IP: 10.129.26.84
sudo nmap -Pn -sC -sV --script=vuln -p 22,80,8338,55555 -oN Full_TCP_Scan 10.129.26.84
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| vulners:
| cpe:/a:openbsd:openssh:8.2p1:
| CVE-2020-15778 6.8 <https://vulners.com/cve/CVE-2020-15778>
| C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3 6.8 <https://vulners.com/githubexploit/C94132FD-1FA5-5342-B6EE-0DAF45EEFFE3> *EXPLOIT*
| 10213DBE-F683-58BB-B6D3-353173626207 6.8 <https://vulners.com/githubexploit/10213DBE-F683-58BB-B6D3-353173626207> *EXPLOIT*
| CVE-2020-12062 5.0 <https://vulners.com/cve/CVE-2020-12062>
| CVE-2021-28041 4.6 <https://vulners.com/cve/CVE-2021-28041>
| CVE-2021-41617 4.4 <https://vulners.com/cve/CVE-2021-41617>
| CVE-2020-14145 4.3 <https://vulners.com/cve/CVE-2020-14145>
| CVE-2016-20012 4.3 <https://vulners.com/cve/CVE-2016-20012>
|_ CVE-2021-36368 2.6 <https://vulners.com/cve/CVE-2021-36368>
80/tcp filtered http
8338/tcp filtered unknown
55555/tcp open unknown
| fingerprint-strings:
| FourOhFourRequest:
| HTTP/1.0 400 Bad Request
| Content-Type: text/plain; charset=utf-8
| X-Content-Type-Options: nosniff
| Date: Sun, 09 Jul 2023 10:39:45 GMT
| Content-Length: 75
| invalid basket name; the name does not match pattern: ^[wd-_\\.]{1,250}$
| GenericLines, Help, Kerberos, LDAPSearchReq, LPDString, RTSPRequest, SSLSessionReq, TLSSessionReq, TerminalServerCookie:
| HTTP/1.1 400 Bad Request
| Content-Type: text/plain; charset=utf-8
| Connection: close
| Request
| GetRequest:
| HTTP/1.0 302 Found
| Content-Type: text/html; charset=utf-8
| Location: /web
| Date: Sun, 09 Jul 2023 10:39:16 GMT
| Content-Length: 27
| href="/web">Found</a>.
| HTTPOptions:
| HTTP/1.0 200 OK
| Allow: GET, OPTIONS
| Date: Sun, 09 Jul 2023 10:39:16 GMT
|_ Content-Length: 0
https://github.com/darklynx/request-baskets
https://nvd.nist.gov/vuln/detail/CVE-2023-27163
https://huntr.dev/bounties/be3c5204-fbd9-448d-b97c-96a8d2941e87/
https://reverse-shell.sh/ip_vpn_:443
