RustScan
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/snookums]
└─$ rustscan -a $IP
________________________________________
: http://discord.skerritt.blog :
: https://github.com/RustScan/RustScan :
--------------------------------------
RustScan: Where scanning meets swagging. 😎
[~] The config file is expected to be at "/home/kali/.rustscan.toml"
[~] Automatically increasing ulimit value to 10000.
Open 192.168.132.58:21
Open 192.168.132.58:22
Open 192.168.132.58:80
Open 192.168.132.58:111
Open 192.168.132.58:139
Open 192.168.132.58:445
Open 192.168.132.58:3306
Open 192.168.132.58:33060Nmap
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/snookums]
└─$ nmap -p- -sC -sV -T5 --min-parallelism 100 --max-parallelism 256 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-03-23 20:50 CET
Nmap scan report for 192.168.132.58
Host is up (0.029s latency).
Not shown: 65527 filtered tcp ports (no-response)
PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 3.0.2
| ftp-syst:
| STAT:
| FTP server status:
| Connected to ::ffff:192.168.45.192
| Logged in as ftp
| TYPE: ASCII
| No session bandwidth limit
| Session timeout in seconds is 300
| Control connection is plain text
| Data connections will be plain text
| At session startup, client count was 1
| vsFTPd 3.0.2 - secure, fast, stable
|_End of status
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
|_Cant get directory listing: TIMEOUT
22/tcp open ssh OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey:
| 2048 4a:79:67:12:c7:ec:13:3a:96:bd:d3:b4:7c:f3:95:15 (RSA)
| 256 a8:a3:a7:88:cf:37:27:b5:4d:45:13:79:db:d2:ba:cb (ECDSA)
|_ 256 f2:07:13:19:1f:29:de:19:48:7c:db:45:99:f9:cd:3e (ED25519)
80/tcp open http Apache httpd 2.4.6 ((CentOS) PHP/5.4.16)
|_http-server-header: Apache/2.4.6 (CentOS) PHP/5.4.16
|_http-title: Simple PHP Photo Gallery
111/tcp open rpcbind 2-4 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2,3,4 111/tcp rpcbind
| 100000 2,3,4 111/udp rpcbind
| 100000 3,4 111/tcp6 rpcbind
|_ 100000 3,4 111/udp6 rpcbind
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: SAMBA)
445/tcp open netbios-ssn Samba smbd 4.10.4 (workgroup: SAMBA)
3306/tcp open mysql MySQL (unauthorized)
33060/tcp open mysqlx MySQL X protocol listener
Service Info: Host: SNOOKUMS; OS: Unix
Host script results:
| smb2-time:
| date: 2025-03-23T19:51:36
|_ start_date: N/A
| smb-security-mode:
| account_used: <blank>
| authentication_level: user
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
| smb2-security-mode:
| 3:1:1:
|_ Message signing enabled but not required
| smb-os-discovery:
| OS: Windows 6.1 (Samba 4.10.4)
| Computer name: snookums
| NetBIOS computer name: SNOOKUMS\x00
| Domain name: \x00
| FQDN: snookums
|_ System time: 2025-03-23T15:51:37-04:00
|_clock-skew: mean: 1h19m59s, deviation: 2h18m36s, median: -2s
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 107.30 secondsThe target system appears to be CentOS
The hostname is SNOOKUMS
UDP
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/snookums]
└─$ sudo nmap -sU --top-ports 1000 $IP
Starting Nmap 7.95 ( https://nmap.org ) at 2025-03-23 20:50 CET
Nmap scan report for 192.168.132.58
Host is up (0.023s latency).
All 1000 scanned ports on 192.168.132.58 are in ignored states.
Not shown: 1000 open|filtered udp ports (no-response)
Nmap done: 1 IP address (1 host up) scanned in 24.79 seconds