Penetration Testing mailing list archives
Re: linux pen-test
From: okrehel () loews com
Date: Fri, 5 Aug 2005 09:06:00 -0400
Bruno, Tried to get application versions of these services and see if they have any security flaws reported in the past. Use "nc" or "telnet" to service, grab banners. SMTP maybe can list users, port 80 could have a web server with cgi or some application running bugs, run nikto or others CGI scanners. Maybe you can upload some code into the web server. Be creative. Maybe 110 pop3 can give you some info about users, perhaps you can brute force some accounts there, etc... Ondrej Krehel "Bruno Kovacs" <bruno () saga com.b r> To <pen-test () lists securityfocus com> 08/04/05 02:40 PM cc Subject Please respond to linux pen-test "Bruno Kovacs" <bruno () saga com.b r> Hi, Im pen-testing a linux system and I could port-scan the following open tcp ports: 21 25 53 59 80 110 119 143 443 Strangely, there is this 59 port open. I googled it and it seems to be a mIRC DCC Server. Didnt help too much. I know port 80 and 443 are running Apache 2.0.40 and there are a few bugs about it, but nothing really scaring. I cant grab other apps version even with amap. As I dont have local access, I get frustrated cause the only thing I can think is exploiting some app remotely. Any suggestions ? I need at least a shell. I´ve looked Metasploit exploits but the are no one appropriate. Bruno Kovacs (CCSE) Bruno Kovacs (CCSE) Saga Sistemas e Computadores S.A. Tel: +55 21 2518-3161 bruno () saga com br ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 ------------------------------------------------------------------------------- ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- linux pen-test Bruno Kovacs (Aug 04)
- RE: linux pen-test Leandro Reox (Aug 05)
- Re: linux pen-test frank boldewin (Aug 05)
- Re: linux pen-test Adli Abdul Wahid (Aug 05)
- Re: linux pen-test okrehel (Aug 05)
- Re: linux pen-test Chris Benedict (Aug 10)
- Re: linux pen-test Javier Fernandez-Sanguino (Aug 08)
- <Possible follow-ups>
- Re: linux pen-test securityfocus (Aug 05)
- Re: linux pen-test s0u1d13r s0u1d13r (Aug 06)