Nmap

Data that travels over the air and how to protect (or decipher) it

Nmap

Post by eatcheese on Fri Aug 20, 2010 11:43 am
([msg=43990]see Nmap[/msg])

So i just started using Nmap and i can trace ip's and find all the information. But there is a big problem for me...what do i do with the servers that have weaknesses in them. This may sound silly but i have found a server with a open telnet port and i would like to take advantage of that, so if anyone can point me in the direction of any tutorials or anything that i should learn and use to help me i would be so great-full. Thank you.

-- Fri Aug 20, 2010 11:44 am --

and i almost forgot. I am running windows xp. Thanks again.
eatcheese
New User
New User
 
Posts: 3
Joined: Fri Aug 20, 2010 11:36 am
Blog: View Blog (0)


Re: Nmap

Post by Goatboy on Fri Aug 20, 2010 1:51 pm
([msg=43998]see Re: Nmap[/msg])

Generally, you would research the specific service (version, release, etc.) and search for vulnerabilities. There are a few ways to do this. You can download the source code yourself (if it is open-source or you have a way of getting it) and review it. You can Google it, or use one of the many vulnerability databases. You can use metasploit to speed up this process, but make sure you're actually learning something instead of just aiming it at a server and hoping for a result.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2823
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Nmap

Post by eatcheese on Fri Aug 20, 2010 9:05 pm
([msg=44006]see Re: Nmap[/msg])

Goatboy wrote:Generally, you would research the specific service (version, release, etc.) and search for vulnerabilities. There are a few ways to do this. You can download the source code yourself (if it is open-source or you have a way of getting it) and review it. You can Google it, or use one of the many vulnerability databases. You can use metasploit to speed up this process, but make sure you're actually learning something instead of just aiming it at a server and hoping for a result.

So i understand what your saying but i just wanna know are there any good books on unix or #c that i should learn before hopping into this because i honestly have no idea what to do when i find a weakness. I an fairly good at reading code and knowing what is going on but if i were to try to get the source code, how would i go about doing that? Thanks again in advance.
eatcheese
New User
New User
 
Posts: 3
Joined: Fri Aug 20, 2010 11:36 am
Blog: View Blog (0)


Re: Nmap

Post by IncandescentLight on Fri Aug 20, 2010 10:49 pm
([msg=44010]see Re: Nmap[/msg])

The vulnerability source codes can be found at sites like these: http://www.exploit-db.com or http://www.milw0rm.com. A hint for you is that you may have to download additional libraries into your complier so that these codes can be run, and some editing may have to be done. To find out what a vulnerability, especially stack-based overflows, and how to find them, check this link out: http://www.corelan.be:8800/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
Speak softly and carry a big stick -Theodore Roosevelt

http://www.rhetoricalcatch.blogspot.com
User avatar
IncandescentLight
Poster
Poster
 
Posts: 216
Joined: Sun Apr 27, 2008 3:16 am
Blog: View Blog (0)


Re: Nmap

Post by sanddbox on Sat Aug 21, 2010 2:15 am
([msg=44017]see Re: Nmap[/msg])

Congratulations! You're a skiddie, and on the fast track to becoming an UBAR-skiddie, the highest form of hackers. UBAR skiddies craft a delicious blend of trolling, hacking, and utter stupidity.

Contrary to what other skiddies will tell you, an open port is not the equivalent of an open door. An open port is the difference between a club blocked with a titanium door only openable from the inside and a regular door with a bouncer guarding it.

Even if a port is open, the port has to be running a service that has a known vulnerability. Continuing with my earlier horrible analogy, think of outdated services like a blind bouncer - easily circumvented. Exploiting an exploitable service is as simple as going into UBAR SKIDDIE mode and running vulnerabilities from milw0rm or other SUPAR SKIDDIE sites. (In case you're wondering, UBAR skiddies are more advanced than SUPAR skiddies).
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2331
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests