ACCESS POINTS FOR RANSOMWARE:
1. Tomcat Server: 45.33.20.220:8080
   - Credentials: admin:s3cret
   - Deploy via: Manager interface or direct WAR upload

2. NocoDB Dashboard: 45.33.20.204:8080/dashboard
   - Credentials: admin:admin
   - Access to: Database connections, possibly file storage

3. PHP Server: 45.33.20.231:8080
   - Ports: 80, 443, 8080, 8443
   - MySQL: 3306 open
   - Attack vectors: File upload, SQL injection

4. MySQL Databases:
   - 45.33.20.220:3306 - Test with root:root
   - 45.33.20.231:3306 - Test with root:root

5. Reverse Shell: Port 4444 (check if connected)