Penetration Testing mailing list archives
Re: failure notice
From: "sr." <staticrez () gmail com>
Date: Mon, 15 Dec 2008 19:17:43 -0500
try to browse to that port with a browser. throw the telnet prompt a GET HTTP/1.0 and see what you get back. if you get html, then it's most likely a web server. i've seen many instances where a server (firewall) will throw back a bunch of open ports. ports that aren't even open on the system in question. That host is usually sitting behind a firewall or an IPS. Of course, the possibility that those ports are actually open because of a careless admin also exists. let's not rule out a honeypot either. also, verify that port 22 is actually open by telnet(ing) there as well. sshd will usually send back a nice little version banner. use that information and check that version for known exploits. then learn how to run a script from a real shell because you'll have to. sr. <saving bandwidth> On Mon, Dec 15, 2008 at 4:42 PM, Dante Lanznaster <dantecl () gmail com> wrote:
I believe this scan was internal. I really hope so. 1) too many ports open / listening. You need to do service fingerprinting. 2) connecting via telnet to a listening port will always yield a "connected" prompt and that's hardly a shell. On Mon, Dec 15, 2008 at 9:24 AM, lgpmsec <lgpmsec () gmail com> wrote:Hi again all, Please find below the nmap results for the specific server, and let me know if it adds value: bt ~ # nmap -sT -vv x.x.x.120 Starting Nmap 4.60 ( http://nmap.org ) at 2008-12-15 15:04 GMT Initiating Ping Scan at 15:04 Scanning x.x.x.120 [2 ports]
------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Re: failure notice sr. (Dec 16)
- Re: Port 4662 exploitation ArcSighter Elite (Dec 18)
- Re: Port 4662 exploitation Boogie B. (Dec 18)
- Re: Port 4662 exploitation Boogie B. (Dec 18)
- Re: Port 4662 exploitation Boogie B. (Dec 18)
- Re: Port 4662 exploitation ArcSighter Elite (Dec 18)