Total OSCP Guide Payloads All The Things

Exploit

Host:

10.10.125.95

Nmap

PORT      STATE SERVICE            REASON          VERSION
80/tcp    open  http               syn-ack ttl 127 Microsoft IIS httpd 10.0
|_http-server-header: Microsoft-IIS/10.0
|_http-title: IIS Windows Server
| http-methods: 
|   Supported Methods: OPTIONS TRACE GET HEAD POST
|_  Potentially risky methods: TRACE
135/tcp   open  msrpc              syn-ack ttl 127 Microsoft Windows RPC
139/tcp   open  netbios-ssn        syn-ack ttl 127 Microsoft Windows netbios-ssn
445/tcp   open  microsoft-ds       syn-ack ttl 127 Windows Server 2016 Standard Evaluation 14393 microsoft-ds
3389/tcp  open  ssl/ms-wbt-server? syn-ack ttl 127
| rdp-ntlm-info: 
|   Target_Name: RELEVANT
|   NetBIOS_Domain_Name: RELEVANT
|   NetBIOS_Computer_Name: RELEVANT
|   DNS_Domain_Name: Relevant
|   DNS_Computer_Name: Relevant
|   Product_Version: 10.0.14393
|_  System_Time: 2024-08-17T11:05:55+00:00
| ssl-cert: Subject: commonName=Relevant
| Issuer: commonName=Relevant
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2024-08-16T10:53:38
| Not valid after:  2025-02-15T10:53:38
| MD5:   267d:e405:40f7:7b34:4093:228d:52d5:3046
| SHA-1: d33a:9c73:6e49:7ec2:3e0c:df57:d90e:0235:78b4:e5cf
| -----BEGIN CERTIFICATE-----
| MIIC1DCCAbygAwIBAgIQNRDCBA/QjY5FCwj7Ga2GojANBgkqhkiG9w0BAQsFADAT
| MREwDwYDVQQDEwhSZWxldmFudDAeFw0yNDA4MTYxMDUzMzhaFw0yNTAyMTUxMDUz
| MzhaMBMxETAPBgNVBAMTCFJlbGV2YW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
| MIIBCgKCAQEAt0nsev/7mgb7U/OczlmyoQ2aBSJTl5BuDlzDHQXRRFLWTwn/fJem
| d7SeGl5NFQIW+1mMcuwvHsC3SQGThSDW8NuVBhh1mWUPUUKpvja3u3CZP8gkC9FJ
| E7KKBRdrhPXCV6d5zS7hjKZbaSbO2JX145NVKn3BDVo9tRHqcOzFNrUn/gXAgso0
| zyPGDZ6JpNyH5DFprfFGuCJ4xrTWH1IyF/h0AUQPGVRSi9rjBkMb5YYrwH9urF3M
| Pg74J4w6rBkqYQ/bcmgX3requfKk53T1u9MsKfBJy1RzMTFdsJnmmOkGgTweLkt7
| AuBJEARbIu6qZiTKtcmG4TN2zMqS7DKEnwIDAQABoyQwIjATBgNVHSUEDDAKBggr
| BgEFBQcDATALBgNVHQ8EBAMCBDAwDQYJKoZIhvcNAQELBQADggEBADwmF67h9fix
| 9mazG1M8Bqf7vyeO7bsMpM2NY2ikWqNoAUwLg9Ffk9GaQjMM54Ox4pDWNOT/Oscf
| dEcfrFllsMM1O0v/lfjCUX+TocejK5BCz0DKDAXrOPTM1tA47UMZISTg03GbpcSg
| bEDjopjNSsyCBPJ+d4mLIuTpyygQItW+29WbIrS4oEkiubJ8GEohPyr6YmM2YVw1
| H73x1nxHBH1gVQEt1GuOmX0RO68eIDPKP03kNkAG0z7BKO8L1gjXfVQTQCQ1Ve2U
| l6Xntb9Wk8fWsML5JE6KQonegChp8h0ZZT0dunaz1PTPaf3LeBCiqENzLDyKvSe+
| uYD9Oc1GX+I=
|_-----END CERTIFICATE-----
|_ssl-date: 2024-08-17T11:06:32+00:00; -1s from scanner time.
49663/tcp open  http               syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-title: IIS Windows Server
|_http-server-header: Microsoft-IIS/10.0
| http-methods: 
|   Supported Methods: OPTIONS TRACE GET HEAD POST
|_  Potentially risky methods: TRACE
49667/tcp open  msrpc              syn-ack ttl 127 Microsoft Windows RPC
49670/tcp open  msrpc              syn-ack ttl 127 Microsoft Windows RPC

UDP?

Previous49663NextWeasel

Last updated