Nmap
┌──(kali㉿kali)-[~/archive/htb/labs/nest]
└─$ nmap -Pn -sC -sV -p- $IP
starting nmap 7.93 ( https://nmap.org ) at 2022-10-11 21:23 CEST
stats: 0:03:36 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
service scan timing: About 50.00% done; ETC: 21:29 (0:01:52 remaining)
Nmap scan report for 10.10.10.178
Host is up (0.030s latency).
not shown: 65533 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
445/tcp open microsoft-ds?
host script results:
| smb2-time:
| date: 2022-10-11T19:28:00
|_ start_date: 2022-10-11T19:22:38
| smb2-security-mode:
| 210:
|_ Message signing enabled but not required
4386/tcp open unknown
| fingerprint-strings:
| dnsstatusrequesttcp, dnsversionbindreqtcp, kerberos, landesk-rc, ldapbindreq, ldapsearchreq, lpdstring, null, rpccheck, smbprogneg, sslsessionreq, tlssessionreq, terminalserver, terminalservercookie, x11probe:
| Reporting Service V1.2
| fourohfourrequest, genericlines, getrequest, httpoptions, rtsprequest, sipoptions:
| Reporting Service V1.2
| Unrecognised command
| help:
| Reporting Service V1.2
| This service allows users to run queries against databases using the legacy HQK format
| AVAILABLE COMMANDS ---
| LIST
| SETDIR <Directory_Name>
| RUNQUERY <Query_ID>
| DEBUG <Password>
|_ HELP <Command>
service detection performed. please report any incorrect results at https://nmap.org/submit/ .
nmap done: 1 IP address (1 host up) scanned in 303.26 secondsnmap discovered open ports of:
445: Microsoft Windows Directory Service (SMB)4386