" extrainfo="(Ubuntu)" method="probed" conf="10"><cpe>cpe:/a:apache:http_server:2.4.52</cpe></service><script id="http-title" output="HaxTables"><elem key="title">HaxTables</elem>
</script><script id="http-methods" output="&#xa; Supported Methods: GET HEAD POST OPTIONS"><table key="Supported Methods">
<elem>GET</elem>
<elem>HEAD</elem>
<elem>POST</elem>
<elem>OPTIONS</elem>
</table>
</script><script id="http-server-header" output="Apache/2.4.52 (Ubuntu)"><elem>Apache/2.4.52 (Ubuntu)</elem>
</script></port>
</ports>
<os><portused state="open" proto="tcp" portid="22"/>
<portused state="closed" proto="tcp" portid="1"/>
<portused state="closed" proto="udp" portid="36902"/>
<osmatch name="Linux 5.0" accuracy="95" line="68042">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="95"><cpe>cpe:/o:linux:linux_kernel:5.0</cpe></osclass>
</osmatch>
<osmatch name="Linux 5.0 - 5.4" accuracy="95" line="68103">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="95"><cpe>cpe:/o:linux:linux_kernel:5</cpe></osclass>
</osmatch>
<osmatch name="Linux 5.4" accuracy="94" line="68176">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="94"><cpe>cpe:/o:linux:linux_kernel:5.4</cpe></osclass>
</osmatch>
<osmatch name="HP P2000 G3 NAS device" accuracy="93" line="35037">
<osclass type="storage-misc" vendor="HP" osfamily="embedded" accuracy="93"><cpe>cpe:/h:hp:p2000_g3</cpe></osclass>
</osmatch>
<osmatch name="Linux 4.15 - 5.6" accuracy="93" line="67238">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="4.X" accuracy="93"><cpe>cpe:/o:linux:linux_kernel:4</cpe></osclass>
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="93"><cpe>cpe:/o:linux:linux_kernel:5</cpe></osclass>
</osmatch>
<osmatch name="Linux 5.3 - 5.4" accuracy="93" line="68140">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="93"><cpe>cpe:/o:linux:linux_kernel:5</cpe></osclass>
</osmatch>
<osmatch name="Linux 2.6.32" accuracy="92" line="55653">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="2.6.X" accuracy="92"><cpe>cpe:/o:linux:linux_kernel:2.6.32</cpe></osclass>
</osmatch>
<osmatch name="Infomir MAG-250 set-top box" accuracy="92" line="59627">
<osclass type="media device" vendor="Linux" osfamily="Linux" osgen="2.6.X" accuracy="92"><cpe>cpe:/o:linux:linux_kernel:2.6</cpe></osclass>
<osclass type="media device" vendor="Infomir" osfamily="embedded" accuracy="92"><cpe>cpe:/h:infomir:mag-250</cpe></osclass>
</osmatch>
<osmatch name="Ubiquiti AirMax NanoStation WAP (Linux 2.6.32)" accuracy="92" line="61697">
<osclass type="WAP" vendor="Linux" osfamily="Linux" osgen="2.6.X" accuracy="92"><cpe>cpe:/o:linux:linux_kernel:2.6.32</cpe></osclass>
<osclass type="WAP" vendor="Ubiquiti" osfamily="embedded" accuracy="92"><cpe>cpe:/h:ubnt:airmax_nanostation</cpe></osclass>
</osmatch>
<osmatch name="Linux 3.7" accuracy="92" line="65885">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="3.X" accuracy="92"><cpe>cpe:/o:linux:linux_kernel:3.7</cpe></osclass>
</osmatch>
<osfingerprint fingerprint="OS:SCAN(V=7.93%E=4%D=1/28%OT=22%CT=1%CU=36902%PV=Y%DS=2%DC=T%G=Y%TM=63D5729&#xa;OS:7%P=x86_64-pc-linux-gnu)SEQ(SP=105%GCD=1%ISR=10C%TI=Z%CI=Z%II=I%TS=A)SEQ&#xa;OS:(SP=106%GCD=1%ISR=10C%TI=Z%CI=Z%TS=A)OPS(O1=M54DST11NW7%O2=M54DST11NW7%O&#xa;OS:3=M54DNNT11NW7%O4=M54DST11NW7%O5=M54DST11NW7%O6=M54DST11)WIN(W1=FE88%W2=&#xa;OS:FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88)ECN(R=Y%DF=Y%T=40%W=FAF0%O=M54DNNSN&#xa;OS:W7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%D&#xa;OS:F=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O&#xa;OS:=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N&#xa;OS:%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)U1(R=N)IE(R=Y%DFI=N&#xa;OS:%T=40%CD=S)&#xa;"/>
</os>
<uptime seconds="3975719" lastboot="Tue Dec 13 19:46:08 2022"/>
<distance value="2"/>
<tcpsequence index="262" difficulty="Good luck!" values="E618361A,593DA75B,E2320D48,4C9B4BB,C8D2C810,A696F0B3"/>
<ipidsequence class="All zeros" values="0,0,0,0,0,0"/>
<tcptssequence class="1000HZ" values="ECF86448,ECF864AC,ECF86511,ECF86576,ECF865DA,ECF8663E"/>
<trace port="1025" proto="tcp">
<hop ttl="1" ipaddr="10.10.14.1" rtt="25.62"/>
<hop ttl="2" ipaddr="10.129.123.2" rtt="26.90" host="encoding.htb"/>
</trace>
<times srtt="26038" rttvar="1163" to="100000"/>
</host>
<taskbegin task="NSE" time="1674932887"/>
<taskend task="NSE" time="1674932887"/>
<taskbegin task="NSE" time="1674932887"/>
<taskend task="NSE" time="1674932887"/>
<taskbegin task="NSE" time="1674932887"/>
<taskend task="NSE" time="1674932887"/>
<runstats><finished time="1674932887" timestr="Sat Jan 28 20:08:07 2023" summary="Nmap done at Sat Jan 28 20:08:07 2023; 1 IP address (1 host up) scanned in 71.78 seconds" elapsed="71.78" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

114
HTB/encoding/results/scans/xml/_quick_tcp_nmap.xml Normal file
View File

@@ -0,0 +1,114 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Sat Jan 28 20:06:56 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -oN /home/kali/htb/results/scans/_quick_tcp_nmap.txt -oX /home/kali/htb/results/scans/xml/_quick_tcp_nmap.xml 10.129.123.2 -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -sC -&#45;version-all -A -&#45;osscan-guess -oN /home/kali/htb/results/scans/_quick_tcp_nmap.txt -oX /home/kali/htb/results/scans/xml/_quick_tcp_nmap.xml 10.129.123.2" start="1674932816" startstr="Sat Jan 28 20:06:56 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="SYN Stealth Scan" time="1674932816"/>
<taskend task="SYN Stealth Scan" time="1674932818" extrainfo="1000 total ports"/>
<taskbegin task="Service scan" time="1674932818"/>
<taskend task="Service scan" time="1674932824" extrainfo="2 services on 1 host"/>
<taskbegin task="Traceroute" time="1674932829"/>
<taskend task="Traceroute" time="1674932829"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1674932829"/>
<taskend task="Parallel DNS resolution of 1 host." time="1674932840"/>
<taskbegin task="NSE" time="1674932840"/>
<taskend task="NSE" time="1674932845"/>
<taskbegin task="NSE" time="1674932845"/>
<taskend task="NSE" time="1674932845"/>
<taskbegin task="NSE" time="1674932845"/>
<taskend task="NSE" time="1674932845"/>
<host starttime="1674932816" endtime="1674932845"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.129.123.2" addrtype="ipv4"/>
<hostnames>
<hostname name="encoding.htb" type="PTR"/>
</hostnames>
<ports><extraports state="closed" count="998">
<extrareasons reason="reset" count="998" proto="tcp" ports="1,3-4,6-7,9,13,17,19-21,23-26,30,32-33,37,42-43,49,53,70,79,81-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
</extraports>
<port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="63"/><service name="ssh" product="OpenSSH" version="8.9p1 Ubuntu 3ubuntu0.1" extrainfo="Ubuntu Linux; protocol 2.0" ostype="Linux" method="probed" conf="10"><cpe>cpe:/a:openbsd:openssh:8.9p1</cpe><cpe>cpe:/o:linux:linux_kernel</cpe></service><script id="ssh-hostkey" output="&#xa; 256 4fe3a667a227f9118dc30ed773a02c28 (ECDSA)&#xa;ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=&#xa; 256 816e78766b8aea7d1babd436b7f8ecc4 (ED25519)&#xa;ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK"><table>
<elem key="type">ecdsa-sha2-nistp256</elem>
<elem key="bits">256</elem>
<elem key="fingerprint">4fe3a667a227f9118dc30ed773a02c28</elem>
<elem key="key">AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk=</elem>
</table>
<table>
<elem key="type">ssh-ed25519</elem>
<elem key="bits">256</elem>
<elem key="fingerprint">816e78766b8aea7d1babd436b7f8ecc4</elem>
<elem key="key">AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK</elem>
</table>
</script></port>
<port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="63"/><service name="http" product="Apache httpd" version="2.4.52" extrainfo="(Ubuntu)" method="probed" conf="10"><cpe>cpe:/a:apache:http_server:2.4.52</cpe></service><script id="http-title" output="HaxTables"><elem key="title">HaxTables</elem>
</script><script id="http-server-header" output="Apache/2.4.52 (Ubuntu)"><elem>Apache/2.4.52 (Ubuntu)</elem>
</script><script id="http-methods" output="&#xa; Supported Methods: GET HEAD POST OPTIONS"><table key="Supported Methods">
<elem>GET</elem>
<elem>HEAD</elem>
<elem>POST</elem>
<elem>OPTIONS</elem>
</table>
</script></port>
</ports>
<os><portused state="open" proto="tcp" portid="22"/>
<portused state="closed" proto="tcp" portid="1"/>
<osmatch name="HP P2000 G3 NAS device" accuracy="91" line="35037">
<osclass type="storage-misc" vendor="HP" osfamily="embedded" accuracy="91"><cpe>cpe:/h:hp:p2000_g3</cpe></osclass>
</osmatch>
<osmatch name="Linux 5.0" accuracy="89" line="68042">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="89"><cpe>cpe:/o:linux:linux_kernel:5.0</cpe></osclass>
</osmatch>
<osmatch name="Linux 5.4" accuracy="89" line="68176">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="89"><cpe>cpe:/o:linux:linux_kernel:5.4</cpe></osclass>
</osmatch>
<osmatch name="Linux 5.0 - 5.4" accuracy="88" line="68103">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="5.X" accuracy="88"><cpe>cpe:/o:linux:linux_kernel:5</cpe></osclass>
</osmatch>
<osmatch name="OpenWrt Kamikaze 7.09 (Linux 2.6.22)" accuracy="88" line="61524">
<osclass type="WAP" vendor="Linux" osfamily="Linux" osgen="2.6.X" accuracy="88"><cpe>cpe:/o:linux:linux_kernel:2.6.22</cpe></osclass>
</osmatch>
<osmatch name="Linux 3.1" accuracy="88" line="62917">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="3.X" accuracy="88"><cpe>cpe:/o:linux:linux_kernel:3.1</cpe></osclass>
</osmatch>
<osmatch name="Linux 3.2" accuracy="88" line="64664">
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="3.X" accuracy="88"><cpe>cpe:/o:linux:linux_kernel:3.2</cpe></osclass>
</osmatch>
<osmatch name="AXIS 210A or 211 Network Camera (Linux 2.6.17)" accuracy="87" line="61815">
<osclass type="webcam" vendor="Linux" osfamily="Linux" osgen="2.6.X" accuracy="87"><cpe>cpe:/o:linux:linux_kernel:2.6.17</cpe></osclass>
<osclass type="webcam" vendor="AXIS" osfamily="embedded" accuracy="87"><cpe>cpe:/h:axis:210a_network_camera</cpe><cpe>cpe:/h:axis:211_network_camera</cpe></osclass>
</osmatch>
<osmatch name="OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34)" accuracy="87" line="46778">
<osclass type="WAP" vendor="Linux" osfamily="Linux" osgen="2.4.X" accuracy="87"><cpe>cpe:/o:linux:linux_kernel:2.4</cpe></osclass>
</osmatch>
<osmatch name="OpenWrt White Russian 0.9 (Linux 2.4.30)" accuracy="87" line="46817">
<osclass type="WAP" vendor="Linux" osfamily="Linux" osgen="2.4.X" accuracy="87"><cpe>cpe:/o:linux:linux_kernel:2.4.30</cpe></osclass>
</osmatch>
<osfingerprint fingerprint="SCAN(V=7.93%E=4%D=1/28%OT=22%CT=1%CU=%PV=Y%DS=2%DC=T%G=N%TM=63D5726D%P=x86_64-pc-linux-gnu)&#xa;SEQ(SP=FF%GCD=1%ISR=10D%TI=Z%CI=Z%II=I%TS=B)&#xa;SEQ(SP=FF%GCD=1%ISR=10D%TI=Z%II=I%TS=A)&#xa;OPS(O1=M54DST11NW7%O2=M54DST11NW7%O3=M54DNNT11NW7%O4=M54DST11NW7%O5=M54DST11NW7%O6=M54DST11)&#xa;WIN(W1=FE88%W2=FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88)&#xa;ECN(R=Y%DF=Y%TG=40%W=FAF0%O=M54DNNSNW7%CC=Y%Q=)&#xa;T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)&#xa;T2(R=N)&#xa;T3(R=N)&#xa;T4(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)&#xa;T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;T6(R=Y%DF=Y%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)&#xa;T6(R=N)&#xa;T7(R=N)&#xa;U1(R=N)&#xa;IE(R=Y%DFI=N%TG=40%CD=S)&#xa;"/>
</os>
<uptime seconds="3975677" lastboot="Tue Dec 13 19:46:08 2022"/>
<distance value="2"/>
<tcpsequence index="255" difficulty="Good luck!" values="E9BE12CA,A3101395,E95E70DA,7146064C,326727AD,EB2A0B78"/>
<ipidsequence class="All zeros" values="0,0,0,0,0,0"/>
<tcptssequence class="1000HZ" values="ECF7C0E0,ECF7C154,ECF7C1AC,ECF7C212,ECF7C279,ECF7C2DC"/>
<trace port="21" proto="tcp">
<hop ttl="1" ipaddr="10.10.14.1" rtt="25.03"/>
<hop ttl="2" ipaddr="10.129.123.2" rtt="26.51" host="encoding.htb"/>
</trace>
<times srtt="27771" rttvar="2857" to="100000"/>
</host>
<taskbegin task="NSE" time="1674932845"/>
<taskend task="NSE" time="1674932845"/>
<taskbegin task="NSE" time="1674932845"/>
<taskend task="NSE" time="1674932845"/>
<taskbegin task="NSE" time="1674932845"/>
<taskend task="NSE" time="1674932845"/>
<runstats><finished time="1674932845" timestr="Sat Jan 28 20:07:25 2023" summary="Nmap done at Sat Jan 28 20:07:25 2023; 1 IP address (1 host up) scanned in 29.16 seconds" elapsed="29.16" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>

74
HTB/encoding/results/scans/xml/_top_100_udp_nmap.xml Normal file
View File

@@ -0,0 +1,74 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Sat Jan 28 20:06:56 2023 as: nmap -vv -&#45;reason -Pn -T4 -sU -A -&#45;top-ports 100 -oN /home/kali/htb/results/scans/_top_100_udp_nmap.txt -oX /home/kali/htb/results/scans/xml/_top_100_udp_nmap.xml 10.129.123.2 -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sU -A -&#45;top-ports 100 -oN /home/kali/htb/results/scans/_top_100_udp_nmap.txt -oX /home/kali/htb/results/scans/xml/_top_100_udp_nmap.xml 10.129.123.2" start="1674932816" startstr="Sat Jan 28 20:06:56 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="udp" protocol="udp" numservices="100" services="7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201,65024"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="NSE" time="1674932816"/>
<taskend task="NSE" time="1674932816"/>
<taskbegin task="UDP Scan" time="1674932816"/>
<taskend task="UDP Scan" time="1674932904" extrainfo="100 total ports"/>
<taskbegin task="Service scan" time="1674932905"/>
<taskprogress task="Service scan" time="1674932970" percent="6.25" remaining="976" etc="1674933945"/>
<taskend task="Service scan" time="1674933002" extrainfo="16 services on 1 host"/>
<taskbegin task="Traceroute" time="1674933005"/>
<taskend task="Traceroute" time="1674933005"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1674933005"/>
<taskend task="Parallel DNS resolution of 1 host." time="1674933016"/>
<taskbegin task="NSE" time="1674933016"/>
<taskprogress task="NSE" time="1674933047" percent="99.36" remaining="1" etc="1674933047"/>
<taskend task="NSE" time="1674933059"/>
<taskbegin task="NSE" time="1674933059"/>
<taskend task="NSE" time="1674933060"/>
<taskbegin task="NSE" time="1674933060"/>
<taskend task="NSE" time="1674933060"/>
<host starttime="1674932816" endtime="1674933060"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.129.123.2" addrtype="ipv4"/>
<hostnames>
<hostname name="encoding.htb" type="PTR"/>
</hostnames>
<ports><extraports state="closed" count="84">
<extrareasons reason="port-unreach" count="84" proto="udp" ports="7,9,17,19,49,53,67,69,88,123,136-139,158,161-162,427,443,445,497,500,514-515,518,623,626,631,996-997,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,4444,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185,49188,49191,49194,49200-49201,65024"/>
</extraports>
<port protocol="udp" portid="68"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="dhcpc" method="table" conf="3"/></port>
<port protocol="udp" portid="80"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="http" method="table" conf="3"/></port>
<port protocol="udp" portid="111"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="rpcbind" method="table" conf="3"/></port>
<port protocol="udp" portid="120"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="cfdptkt" method="table" conf="3"/></port>
<port protocol="udp" portid="135"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="msrpc" method="table" conf="3"/></port>
<port protocol="udp" portid="177"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="xdmcp" method="table" conf="3"/></port>
<port protocol="udp" portid="520"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="route" method="table" conf="3"/></port>
<port protocol="udp" portid="593"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="http-rpc-epmap" method="table" conf="3"/></port>
<port protocol="udp" portid="998"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="puparp" method="table" conf="3"/></port>
<port protocol="udp" portid="999"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="applix" method="table" conf="3"/></port>
<port protocol="udp" portid="3703"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="adobeserver-3" method="table" conf="3"/></port>
<port protocol="udp" portid="4500"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="nat-t-ike" method="table" conf="3"/></port>
<port protocol="udp" portid="49186"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>
<port protocol="udp" portid="49190"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>
<port protocol="udp" portid="49192"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>
<port protocol="udp" portid="49193"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>
</ports>
<os><portused state="closed" proto="udp" portid="7"/>
<osfingerprint fingerprint="SCAN(V=7.93%E=4%D=1/28%OT=%CT=%CU=7%PV=Y%DS=2%DC=T%G=N%TM=63D57344%P=x86_64-pc-linux-gnu)&#xa;SEQ(CI=Z%II=I)&#xa;SEQ(CI=Z)&#xa;T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)&#xa;U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)&#xa;IE(R=Y%DFI=N%T=40%CD=S)&#xa;"/>
</os>
<distance value="2"/>
<trace port="49152" proto="udp">
<hop ttl="1" ipaddr="10.10.14.1" rtt="25.83"/>
<hop ttl="2" ipaddr="10.129.123.2" rtt="26.04" host="encoding.htb"/>
</trace>
<times srtt="25941" rttvar="1098" to="100000"/>
</host>
<taskbegin task="NSE" time="1674933060"/>
<taskend task="NSE" time="1674933060"/>
<taskbegin task="NSE" time="1674933060"/>
<taskend task="NSE" time="1674933060"/>
<taskbegin task="NSE" time="1674933060"/>
<taskend task="NSE" time="1674933060"/>
<runstats><finished time="1674933060" timestr="Sat Jan 28 20:11:00 2023" summary="Nmap done at Sat Jan 28 20:11:00 2023; 1 IP address (1 host up) scanned in 243.96 seconds" elapsed="243.96" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>