Manage Engine not working #574
Comments
|
Same thing is happening to me. I've tried everything. Reinstalling, turning the service on and off, adjusting network settings, nothing seems to be working. |
|
Exactly the same happens to me both in 8020 and 8083 ports. |
|
yep-same here- I thought it was my install. |
|
Happens to me as well. Your port scan also shows port 8282/tcp missing (apache tomcat) just like mine, so I assume it's just something within the images themselves. Haven't dug deeper to figure out why just yet. |
|
Good day all, I've also been encountering this issue. |
Issue Description
When I try to run https://localhost:8383/ from within Metasploitable3 Windows Server 2008 R2 Internet Explorer, I get "Service Unavailable. The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later."
I am logged on as U: Administrator, P: vagrant.
I can get in and stop and then restart the ManageEngine Desktop Central Server service just fine.
The commands as outlined in your vulnerabilities wiki do not work:
Start/Stop
Stop: In command prompt, do net stop ManageEngine Desktop Central Server
Start: In command prompt, do net start ManageEngine Desktop Central Server
When I try to hit the site from Kali Firefox, I get the same result.
My nmap output shows that port 8383 is indeed open. (See listing below).
Starting Nmap 7.92 ( https://nmap.org ) at 2022-06-24 11:34 EDT
Nmap scan report for 192.168.1.103
Host is up (0.00015s latency).
Not shown: 981 closed tcp ports (reset)
PORT STATE SERVICE VERSION
21/tcp open ftp Microsoft ftpd
| ftp-syst:
|_ SYST: Windows_NT
22/tcp open ssh OpenSSH 7.1 (protocol 2.0)
| ssh-hostkey:
| 2048 dc:39:f2:8e:fd:df:84:e9:d3:cb:57:fc:20:e6:4c:4a (RSA)
|_ 521 7f:0a:00:7f:bb:04:05:6f:e3:e3:0d:ad:11:89:63:66 (ECDSA)
80/tcp open http Microsoft IIS httpd 7.5
| http-methods:
|_ Potentially risky methods: TRACE
|_http-server-header: Microsoft-IIS/7.5
|http-title: Site doesn't have a title (text/html).
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds Windows Server 2008 R2 Standard 7601 Service Pack 1 microsoft-ds
3306/tcp open mysql MySQL 5.5.20-log
| mysql-info:
| Protocol: 10
| Version: 5.5.20-log
| Thread ID: 5
| Capabilities flags: 63487
| Some Capabilities: DontAllowDatabaseTableColumn, Support41Auth, IgnoreSigpipes, SupportsLoadDataLocal, IgnoreSpaceBeforeParenthesis, LongColumnFlag, FoundRows, InteractiveClient, LongPassword, Speaks41ProtocolNew, ConnectWithDatabase, SupportsCompression, Speaks41ProtocolOld, ODBCClient, SupportsTransactions, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
| Status: Autocommit
| Salt: $=G-IgM*'',F]"1kJmg
| Auth Plugin Name: mysql_native_password
3389/tcp open tcpwrapped
| ssl-cert: Subject: commonName=vagrant-2008R2
| Not valid before: 2022-05-28T09:11:07
|Not valid after: 2022-11-27T09:11:07
| rdp-ntlm-info:
| Target_Name: VAGRANT-2008R2
| NetBIOS_Domain_Name: VAGRANT-2008R2
| NetBIOS_Computer_Name: VAGRANT-2008R2
| DNS_Domain_Name: vagrant-2008R2
| DNS_Computer_Name: vagrant-2008R2
| Product_Version: 6.1.7601
| System_Time: 2022-06-24T15:36:18+00:00
|_ssl-date: 2022-06-24T15:36:39+00:00; +3s from scanner time.
4848/tcp open ssl/http Oracle Glassfish Application Server
| ssl-cert: Subject: commonName=localhost/organizationName=Oracle Corporation/stateOrProvinceName=California/countryName=US
| Not valid before: 2013-05-15T05:33:38
|_Not valid after: 2023-05-13T05:33:38
|_http-server-header: GlassFish Server Open Source Edition 4.0
|_http-title: Login
|_ssl-date: 2022-06-24T15:36:39+00:00; +3s from scanner time.
7676/tcp open java-message-service Java Message Service 301
8080/tcp open http Sun GlassFish Open Source Edition 4.0
|http-open-proxy: Proxy might be redirecting requests
| http-methods:
| Potentially risky methods: PUT DELETE TRACE
|_http-title: GlassFish Server - Server Running
|_http-server-header: GlassFish Server Open Source Edition 4.0
8181/tcp open ssl/intermapper?
| fingerprint-strings:
| GetRequest:
| HTTP/1.1 200 OK
| Date: Fri, 24 Jun 2022 15:34:55 GMT
| Content-Type: text/html
| Connection: close
| Content-Length: 4626
|
|
| \n\n<s
SF:tyle\x20type="text/css">\n\tbody{margin-top:0}\n\tbody,td,p,div,span,
SF:a,ul,ul\x20li,\x20ol,\x20ol\x20li,\x20ol\x20li\x20b,\x20dl,h1,h2,h3,h4,
SF:h5,h6,li\x20{font-family:geneva,helvetica,arial,"lucida\x20sans",sans
SF:-serif;\x20font-size:10pt}\n\th1\x20{font-size:18pt}\n\th2\x20{font-siz
SF:e:14pt}\n\th3\x20{font-size:12pt}\n\tcode,kbd,tt,pre\x20{font-family:mo
SF:naco,courier,"courier\x20new";\x20font-size:10pt;}\n\tli\x20{padding-
SF:bottom:\x208px}\n\tp.copy,\x20p.copy\x20a\x20{font-family:geneva,helv
SF:etica,arial,"lucida\x20sans",sans-serif;\x20font-size:8pt}\n\tp.copy
SF:\x20{text-align:\x20center}\n\ttable.grey1,tr.grey1,td.g")%r(HTTPOpt
SF:ions,7A,"HTTP/1.1\x20405\x20Method\x20Not\x20Allowed\r\nAllow:\x20GET
SF:r\nDate:\x20Fri,\x2024\x20Jun\x202022\x2015:34:55\x20GMT\r\nConnection:
SF:\x20close\r\nContent-Length:\x200\r\n\r\n")%r(RTSPRequest,76,"HTTP/1.1
SF:\x20505\x20HTTP\x20Version\x20Not\x20Supported\r\nDate:\x20Fri,\x2024\x
SF:20Jun\x202022\x2015:34:55\x20GMT\r\nConnection:\x20close\r\nContent-Len
SF:gth:\x200\r\n\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port9200-TCP:V=7.92%I=7%D=6/24%Time=62B5D990%P=x86_64-pc-linux-gnu%r(Ge
SF:tRequest,187,"HTTP/1.0\x20200\x20OK\r\nContent-Type:\x20application/js
SF:on;\x20charset=UTF-8\r\nContent-Length:\x20304\r\n\r\n{\r\n\x20\x20"st
SF:atus"\x20:\x20200,\r\n\x20\x20"name"\x20:\x20"Rage",\r\n\x20\x20"
SF:version"\x20:\x20{\r\n\x20\x20\x20\x20"number"\x20:\x20"1.1.1",
SF:r\n\x20\x20\x20\x20"build_hash"\x20:\x20"f1585f096d3f3985e73456debdc
SF:1a0745f512bbc",\r\n\x20\x20\x20\x20"build_timestamp"\x20:\x20"2014-
SF:04-16T14:27:12Z",\r\n\x20\x20\x20\x20"build_snapshot"\x20:\x20false,
SF:\r\n\x20\x20\x20\x20"lucene_version"\x20:\x20"4.7"\r\n\x20\x20},\r
SF:\n\x20\x20"tagline"\x20:\x20"You\x20Know,\x20for\x20Search"\r\n}\n"
SF:)%r(HTTPOptions,4F,"HTTP/1.0\x20200\x20OK\r\nContent-Type:\x20text/pla
SF:in;\x20charset=UTF-8\r\nContent-Length:\x200\r\n\r\n")%r(RTSPRequest,4F
SF:,"HTTP/1.1\x20200\x20OK\r\nContent-Type:\x20text/plain;\x20charset=UTF
SF:-8\r\nContent-Length:\x200\r\n\r\n")%r(FourOhFourRequest,A9,"HTTP/1.0
SF:x20400\x20Bad\x20Request\r\nContent-Type:\x20text/plain;\x20charset=UTF
SF:-8\r\nContent-Length:\x2080\r\n\r\nNo\x20handler\x20found\x20for\x20uri
SF:\x20[/nice%20ports%2C/Tri%6Eity.txt%2ebak]\x20and\x20method\x20[GET
SF:]")%r(SIPOptions,4F,"HTTP/1.1\x20200\x20OK\r\nContent-Type:\x20text/p
SF:lain;\x20charset=UTF-8\r\nContent-Length:\x200\r\n\r\n");
MAC Address: 08:00:27:2C:D0:44 (Oracle VirtualBox virtual NIC)
Device type: general purpose
Running: Microsoft Windows 7|2008|8.1
OS CPE: cpe:/o:microsoft:windows_7::- cpe:/o:microsoft:windows_7::sp1 cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_server_2008:r2 cpe:/o:microsoft:windows_8 cpe:/o:microsoft:windows_8.1
OS details: Microsoft Windows 7 SP0 - SP1, Windows Server 2008 SP1, Windows Server 2008 R2, Windows 8, or Windows 8.1 Update 1
Network Distance: 1 hop
Service Info: OSs: Windows, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows
Host script results:
| smb-os-discovery:
| OS: Windows Server 2008 R2 Standard 7601 Service Pack 1 (Windows Server 2008 R2 Standard 6.1)
| OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
| Computer name: vagrant-2008R2
| NetBIOS computer name: VAGRANT-2008R2\x00
| Workgroup: WORKGROUP\x00
|_ System time: 2022-06-24T08:36:18-07:00
| smb2-time:
| date: 2022-06-24T15:36:17
|_ start_date: 2022-06-24T15:31:52
|clock-skew: mean: 1h00m02s, deviation: 2h38m44s, median: 2s
|nbstat: NetBIOS name: VAGRANT-2008R2, NetBIOS user: , NetBIOS MAC: 08:00:27:2c:d0:44 (Oracle VirtualBox virtual NIC)
| smb-security-mode:
| account_used: guest
| authentication_level: user
| challenge_response: supported
| message_signing: disabled (dangerous, but default)
| smb2-security-mode:
| 2.1:
| Message signing enabled but not required
TRACEROUTE
HOP RTT ADDRESS
1 0.15 ms 192.168.1.103
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 130.13 seconds
The text was updated successfully, but these errors were encountered: