$ nmap -sC -sV 10.10.11.21 Starting Nmap 7.95 ( https://nmap.org ) at 2024-06-24 13:28 CST Nmap scan report for 10.10.11.21 Host is up (0.087s latency). Not shown: 985 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 25/tcp open smtp hMailServer smtpd | smtp-commands: MAINFRAME, SIZE 20480000, AUTH LOGIN, HELP |_ 211 DATA HELO EHLO MAIL NOOP QUIT RCPT RSET SAML TURN VRFY 53/tcp open domain Simple DNS Plus 80/tcp open http Microsoft IIS httpd 10.0 |_http-server-header: Microsoft-IIS/10.0 | http-methods: |_ Potentially risky methods: TRACE |_http-title: Axlle Development 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2024-06-24 05:22:27Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: axlle.htb0., Site: Default-First-Site-Name) 445/tcp open microsoft-ds? 464/tcp open kpasswd5? 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 636/tcp open tcpwrapped 3268/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: axlle.htb0., Site: Default-First-Site-Name) 3269/tcp open tcpwrapped 3389/tcp open ms-wbt-server Microsoft Terminal Services | rdp-ntlm-info: | Target_Name: AXLLE | NetBIOS_Domain_Name: AXLLE | NetBIOS_Computer_Name: MAINFRAME | DNS_Domain_Name: axlle.htb | DNS_Computer_Name: MAINFRAME.axlle.htb | DNS_Tree_Name: axlle.htb | Product_Version: 10.0.20348 |_ System_Time: 2024-06-24T05:22:36+00:00 | ssl-cert: Subject: commonName=MAINFRAME.axlle.htb | Not valid before: 2024-05-19T11:25:03 |_Not valid after: 2024-11-18T11:25:03 |_ssl-date: 2024-06-24T05:23:15+00:00; -6m55s from scanner time. 5985/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) |_http-server-header: Microsoft-HTTPAPI/2.0 |_http-title: Not Found Service Info: Host: MAINFRAME; OS: Windows; CPE: cpe:/o:microsoft:windows
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 109.97 seconds
**NOTE: I have automated the running of `C:\Program Files (x86)\Windows Kits\10\Testing\StandaloneTesting\Internal\x64\standalonerunner.exe` as SYSTEM to test and debug this driver in a standalone environment**