Author Topic: Let's talk about OPEN PORTS (Read 1441 times)

zohraan · « **on:** March 31, 2012, 09:49:26 pm »

We often use Nmap to scan for open ports, but would someone like to talk about how to assess open port vulnerabilities and exploit them successfully ? Further, whats the next step after an exploit is completed successfully, how to connect to the target system to upload a PHP shell, either with Netcat or something other ... Help please ! Thanking you already !

Kulverstukas · « **Reply #1 on:** March 31, 2012, 10:06:37 pm »

Exploiting services that run on the scanned ports are much more than uploading a PHP shell, even for webservers. When you complete an exploit, of course depending on the type of it (assuming it's not a DoS) you usually connect to that IP on the exploited port and get access to the system. From there you can do whatever you want, or you might have to elevate yourself because you might get access to a limited user instead of root.

General answer ^

zohraan · « **Reply #2 on:** April 01, 2012, 03:54:55 am »

Seems cool, I have to use Netcat for connecting to system ?

Kulverstukas · « **Reply #3 on:** April 01, 2012, 08:55:57 am »

Quote from: zohraan on April 01, 2012, 03:54:55 am

Seems cool, I have to use Netcat for connecting to system ?

You don't HAVE to - there are others tools as well such as Telnet

, but netcat is the best. It ain't called "The Swiss Army knife" for nothing

as I recall you can even make a backdoor with netcat - it's legit because most AV's don't pick it up.

zohraan · « **Reply #4 on:** April 01, 2012, 12:07:50 pm »

Okay fine. Thanks broda !

hanorotu · « **Reply #5 on:** April 01, 2012, 09:27:14 pm »

Sorry to interrupt, what what the hell is Netcat? I've seen people on here talking about it. But I haven't ever used it. I've always just stuck to my telnet xD

dataspy · « **Reply #6 on:** April 02, 2012, 02:20:24 am »

Quote from: hanorotu on April 01, 2012, 09:27:14 pm

Sorry to interrupt, what what the hell is Netcat? I've seen people on here talking about it. But I haven't ever used it. I've always just stuck to my telnet xD

Taken from http://en.wikipedia.org/wiki/Netcat
Netcat is a computer networking service for reading from and writing network connections using TCP or UDP. Netcat is designed to be a dependable “back-end” device that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of correlation you would need and has a number of built-in capabilities.

zohraan · « **Reply #7 on:** April 02, 2012, 06:48:10 am »

Explained above, good.

-Konvict- · « **Reply #8 on:** April 07, 2012, 08:57:25 pm »

I would like to add that most ports can be left safely open depending on whats running on the port, so nmap is good at finding the service ie: -sV --version-all (--version-all probes for service info at an "intensity of 9")
hope this was helpful

zohraan · « **Reply #9 on:** April 07, 2012, 09:00:53 pm »

Quote from: -Konvict- on April 07, 2012, 08:57:25 pm

I would like to add that most ports can be left safely open depending on whats running on the port, so nmap is good at finding the service ie: -sV --version-all (--version-all probes for service info at an "intensity of 9")
hope this was helpful

Yes exactly. We can also use --script=banner.nse for finding services banners, almost same as -sV , I love Nmap scripts.

EvilZone

News:

Author Topic: Let's talk about OPEN PORTS (Read 1441 times)

zohraan

Let's talk about OPEN PORTS

Kulverstukas

Re: Let's talk about OPEN PORTS

zohraan

Re: Let's talk about OPEN PORTS

Kulverstukas

Re: Let's talk about OPEN PORTS

zohraan

Re: Let's talk about OPEN PORTS

hanorotu

Re: Let's talk about OPEN PORTS

dataspy

Re: Let's talk about OPEN PORTS

zohraan

Re: Let's talk about OPEN PORTS

-Konvict-

Re: Let's talk about OPEN PORTS

zohraan

Re: Let's talk about OPEN PORTS