RDP
PORT STATE SERVICE REASON VERSION
3389/tcp open ms-wbt-server syn-ack ttl 127 Microsoft Terminal Services
| rdp-ntlm-info:
| Target_Name: HEIST
| NetBIOS_Domain_Name: HEIST
| NetBIOS_Computer_Name: DC01
| DNS_Domain_Name: heist.offsec
| DNS_Computer_Name: DC01.heist.offsec
| DNS_Tree_Name: heist.offsec
| Product_Version: 10.0.17763
|_ System_Time: 2022-07-14T20:10:25+00:00
| ssl-enum-ciphers:
| TLSv1.0:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
| TLSv1.1:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp384r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp384r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ecdh_x25519) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp384r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| compressors:
| NULL
| cipher preference: server
| warnings:
| 64-bit block cipher 3DES vulnerable to SWEET32 attack
|_ least strength: C
| ssl-cert: Subject: commonName=DC01.heist.offsec
| Issuer: commonName=DC01.heist.offsec
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2022-07-13T19:58:56
| Not valid after: 2023-01-12T19:58:56
| MD5: 2866 f5ae 7817 9aac d4af 416d 41c6 41c0
| SHA-1: 82a3 9949 50bb 2afd 01f9 7525 79bd 7ada bb6a 46c7
| -----BEGIN CERTIFICATE-----
| MIIC5jCCAc6gAwIBAgIQHvSVzyrE/phEdjAq98ArTTANBgkqhkiG9w0BAQsFADAc
| MRowGAYDVQQDExFEQzAxLmhlaXN0Lm9mZnNlYzAeFw0yMjA3MTMxOTU4NTZaFw0y
| MzAxMTIxOTU4NTZaMBwxGjAYBgNVBAMTEURDMDEuaGVpc3Qub2Zmc2VjMIIBIjAN
| BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1d//i4V6OG6wOjxG8GO/bhiycqkG
| URq9tHaq0rx/u9CARasoAn+lSllwYmDQAlx16IMorY+/xEHZDLSTA1g3PEWvkuLh
| /SjCXrkC0kjn2u8ZWg7O4H1/KL5sak6MJXkGWwGEPG77tXx7/p3/yaCtTXU5TkXc
| zyxRbZwZe+sujD9B0eh1UDo55kBj2qDASgpbeULaO3o+SOjrWdSBPd7edpeCZgGO
| U0bavcs2+FJDvXdfMRkiI/S2wdAKyPAeQD8O7DcQ+bbeebscbGg56WrC698X+ChZ
| mcotIH2mb+sVDHKbINJ3Ym0nY2iVqaLPJe6ejKxlw9HRBaB3TVhRD1u+SQIDAQAB
| oyQwIjATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8EBAMCBDAwDQYJKoZIhvcN
| AQELBQADggEBAEldNPqvXBeLwpzzNwvsKIdDzqmK3xntZ0cPgxFgsUukLxPVc/QE
| gCJ34UBTljTCgvB9YJQvV6nk7rnITBhP9jrv7B5GjCVsbInAsOihBP6Zp6CHmpJ1
| VjwD8sqqP305V74PRPA7i5Hr1ZFZtX/bJ3W5UTq0lLo0N9ZI4Xs5ELpdbNWUK50z
| fdFm+7tp+w1QtUaKaMp/66fx4hggtAbfl1XgZruz3SyKyIAOs8l7V2W1TiBaov2k
| xpKRiCDKGFLt41RyA43bN0DEBkdssFFVrCJbPgo6ri3EDyMtV6+wl1NCdvUH8Vit
| RlBow0qO4KP95BwRrPUzWNq1GmEN9FzOy1o=
|_-----END CERTIFICATE-----
| rdp-enum-encryption:
| Security layer
| CredSSP (NLA): SUCCESS
| CredSSP with Early User Auth: SUCCESS
| RDSTLS: SUCCESS
| SSL: SUCCESS
|_ RDP Protocol Version: RDP 10.6 server
|_ssl-date: 2022-07-14T20:10:45+00:00; -1s from scanner time.
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windowsLast updated