Penetration Testing mailing list archives
RE: Unknown App
From: "Aleksander P. Czarnowski" <alekc () avet com pl>
Date: Thu, 21 Jul 2005 22:55:54 +0200
This will work only if command prompt access is granted - guess clicking on Control Panel/Add-Remove Application icon would be easier in case of legitimate application ;-) In case of remote test the most simple solution would be nmap's -A switch or some other application fingerprinting tool. You can try also do some fuzzing and see if you'll get any response. Secondly - because this is Windows system - you might try to enumerate remotely running services or access system/application logs remotely (considering you have credential or there are no restriction on NULL session and ports 135-139 are not filtered.) Best Regards, Aleksander Czarnowski AVET INS
-----Original Message----- From: Bartholomew, Brian J [mailto:BartholomewBJ () state gov] Sent: Thursday, July 21, 2005 6:47 PM To: thenightweighsheavy () gmail com; pen-test () securityfocus com Subject: RE: Unknown App A simple Fport should tell you what it is... http://www.foundstone.com/index.htm?subnav=resources/navigation.ht m&subcontent=/resources/proddesc/fport.htm Brian J. Bartholomew (CISSP) Red Cell US Department of State Bureau of Diplomatic Security Office of Computer Security Ph: 571-345-2670 Cell: 202-369-6349 -----Original Message----- From: thenightweighsheavy () gmail com [mailto:thenightweighsheavy () gmail com] Sent: Thursday, July 21, 2005 2:56 AM To: pen-test () securityfocus com Subject: Unknown App Hello, During a recent pen-test, I discovered that port 80 is opened by an unknown application on multiple client workstations (WinXP). No web server appears to be running or installed - I've tested a few things, but I'm curious what the list thinks is the best next-step to take. Thanks, Golden Earring
Current thread:
- Unknown App thenightweighsheavy (Jul 21)
- Unknown App Scott Fuhriman (Jul 21)
- Re: Unknown App Sharad Birmiwal (Jul 22)
- Unknown App Scott Fuhriman (Jul 22)
- Re: Unknown App Sharad Birmiwal (Jul 22)
- <Possible follow-ups>
- RE: Unknown App Bartholomew, Brian J (Jul 21)
- Re: Unknown App ilaiy (Jul 21)
- Re: Unknown App Fabián Gabriel Chiera (Jul 22)
- RE: Unknown App okrehel (Jul 21)
- RE: Unknown App Aleksander P. Czarnowski (Jul 21)
- RE: Unknown App Lyal Collins (Jul 22)
- Re: Unknown App ilaiy (Jul 21)
- RE: Unknown App Jarmon, Don R (Jul 21)
- RE: Unknown App Andre Protas (Jul 21)
- RE:Unknown App Jordan Del-Grande (Jul 21)
- RE: Unknown App Womack, Quintin T - Raleigh, NC - Contractor (Jul 21)
- RE: Unknown App Hagen, Eric (Jul 22)
- Re: Unknown App thenightweighsheavy (Jul 25)
- RE: Unknown App Scott Fuhriman (Jul 25)
- Unknown App Scott Fuhriman (Jul 21)