Total OSCP Guide Payloads All The Things

Exploit

Host:

10.10.36.87

Nmap

PORT      STATE SERVICE       REASON          VERSION
80/tcp    open  http          syn-ack ttl 127 Apache httpd 2.4.46 ((Win64) OpenSSL/1.1.1g PHP/7.4.10)
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-title: Year of the Owl
|_http-server-header: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.4.10
139/tcp   open  netbios-ssn   syn-ack ttl 127 Microsoft Windows netbios-ssn
443/tcp   open  ssl/http      syn-ack ttl 127 Apache httpd 2.4.46 ((Win64) OpenSSL/1.1.1g PHP/7.4.10)
| tls-alpn: 
|_  http/1.1
|_ssl-date: TLS randomness does not represent time
|_http-server-header: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.4.10
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-title: Year of the Owl
| ssl-cert: Subject: commonName=localhost
| Issuer: commonName=localhost
| Public Key type: rsa
| Public Key bits: 1024
| Signature Algorithm: sha1WithRSAEncryption
| Not valid before: 2009-11-10T23:48:47
| Not valid after:  2019-11-08T23:48:47
| MD5:   a0a4:4cc9:9e84:b26f:9e63:9f9e:d229:dee0
| SHA-1: b023:8c54:7a90:5bfa:119c:4e8b:acca:eacf:3649:1ff6
| -----BEGIN CERTIFICATE-----
| MIIBnzCCAQgCCQC1x1LJh4G1AzANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwls
| b2NhbGhvc3QwHhcNMDkxMTEwMjM0ODQ3WhcNMTkxMTA4MjM0ODQ3WjAUMRIwEAYD
| VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMEl0yfj
| 7K0Ng2pt51+adRAj4pCdoGOVjx1BmljVnGOMW3OGkHnMw9ajibh1vB6UfHxu463o
| J1wLxgxq+Q8y/rPEehAjBCspKNSq+bMvZhD4p8HNYMRrKFfjZzv3ns1IItw46kgT
| gDpAl1cMRzVGPXFimu5TnWMOZ3ooyaQ0/xntAgMBAAEwDQYJKoZIhvcNAQEFBQAD
| gYEAavHzSWz5umhfb/MnBMa5DL2VNzS+9whmmpsDGEG+uR0kM1W2GQIdVHHJTyFd
| aHXzgVJBQcWTwhp84nvHSiQTDBSaT6cQNQpvag/TaED/SEQpm0VqDFwpfFYuufBL
| vVNbLkKxbK2XwUvu0RxoLdBMC/89HqrZ0ppiONuQ+X2MtxE=
|_-----END CERTIFICATE-----
445/tcp   open  microsoft-ds? syn-ack ttl 127
3306/tcp  open  mysql?        syn-ack ttl 127
| mysql-info: 
|_  MySQL Error: Host 'ip-10-23-10-19.eu-west-1.compute.internal' is not allowed to connect to this MariaDB server
| fingerprint-strings: 
|   GenericLines, NULL, WMSRequest, piholeVersion: 
|_    Host 'ip-10-23-10-19.eu-west-1.compute.internal' is not allowed to connect to this MariaDB server
3389/tcp  open  ms-wbt-server syn-ack ttl 127 Microsoft Terminal Services
|_ssl-date: 2024-08-17T04:58:13+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=year-of-the-owl
| Issuer: commonName=year-of-the-owl
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2024-08-16T04:50:39
| Not valid after:  2025-02-15T04:50:39
| MD5:   a712:1e26:f0ed:e53f:c26e:1373:571e:0b2e
| SHA-1: 9c68:e4a0:e8a1:00b0:e76c:5c99:663d:d5da:134a:5e8f
| -----BEGIN CERTIFICATE-----
| MIIC4jCCAcqgAwIBAgIQSzBHvE2zAIhJuBwbfBPjhDANBgkqhkiG9w0BAQsFADAa
| MRgwFgYDVQQDEw95ZWFyLW9mLXRoZS1vd2wwHhcNMjQwODE2MDQ1MDM5WhcNMjUw
| MjE1MDQ1MDM5WjAaMRgwFgYDVQQDEw95ZWFyLW9mLXRoZS1vd2wwggEiMA0GCSqG
| SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzr2896NhKSjx6YhK4I4xr76x5JYLNP2je
| f5yr8Bcv2ZeFxBd7hYnsx9GoOIPVwnbZO1kMijXKplv8KpW4Pkly5+Py1yEM1rJ3
| sEFGxTQYlAFxmQn4nOGo9OIzVljxYRYFvZb2NkE7IGWKrmKD0nkl67MYZvDQ58z1
| WaUcKcK4XPEVtilRRdpcEGGegCTcDm84uP34NfifHwxi54h6m+pogeECrDEDhEpH
| MhP0b0bmEJJCZfehE1KlZB5R4u+4DyF0UviUcI/bLNY0lBsdZcanpHzMqP1VN/p4
| o+Vx/ACoE+PPwxAPZ486tCja4abeEx2s6/ysWkRXgZd7K+EFeiDBAgMBAAGjJDAi
| MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIEMDANBgkqhkiG9w0BAQsF
| AAOCAQEApMI5UzEVrgm+x/E8APEDVKuuMpK6gHEcXm8hEAN7m2KkQOPsM9+m0OJn
| DhK89pVfdQ/pI9VFJbScdJVYRsKRRVNdUlRDu47GTpvgRm9/kihQ7vzR+dGYwjIO
| be5LdQKW5hoV4OPVY3iyei27ur+cSEoZ4Mu6Wub4+5OQst0h/QdIuTKQlaetqKJd
| tERWQwkCuCwqCQgjL1NMUNxaNxHOvdQ7jN12IUl60uMQY8yns3Bj85JD8B2pQhnd
| u4ts5jsM0IfO76yWZ05DivAGaptvmrQIoB+bstSvPOSZFlAt3zIKBC7SLpNK8+BY
| nOcEs6hhn0pcL4ciVhwktDyyCzCKNQ==
|_-----END CERTIFICATE-----
| rdp-ntlm-info: 
|   Target_Name: YEAR-OF-THE-OWL
|   NetBIOS_Domain_Name: YEAR-OF-THE-OWL
|   NetBIOS_Computer_Name: YEAR-OF-THE-OWL
|   DNS_Domain_Name: year-of-the-owl
|   DNS_Computer_Name: year-of-the-owl
|   Product_Version: 10.0.17763
|_  System_Time: 2024-08-17T04:57:34+00:00
5985/tcp  open  http          syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-title: Not Found
|_http-server-header: Microsoft-HTTPAPI/2.0
47001/tcp open  http          syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-title: Not Found
|_http-server-header: Microsoft-HTTPAPI/2.0
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint

UDP

Previous5985NextVuln Lab

Last updated