laokoon

2023-11-24 17:54:35 +01:00
parent adf3a00bd7
commit eaec057bb1
138 changed files with 6861 additions and 0 deletions
--- a/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_nmap.txt
+++ b/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_nmap.txt
@@ -0,0 +1,27 @@
+# Nmap 7.93 scan initiated Sat Oct 28 14:53:13 2023 as: nmap -vv --reason -Pn -T4 -sU -sV -p 53 "--script=banner,(dns* or ssl*) and not (brute or broadcast or dos or external or fuzzer)" -oN /home/simon/CTF/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_nmap.txt -oX /home/simon/CTF/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/xml/udp_53_dns_nmap.xml 10.129.243.131
+Nmap scan report for megacorp.htb (10.129.243.131)
+Host is up, received user-set (0.065s latency).
+Scanned at 2023-10-28 14:53:15 CEST for 36s
+
+PORT   STATE SERVICE REASON               VERSION
+53/udp open  domain  udp-response ttl 127 (generic dns response: SERVFAIL)
+| fingerprint-strings: 
+|   NBTStat: 
+|_    CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+|_dns-cache-snoop: 0 of 100 tested domains are cached.
+| dns-nsec-enum: 
+|_  No NSEC records found
+| dns-nsec3-enum: 
+|_  DNSSEC NSEC3 not supported
+1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
+SF-Port53-UDP:V=7.93%I=7%D=10/28%Time=653D044F%P=x86_64-pc-linux-gnu%r(NBT
+SF:Stat,32,"\x80\xf0\x80\x82\0\x01\0\0\0\0\0\0\x20CKAAAAAAAAAAAAAAAAAAAAAA
+SF:AAAAAAAA\0\0!\0\x01");
+
+Host script results:
+| dns-brute: 
+|_  DNS Brute-force hostnames: No results.
+
+Read data files from: /usr/bin/../share/nmap
+Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
+# Nmap done at Sat Oct 28 14:53:51 2023 -- 1 IP address (1 host up) scanned in 37.94 seconds
--- a/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_reverse-lookup.txt
+++ b/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_reverse-lookup.txt
@@ -0,0 +1,19 @@
+;; communications error to 10.129.243.131#53: timed out
+
+; <<>> DiG 9.18.11-2-Debian <<>> -p 53 -x 10.129.243.131 @10.129.243.131
+;; global options: +cmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35295
+;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
+
+;; OPT PSEUDOSECTION:
+; EDNS: version: 0, flags:; udp: 4000
+;; QUESTION SECTION:
+;131.243.129.10.in-addr.arpa.	IN	PTR
+
+;; Query time: 4543 msec
+;; SERVER: 10.129.243.131#53(10.129.243.131) (UDP)
+;; WHEN: Sat Oct 28 14:53:23 CEST 2023
+;; MSG SIZE  rcvd: 56
+
+
--- a/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_zone-transfer-domain.txt
+++ b/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_zone-transfer-domain.txt
@@ -0,0 +1,6 @@
+
+; <<>> DiG 9.18.11-2-Debian <<>> AXFR -p 53 @10.129.243.131 megacorp.htb
+; (1 server found)
+;; global options: +cmd
+; Transfer failed.
+
--- a/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_zone-transfer.txt
+++ b/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_zone-transfer.txt
@@ -0,0 +1,11 @@
+;; communications error to 10.129.243.131#53: timed out
+
+; <<>> DiG 9.18.11-2-Debian <<>> AXFR -p 53 @10.129.243.131
+; (1 server found)
+;; global options: +cmd
+;; Query time: 4127 msec
+;; SERVER: 10.129.243.131#53(10.129.243.131) (UDP)
+;; WHEN: Sat Oct 28 14:53:23 CEST 2023
+;; MSG SIZE  rcvd: 28
+
+
--- a/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dnsrecon_default.txt
+++ b/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dnsrecon_default.txt
@@ -0,0 +1,3 @@
+[*] std: Performing General Enumeration against: megacorp.htb...
+[-] Could not resolve domain: megacorp.htb
+
--- a/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_megacorp.htb_subdomains_subdomains-top1million-110000.txt
+++ b/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_megacorp.htb_subdomains_subdomains-top1million-110000.txt
--- a/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/xml/udp_53_dns_nmap.xml
+++ b/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/xml/udp_53_dns_nmap.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE nmaprun>
+<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
+<!-- Nmap 7.93 scan initiated Sat Oct 28 14:53:13 2023 as: nmap -vv -&#45;reason -Pn -T4 -sU -sV -p 53 &quot;-&#45;script=banner,(dns* or ssl*) and not (brute or broadcast or dos or external or fuzzer)&quot; -oN /home/simon/CTF/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_nmap.txt -oX /home/simon/CTF/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/xml/udp_53_dns_nmap.xml 10.129.243.131 -->
+<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sU -sV -p 53 &quot;-&#45;script=banner,(dns* or ssl*) and not (brute or broadcast or dos or external or fuzzer)&quot; -oN /home/simon/CTF/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/udp_53_dns_nmap.txt -oX /home/simon/CTF/LaokoonHaxorcist/fullpwn/results/10.129.243.131/scans/udp53/xml/udp_53_dns_nmap.xml 10.129.243.131" start="1698497593" startstr="Sat Oct 28 14:53:13 2023" version="7.93" xmloutputversion="1.05">
+<scaninfo type="udp" protocol="udp" numservices="1" services="53"/>
+<verbose level="2"/>
+<debugging level="0"/>
+<taskbegin task="NSE" time="1698497595"/>
+<taskend task="NSE" time="1698497595"/>
+<taskbegin task="NSE" time="1698497595"/>
+<taskend task="NSE" time="1698497595"/>
+<taskbegin task="NSE" time="1698497595"/>
+<taskend task="NSE" time="1698497595"/>
+<taskbegin task="UDP Scan" time="1698497595"/>
+<taskend task="UDP Scan" time="1698497595" extrainfo="1 total ports"/>
+<taskbegin task="Service scan" time="1698497595"/>
+<taskend task="Service scan" time="1698497615" extrainfo="1 service on 1 host"/>
+<taskbegin task="NSE" time="1698497615"/>
+<taskend task="NSE" time="1698497631"/>
+<taskbegin task="NSE" time="1698497631"/>
+<taskend task="NSE" time="1698497631"/>
+<taskbegin task="NSE" time="1698497631"/>
+<taskend task="NSE" time="1698497631"/>
+<host starttime="1698497595" endtime="1698497631"><status state="up" reason="user-set" reason_ttl="0"/>
+<address addr="10.129.243.131" addrtype="ipv4"/>
+<hostnames>
+<hostname name="megacorp.htb" type="PTR"/>
+</hostnames>
+<ports><port protocol="udp" portid="53"><state state="open" reason="udp-response" reason_ttl="127"/><service name="domain" extrainfo="generic dns response: SERVFAIL" servicefp="SF-Port53-UDP:V=7.93%I=7%D=10/28%Time=653D044F%P=x86_64-pc-linux-gnu%r(NBTStat,32,&quot;\x80\xf0\x80\x82\0\x01\0\0\0\0\0\0\x20CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\x01&quot;);" method="probed" conf="10"/><script id="fingerprint-strings" output="&#xa;  NBTStat: &#xa;    CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"><elem key="NBTStat">&#xa;    CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA</elem>
+</script><script id="dns-cache-snoop" output="0 of 100 tested domains are cached.&#xa;"/><script id="dns-nsec-enum" output="&#xa;  No NSEC records found&#xa;"/><script id="dns-nsec3-enum" output="&#xa;  DNSSEC NSEC3 not supported&#xa;"/></port>
+</ports>
+<hostscript><script id="dns-brute" output="&#xa;  DNS Brute-force hostnames: No results."><table key="DNS Brute-force hostnames">
+</table>
+</script></hostscript><times srtt="65039" rttvar="65039" to="325195"/>
+</host>
+<taskbegin task="NSE" time="1698497631"/>
+<taskend task="NSE" time="1698497631"/>
+<taskbegin task="NSE" time="1698497631"/>
+<taskend task="NSE" time="1698497631"/>
+<taskbegin task="NSE" time="1698497631"/>
+<taskend task="NSE" time="1698497631"/>
+<runstats><finished time="1698497631" timestr="Sat Oct 28 14:53:51 2023" summary="Nmap done at Sat Oct 28 14:53:51 2023; 1 IP address (1 host up) scanned in 37.94 seconds" elapsed="37.94" exit="success"/><hosts up="1" down="0" total="1"/>
+</runstats>
+</nmaprun>