HI, I've Cracked some AP ,and I want to Access the Victim Pc..
So I tried metasploit ..and Preformed an nmap scan..
msf > nmap -sV -T4 -A -v -Pn 192.168.1.2
[*] exec: nmap -sV -T4 -A -v -Pn 192.168.1.2
Starting Nmap 6.40 ( [url=http://nmap.org]http://nmap.org[/url] ) at 2013-11-02 21:00 Standard Time
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 21:00
Scanning 192.168.1.2 [1 port]
Completed ARP Ping Scan at 21:00, 0.53s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 21:00
Completed Parallel DNS resolution of 1 host. at 21:00, 0.00s elapsed
Initiating SYN Stealth Scan at 21:00
Scanning Ghazal-PC.Home (192.168.1.2) [1000 ports]
Discovered open port 443/tcp on 192.168.1.2
Discovered open port 80/tcp on 192.168.1.2
Completed SYN Stealth Scan at 21:00, 4.90s elapsed (1000 total ports)
Initiating Service scan at 21:00
Scanning 2 services on Ghazal-PC.Home (192.168.1.2)
Service scan Timing: About 50.00% done; ETC: 21:03 (0:01:44 remaining)
Completed Service scan at 21:02, 106.87s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against Ghazal-PC.Home (192.168.1.2)
NSE: Script scanning 192.168.1.2.
Initiating NSE at 21:02
Completed NSE at 21:02, 20.30s elapsed
Nmap scan report for Ghazal-PC.Home (192.168.1.2)
Host is up (0.0069s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http?
|_http-title: Site doesn't have a title.
443/tcp open skype2 Skype
|_http-title: Site doesn't have a title.
1 service unrecognized despite returning data. If you know the service/version,
please submit the following fingerprint at [url=http://www.insecure.org/cgi-bin/servicefp-submit.cgi]http://www.insecure.org/cgi-bin/servicefp-submit.cgi[/url] :
SF-Port80-TCP:V=6.40%I=7%D=11/2%Time=52754BC6%P=i686-pc-windows-windows%r(
SF:GetRequest,1A,"HTTP/1\.0\x20404\x20Not\x20Found\r\n\r\n")%r(HTTPOptions
SF:,3B,"\xc4\x9f\x0boo\xb1I\xf0}\xf7\x10\xb5zIg\xc2\xc4\x86\xf5\xa5\|\x88~
SF:\xda\x166\x05b\xc7\xd7\xdeu\x8d\|d_\xfd\xe2\xc1&\xec\xafW\x89\xba\xf9%I
SF:\xc6\xff\xa4\xc52{\xf0\xa1\^\xb7\xfc")%r(RTSPRequest,5F,"Y\x9c\xc5\xbc\
SF:xf6\xc8\xe60\xeecT\xf8\xd8\x86>\xad\xa2SI\xe4\xd4\(\xbdV\xc2\x8a\xea\xa
SF:0\x88o}l\x9a\x89\x15\xbf\x9d\xf9p\xad\x8bUa\x05k\x9en\xc4\xeb\xa0\x91\x
SF:8e'\xac-z#x\x89&\xdf\x04\xa5\x92\[P\x81\xbe\x97\\\x1d\xaa\x93\(yVO\xb4\
SF:x95\xc2\xcb\0q\xee\x07\x0c\r\xda\x03\xd8i\x86\xbfd\x85")%r(FourOhFourRe
SF:quest,1A,"HTTP/1\.0\x20404\x20Not\x20Found\r\n\r\n")%r(RPCCheck,37,"\xc
SF:8q/\xdc\x16v\xe3\xe3Q\xb5k\xc2\xae\x06\xd3\x08\x0e\x8e-Z\x9fcs\xc3\xc5C
SF:z\xf8\x16\x14\xacNo\xa2\x88~\x1d}4=\xbd\$\xf7\xc9\xa9`NF\xc01\xae\xc7\x
SF:cc\xcd\x9a")%r(DNSVersionBindReq,69,"\x91\x8e~\x02\xa1N\xacn\.I\xe0%\xe
SF:e\x13\xc0\x8c/\xe7B\x83#\x9eS\x8e4\xe8\xf5\xf9\x9fu\xc9\xf6\xb1\[K\xc3\
SF:xc7\xb7~b\x84\xdb\x134c\xae\*\x1ff\x1fD\xe5\xd2\x9b\x90\xc1\xfe\xd7\x9c
SF:\]\xea\xd3h\xb9\x96\x8f\xf4\xd5\x02\x0b@\xb1\.GLM\x1aC\x18\xa9\xc6\xff\
SF:xa4\xc52{\xf0\xa1\^\xb7\xfc=J\xb3\xc8\x99\xf6oT\xb5b\xeb\xa0\x91\x8e")%
SF:r(DNSStatusRequest,30,"m\x15\xe6\xca\x91y>\xe8\xb2n\xe0G\x10\xd5C\xa8\x
SF:9d\xd0\)&\xc8\xc0\xc4\xecn\x13\x83UA\xfb\xc9c\xc92\xb4Tj\+MD\x01\x0ejzE
SF:VV\xdc")%r(SSLSessionReq,43,"\x1b\x8f\$\xe4\xc2\x8e2\xd3\x8b#\xbd\x16\x
SF:86\xb9\xbbA\xbbBc\x8aOh\xc6\x8eC\xf7\xf5\x85\$;\x06M\x89'\x12t\x9e0c0\x
SF:cc\x1a\xea\xdf{G\xfa\xd8\xb8\xc9f\x1fD\xe5\xd2\x9b\x90\xc1\xfe\x8d\xec\
SF:xd6\xd8\x90\xd8\xf4-")%r(Kerberos,6C,"Z\x15\x02\x0f6\xcf\.\$8r\xacs\x01
SF:z\xffE>\xb7SsIuO\xe1\x14\x01\xe2Lk\xc3\xe3Y\$\xf3\xa14uT-\x90\x20\xdaE;
SF:z\xd3e\xc8\xa1\^\xb7\xfc=J\xb3\xc8\x99\xf6oT\xb5b\xeb\xa0\x91\x8e'\xac-
SF:z#x\x89&\xdf\x04\xa5\x92\[P\x81\xbe\x97\\\x1d\xaa\x93\(yVO\xb4\x95\xc2\
SF:xcb\0q\xee\x07\x0c\x1c\xaa\xc96\x94\xad\x9aB")%r(SMBProgNeg,5E,"\x8dz\+
SF:~L\x1c\x0e{\\'\xe3\x1fW\x88\^\$t\xd0\xc7\xd7-6\?\xcd\xfc\xbe\xf2`SX\x8d
SF:wa_\xa0\x18M>\xb6\xa7\xa8q\(r\xbf\xb0\xdac\xd8i\x86\xbfd\x85\xf2;\xb0a\
SF:x1ew\xbc\xfd\ns\x88Y\xb6/\x14u\"\xab`QN\xe7l\xed:\xe38I\xe6\x9f\xc4eR\x
SF:1b\x10A~W\x1c\xdd");
MAC Address: 02:08:E8:36:E7:C0 (Unknown)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Microsoft Windows 2008|7|Vista
OS CPE: cpe:/o:microsoft:windows_server_2008::beta3 cpe:/o:microsoft:windows_7::-:professional cpe:/o:microsoft:windows_vista::- cpe:/o:microsoft:windows_vista::sp1
OS details: Microsoft Windows Server 2008 Beta 3, Microsoft Windows 7 Professional, Microsoft Windows Vista SP0 or SP1, Windows Server 2008 SP1, or Windows 7, Microsoft Windows Vista SP2, Windows 7 SP1, or Windows Server 2008
Uptime guess: 0.544 days (since Sat Nov 02 07:58:25 2013)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=256 (Good luck!)
IP ID Sequence Generation: Incremental
TRACEROUTE
HOP RTT ADDRESS
1 6.87 ms Ghazal-PC.Home (192.168.1.2)
NSE: Script Post-scanning.
Read data files from: D:\metasploit\nmap
OS and Service detection performed. Please report any incorrect results at [url=http://nmap.org/submit/]http://nmap.org/submit/[/url] .
Nmap done: 1 IP address (1 host up) scanned in 143.88 seconds
Raw packets sent: 2044 (92.488KB) | Rcvd: 16 (780B)
Is the only Exploit in his System is caused by Skype?
What is the Next Step i Should Do(Since the autopwn was removed)?and How to take Advantage of this 2 opened Ports?
Thanks.
Staff note: [ code ] your stuff.
