Got IP target [TARGET_IP]

Recon

nmap -p- [TARGET_IP] -oN blue-nmap-ports

Nmap scan report for [TARGET_IP] Host is up (0.054s latency). Not shown: 65526 closed tcp ports (reset) PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 3389/tcp open ms-wbt-server 49152/tcp open unknown 49153/tcp open unknown 49154/tcp open unknown 49158/tcp open unknown 49159/tcp open unknown

Nmap 7.94 scan initiated Sun Oct 29 03:58:57 2023 as:

nmap -sC -sV --script vuln -p135,139,445,3389,49152,49153,49154,49158,49159 --open -oN blue-nmap-deep1 [TARGET_IP] Pre-scan script results: | broadcast-avahi-dos: | Discovered hosts: | 224.0.0.251 | After NULL UDP avahi packet DoS (CVE-2011-1002). |_ Hosts are all up (not vulnerable). Nmap scan report for [TARGET_IP] Host is up (0.055s latency).

PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open microsoft-ds Microsoft Windows 7 - 10 microsoft-ds (workgroup: WORKGROUP) 3389/tcp open ssl/ms-wbt-server? |_ssl-ccs-injection: No reply from server (TIMEOUT) 49152/tcp open msrpc Microsoft Windows RPC 49153/tcp open msrpc Microsoft Windows RPC 49154/tcp open msrpc Microsoft Windows RPC 49158/tcp open msrpc Microsoft Windows RPC 49159/tcp open msrpc Microsoft Windows RPC Service Info: Host: JON-PC; OS: Windows; CPE: cpe:/o:microsoft:windows