Profile
rustscan -a steamcloud.htb -- -sC -sV
Found 7 ports
.----. .-. .-. .----..---. .----. .---. .--. .-. .-.
| {} }| { } |{ {__ {_ _}{ {__ / ___} / {} \\ | `| |
| .-. \\| {_} |.-._} } | | .-._} }\\ }/ /\\ \\| |\\ |
`-' `-'`-----'`----' `-' `----' `---' `-' `-'`-' `-'
The Modern Day Port Scanner.
________________________________________
: <https://discord.gg/GFrQsGy> :
: <https://github.com/RustScan/RustScan> :
--------------------------------------
Real hackers hack time ⌛
[~] The config file is expected to be at "/home/ezio/.rustscan.toml"
[!] File limit is lower than default batch size. Consider upping with --ulimit. May cause harm to sensitive servers
[!] Your file limit is very small, which negatively impacts RustScan's speed. Use the Docker image, or up the Ulimit with '--ulimit 5000'.
Open 10.10.11.133:22
Open 10.10.11.133:2379
Open 10.10.11.133:2380
Open 10.10.11.133:8443
Open 10.10.11.133:10249
Open 10.10.11.133:10250
Open 10.10.11.133:10256
[~] Starting Script(s)
[>] Script to be run Some("nmap -vvv -p {{port}} {{ip}}")
[~] Starting Nmap 7.92 ( <https://nmap.org> ) at 2022-02-24 18:26 GMT
NSE: Loaded 155 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 3) scan.
Initiating NSE at 18:26
Completed NSE at 18:26, 0.00s elapsed
NSE: Starting runlevel 2 (of 3) scan.
Initiating NSE at 18:26
Completed NSE at 18:26, 0.00s elapsed
NSE: Starting runlevel 3 (of 3) scan.
Initiating NSE at 18:26
Completed NSE at 18:26, 0.00s elapsed
Initiating Ping Scan at 18:26
Scanning 10.10.11.133 [2 ports]
Completed Ping Scan at 18:26, 0.27s elapsed (1 total hosts)
Initiating Connect Scan at 18:26
Scanning steamcloud.htb (10.10.11.133) [7 ports]
Discovered open port 22/tcp on 10.10.11.133
Discovered open port 8443/tcp on 10.10.11.133
Discovered open port 10249/tcp on 10.10.11.133
Discovered open port 10256/tcp on 10.10.11.133
Discovered open port 2379/tcp on 10.10.11.133
Discovered open port 10250/tcp on 10.10.11.133
Discovered open port 2380/tcp on 10.10.11.133
Completed Connect Scan at 18:26, 0.23s elapsed (7 total ports)
Initiating Service scan at 18:26
Scanning 7 services on steamcloud.htb (10.10.11.133)
Completed Service scan at 18:28, 109.47s elapsed (7 services on 1 host)
NSE: Script scanning 10.10.11.133.
NSE: Starting runlevel 1 (of 3) scan.
Initiating NSE at 18:28
Completed NSE at 18:28, 8.86s elapsed
NSE: Starting runlevel 2 (of 3) scan.
Initiating NSE at 18:28
Completed NSE at 18:28, 2.21s elapsed
NSE: Starting runlevel 3 (of 3) scan.
Initiating NSE at 18:28
Completed NSE at 18:28, 0.00s elapsed
Nmap scan report for steamcloud.htb (10.10.11.133)
Host is up, received conn-refused (0.24s latency).
Scanned at 2022-02-24 18:26:44 GMT for 120s
PORT STATE SERVICE REASON VERSION
22/tcp open ssh syn-ack OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey:
| 2048 fc:fb:90:ee:7c:73:a1:d4:bf:87:f8:71:e8:44:c6:3c (RSA)
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu4TNCZjLe74tZ0HyspkMaghndsvuXkZJa4lJBt9arqgkm6u2HI/RRdwbjE14au2u/YF89y23Q55iOGraA+9JjpyTzDPo3kxE/RisYzJaUDmzza+hqEeyTxXkZby9+DAhKm5UXs7M2CMDr3cwOPPQ96u/zUX0gDG3CfYw4fAi2TDGa6jU5KmGzIQz6SQR3Bv6IYLDwzNJ0nHNZ3jxSbFS3SsmTwK749GJLrv62wAf4uUL/Ihynl8cCG5aor6T0Fk44v/9ndfujznBvWaMYVPpf9B49XlD7OhXB5pCK2nPZrdze+ch6yhAM/vYrYA4sNk3IuFG3OCrDkVeUJn5sJKx5
| 256 46:83:2b:1b:01:db:71:64:6a:3e:27:cb:53:6f:81:a1 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHVj7iKnl8SWdGz6J4F3kvpZjM1Tim0iHlUnQByS8xJYnfwttLxVwGb+aaGbRhOJu4mq9y4crwFh50rC9mAEHWo=
| 256 1d:8d:d3:41:f3:ff:a4:37:e8:ac:78:08:89:c2:e3:c5 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXIZpU9XbtZ2zvx8rFEYTfGp+8JCJx5lSiRNEcqUFG8
2379/tcp open ssl/etcd-client? syn-ack
|_ssl-date: TLS randomness does not represent time
| ssl-cert: Subject: commonName=steamcloud
| Subject Alternative Name: DNS:localhost, DNS:steamcloud, IP Address:10.10.11.133, IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1
| Issuer: commonName=etcd-ca
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2022-02-24T10:00:18
| Not valid after: 2023-02-24T10:00:18
| MD5: f0f6 932f f57b 751f 3788 2465 e291 7297
| SHA-1: 50bc e570 82ad f013 65a2 d66a d717 bd8f c4ba 6ac5
| -----BEGIN CERTIFICATE-----
| MIIDSzCCAjOgAwIBAgIIF/UDTwh9K4gwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UE
| AxMHZXRjZC1jYTAeFw0yMjAyMjQxMDAwMThaFw0yMzAyMjQxMDAwMThaMBUxEzAR
| BgNVBAMTCnN0ZWFtY2xvdWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
| AQCnl1I7IwuDMOTDh/F99r5MBr6wLofSFcF26E6akYnKogV9MdsyfS7QXJQe1DEG
| BvuUbkab8bG1Po5hTds00IoqN/K+RtPN1Lv3A6wzdKpbom0/vl5FTjlETd7xd0d9
| 9artyj5LzShf58h7kMLHpo36lcq3YuGmz5qWXFJLIFSx0uNNDBL7y3S8qA0rxDrm
| QrbLKwy6+1JMVw5JFBhxyPeZRjc3OVsjP77dQeFJIB7C/IODVUoA66wy3/ytzmas
| V6ENb3ImyIfXQrkDQg+oQpsggN9FNg3c1AUutXWIhaFabrbdLEVsSvDpgEAVKZy7
| jUtSbvt17rL90n38QjJR/8lBAgMBAAGjgaEwgZ4wDgYDVR0PAQH/BAQDAgWgMB0G
| A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1Ud
| IwQYMBaAFKrGOUNDuY5y+kTG5Aesd3GHMoynMD4GA1UdEQQ3MDWCCWxvY2FsaG9z
| dIIKc3RlYW1jbG91ZIcECgoLhYcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATANBgkq
| hkiG9w0BAQsFAAOCAQEAB3VVDEF0TB6KXttqOYEQc4Vmv6zmdiwo90/2TaYODmGO
| zEvn1HL7KHigPy2sSTgW4kLsG77h2T+cdBx9E2WcDwYzhxzEUgeTbET/3ZE8CZW3
| LMJZjefg7Eb64Hh1LK2mxM4ZfD+HycjCxDjzvHepDRJRhb0E4Ruq0mc82Fdl4gld
| hhqaX2OfPcOsfSTmPCdudQ1wECPwIFebZM35SoVlRw/tGjqqGWuZX5yAnERKNzvG
| HidK0VLxbpGzpKY3dgEd3cEFLQWUj1nUtUvK57z+JIlf+sX6rcoakqE/ebONsanf
| AbOc+NAQ0UDAbK4xfESRdrTzFKQf40x/6J1xkAnmpw==
|_-----END CERTIFICATE-----
| tls-alpn:
|_ h2
2380/tcp open ssl/etcd-server? syn-ack
| ssl-cert: Subject: commonName=steamcloud
| Subject Alternative Name: DNS:localhost, DNS:steamcloud, IP Address:10.10.11.133, IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1
| Issuer: commonName=etcd-ca
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2022-02-24T10:00:18
| Not valid after: 2023-02-24T10:00:19
| MD5: 90f1 8a0e 1329 2de8 cc0a bf22 0deb e77e
| SHA-1: 7ed6 af6e a836 0e54 e7d3 f41f 47e6 9e45 a22f e2c1
| -----BEGIN CERTIFICATE-----
| MIIDSzCCAjOgAwIBAgIIIev/PIiE0eYwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UE
| AxMHZXRjZC1jYTAeFw0yMjAyMjQxMDAwMThaFw0yMzAyMjQxMDAwMTlaMBUxEzAR
| BgNVBAMTCnN0ZWFtY2xvdWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
| AQDEPV6J1o8ibccZjouDoG46ZAg2T3YwZdF8ocT3z9dEMaAqZ0qo8uDzQPOq8rPR
| xg4vU0QEM+KCAxaR0X0e5joDhiIsnpCK9oX1KXSt32nssOQqhclT8Y/POdIR8FSe
| t0ChhRdm+98aDeEYely1Fbf6/1YnywMo+Ddg3oCKmnZ7mfzX8L38RhLmFkVapvc8
| nA7q2usxxQfqLGGRaHSFvBAtWsEt5lkvvHqhAQGjH3A3okYgN7DrwOXYP7m685Bn
| QatgwtJ4igpxHMX0VvU6UbTbqGR13qp5vvOk950G+mkCfynQMr83MJX+vuGsDYXG
| rd7HkGmosCA76WOQ8jtEtiotAgMBAAGjgaEwgZ4wDgYDVR0PAQH/BAQDAgWgMB0G
| A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1Ud
| IwQYMBaAFKrGOUNDuY5y+kTG5Aesd3GHMoynMD4GA1UdEQQ3MDWCCWxvY2FsaG9z
| dIIKc3RlYW1jbG91ZIcECgoLhYcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATANBgkq
| hkiG9w0BAQsFAAOCAQEAGoZHJRWchLDwvYf3GK0DO7PXWca3P0zWoox2Sp4C4JmM
| sMR3TdiN/cdhTdsm6ypjnryi3MV3R+qO9uTo5DoK0KOca66DAj3reYDf0qqluNbL
| tf04sv2ZXuB0IE4Twd0sVpr8ZJHvkir4NEJW8ePCuzK/1jIxvS5zq9NE3j+tDKE7
| 8FVVsQ57juMDXVNPiRHRbZyfZ0KkcX5NM0OzaybMNhLznPOm2HsY2k4JS2RvV950
| kSlC7WiwpaFkMJBVxw9suYw3sB1PlHbOlmZAL3LAQmVrfFE7riWd/E9RVvJgtHtb
| mXEw6OWlavDZl2rIy9v9MvHl5zPv+blokk3YRAo3QQ==
|_-----END CERTIFICATE-----
|_ssl-date: TLS randomness does not represent time
| tls-alpn:
|_ h2
8443/tcp open ssl/https-alt syn-ack
| fingerprint-strings:
| FourOhFourRequest:
| HTTP/1.0 403 Forbidden
| Audit-Id: a46735f2-ecf0-44e0-a5f1-2dbf23c16cd8
| Cache-Control: no-cache, private
| Content-Type: application/json
| X-Content-Type-Options: nosniff
| X-Kubernetes-Pf-Flowschema-Uid: d63dace0-363f-4687-ac2c-2b7eef876cc1
| X-Kubernetes-Pf-Prioritylevel-Uid: 1610c0d9-d53e-4ebc-ad0e-f077ba8aa242
| Date: Thu, 24 Feb 2022 18:44:42 GMT
| Content-Length: 212
| {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User "system:anonymous" cannot get path "/nice ports,/Trinity.txt.bak"","reason":"Forbidden","details":{},"code":403}
| GenericLines, Help, RTSPRequest, SSLSessionReq:
| HTTP/1.1 400 Bad Request
| Content-Type: text/plain; charset=utf-8
| Connection: close
| Request
| GetRequest:
| HTTP/1.0 403 Forbidden
| Audit-Id: 2f9d44a6-248a-4843-aa59-3f3abe62287f
| Cache-Control: no-cache, private
| Content-Type: application/json
| X-Content-Type-Options: nosniff
| X-Kubernetes-Pf-Flowschema-Uid: d63dace0-363f-4687-ac2c-2b7eef876cc1
| X-Kubernetes-Pf-Prioritylevel-Uid: 1610c0d9-d53e-4ebc-ad0e-f077ba8aa242
| Date: Thu, 24 Feb 2022 18:44:40 GMT
| Content-Length: 185
|_ {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User "system:anonymous" cannot get path "/"","reason":"Forbidden","details":{},"code":403}
|_http-title: Site doesn't have a title (application/json).
|_ssl-date: TLS randomness does not represent time
| tls-alpn:
| h2
|_ http/1.1
| ssl-cert: Subject: commonName=minikube/organizationName=system:masters
| Subject Alternative Name: DNS:minikubeCA, DNS:control-plane.minikube.internal, DNS:kubernetes.default.svc.cluster.local, DNS:kubernetes.default.svc, DNS:kubernetes.default, DNS:kubernetes, DNS:localhost, IP Address:10.10.11.133, IP Address:10.96.0.1, IP Address:127.0.0.1, IP Address:10.0.0.1
| Issuer: commonName=minikubeCA
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2022-02-23T10:00:16
| Not valid after: 2025-02-23T10:00:16
| MD5: 3e37 34c8 cf74 2716 c512 b97e 48b2 8821
| SHA-1: f710 66bb 723d 2bb7 ee41 da40 35bd 4687 c66c f0fd
| -----BEGIN CERTIFICATE-----
| MIID3DCCAsSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwptaW5p
| a3ViZUNBMB4XDTIyMDIyMzEwMDAxNloXDTI1MDIyMzEwMDAxNlowLDEXMBUGA1UE
| ChMOc3lzdGVtOm1hc3RlcnMxETAPBgNVBAMTCG1pbmlrdWJlMIIBIjANBgkqhkiG
| 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qtVYZMnZqrjlY4dtUcQviqfakQp40qxOTi4
| hbNvByev51cS1vHq5cb2vYKWcG7y+x4IkJ07sZZ6zW8vAVvckpQ3QnAJB/a9gVmv
| TVpeS+6UrgEKnWWoe9AEa8Sld5567ACJ6JMe1YPSePuifeBVHsA7yC3SNZ2gKWSw
| XcAFu0akFZzYhgEV2TLbBb4pkhaM1TAR1my/TQKtuJjBll34tYGZI2p694ay0lx1
| H6GIRZ0xfMCQrRcJjxESGwo/rrK5gqwaPJvCqnnAlMka5jvHPn+/PXtIQTXUMe3+
| 5NAmiJOiHT1u+AAjptClcbhd6pUpuLc+uvdxsSgVCF6kU5DfGwIDAQABo4IBHjCC
| ARowDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
| AjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFKlEoIQptW1GxgQZHDJpV6icF0wK
| MIG5BgNVHREEgbEwga6CCm1pbmlrdWJlQ0GCH2NvbnRyb2wtcGxhbmUubWluaWt1
| YmUuaW50ZXJuYWyCJGt1YmVybmV0ZXMuZGVmYXVsdC5zdmMuY2x1c3Rlci5sb2Nh
| bIIWa3ViZXJuZXRlcy5kZWZhdWx0LnN2Y4ISa3ViZXJuZXRlcy5kZWZhdWx0ggpr
| dWJlcm5ldGVzgglsb2NhbGhvc3SHBAoKC4WHBApgAAGHBH8AAAGHBAoAAAEwDQYJ
| KoZIhvcNAQELBQADggEBALcgyMuUdi/AjZKlGi0OILaHL8Pbrf3avvBQ0l3BdGmb
| 6qeUCbydGTBqYAoOxjUjnS38obf1ufx5WPZBXJCLVEVev8MBR9bqWyFvqiwIaTAl
| HYtyF/x8BHyX29HafknSQYVpwFMJATn4MUVyRssRoPmjKKti8z0/rl2P4lDOnyRq
| skKHzXFxZ82GiadrtZf3RbdApUBoksFTIqlbdwuAqLAVzHuE1TCLQdFeeySidQZt
| AyW22YG9rWiVVuO1EEVP+LmUz2PuobinUfOQa/WdPjVFBrfg9EcrxY4xpwBflo8y
| rW/HNNYNuN7MTAzd5nECPdliizhnwTHH9l+jrj52WI4=
|_-----END CERTIFICATE-----
10249/tcp open http syn-ack Golang net/http server (Go-IPFS json-rpc or InfluxDB API)
|_http-title: Site doesn't have a title (text/plain; charset=utf-8).
10250/tcp open ssl/http syn-ack Golang net/http server (Go-IPFS json-rpc or InfluxDB API)
|_http-title: Site doesn't have a title (text/plain; charset=utf-8).
| http-methods:
|_ Supported Methods: OPTIONS
| ssl-cert: Subject: commonName=steamcloud@1645696822
| Subject Alternative Name: DNS:steamcloud
| Issuer: commonName=steamcloud-ca@1645696821
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2022-02-24T09:00:20
| Not valid after: 2023-02-24T09:00:20
| MD5: 75e0 0876 1332 2870 88c8 1c25 0779 3baf
| SHA-1: 1e7a 4be8 bc35 eaa4 022f aac5 1d9a 8d26 b274 fa91
| -----BEGIN CERTIFICATE-----
| MIIDKzCCAhOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQDDBhzdGVh
| bWNsb3VkLWNhQDE2NDU2OTY4MjEwHhcNMjIwMjI0MDkwMDIwWhcNMjMwMjI0MDkw
| MDIwWjAgMR4wHAYDVQQDDBVzdGVhbWNsb3VkQDE2NDU2OTY4MjIwggEiMA0GCSqG
| SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz5YOGyVTrFBO3YningUYTVbjYrPdXp/JS
| YHk19SlzkN4/iFXSu9eeJ1bFPCH0U4ZyUjKe60stUj07k9aTTK2N85LotlVGymYg
| QJjTP4WKk+m0fCDPnMYVG29M9zh89nFHbo5wsT+vebVpM/cF0wJvJetJoesPO+cb
| eX7/E5BansufQ5xWXcXy0u9gomm977Wd7NpIAotlmL1dQtss/RD7CEA8LKC/rtuL
| XGy/8YpP/bIvyek1XGiI5Raj6MfQ/afYcaSgYKpvwFeny/0GjPdmf8nwjoON4F5i
| T97HH10jBdwyf8GwdW5tidaDO3rP08NaIsQjdPjT/LtYHzkoXIEfAgMBAAGjbTBr
| MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8E
| AjAAMB8GA1UdIwQYMBaAFE5aV/DCKe0E/coM/0v/VFFKTkBAMBUGA1UdEQQOMAyC
| CnN0ZWFtY2xvdWQwDQYJKoZIhvcNAQELBQADggEBADaLRJH7DMnxocvgrrsDdAPK
| 8yIgVCdT7NeabIqr8rhhclthiVhVMBsUGcvHSLs05ak+A875Mhx+yvtK+8kJ68Zs
| CPOZ8Ht/1fYrX2/gxuYMkDGOTjJJMdSFW+DFqRfYX560kdTsk82eLlhAGFEbMiVK
| sEqqRlwTuVFaveolIOhD64859GUafHYeA1frQTy0YqrtDUoB0ADnBelFKIWJ23a0
| rTgzcJBZZrDmlo3fTZv60iuxGg8GSc3TTEwJhO+pEmPYu8WEcbAULlXOjYStQ0Ky
| 7Ag5n7oWTYw6rxMwQJzhFkZ/J4RXE8fkw1cJ8Pj0jOfrPyCEJAWrLvnopS8tl70=
|_-----END CERTIFICATE-----
| tls-alpn:
| h2
|_ http/1.1
|_ssl-date: TLS randomness does not represent time
10256/tcp open http syn-ack Golang net/http server (Go-IPFS json-rpc or InfluxDB API)
|_http-title: Site doesn't have a title (text/plain; charset=utf-8).
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at <https://nmap.org/cgi-bin/submit.cgi?new-service> :
SF-Port8443-TCP:V=7.92%T=SSL%I=7%D=2/24%Time=6217CDF1%P=x86_64-pc-linux-gn
SF:u%r(GetRequest,22F,"HTTP/1\\.0\\x20403\\x20Forbidden\\r\\nAudit-Id:\\x202f9d4
SF:4a6-248a-4843-aa59-3f3abe62287f\\r\\nCache-Control:\\x20no-cache,\\x20priva
SF:te\\r\\nContent-Type:\\x20application/json\\r\\nX-Content-Type-Options:\\x20n
SF:osniff\\r\\nX-Kubernetes-Pf-Flowschema-Uid:\\x20d63dace0-363f-4687-ac2c-2b
SF:7eef876cc1\\r\\nX-Kubernetes-Pf-Prioritylevel-Uid:\\x201610c0d9-d53e-4ebc-
SF:ad0e-f077ba8aa242\\r\\nDate:\\x20Thu,\\x2024\\x20Feb\\x202022\\x2018:44:40\\x20
SF:GMT\\r\\nContent-Length:\\x20185\\r\\n\\r\\n{\\"kind\\":\\"Status\\",\\"apiVersion\\
SF:":\\"v1\\",\\"metadata\\":{},\\"status\\":\\"Failure\\",\\"message\\":\\"forbidden
SF::\\x20User\\x20\\\\\\"system:anonymous\\\\\\"\\x20cannot\\x20get\\x20path\\x20\\\\\\"/
SF:\\\\\\"\\",\\"reason\\":\\"Forbidden\\",\\"details\\":{},\\"code\\":403}\\n")%r(Four
SF:OhFourRequest,24A,"HTTP/1\\.0\\x20403\\x20Forbidden\\r\\nAudit-Id:\\x20a46735
SF:f2-ecf0-44e0-a5f1-2dbf23c16cd8\\r\\nCache-Control:\\x20no-cache,\\x20privat
SF:e\\r\\nContent-Type:\\x20application/json\\r\\nX-Content-Type-Options:\\x20no
SF:sniff\\r\\nX-Kubernetes-Pf-Flowschema-Uid:\\x20d63dace0-363f-4687-ac2c-2b7
SF:eef876cc1\\r\\nX-Kubernetes-Pf-Prioritylevel-Uid:\\x201610c0d9-d53e-4ebc-a
SF:d0e-f077ba8aa242\\r\\nDate:\\x20Thu,\\x2024\\x20Feb\\x202022\\x2018:44:42\\x20G
SF:MT\\r\\nContent-Length:\\x20212\\r\\n\\r\\n{\\"kind\\":\\"Status\\",\\"apiVersion\\"
SF::\\"v1\\",\\"metadata\\":{},\\"status\\":\\"Failure\\",\\"message\\":\\"forbidden:
SF:\\x20User\\x20\\\\\\"system:anonymous\\\\\\"\\x20cannot\\x20get\\x20path\\x20\\\\\\"/n
SF:ice\\x20ports,/Trinity\\.txt\\.bak\\\\\\"\\",\\"reason\\":\\"Forbidden\\",\\"detail
SF:s\\":{},\\"code\\":403}\\n")%r(GenericLines,67,"HTTP/1\\.1\\x20400\\x20Bad\\x20
SF:Request\\r\\nContent-Type:\\x20text/plain;\\x20charset=utf-8\\r\\nConnection:
SF:\\x20close\\r\\n\\r\\n400\\x20Bad\\x20Request")%r(RTSPRequest,67,"HTTP/1\\.1\\x2
SF:0400\\x20Bad\\x20Request\\r\\nContent-Type:\\x20text/plain;\\x20charset=utf-8
SF:\\r\\nConnection:\\x20close\\r\\n\\r\\n400\\x20Bad\\x20Request")%r(Help,67,"HTTP
SF:/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nContent-Type:\\x20text/plain;\\x20chars
SF:et=utf-8\\r\\nConnection:\\x20close\\r\\n\\r\\n400\\x20Bad\\x20Request")%r(SSLSe
SF:ssionReq,67,"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nContent-Type:\\x20tex
SF:t/plain;\\x20charset=utf-8\\r\\nConnection:\\x20close\\r\\n\\r\\n400\\x20Bad\\x20
SF:Request");
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 3) scan.
Initiating NSE at 18:28
Completed NSE at 18:28, 0.00s elapsed
NSE: Starting runlevel 2 (of 3) scan.
Initiating NSE at 18:28
Completed NSE at 18:28, 0.00s elapsed
NSE: Starting runlevel 3 (of 3) scan.
Initiating NSE at 18:28
Completed NSE at 18:28, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at <https://nmap.org/submit/> .
Nmap done: 1 IP address (1 host up) scanned in 122.03 seconds
Lets try using nmap what result we get
nmap -sC -sV steamcloud.htb -oN steam
got results
Starting Nmap 7.92 ( <https://nmap.org> ) at 2022-02-24 18:32 GMT
Nmap scan report for steamcloud.htb (10.10.11.133)
Host is up (0.19s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey:
| 2048 fc:fb:90:ee:7c:73:a1:d4:bf:87:f8:71:e8:44:c6:3c (RSA)
| 256 46:83:2b:1b:01:db:71:64:6a:3e:27:cb:53:6f:81:a1 (ECDSA)
|_ 256 1d:8d:d3:41:f3:ff:a4:37:e8:ac:78:08:89:c2:e3:c5 (ED25519)
8443/tcp open ssl/https-alt
|_http-title: Site doesn't have a title (application/json).
|_ssl-date: TLS randomness does not represent time
| fingerprint-strings:
| FourOhFourRequest:
| HTTP/1.0 403 Forbidden
| Audit-Id: e4444d95-75e1-4249-8a58-53b332c0c63e
| Cache-Control: no-cache, private
| Content-Type: application/json
| X-Content-Type-Options: nosniff
| X-Kubernetes-Pf-Flowschema-Uid: d63dace0-363f-4687-ac2c-2b7eef876cc1
| X-Kubernetes-Pf-Prioritylevel-Uid: 1610c0d9-d53e-4ebc-ad0e-f077ba8aa242
| Date: Thu, 24 Feb 2022 18:50:34 GMT
| Content-Length: 212
| {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User "system:anonymous" cannot get path "/nice ports,/Trinity.txt.bak"","reason":"Forbidden","details":{},"code":403}
| GetRequest:
| HTTP/1.0 403 Forbidden
| Audit-Id: 017be43e-47b8-4cd8-89a2-965fcb07eed1
| Cache-Control: no-cache, private
| Content-Type: application/json
| X-Content-Type-Options: nosniff
| X-Kubernetes-Pf-Flowschema-Uid: d63dace0-363f-4687-ac2c-2b7eef876cc1
| X-Kubernetes-Pf-Prioritylevel-Uid: 1610c0d9-d53e-4ebc-ad0e-f077ba8aa242
| Date: Thu, 24 Feb 2022 18:50:32 GMT
| Content-Length: 185
| {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User "system:anonymous" cannot get path "/"","reason":"Forbidden","details":{},"code":403}
| HTTPOptions:
| HTTP/1.0 403 Forbidden
| Audit-Id: 901ee399-82be-4312-8ea6-6773bde669f4
| Cache-Control: no-cache, private
| Content-Type: application/json
| X-Content-Type-Options: nosniff
| X-Kubernetes-Pf-Flowschema-Uid: d63dace0-363f-4687-ac2c-2b7eef876cc1
| X-Kubernetes-Pf-Prioritylevel-Uid: 1610c0d9-d53e-4ebc-ad0e-f077ba8aa242
| Date: Thu, 24 Feb 2022 18:50:33 GMT
| Content-Length: 189
|_ {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User "system:anonymous" cannot options path "/"","reason":"Forbidden","details":{},"code":403}
| tls-alpn:
| h2
|_ http/1.1
| ssl-cert: Subject: commonName=minikube/organizationName=system:masters
| Subject Alternative Name: DNS:minikubeCA, DNS:control-plane.minikube.internal, DNS:kubernetes.default.svc.cluster.local, DNS:kubernetes.default.svc, DNS:kubernetes.default, DNS:kubernetes, DNS:localhost, IP Address:10.10.11.133, IP Address:10.96.0.1, IP Address:127.0.0.1, IP Address:10.0.0.1
| Not valid before: 2022-02-23T10:00:16
|_Not valid after: 2025-02-23T10:00:16
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at <https://nmap.org/cgi-bin/submit.cgi?new-service> :
SF-Port8443-TCP:V=7.92%T=SSL%I=7%D=2/24%Time=6217CF51%P=x86_64-pc-linux-gn
SF:u%r(GetRequest,22F,"HTTP/1\\.0\\x20403\\x20Forbidden\\r\\nAudit-Id:\\x20017be
SF:43e-47b8-4cd8-89a2-965fcb07eed1\\r\\nCache-Control:\\x20no-cache,\\x20priva
SF:te\\r\\nContent-Type:\\x20application/json\\r\\nX-Content-Type-Options:\\x20n
SF:osniff\\r\\nX-Kubernetes-Pf-Flowschema-Uid:\\x20d63dace0-363f-4687-ac2c-2b
SF:7eef876cc1\\r\\nX-Kubernetes-Pf-Prioritylevel-Uid:\\x201610c0d9-d53e-4ebc-
SF:ad0e-f077ba8aa242\\r\\nDate:\\x20Thu,\\x2024\\x20Feb\\x202022\\x2018:50:32\\x20
SF:GMT\\r\\nContent-Length:\\x20185\\r\\n\\r\\n{\\"kind\\":\\"Status\\",\\"apiVersion\\
SF:":\\"v1\\",\\"metadata\\":{},\\"status\\":\\"Failure\\",\\"message\\":\\"forbidden
SF::\\x20User\\x20\\\\\\"system:anonymous\\\\\\"\\x20cannot\\x20get\\x20path\\x20\\\\\\"/
SF:\\\\\\"\\",\\"reason\\":\\"Forbidden\\",\\"details\\":{},\\"code\\":403}\\n")%r(HTTP
SF:Options,233,"HTTP/1\\.0\\x20403\\x20Forbidden\\r\\nAudit-Id:\\x20901ee399-82b
SF:e-4312-8ea6-6773bde669f4\\r\\nCache-Control:\\x20no-cache,\\x20private\\r\\nC
SF:ontent-Type:\\x20application/json\\r\\nX-Content-Type-Options:\\x20nosniff\\
SF:r\\nX-Kubernetes-Pf-Flowschema-Uid:\\x20d63dace0-363f-4687-ac2c-2b7eef876
SF:cc1\\r\\nX-Kubernetes-Pf-Prioritylevel-Uid:\\x201610c0d9-d53e-4ebc-ad0e-f0
SF:77ba8aa242\\r\\nDate:\\x20Thu,\\x2024\\x20Feb\\x202022\\x2018:50:33\\x20GMT\\r\\n
SF:Content-Length:\\x20189\\r\\n\\r\\n{\\"kind\\":\\"Status\\",\\"apiVersion\\":\\"v1\\
SF:",\\"metadata\\":{},\\"status\\":\\"Failure\\",\\"message\\":\\"forbidden:\\x20Us
SF:er\\x20\\\\\\"system:anonymous\\\\\\"\\x20cannot\\x20options\\x20path\\x20\\\\\\"/\\\\\\
SF:"\\",\\"reason\\":\\"Forbidden\\",\\"details\\":{},\\"code\\":403}\\n")%r(FourOhF
SF:ourRequest,24A,"HTTP/1\\.0\\x20403\\x20Forbidden\\r\\nAudit-Id:\\x20e4444d95-
SF:75e1-4249-8a58-53b332c0c63e\\r\\nCache-Control:\\x20no-cache,\\x20private\\r
SF:\\nContent-Type:\\x20application/json\\r\\nX-Content-Type-Options:\\x20nosni
SF:ff\\r\\nX-Kubernetes-Pf-Flowschema-Uid:\\x20d63dace0-363f-4687-ac2c-2b7eef
SF:876cc1\\r\\nX-Kubernetes-Pf-Prioritylevel-Uid:\\x201610c0d9-d53e-4ebc-ad0e
SF:-f077ba8aa242\\r\\nDate:\\x20Thu,\\x2024\\x20Feb\\x202022\\x2018:50:34\\x20GMT\\
SF:r\\nContent-Length:\\x20212\\r\\n\\r\\n{\\"kind\\":\\"Status\\",\\"apiVersion\\":\\"
SF:v1\\",\\"metadata\\":{},\\"status\\":\\"Failure\\",\\"message\\":\\"forbidden:\\x2
SF:0User\\x20\\\\\\"system:anonymous\\\\\\"\\x20cannot\\x20get\\x20path\\x20\\\\\\"/nice
SF:\\x20ports,/Trinity\\.txt\\.bak\\\\\\"\\",\\"reason\\":\\"Forbidden\\",\\"details\\"
SF::{},\\"code\\":403}\\n");
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at <https://nmap.org/submit/> .
Nmap done: 1 IP address (1 host up) scanned in 137.07 seconds
Found many services at port 8443 and many about TLS certificates , here are those: