RustScan
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/clamav]
└─$ rustscan -a $IP
________________________________________
: http://discord.skerritt.blog :
: https://github.com/RustScan/RustScan :
--------------------------------------
RustScan: Where scanning meets swagging. 😎
[~] The config file is expected to be at "/home/kali/.rustscan.toml"
[~] Automatically increasing ulimit value to 10000.
Open 192.168.236.42:22
Open 192.168.236.42:25
Open 192.168.236.42:80
Open 192.168.236.42:139
Open 192.168.236.42:199
Open 192.168.236.42:445
Open 192.168.236.42:60000Nmap
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/clamav]
└─$ nmap -p- -sC -sV -T5 --min-parallelism 100 --max-parallelism 256 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-03-22 15:14 CET
Warning: 192.168.236.42 giving up on port because retransmission cap hit (2).
Nmap scan report for 192.168.236.42
Host is up (0.035s latency).
Not shown: 65241 closed tcp ports (reset), 287 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 3.8.1p1 Debian 8.sarge.6 (protocol 2.0)
| ssh-hostkey:
| 1024 30:3e:a4:13:5f:9a:32:c0:8e:46:eb:26:b3:5e:ee:6d (DSA)
|_ 1024 af:a2:49:3e:d8:f2:26:12:4a:a0:b5:ee:62:76:b0:18 (RSA)
25/tcp open smtp Sendmail 8.13.4/8.13.4/Debian-3sarge3
| smtp-commands: localhost.localdomain Hello [192.168.45.192], pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, EXPN, VERB, 8BITMIME, SIZE, DSN, ETRN, DELIVERBY, HELP
|_ 2.0.0 This is sendmail version 8.13.4 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation send email to 2.0.0 sendmail-bugs@sendmail.org. 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info
80/tcp open http Apache httpd 1.3.33 ((Debian GNU/Linux))
| http-methods:
|_ Potentially risky methods: TRACE
|_http-title: Ph33r
|_http-server-header: Apache/1.3.33 (Debian GNU/Linux)
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
199/tcp open smux Linux SNMP multiplexer
445/tcp open netbios-ssn Samba smbd 3.0.14a-Debian (workgroup: WORKGROUP)
60000/tcp open ssh OpenSSH 3.8.1p1 Debian 8.sarge.6 (protocol 2.0)
| ssh-hostkey:
| 1024 30:3e:a4:13:5f:9a:32:c0:8e:46:eb:26:b3:5e:ee:6d (DSA)
|_ 1024 af:a2:49:3e:d8:f2:26:12:4a:a0:b5:ee:62:76:b0:18 (RSA)
Service Info: Host: localhost.localdomain; OSs: Linux, Unix; CPE: cpe:/o:linux:linux_kernel
Host script results:
|_nbstat: NetBIOS name: 0XBABE, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
| smb-os-discovery:
| OS: Unix (Samba 3.0.14a-Debian)
| NetBIOS computer name:
| Workgroup: WORKGROUP\x00
|_ System time: 2025-03-22T14:14:49-04:00
| smb-security-mode:
| account_used: guest
| authentication_level: share (dangerous)
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
|_smb2-time: Protocol negotiation failed (SMB2)
|_clock-skew: mean: 5h59m54s, deviation: 2h49m43s, median: 3h59m53s
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 62.30 secondsThe target system appears to be Debian
UDP
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/clamav]
└─$ sudo nmap -sU -Pn -top-ports 1000 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-03-22 15:14 CET
Nmap scan report for 192.168.236.42
Host is up (0.024s latency).
Not shown: 997 closed udp ports (port-unreach)
PORT STATE SERVICE
137/udp open netbios-ns
138/udp open|filtered netbios-dgm
161/udp open snmp
Nmap done: 1 IP address (1 host up) scanned in 1038.58 seconds