Web Analytics Made Easy - StatCounter

Εμφάνιση αναρτήσεων με ετικέτα Nmap. Εμφάνιση όλων των αναρτήσεων
Εμφάνιση αναρτήσεων με ετικέτα Nmap. Εμφάνιση όλων των αναρτήσεων

30 Ιουνίου 2017

Information Gathering με NMAP

Σε αυτό το tutorial θα χρησιμοποιήσουμε το NMAP για να συγκεντρώσουμε πληροφορίες για ανοικτές πόρτες στο στόχο μας.

Ας ξεκινήσουμε με κάποια βασικά πράγματα για το NMAP.

Χρησιμοποιόντας το NMAP μπορούμε να βρούμε ανοικτές πόρτες και εκδόσεις υπηρεσιών οι οποίες τρέχουν σε ένα server και μπορούν να μας βοηθήσουν να λάβουμε άμεση πρόσβαση εκμεταλλεύοντας οποιαδήποτε λειτουργία ή μέσω bruteforce. Επίσης μπορούν να μας βοηθήσουν να καταλάβουμε σχετικά με υπηρεσίες οι οποίες τρέχουν στο server, έτσι ώστε αργότερα μπορεί να χρειαστούν ενώ κάνουμε pentesting.

Για να συνεχίσετε την ανάγνωση μπείτε στον παρακάτω σύνδεσμο.
Δεν είναι διαφήμιση η κάτι τέτοιο.

Κωδικός: username: foulscode 
                password:  foulscode



Διαβάστε Περισσότερα »

18 Μαΐου 2017

Client side attack

*** There is a sound problem on video ***

You are a Penetration Tester and you’re asked to determine if the

corporate network is secure and if we are able to reach the servers

withing the DMZ.

The internal corporate network is divided in two

segments: the internal network where the employees machine reside and

the DMZ where there are company servers.

######## GOALS #############

1) Gain access to the internal network

2) Exploit and get a shell to a server within the DMZ

############WHAT YOU WILL LEARN ################

1) How to use Client-Side attacks

2) Pivoting

3) Fingerprint Hosts and Services though Pivoting

To guide you during the lab you will find different Tasks.

Tasks are meant for educational purposes and to show you the usage of

different tools and different methods to achieve the same goal.

They are not meant to be used as a methodology.



2) nmap

3) proxychains

4) Mail client ( i.e. Thunderbird )


Labs machines (like web server and internal organization machines)

are not connected to the internet.

Διαβάστε Περισσότερα »

TCP Port Scan with Nmap

About this tool

TCP Port Scan with Nmap allows you to discover which TCP ports are open on your target host.

Network ports are the entry points to a machine that is connected to the Internet. A service that listens on a port is able to receive data from a client application, process it and send a response back. Malicious clients can sometimes exploit vulnerabilities in the server code so they gain access to sensitive data or execute malicious code on the machine remotely. That is why testing for all ports is necessary in order to achieve a thorough security verification.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports that's why we have different tools.

Target: This is the hostname of IP address(es) to scan
Ports to scan - Common: This option tells Nmap to scan only the top 100 most common TCP ports (Nmap -F).
Ports to scan - Range: You can specify a range of ports to be scanned. Valid ports are between 1 and 65535.
Ports to scan - List: You can specify a comma separated list of ports to be scanned.
Detect service version: In this case Nmap will try to detect the version of the service that is running on each open port. This is done using multiple techniques like banner grabbing, reading server headers and sending specific requests.
Detect operating system: If enabled, Nmap will try to determine the type and version of the operating system that runs on the target host. The result is not always 100% accurate, depending on the way the target responds to probe requests.
Do traceroute: If enabled, Nmap will also do a traceroute to determine the path packets take from our server to the target server, including the ip addresses of all network nodes (routers).
Don't ping host: If enabled, Nmap will not try to see if the host is up before scanning it (which is the default behavior). This option is useful when the target host does not respond to ICMP requests but it is actually up and it has open ports.

Διαβάστε Περισσότερα »
Related Posts Plugin for WordPress, Blogger...