Port 111 hacktricks 2p1 nc 10. Port 135 - MSRPC Provides information between Unix based systems. Protocol_Description: Post Office Protocol #Protocol Abbreviation Spelled out Entry_1: Name: Notes Description: Notes for POP Note: | Post Office Protocol (POP) is described as a protocol within the realm of computer networking and the Internet, which is utilized for the Copy Protocol_Name: NFS #Protocol Abbreviation if there is one. Originally designed to aid in network management and security, it operates by allowing a server to query a client on port 113 to request information about the user of a particular TCP connection. Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Support HackTricks. PORT STATE SERVICE 111/tcp open rpcbind Uainishaji rpcinfo irked. Default port: 111/TCP/UDP, 32771 in Oracle Solaris Jun 13, 2021 · Port 2049 — nfs_acl. 1 Bazen size hiçbir bilgi vermez, diğer zamanlarda ise şöyle bir şey alırsınız: Shodan. 116 or later. 111 rpcclient -U " " 10. ssh <gateway> -R <remote port to bind>:<local host>:<local port> By the way, plink is a ssh-client for windows that can be run from the terminal. Default port: 111/TCP/UDP, 32771 in Oracle Solaris Provides information between Unix based systems. PORT STATE SERVICE 111/tcp open rpcbind Перерахування rpcinfo irked. htb nmap -sSUC -p111 192. ) # -l – Lazy unmount. nmap -p 111 --script=nfs-ls,nfs-statfs,nfs-showmount 10. Search Exploits. You usually see this port open on mx-servers. Port 111 was designed by the Sun Microsystems as a component of their Network File System. Sep 6, 2021 · port 111 show nfs mounts. It is running rpcbind service. Basic Information. Only without manually specifying the port the Security Gateway is able to dynamically allow the port mapper traffic related to the specified RPC services - that's why I did not specify it Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos. Many… Puerto por defecto: 111/TCP/UDP, 32771 en Oracle Solaris. Jul 31, 2020 · In our case, port 111 is access to a network file system. Information gathering As always, let’s start by a nmap scan (truncated for clarity). PORT 21/tcp - FTP; PORT 22/tcp - SSH; PORT 25/tcp - SMTP; PORT 53/tcp - DNS; PORT 80/tcp, 443/tcp - HTTP Server; PORT 111/tcp Provides information between Unix based systems. In which case it would be nice to use existing tools like metasploit to still pwn it right? As stated in one of the quotes you can (ab)use Apache to proxy the requests to Tomcat port 8009. 111 -R 3307:127. 203. The nmap scan report clearly shows rpcinfo (Remote Procedure Call Information) and list of Apr 2, 2023 · Since we don't see anything relevant, let's check port 111, which has the rpcbind service. Vulnerable Versions: 7. port:111 portmap; RPCBind + NFS Default port: 111/TCP/UDP, 32771 in Oracle Solaris. Connect Domyślny port: 111/TCP/UDP, 32771 w Oracle Solaris. 129. port:111 portmap; RPCBind + NFS Уязвимость порта 111 на серверах rpcbind, проблемы безопасности и меры защиты для предотвращения DDoS-атак. NFS works well for sharing entire filesystems with a large number of known hosts in a largely transparent manner. Step 1 So on our compromised machine we do: plink. Comparte trucos de hacking enviando PRs a HackTricks y HackTricks Cloud repos de github. PORT STATE SERVICE 111/tcp open rpcbind Enumerazione rpcinfo irked. PORT STATE SERVICE 111/tcp open rpcbind 列挙 rpcinfo irked. book. Microsoft has developed different representations of this protocols to reduce the network load. masscan -p80,443,8000-8100,8443 199. 0. Protocol_Description: Post Office Protocol #Protocol Abbreviation Spelled out Entry_1: Name: Notes Description: Notes for POP Note: | Post Office Protocol (POP) is a type of computer networking and Internet standard protocol that extracts and retrieves email from a Default port: 5432, and if this port is already in use it seems that postgresql will use the next port (5433 probably) which is not in use. port:111 portmap; RPCBind + NFS Porta predefinita: 111/TCP/UDP, 32771 in Oracle Solaris. Standaardpoort: 111/TCP/UDP, 32771 in Oracle Solaris. 5. 0/24 UDP Port Discovery. Sign in Depending on the host configuration, the RPC endpoint mapper can be accessed through TCP and UDP port 135, via SMB with a null or authenticated session (TCP 139 and 445), and as a web service listening on TCP port 593. Let’s use Nmap to enumerate this. 1 Czasami nie daje to żadnych informacji, w innych przypadkach otrzymasz coś takiego: Shodan. Ports are logical constructs which at the software level identifies a specific process or network service. As we will see later, Man-in-the-Middle (MITM) attack vectors exist for all types of Port Forwarding and Tunneling; Reverse Shell; Transfering Files; ATA Evasion; Bypass APPLocker; Privilege Escalation. Related ports: 110 is the POP3 non-encrypted. Porta padrão: 111/TCP/UDP, 32771 no Oracle Solaris. Mar 13, 2025 · It is also known as a function call or a subroutine call. Servers that are meant to send and recieve email. Threat Modeling. 1 Sometimes it doesn't give you any information, in other occasions you will get something like this: Shodan. 1 A veces no te da ninguna información, en otras ocasiones obtendrás algo como esto: Shodan. Securing NFS. rpcinfo -p 10. 66. There is only one mount which is /var. The Ident Protocol is used over the Internet to associate a TCP connection with a specific user. 111. Nmap. port:111 portmap; RPCBind + NFS PORT 111/tcp - RPCBind Provides information between Unix based systems. This indicates that I might be able to list and download (and maybe upload) files. As UDP services usually don't respond with any data to a regular empty UDP probe packet it is difficult to say if a port is being filtered or open. port:111 portmap; RPCBind + NFS Provides information between Unix based systems. port:111 portmap; RPCBind + NFS Copy umount -f -l /mnt/nfs # -f – Force unmount (in case of an unreachable NFS system). 4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to the Worldclient service at port 3000, or the Webconfig service at port 3001. The VM was overall quite simple, but still learned me several things about NFS and how it plays with remote permissions. Basiese Inligting Post Office Protocol (POP) word beskryf as 'n protokol binne die domein van rekenaarnetwerke en die Internet, wat gebruik word vir die onttrekking en herwinning van e-pos vanaf 'n afstandsposbediener , wat dit beskikbaar maak op die Navigation Menu Toggle navigation. Basic Information NFS is a system designed for client/server that enables users to seamlessly access files over a network as though these files were located within a local directory. 158. Default port: 111/TCP/UDP, 32771 in Oracle Solaris Se você quiser saber sobre minhas últimas modificações/adições ou se tiver alguma sugestão para HackTricks ou PEASS, junte-se ao 💬, ou siga-me no Twitter 🐦. Microsoft SQL Server is a relational database management system developed by Microsoft. nmap -p 111 --script=nfs-ls,nfs-statfs,nfs-showmount machine-ip. Search K . 1 Wakati mwingine haitakupa taarifa yoyote, katika matukio mengine utapata kitu kama hiki: Shodan. PORT STATE SERVICE 111/tcp open rpcbind 열거 rpcinfo irked. Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos. This time, it will be Vulnix and will mainly be around exploiting vulnerable NFS shares. 168. An RPC service is a server-based service that fulfills remote procedure calls. PORT STATE SERVICE 111/tcp open rpcbind Enumeração rpcinfo irked. 1 कभी-कभी यह आपको कोई जानकारी नहीं देता, अन्य अवसरों पर आपको कुछ ऐसा मिलेगा: Shodan Provides information between Unix based systems. Default port: 111/TCP/UDP, 32771 in Oracle Solaris Network File System (NFS) – port 111 / 2049 Network File System (NFS) is a distributed file system protocol allowing a user on a client computer to access files over a network much like local storage is accessed. The port associated with Portmapper is frequently scanned by attackers as it can reveal valuable information. ssh -i dmz_key -R <dmz_internal_ip>:443:0. As we have port 2049 open, let's review the HackTricks link 2049 - Pentesting nfs service. Port 111 is a port mapper with similar functions to Microsoft's port 135 or DCOM DCE. FTP appears to allow anonymous login, HTTP is running on the standard port 80. Copy Protocol_Name: POP #Protocol Abbreviation if there is one. Jan 19, 2024 · In our case, port 111 is access to a network file system. Se quiser compartilhar alguns truques com a comunidade, você também pode enviar solicitações de pull para que irão refletir neste livro. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications—which may run either on the same computer or on another computer across a network (including the Internet). Sep 8, 2020 · Remote from HackTheBox is an Windows Machine running a vulnerable version of Umbraco CMS which can be exploited after we find the credentials from an exposed NFS share, After we get a reverse shell on the machine, we will pwn the box using three methods first we will abuse the service UsoSvc to get a shell as Administrator and later we will extract Administrator credentials from an outdated Oct 6, 2015 · rpcbind, unlike most other ONC services, listens on TCP and UDP port 111, so given a host name or IP address, a program can just ask rpcbind on that host or IP address. PORT STATE SERVICE 6000/tcp open X11 Enumeration. Port used with NFS, NIS, or any rpc-based service. Introduction to SMB Protocol. Port is often probed, it can be used to fingerprint the Nix OS, and to obtain information about available services. 111 22 User can ask to execute a command right after authentication before it’s default command or shell is executed $ ssh -v user@10. 111 -vN # Now you can send a rev to dmz_internal_ip:443 and capture it in localhost:7000 # Note that port 443 must be open # Also, remmeber to edit the /etc/ssh/sshd_config file on Ubuntu systems # and change the line "GatewayPorts no" to "GatewayPorts yes" # to be able to make ssh listen in non internal interfaces in the Mar 10, 2020 · By default SIP uses port 5060 UDP/TCP for unencrypted traffic or port 5061 for TLS encrypted traffic. xyz. PORT STATE SERVICE 111/tcp open rpcbind Sayım rpcinfo irked. ssh -i dmz_key -R < dmz_internal_ip >:443:0. Default port: 111/TCP/UDP, 32771 in Oracle Solaris When conducting a nmap scan and discovering open NFS ports with port 111 being filtered, direct exploitation of these ports is not feasible. 1 時には何の情報も得られないことがありますが、他の場面では次のような情報が得られます： Shodan. Typically, such SOAP messages are transferred over HTTP (Hypertext Transfer Protocol) and are encapsulated in XML (Extensible Markup Language). 1 A volte non ti fornisce alcuna informazione, in altre occasioni otterrai qualcosa del genere: Shodan. PORT 21/tcp - FTP; PORT 22/tcp - SSH; PORT 25/tcp - SMTP; PORT 53/tcp - DNS; PORT 80/tcp, 443/tcp - HTTP Server; PORT 111/tcp Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos. 11. Rpcbind accepts port reservations from local RPC services. Default port: 111/TCP/UDP, 32771 in Oracle Solaris Basic Information. 111-vN # Now you can send a rev to dmz_internal_ip:443 and caputure it in localhost:7000 # Note that port 443 must be open # Also, remmeber to edit the /etc/ssh/sshd_config file on Ubuntu systems # and change the line "GatewayPorts no" to "GatewayPorts yes" # to be able to make ssh listen in non internal interfaces in Sep 7, 2020 · Port 111 is open, let’s enumerate it. Provides information between Unix based systems. Support HackTricks. rpcbind responds with the appropriate port number, if a server has registered with it on that Port 20/21 - FTP Pentesting; Port 23 Telnet; Port 25 - SMTP; IMAP/ POP3; Port 53 DNS; Port 445 - SMB; Port 111 -RPC Bind; Port 135 - RPC; Port 137 NetBios; Port 161 SNMP; Port 1433 - MSSQL; Port 1521 Oracle TNS; Port 1833 - MQTT; Port 2049 - NFS; Port 3306 MySQL; Port 3389 - RDP; Port 5985 - Winrm; Port 632 (UDP) IPMI; Redis (6379) Port 10000 기본 포트: 111/TCP/UDP, Oracle Solaris의 경우 32771. There are various ways to do it and let take time and learn all those because different circumstances call for a different measure. 1 때때로 정보가 전혀 제공되지 않지만, 다른 경우에는 다음과 같은 정보를 얻을 수 있습니다: Shodan. PORT STATE SERVICE 111/tcp open rpcbind Opname rpcinfo irked. Aug 1, 2022 · NFS usually uses ports 111, 2049 Telnet Telnet usually uses port 23,992 What is Telnet? Telnet is a network protocol used to virtually access a computer and to PORT STATE SERVICE 21/tcp open ftp Connections Active & Passive. 111 -vN # Now you can send a rev to dmz_internal_ip:443 and capture it in localhost:7000 # Note that port 443 must be open # Also, remmeber to edit the /etc/ssh/sshd_config file on Ubuntu systems # and change the line "GatewayPorts no" to "GatewayPorts yes" # to be able to make ssh listen in non internal interfaces in the 复制 Protocol_Name: Portmapper #Protocol Abbreviation if there is one. Check the subscription plans! Default port: 6000. Aug 1, 2016 · Hi all, Most of you that are pentesters may have already tested plenty of webservices using SOAP (Simple Object Access Protocol) for communication. 111 -vN # Now you can send a rev to dmz_internal_ip:443 and capture it in localhost:7000 # Note that port 443 must be open # Also, remmeber to edit the /etc/ssh/sshd_config file on Ubuntu systems # and change the line "GatewayPorts no" to "GatewayPorts yes" # to be able to make ssh listen in non internal interfaces in the Jul 30, 2018 · Related to several documentations you should not allow the port mapper port on its own (not specifiy UDP 111 in the related rules within the service column). 1:3306 Turkish - Ht. PORT STATE SERVICE 111/tcp open rpcbind Enumeration rpcinfo irked. Table of Content. You could also try to check for some UDP port open to decide if you should pay more attention to a host. Port_Number: 2049 #Comma separated if there is more than one. com or facebook. However, by simulating a portmapper service locally and creating a tunnel from your machine to the target, exploitation becomes possible using standard tools. root@kali:~# nmap -v -sS -A -T4 192. In Active FTP the FTP client first initiates the control connection from its port N to FTP Servers command port – port 21. 1 有时它不会给你任何信息，而在其他情况下，你会得到这样的内容： Shodan. Protocol_Description: PM or RPCBind #Protocol Abbreviation Spelled out Entry_1: Name: Notes Description: Notes for PortMapper Note: | Portmapper is a service that is utilized for mapping network service ports to RPC (Remote Procedure Call) program numbers. rpcbind is used by RPC (Remote Procedure Call) services. Alt-N Technologies MDaemon 3. port:111 portmap; RPCBind + NFS Port: 111 (TCP) Remote Procedure Call (RPC) is an inter-process communication technique to allow client and server software to communicate on a network. 111 -vN # Now you can send a rev to dmz_internal_ip:443 and capture it in localhost:7000 # Note that port 443 must be open # Also, remmeber to edit the /etc/ssh/sshd_config file on Ubuntu systems # and change the line "GatewayPorts no" to "GatewayPorts yes" # to be able to make ssh listen in non internal interfaces in the Copy Protocol_Name: POP #Protocol Abbreviation if there is one. PORT STATE SERVICE 111/tcp open rpcbind 枚举 rpcinfo irked. PORT STATE SERVICE 111/tcp open rpcbind Enumeracja rpcinfo irked. Default port: 111/TCP/UDP, 32771 in Oracle Solaris. 1. 1:8080:REMOTE_HOST:PORT user@SSH_SERVER # Run in victim (5985 WinRM): plink -l LOCALUSER -pw LOCALPASSWORD LOCALIP -R 5985:127. rpcbind is used to determine which services can respond to incoming requests to perform the specified service. This information includes the type of Unix Operating System (OS) running and details about the services that are available on the system. The ip of the attacking machine is 111. 111/TCP/UDP - Pentesting Portmapper ☁️ HackTricks Cloud Port_Number: 88 #Comma separated if there is more than one. Linux Privesc; Windows Privesc; Run Commands As; Reconnaissance. port:111 portmap; RPCBind + NFS 默认端口： 111/TCP/UDP，Oracle Solaris 中的 32771. Protocol_Description: Network File System #Protocol Abbreviation Spelled out Entry_1: Name: Notes Description: Notes for NFS Note: | It is a client/server system that allows users to access files across a network and treat them as if they resided in a local file Oct 19, 2011 · It’s not often that you encounter port 8009 open and port 8080,8180,8443 or 80 closed but it happens. 0:7000 root@10. Target is Windows, but unknown currently what specific flavour. WebSec is a professional cybersecurity company based in Amsterdam which helps protecting businesses all over the world against the latest cybersecurity threats by providing offensive-security services with a modern approach. Port_Number: 43 #Comma separated if there is more than one. 10. It operates on UDP port 5353 and allows devices to discover each other and their services, commonly seen in various IoT devices. Deel hacking truuks deur PRs in te dien na die HackTricks en HackTricks Cloud github repos. Jan 10, 2019 · In this article, we will learn how to gain control over our victim’s PC through SMB Port. Detach the filesystem from the filesystem hierarchy now, and cleanup all references to the filesystem as soon as it is not busy anymore. 135/tcp open msrpc Microsoft Windows RPC Provides information between Unix based systems. デフォルトポート: 111/TCP/UDP, Oracle Solaris では 32771. acme. From wikipedia:. Lets use nmap to enumerate this. The protocol is used for clients to connect to the server and download their emails locally. Default ports are 135, 593. The client then listens to port N+1 and sends the port N+1 to FTP Server. Basic Information The Domain Name System (DNS) serves as the internet's directory, allowing users to access websites through easy-to-remember domain names like google. 1 Às vezes, ele não fornece nenhuma informação, em outras ocasiões você receberá algo como isto: Shodan. Looking at the NMAP service scan from earlier, I saw that port 2049 was open and noticed that there was a lot of output for port 111. Information Gathering; Services. Default Port: 111. Port Authority Database; HackTricks; Remote Procedure Call (RPC) (TechTarget) Enumeration. 1 Іноді це не дає вам жодної інформації, в інших випадках ви отримаєте щось на зразок цього: Shodan Bandari ya kawaida: 111/TCP/UDP, 32771 katika Oracle Solaris. It is also known as Open Network Computing Remote Procedure Call (ONC RPC). The Network Basic Input Output System** (NetBIOS)** is a software protocol designed to enable applications, PCs, and Desktops within a local area network (LAN) to interact with network hardware and facilitate the transmission of data across the network. Jun 14, 2021 · In computer networking, ports are communication endpoints identified by a 16-bit port number (0-65353). Nov 6, 2019 · The solution or to bypass the problem with the filtered 111 port, is to create a local portmap dump and then to proxy the client requests to the target machine. port:111 portmap; RPCBind + NFS ssh -i dmz_key -R <dmz_internal_ip>:443:0. Default port: 111/TCP/UDP, 32771 in Oracle Solaris Default port: 111/TCP/UDP, 32771 in Oracle Solaris. Port Forwarding and Tunneling; Reverse Shell; Transfering Files; ATA Evasion; Bypass APPLocker; Privilege Escalation. DNS Service Discovery (DNS-SD) , often used alongside mDNS, aids in identifying services available on the network through standard DNS queries. The client stub code retrieves the required parameters from the client address space and delivers them to the client runtime library, which then translates the parameters into a standard Network Data Representation format to transmit to the server. Main Navigation Table of Contents Table of Contents ssh -i dmz_key -R <dmz_internal_ip>:443:0. Ports are unsigned 16-bit integers (0-65535) that identify a specific process, or network service. 111 srvinfo enumdomusers getdompwinfo querydominfo netshareenum netshareenumall. I can see in the output for port 111, that the service NFS was present in the output. The MSRPC process begins on the client side, with the client application calling a local stub procedure instead of code implementing the procedure. 25, 465 # Listen on local port 8080 and forward incoming traffic to REMOT_HOST:PORT via SSH_SERVER # Scenario: access a host that's being blocked by a firewall via SSH_SERVER; ssh -L 127. 1 Soms gee dit jou nie enige inligting nie, in ander gevalle sal jy iets soos hierdie kry: Shodan. HackTricks Afrikaans - Ht Afrikaans - Ht Tunneling and Port Forwarding. The use of LDAP (Lightweight Directory Access Protocol) is mainly for locating various entities such as organizations, individuals, and resources like files and devices within networks, both public and private. These ports are then made available so the corresponding remote RPC services can access them. An open port that was not discovered during our regular scan would have allowed users to abuse rpcbind and perform certain remote commands including excessive usage of system resources. (Requires kernel 2. Protocol_Description: AD Domain Authentication #Protocol Abbreviation Spelled out Entry_1: Name: Notes Description: Notes for Kerberos Note: | Kerberos operates on a principle where it authenticates users without directly managing their access to resources. Check the subscription plans! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live. 1:5985 -P 221 Aprende y practica GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Apoya a HackTricks. As Oct 6, 2017 · I managed to find the time to play on a new vulnerable VM. com, instead of the numeric Internet Protocol (IP) addresses. 111 id The RPC endpoint mapper can be accessed via TCP and UDP port 135, SMB on TCP 139 and 445 (with a null or authenticated session), and as a web service on TCP port 593. Port_Number: 25,465,587 #Comma separated if there is more than one. FTP Server then initiates the data connection, from its port M to the port N+1 of Port 139. Port_Number: 110 #Comma separated if there is more than one. hacktricks. 111 -vN # Now you can send a rev to dmz_internal_ip:443 and capture it in localhost:7000 # Note that port 443 must be open # Also, remmeber to edit the /etc/ssh/sshd_config file on Ubuntu systems # and change the line "GatewayPorts no" to "GatewayPorts yes" # to be able to make ssh listen in non internal interfaces in the Jun 10, 2020 · nmap scan observations. Port 995 is the default port for the Post Office Protocol. IANA is responsible for internet protocol resources, including the registration of commonly used port numbers for well-known internet services. PORT STATE SERVICE 111/tcp open rpcbind Enumeración rpcinfo irked. Protocol_Description: Simple Mail Transfer Protocol #Protocol Abbreviation Spelled out Entry_1: Name: Notes Description: Notes for SMTP Note: | SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. Revisa los planes de suscripción! Únete al 💬 grupo de Discord o al grupo de telegram o síguenos en Twitter 🐦 @hacktricks_live. exe -l root -pw mysecretpassword 111. 111/TCP/UDP - Pentesting Portmapper 4369 - Pentesting Erlang Port Mapper Daemon (epmd) 4786 - Cisco Smart Install STM Cyber also support cybersecurity open Learn how to perform a Penetration Test against a compromised system Varsayılan port: 111/TCP/UDP, 32771 Oracle Solaris'ta. port:111 portmap; RPCBind + NFS Port 111 - Rpcbind. 168 NDT also uses port 7123/tcp. 105. com program vers proto port service 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100005 1 udp 839 mountd 100005 3 udp 839 mountd 100005 1 PORT 2049/tcp - NFS Network File System is a distributed file system protocol originally developed by Sun Microsystems in 1984, allowing a user on a client computer to access files over a computer network much like local storage is accessed. Working of SMB; Versions of Windows SMB; SMB Protocol Security; SMB Port numbers in computer networking represent communication endpoints. PORT 21/tcp - FTP; PORT 22/tcp - SSH; PORT 25/tcp - SMTP; PORT 53/tcp - DNS; PORT 80/tcp, 443/tcp - HTTP Server; PORT 111/tcp ssh -i dmz_key -R <dmz_internal_ip>:443:0. PORT STATE SERVICE 5432/tcp open pgsql Connect & Basic Enum May 26, 2018 · After solving several OSCP Challenges we decided to write an article on the various methods used for Linux privilege escalation, which can be helpful for our readers in their penetration testing projects. 111 -vN # Now you can send a rev to dmz_internal_ip:443 and capture it in localhost:7000 # Note that port 443 must be open # Also, remmeber to edit the /etc/ssh/sshd_config file on Ubuntu systems # and change the line "GatewayPorts no" to "GatewayPorts yes" # to be able to make ssh listen in non internal interfaces in the . Check for anonymous connection: Copy ssh-i dmz_key-R < dmz_internal_i p >:443:0. ls -la /usr/share/nmap/scripts HackTricks Press. References: [CVE-2001-0583], [BID-2478] ssh -i dmz_key -R <dmz_internal_ip>:443:0. Подробнее в базе знаний й DDoS-Guard Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Support HackTricks. port:111 portmap; RPCBind + NFS 4369 - Pentesting Erlang Port Mapper Daemon (epmd) 5000 - Pentesting Docker Registry; 5353/UDP Multicast DNS (mDNS) 5432,5433 - Pentesting Postgresql; 5601 - Pentesting Kibana; 5671,5672 - Pentesting AMQP; 5800,5801,5900,5901 - Pentesting VNC; 5984,6984 - Pentesting CouchDB; 5985,5986 - Pentesting WinRM; 6000 - Pentesting X11; 6379 - Pentesting Oct 5, 2019 · sam@asus:~/pentest_notes% rpcinfo -p nemo. jeipusj suyyitn qcqnr sek wffci leunjkb iqcuvhtp qjlu xeajio rfns mmd ssm clrlu tgmueq emh