Scribd Logo
Upload

Welcome to Scribd!

  • EASM-Dashboard

    Uploaded by

    Tiago Pe
    26 views12 pages

    Original Title

    EASM-Dashboard_9563bc2c-5452-4656-9458-0a7d47db37be

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    26 views12 pages

    EASM-Dashboard

    Uploaded by

    Tiago Pe

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Ext

    ernalAtt
    ackSur
    faceManagement
    Summar y
    EXTERNAL ATTACK SURFACE MANAGEMENT / DASHBOARD

    BANTRAB
     Last refreshed on : Feb 20, 2023

     Domain : bant rab.com

    DISCOVERY

    OVERALL ASSETS EXPOSED SERVICES TECHNOLOGIES DISCOVERED

    94 128 43
     LIVE
    100% 

     100%
    T otal 331
    EXPOSED PORTS PRONE TO ATTACK
    Cloudf lare jQuery Apache
    Port 443 Port 80 23 20 18
    28 3 0 97 82 70
    100
    Port 2083 Port 8080
    80 60 41
    62
    60 Port 2087 Port 21
    52 19
    40
    Port 2082 Port 161 WordPress PHP Bootstrap
    20 14 14 13
    4 50 8
    0
    0 Port 2086 Port 9200
    s ain ain s k n t
    iou res loc as rren 45 5
    ev dom dom add ip_b Cu Google Font API
    Pr b_ ip_
    su Port 2096 Port 10000 14
    41 5 Google Tag Manager
     Appeared  Disappeared 12
    MySQL
    14 Font Awesome
    12

    ISSUES

    TOTAL ISSUES SEVERE ISSUES WIDELY EXPLOITED


    VULNERABILITIES

    319 07
    100% 

    01
    ISSUE NAME ASSETS SEVERITY
    ISSUE NAME ASSETS SEVERITY
    Exposed Elastic 1 Crit ical
    CURRENT
    Search Service Possibly vulnerable 1 Crit ical
    SCAN
    (Port 9300) to 'ProxyNotShell'
     Low  Medium  High  Critical
    Zero-day (CVE-
    Exposed MySQL 1 Crit ical 2022-41040, CVE-
    Service 2022-41082)

    Exposed VNC 1 Crit ical


    Service

    Expired Certificate 47 High

    SPF: Record not 3 High


    found

    intel@volon.io
    ISSUE WISE STATUS CREDENTIAL BREACHES

    319 134 Nitro PDF [www.gonitro.com]


    83
    CREDENT IALS EXPOSED
    People Data Labs [www.peopledatalabs.com]
    19
    Canva [www.canva.com]

    20.60B 11
    Evite [www.evite.com]
    CREDENT IALS INDEXED 5
     Active  Resolved
    110 GB Stealer logs (shared by actor 'elesjey')
     False Postive  Risk Accepted 3
    Apollo [www.apollo.io]
    2
    ShareT his
    2

    ASSET DISTRIBUTION

    ASSET LOCATIONS

    02
    COUNTRY ASSETS ISSUES

    Guatemala 32 45

    United 12 3 2 2 25

    States

    intel@volon.io
    EXPOSED PORTS

    PORT COUNT

    443 82

    2083 60

    2087 52

    2082 50

    2086 45

    2096 41

    8443 40

    8880 32

    2053 30

    465 24

    53 24

    587 24

    2052 22

    995 19

    2079 17

    993 17

    110 17

    2095 15

    6001 5

    7779 5

    4911 5

    12345 5

    6443 5

    5901 5

    5985 5

    5010 5

    5001 5

    6000 5

    4040 5

    7443 5

    8140 5

    9443 5

    intel@volon.io
    PORT COUNT

    1400 5

    2000 5

    8889 5

    31337 5

    4000 5

    8098 5

    8081 5

    8083 5

    83 5

    7547 5

    5000 5

    25001 5

    3001 5

    8010 5

    2480 5

    4064 5

    3790 5

    5986 5

    8060 5

    9002 5

    50000 5

    6080 5

    4848 5

    9943 5

    7071 5

    9100 5

    10134 5

    1177 5

    50050 5

    9001 5

    5800 5

    1024 5

    8834 5

    7548 5

    intel@volon.io
    PORT COUNT

    5007 5

    8112 5

    5672 5

    8200 5

    82 5

    9090 5

    9800 5

    636 5

    5560 5

    5601 5

    9000 5

    10001 5

    8008 5

    389 5

    7001 5

    5009 5

    4567 5

    1433 5

    7171 5

    4022 5

    554 5

    8126 5

    8086 5

    88 5

    5555 5

    8181 5

    3299 5

    9600 5

    2345 5

    1337 5

    9530 5

    8800 5

    9080 5

    631 5

    intel@volon.io
    PORT COUNT

    84 5

    8000 5

    9306 5

    5269 5

    20000 5

    4443 5

    5005 5

    444 5

    1234 5

    10443 5

    5201 5

    7777 5

    9091 5

    4500 5

    3268 5

    7474 5

    8139 5

    143 2

    2077 2

    intel@volon.io
    PRONE TO ATTACK

    PORT COUNT

    80 70

    8080 41

    21 19

    161 8

    9200 5

    10000 5

    25 5

    5900 5

    3306 2

    intel@volon.io
    SEVERE ISSUES

    ISSUE NAME ASSETS SEVERITY

    Exposed Elastic Search Service (Port 9300) 1 Crit ical

    Exposed MySQL Service 1 Crit ical

    Exposed VNC Service 1 Crit ical

    Expired Certificate 47 High

    SPF: Record not found 3 High

    DMARC: Record Not Found 3 High

    Exposed FT P Service 2 High

    intel@volon.io
    WIDELY EXPLOITED VULNERABILITIES

    ISSUE NAME ASSETS SEVERITY

    Possibly vulnerable to 'ProxyNotShell' Zero-day (CVE-2022-41040, CVE-2022-41082) 1 Crit ical

    intel@volon.io
    CREDENTIAL BREACHES

    BREACH NAME TOTAL ACCOUNTS

    Nitro PDF [www.gonitro.com] 83

    People Data Labs [www.peopledatalabs.com] 19

    Canva [www.canva.com] 11

    Evite [www.evite.com] 5

    110 GB Stealer logs (shared by actor 'elesjey') 3

    Apollo [www.apollo.io] 2

    ShareT his 2

    Cit0day 2

    Deez er [www.deez er.com] (Partial) 1

    Job & T alent [www.jobandtalent.com] 1

    intel@volon.io
    ASSET LOCATIONS

    COUNTRY ASSETS ISSUES

    Guatemala 32 45

    United States 12 3 2 2 25

    intel@volon.io

    You might also like