Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: PacketStuff's nmap binary

From: "Brandon Steili" <brandon () netsyd com>
Date: Wed, 14 Sep 2005 17:26:35 -0600
Quoting Bryan D. Fish <bryanfish () sbcglobal net>:
        I need to upload nmap to a compromised NT box.

Key word I think in this one is "upload", second one being
"compromised". He doesn't say if he has physical access to the box or
not. Besides, assuming he does have physical access to the box, would
not shutting down that system and keeping it offline while you run
scanning tools raise a few eyebrows if someone wanted to access this
system? 

If he had physical access to the box, it would make more sense to bring
his own system online within that network and run the toolkit from that
which would prevent any possible contamination of that production box.

I would further assume from this that he was intending to use this to
test the internal setup and if he's truly pen testing then shutting down
a box on a production network may not be within the scope, but loading
apps might be.

Either way ... seems to run fine with no stability issues & with
identical results as the version running on my Linux box. I ran this on
a completely clean XP SP2 install with nothing else installed (ie
winpcap) and the XP FW running. 

Starting nmap 3.81 ( http://www.insecure.org/nmap ) 
Interesting ports on 192.168.xxx.xxx:
(The 1658 ports scanned but not shown below are in state: closed)
PORT     STATE SERVICE
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
1025/tcp open  NFS-or-IIS
3389/tcp open  ms-term-serv

Nmap finished: 1 IP address (1 host up) scanned in 2.944 seconds


-----Original Message-----
From: Kelly Scroggins [mailto:kelly () cliffhanger com] 
Sent: Monday, September 12, 2005 7:42 PM
To: Bryan D. Fish
Cc: 'pen-test'
Subject: Re: PacketStuff's nmap binary

Why not use a bootable linux cd with a trusted
copy of nmap and other tools?


-- 

           --    -- 
             \  /
              \/
              /\
             /  \
           --    --





------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: