Comandos Backtrack

root@bt:~# cd /pentest/web/nikto/ root@bt:/pentest/web/nikto# ./nikto.pl -h ip_host - Nikto v2.1.5 --------------------------------------------------------------------------+ Target IP: 190.12.0.
10 + Target Hostname: ip_host + Target Port: 80 + Start Time: 2012-09-15 10:45:20 (GMT-4) --------------------------------------------------------------------------+ Server: Apache/2.2.3 (CentOS) + Retrieved x-powered-by header: PHP/5.1.6 + Apache/2.2.3 appears to be outdated (current is at least Apache/2.2.19). Apach e 1.3.42 (final release) and 2.0.64 are also current. + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE + DEBUG HTTP verb may show server debugging information. See http://msdn.microso ft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details. + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to X ST ^Croot@bt:/pentest/web/nikto# ./nikto.pl -h ip_host >>/root/Desktop/escneo.txt root@bt:/pentest/web/nikto# /////////////////////////////////////////////// root@bt:~# cd /pentest/exploits/framework3 bash: cd: /pentest/exploits/framework3: No such file or directory root@bt:~# cd /pentest/exploits/framework2 root@bt:/pentest/exploits/framework2# ./msfconsole
| | _) | __ `__ \ _ \ __| _` | __| __ \ | _ \ | __| | | | __/ | ( |\__ \ | | | ( | | | _| _| _|\___|\__|\__,_|____/ .__/ _|\___/ _|\__| _| + -- --=[ msfconsole v2.8-dev [158 exploits - 76 payloads] msf > use auxiliary/scanner/http/options msfconsole: use: please specify a valid exploit name msf > show msfconsole: show: requires an option: 'exploits', 'payloads', 'encoders', or 'no ps' msf > show exploits Metasploit Framework Loaded Exploits ==================================== 3com_3cdaemon_ftp_overflow Credits afp_loginext aim_goaway altn_webadmin apache_chunked_win32 arkeia_agent_access arkeia_type77_macos ) arkeia_type77_win32 awstats_configdir_exec backupexec_agent ow Arkeia Backup Client Type 77 Overflow (Win32) AWStats configdir Remote Command Execution Veritas Backup Exec Windows Remote Agent Overfl 3Com 3CDaemon FTP Server Overflow Metasploit Framework Credits AppleFileServer LoginExt PathName Overflow AOL Instant Messenger goaway Overflow Alt-N WebAdmin USER Buffer Overflow Apache Win32 Chunked Encoding Arkeia Backup Client Remote Access Arkeia Backup Client Type 77 Overflow (Mac OS X
backupexec_dump backupexec_ns backupexec_registry badblue_ext_overflow bakbone_netvault_heap barracuda_img_exec blackice_pam_icq bluecoat_winproxy verflow bomberclone_overflow_win32 cabrightstor_disco cabrightstor_disco_servicepc low cabrightstor_sqlagent cabrightstor_uniagent cacam_logsecurity_win32 cacti_graphimage_exec calicclnt_getconfig calicserv_getconfig cesarftp_mkd distcc_exec edirectory_imonitor edirectory_imonitor2 eiq_license eudora_imap exchange2000_xexch50 firefox_queryinterface_linux n (Linux x86) firefox_queryinterface_osx n (Mac OS X) freeftpd_key_exchange verflow freeftpd_user freesshd_key_exchange ffer Overflow futuresoft_tftpd globalscapeftp_user_input ow gnu_mailutils_imap4d y google_proxystylesheet_exec ion hpux_ftpd_preauth_list sting hpux_lpd_exec ia_webmail icecast_header ie_createobject on ie_createtextrange ion ie_iscomponentinstalled erflow ie_objecttype ie_vml_rectfill n ie_webview_setslice Code Execution ie_xp_pfv_metafile tProc Code Execution
Veritas Backup Exec Windows Remote File Access Veritas Backup Exec Name Service Overflow Veritas Backup Exec Server Registry Access BadBlue 2.5 EXT.dll Buffer Overflow BakBone NetVault Remote Heap Overflow Barracuda IMG.PL Remote Command Execution ISS PAM.dll ICQ Parser Buffer Overflow Blue Coat Systems WinProxy Host Header Buffer O Bomberclone 0.11.6 Buffer Overflow CA BrightStor Discovery Service Overflow CA BrightStor Discovery Service SERVICEPC Overf CA BrightStor Agent for Microsoft SQL Overflow CA BrightStor Universal Agent Overflow CA CAM log_security() Stack Overflow (Win32) Cacti graph_image.php Remote Command Execution CA License Client GETCONFIG Overflow CA License Server GETCONFIG Overflow Cesar FTP 0.99g MKD Command Buffer Overflow DistCC Daemon Command Execution eDirectory 8.7.3 iMonitor Remote Stack Overflow eDirectory 8.8 iMonitor Remote Stack Overflow EIQ License Manager Overflow Qualcomm WorldMail IMAPD Server Buffer Overflow Exchange 2000 MS03-46 Heap Overflow Firefox location.QueryInterface() Code Executio Firefox location.QueryInterface() Code Executio FreeFTPd 1.0.10 Key Exchange Algorithm Buffer O freeFTPd USER Overflow FreeSSHd 1.0.9 Key Exchange Algorithm String Bu FutureSoft TFTP Server 2000 Buffer Overflow GlobalSCAPE Secure FTP Server user input overfl GNU Mailutils imap4d Format String Vulnerabilit Google Appliance ProxyStyleSheet Command Execut HP-UX FTP Server Preauthentication Directory Li HP-UX LPD Command Execution IA WebMail 3.x Buffer Overflow Icecast (<= 2.0.1) Header Overwrite (win32) Internet Explorer COM CreateObject Code Executi Internet Explorer createTextRange() Code Execut Windows XP SP0 IE 6.0 IsComponentInstalled() Ov Internet Explorer Object Type Overflow Internet Explorer VML Fill Method Code Executio Internet Explorer WebViewFolderIcon setSlice() Windows XP/2003/Vista Metafile Escape() SetAbor
iis40_htr iis50_printer_overflow iis50_webdav_ntdll iis_fp30reg_chunked iis_nsiislog_post iis_source_dumper iis_w3who_overflow imail_imap_delete imail_ldap irix_lpsched_exec kerio_auth acket Overflow lsass_ms04_011 lyris_attachment_mssql QL) mailenable_auth_header mailenable_imap r Overflow mailenable_imap_w3c maxdb_webdbm_get_overflow mcafee_epolicy_source Overflow mdaemon_imap_cram_md5 rflow mercantec_softcart mercur_imap_select_overflow mercury_imap minishare_get_overflow mozilla_compareto () Code Execution ms05_030_nntp w ms05_039_pnp msasn1_ms04_007_killbill msmq_deleteobject_ms05_017 msrpc_dcom_ms03_026 mssql2000_preauthentication mssql2000_resolution netapi_ms06_040 low netterm_netftpd_user_overflow niprint_lpd novell_messenger_acceptlang rflow openview_connectednodes_exec Execution openview_omniback oracle9i_xdb_ftp oracle9i_xdb_ftp_pass oracle9i_xdb_http pajax_remote_exec payload_handler peercast_url_linux (Linux) peercast_url_win32 (win32) php_vbulletin_template Execution php_wordpress_lastpost cution
IIS 4.0 .HTR Buffer Overflow IIS 5.0 Printer Buffer Overflow IIS 5.0 WebDAV ntdll.dll Overflow IIS FrontPage fp30reg.dll Chunked Overflow IIS nsiislog.dll ISAPI POST Overflow IIS Web Application Source Code Disclosure IIS w3who.dll ISAPI Overflow IMail IMAP4D Delete Overflow IMail LDAP Service Buffer Overflow IRIX lpsched Command Execution Kerio Personal Firewall 2 (2.1.4) Remote Auth P Microsoft LSASS MSO4-011 Overflow Lyris ListManager Attachment SQL Injection (MSS MailEnable Authorization Header Buffer Overflow MailEnable Pro (1.54) IMAP STATUS Request Buffe MailEnable IMAPD W3C Logging Buffer Overflow MaxDB WebDBM GET Buffer Overflow McAfee ePolicy Orchestrator / ProtPilot Source Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Ove Mercantec SoftCart CGI Overflow Mercur v5.0 IMAP SP3 SELECT Buffer Overflow Mercury/32 v4.01a IMAP RENAME Buffer Overflow Minishare 1.4.1 Buffer Overflow Mozilla Suite/Firefox InstallVersion->compareTo Microsoft Outlook Express NNTP Response Overflo Microsoft PnP MS05-039 Overflow Microsoft ASN.1 Library Bitstring Heap Overflow Microsoft Message Queueing Service MSO5-017 Microsoft RPC DCOM MSO3-026 MSSQL 2000/MSDE Hello Buffer Overflow MSSQL 2000/MSDE Resolution Overflow Microsoft CanonicalizePathName() MSO6-040 Overf NetTerm NetFTPD USER Buffer Overflow NIPrint LPD Request Overflow Novell Messenger Server 2.0 Accept-Language Ove HP Openview connectedNodes.ovpl Remote Command HP OpenView Omniback II Command Execution Oracle 9i XDB FTP UNLOCK Overflow (win32) Oracle 9i XDB FTP PASS Overflow (win32) Oracle 9i XDB HTTP PASS Overflow (win32) PAJAX Remote Command Execution Metasploit Framework Payload Handler PeerCast <= 0.1216 URL Handling Buffer Overflow PeerCast <= 0.1216 URL Handling Buffer Overflow vBulletin misc.php Template Name Arbitrary Code WordPress cache_lastpostdate Arbitrary Code Exe
php_xmlrpc_eval phpbb_highlight phpnuke_search_module ty poptop_negative_read privatewire_gateway_win32 putty_ssh realserver_describe_linux realvnc_41_bypass realvnc_client rras_ms06_025 rras_ms06_025_rasman verflow rsa_iiswebagent_redirect safari_safefiles_exec samba_nttrans samba_trans2open samba_trans2open_osx samba_trans2open_solsparc sambar6_search_results seattlelab_mail_55 securecrt_ssh1 sentinel_lm7_overflow servu_mdtm_overflow shixxnote_font shoutcast_format_win32 String Overflow slimftpd_list_concat smb_sniffer solaris_dtspcd_noir solaris_kcms_readfile solaris_lpd_exec solaris_lpd_unlink solaris_sadmind_exec solaris_snmpxdmid solaris_ttyprompt sphpblog_file_upload squid_ntlm_authenticate svnserve_date sybase_easerver sygate_policy_manager tftpd32_long_filename trackercam_phparg_overflow ultravnc_client uow_imap4_copy uow_imap4_lsub ut2004_secure_linux ) ut2004_secure_win32 ) warftpd_165_pass warftpd_165_user webmin_file_disclosure webstar_ftp_user winamp_playlist_unc windows_ssl_pct wins_ms04_045 wmailserver_smtp wsftp_server_503_mkd wzdftpd_site
PHP XML-RPC Arbitrary Code Execution phpBB viewtopic.php Arbitrary Code Execution PHPNuke Search Module SQL Injection Vulnerabili Poptop Negative Read Overflow Private Wire Gateway Buffer Overflow (win32) PuTTy.exe <= v0.53 Buffer Overflow RealServer Describe Buffer Overflow RealVNC 4.1 Authentication Bypass RealVNC 3.3.7 Client Buffer Overflow Microsoft RRAS MSO6-025 Stack Overflow Microsoft RRAS MSO6-025 RASMAN Registry Stack O IIS RSA WebAgent Redirect Overflow Safari Archive Metadata Command Execution Samba Fragment Reassembly Overflow Samba trans2open Overflow Samba trans2open Overflow (Mac OS X) Samba trans2open Overflow (Solaris SPARC) Sambar 6 Search Results Buffer Overflow Seattle Lab Mail 5.5 POP3 Buffer Overflow SecureCRT <= 4.0 Beta 2 SSH1 Buffer Overflow SentinelLM UDP Buffer Overflow Serv-U FTPD MDTM Overflow ShixxNOTE 6.net Font Buffer Overflow SHOUTcast DNAS/win32 1.9.4 File Request Format SlimFTPd LIST Concatenation Overflow SMB Password Capture Service Solaris dtspcd Heap Overflow Solaris KCMS Arbitary File Read Solaris LPD Command Execution Solaris LPD Arbitrary File Delete Solaris sadmind Command Execution Solaris snmpXdmid AddComponent Overflow Solaris in.telnetd TTYPROMPT Buffer Overflow Simple PHP Blog remote command execution Squid NTLM Authenticate Overflow Subversion Date Svnserve Sybase EAServer 5.2 Remote Stack Overflow Sygate Management Server SQL Injection TFTPD32 <= 2.21 Long Filename Buffer Overflow TrackerCam PHP Argument Buffer Overflow UltraVNC 1.0.1 Client Buffer Overflow University of Washington IMAP4 COPY Overflow University of Washington IMAP4 LSUB Overflow Unreal Tournament 2004 "secure" Overflow (Linux Unreal Tournament 2004 "secure" Overflow (Win32 War-FTPD 1.65 PASS Overflow War-FTPD 1.65 USER Overflow Webmin file disclosure WebSTAR FTP Server USER Overflow Winamp Playlist UNC Path Computer Name Overflow Microsoft SSL PCT MS04-011 Overflow Microsoft WINS MS04-045 Code Execution SoftiaCom WMailserver 1.0 SMTP Buffer Overflow WS-FTP Server 5.03 MKD Overflow Wzdftpd SITE Command Arbitrary Command Executio
n ypops_smtp zenworks_desktop_agent tack Overflow YahooPOPS! <= 0.6 SMTP Buffer Overflow ZENworks 6.5 Desktop/Server Management Remote S
msf > ///////////////////////////////////////////////////////////// + OSVDB-3233: /j2ee/: j2ee directory found--possibly an Oracle app server direct ory. + OSVDB-3233: /WebCacheDemo.html: Oracle WebCache Demo + OSVDB-32333: /webcache/: Oracle WebCache Demo + OSVDB-3233: /bmp/: SQLJ Demo Application + OSVDB-3233: /webapp/admin/_pages/_bc4jadmin/: Oracle JSP files + OSVDB-3233: /_pages/_demo/: Oracle JSP file + OSVDB-3233: /_pages/_webapp/_jsp/: Oracle JSP file. + OSVDB-3233: /_pages/_demo/_sql/: Oracle JSP file. + OSVDB-3233: //OA_HTML/_pages/: Oracle JSP file. + OSVDB-3233: /OA_HTML/webtools/doc/index.html: Cabo DHTML Components Help Page + OSVDB-18114: /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype= cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution + OSVDB-3233: /apex/: Oracle Application Express login screen. + OSVDB-3233: /OA_JAVA/: Oracle Applications Portal Page + OSVDB-3233: /OA_HTML/: Oracle Applications Portal Page + OSVDB-3233: /aplogon.html: Oracle Applications Portal Page + OSVDB-3233: /appdet.html: Oracle Applications Portal Pages + OSVDB-3233: /servlets/weboam/oam/oamLogin: Oracle Application Manager + OSVDB-3233: /OA_HTML/PTB/mwa_readme.htm: Oracle Mobile Applications Industrial Server administration and configuration inerface + OSVDB-3233: /reports/rwservlet: Oracle Reports + OSVDB-3233: /reports/rwservlet/showenv: Oracle Reports + OSVDB-3233: /reports/rwservlet/showmap: Oracle Reports + OSVDB-3233: /reports/rwservlet/showjobs: Oracle Reports + OSVDB-3233: /reports/rwservlet/getjobid7?server=myrep: Oracle Reports + OSVDB-3233: /reports/rwservlet/getjobid4?server=myrep: Oracle Reports + OSVDB-3233: /reports/rwservlet/showmap?server=myserver: Oracle Reports + OSVDB-3093: /pls/portal/SELECT: Access to Oracle pages could have an unknown i mpact. + OSVDB-3093: /pls/portal/null: Access to Oracle pages could have an unknown imp act. + OSVDB-3093: /OA_MEDIA/: Oracle Applications portal pages found. + OSVDB-3093: /OA_HTML/META-INF/: Oracle Applications portal pages found. + OSVDB-3093: /OA_HTML/PTB/ICXINDEXBASECASE.htm: Oracle Applications portal page s found. + OSVDB-3093: /OA_HTML/PTB/ECXOTAPing.htm: Oracle Applications portal pages foun d. + OSVDB-3093: /OA_HTML/PTB/xml_sample1.htm: Oracle Applications portal pages fou nd. + OSVDB-3093: /OA_JAVA/Oracle/: Oracle Applications portal pages found. + OSVDB-3093: /OA_HTML/oam/: Oracle Applications portal pages found. + OSVDB-3233: /OA_HTML/jsp/: Oracle Applications portal page found + OSVDB-3092: /install/install.php: Install file found. + OSVDB-3092: /cehttp/trace: Sterling Commerce Connect Direct trace log file may contain user ID information. + OSVDB-3092: /cehttp/property/: Sterling Commerce Connect Direct configuration files. + OSVDB-3233: /nps/iManager.html: Novell iManager found. + OSVDB-3233: /nps/servlet/webacc?taskId=dev.Empty&merge=fw.About: Novell iManag er version found.
+ OSVDB-3233: /doc/icodUserGuide.pdf: Instant Capacity on Demand (iCOD) Users Gui de. + OSVDB-3233: /doc/planning_SuperDome_configs.pdf: Planning HP SuperDome Configu rations + OSVDB-3233: /doc/vxvm/pitc_ag.pdf: VERITAS FlashSnapTM Point-In-Time Copy Solu tions documentation. + OSVDB-3233: /doc/Judy/Judy_tech_book.pdf: HP Judy documentation found. + OSVDB-3233: /doc/vxvm/vxvm_ag.pdf: Veritas Volume Manager documentation. + OSVDB-3233: /doc/vxvm/vxvm_hwnotes.pdf: Veritas Volume Manager documentation. + OSVDB-3233: /doc/vxvm/vxvm_ig.pdf: Veritas Volume Manager documentation. + OSVDB-3233: /doc/vxvm/vxvm_mig.pdf: Veritas Volume Manager documentation. + OSVDB-3233: /doc/vxvm/vxvm_tshoot.pdf: Veritas Volume Manager documentation. + OSVDB-3233: /doc/vxvm/vxvm_notes.pdf: Veritas Volume Manager documentation. + OSVDB-3233: /doc/vxvm/vxvm_ug.pdf: Veritas Volume Manager documentation. + OSVDB-3092: /staging/: This may be interesting... + OSVDB-3092: /_archive/: Archive found. + OSVDB-3092: /install.php: install.php file found. + OSVDB-3092: /upgrade.php: upgrade.php was found. + OSVDB-3092: /xmlrpc.php: xmlrpc.php was found. + OSVDB-3233: /icons/README: Apache default file found. + /webservices/IlaWebServices: Host has the Oracle iLearning environment install ed. + /phone/: This may be interesting... + OSVDB-3092: /Admin/: This might be interesting... + OSVDB-3092: /af/: This might be interesting... potential country code (Afghani stan) + OSVDB-3092: /ax/: This might be interesting... potential country code (Aland I slands) + OSVDB-3092: /al/: This might be interesting... potential country code (Albania ) + OSVDB-3092: /dz/: This might be interesting... potential country code (Algeria ) + OSVDB-3092: /as/: This might be interesting... potential country code (America n Samoa) + OSVDB-3092: /ad/: This might be interesting... potential country code (Andorra ) + OSVDB-3092: /ao/: This might be interesting... potential country code (Angola) + OSVDB-3092: /ai/: This might be interesting... potential country code (Anguill a) + OSVDB-3092: /aq/: This might be interesting... potential country code (Antarct ica) + OSVDB-3092: /ag/: This might be interesting... potential country code (Antigua And Barbuda) + OSVDB-3092: /ar/: This might be interesting... potential country code (Argenti na) + OSVDB-3092: /am/: This might be interesting... potential country code (Armenia ) + OSVDB-3092: /aw/: This might be interesting... potential country code (Aruba) + OSVDB-3092: /au/: This might be interesting... potential country code (Austral ia) + OSVDB-3092: /at/: This might be interesting... potential country code (Austria ) + OSVDB-3092: /az/: This might be interesting... potential country code (Azerbai jan) + OSVDB-3092: /bs/: This might be interesting... potential country code (Bahamas ) + OSVDB-3092: /bh/: This might be interesting... potential country code (Bahrain ) + OSVDB-3092: /bd/: This might be interesting... potential country code (Banglad esh)
+ OSVDB-3092: /bb/: This might s) + OSVDB-3092: /by/: This might ) + OSVDB-3092: /be/: This might ) + OSVDB-3092: /bz/: This might + OSVDB-3092: /bj/: This might + OSVDB-3092: /bm/: This might ) + OSVDB-3092: /bt/: This might + OSVDB-3092: /bo/: This might ) + OSVDB-3092: /ba/: This might And Herzegovina) + OSVDB-3092: /bw/: This might a) + OSVDB-3092: /bv/: This might Island) + OSVDB-3092: /br/: This might + OSVDB-3092: /io/: This might Indian Ocean Territory) + OSVDB-3092: /bn/: This might Darussalam) + OSVDB-3092: /bg/: This might a) + OSVDB-3092: /bf/: This might Faso) + OSVDB-3092: /bi/: This might ) + OSVDB-3092: /kh/: This might a) + OSVDB-3092: /cm/: This might n) + OSVDB-3092: /ca/: This might + OSVDB-3092: /cv/: This might rde) + OSVDB-3092: /ky/: This might Islands) + OSVDB-3092: /cf/: This might African Republic) + OSVDB-3092: /td/: This might + OSVDB-3092: /cl/: This might + OSVDB-3092: /cn/: This might + OSVDB-3092: /cx/: This might as Island) + OSVDB-3092: /cc/: This might keeling) Islands) + OSVDB-3092: /co/: This might a) + OSVDB-3092: /km/: This might ) + OSVDB-3092: /cg/: This might + OSVDB-3092: /cd/: This might ocratic Republic Of The Congo) + OSVDB-3092: /ck/: This might lands) + OSVDB-3092: /cr/: This might ica) + OSVDB-3092: /ci/: This might
be interesting... potential country code (Barbado be interesting... potential country code (Belarus be interesting... potential country code (Belgium be interesting... potential country code (Belize) be interesting... potential country code (Benin) be interesting... potential country code (Bermuda be interesting... potential country code (Bhutan) be interesting... potential country code (Bolivia be interesting... potential country code (Bosnia be interesting... potential country code (Botswan be interesting... potential country code (Bouvet be interesting... potential country code (Brazil) be interesting... potential country code (British be interesting... potential country code (Brunei be interesting... potential country code (Bulgari be interesting... potential country code (Burkina be interesting... potential country code (Burundi be interesting... potential country code (Cambodi be interesting... potential country code (Cameroo be interesting... potential country code (Canada) be interesting... potential country code (Cape Ve be interesting... potential country code (Cayman be interesting... potential country code (Central be be be be interesting... interesting... interesting... interesting... potential potential potential potential country country country country code code code code (Chad) (Chile) (China) (Christm
be interesting... potential country code (Cocos ( be interesting... potential country code (Colombi be interesting... potential country code (Comoros be interesting... potential country code (Congo) be interesting... potential country code (The Dem be interesting... potential country code (Cook Is be interesting... potential country code (Costa R be interesting... potential country code (Cte D'iv
oire) + OSVDB-3092: /hr/: This ) + OSVDB-3092: /cu/: This + OSVDB-3092: /cy/: This + OSVDB-3092: /cz/: This epublic) + OSVDB-3092: /dk/: This ) + OSVDB-3092: /dj/: This i) + OSVDB-3092: /dm/: This a) + OSVDB-3092: /do/: This an Republic) + OSVDB-3092: /ec/: This ) + OSVDB-3092: /eg/: This + OSVDB-3092: /sv/: This ador) + OSVDB-3092: /gq/: This ial Guinea) + OSVDB-3092: /er/: This ) + OSVDB-3092: /ee/: This ) + OSVDB-3092: /et/: This a) + OSVDB-3092: /fk/: This d Islands (malvinas)) + OSVDB-3092: /fo/: This slands) + OSVDB-3092: /fj/: This + OSVDB-3092: /fi/: This ) + OSVDB-3092: /fr/: This + OSVDB-3092: /gf/: This Guiana) + OSVDB-3092: /pf/: This Polynesia) + OSVDB-3092: /tf/: This Southern Territories) + OSVDB-3092: /ga/: This + OSVDB-3092: /gm/: This + OSVDB-3092: /ge/: This ) + OSVDB-3092: /de/: This ) + OSVDB-3092: /gh/: This + OSVDB-3092: /gi/: This ar) + OSVDB-3092: /gr/: This + OSVDB-3092: /gl/: This nd) + OSVDB-3092: /gd/: This ) + OSVDB-3092: /gp/: This upe) + OSVDB-3092: /gu/: This + OSVDB-3092: /gt/: This
might be interesting... potential country code (Croatia might be interesting... potential country code (Cuba) might be interesting... potential country code (Cyprus) might be interesting... potential country code (Czech R might be interesting... potential country code (Denmark might be interesting... potential country code (Djibout might be interesting... potential country code (Dominic might be interesting... potential country code (Dominic might be interesting... potential country code (Ecuador might be interesting... potential country code (Egypt) might be interesting... potential country code (El Salv might be interesting... potential country code (Equator might be interesting... potential country code (Eritrea might be interesting... potential country code (Estonia might be interesting... potential country code (Ethiopi might be interesting... potential country code (Falklan might be interesting... potential country code (Faroe I might be interesting... potential country code (Fiji) might be interesting... potential country code (Finland might be interesting... potential country code (France) might be interesting... potential country code (French might be interesting... potential country code (French might be interesting... potential country code (French might be interesting... potential country code (Gabon) might be interesting... potential country code (Gambia) might be interesting... potential country code (Georgia might be interesting... potential country code (Germany might be interesting... potential country code (Ghana) might be interesting... potential country code (Gibralt might be interesting... potential country code (Greece) might be interesting... potential country code (Greenla might be interesting... potential country code (Grenada might be interesting... potential country code (Guadelo might be interesting... potential country code (Guam) might be interesting... potential country code (Guatema
la) + OSVDB-3092: /gg/: This might be y) + OSVDB-3092: /gn/: This might be + OSVDB-3092: /gw/: This might be bissau) + OSVDB-3092: /gy/: This might be + OSVDB-3092: /ht/: This might be + OSVDB-3092: /hm/: This might be sland And Mcdonald Islands) + OSVDB-3092: /va/: This might be e (vatican City State)) + OSVDB-3092: /hn/: This might be s) + OSVDB-3092: /hk/: This might be ng) + OSVDB-3092: /hu/: This might be ) + OSVDB-3092: /is/: This might be ) + OSVDB-3092: /in/: This might be + OSVDB-3092: /id/: This might be ia) + OSVDB-3092: /ir/: This might be Republic Of Iran) + OSVDB-3092: /iq/: This might be + OSVDB-3092: /ie/: This might be ) + OSVDB-3092: /im/: This might be Man) + OSVDB-3092: /il/: This might be + OSVDB-3092: /it/: This might be + OSVDB-3092: /jm/: This might be ) + OSVDB-3092: /jp/: This might be + OSVDB-3092: /je/: This might be + OSVDB-3092: /jo/: This might be + OSVDB-3092: /kz/: This might be tan) + OSVDB-3092: /ke/: This might be + OSVDB-3092: /ki/: This might be i) + OSVDB-3092: /kp/: This might be tic People's Republic Of Korea) + OSVDB-3092: /kr/: This might be c Of Korea) + OSVDB-3092: /kw/: This might be + OSVDB-3092: /kg/: This might be tan) + OSVDB-3092: /la/: This might be ple's Democratic Republic) + OSVDB-3092: /lv/: This might be + OSVDB-3092: /lb/: This might be ) + OSVDB-3092: /ls/: This might be ) + OSVDB-3092: /lr/: This might be ) + OSVDB-3092: /ly/: This might be Arab Jamahiriya)
interesting... potential country code (Guernse interesting... potential country code (Guinea) interesting... potential country code (Guineainteresting... potential country code (Guyana) interesting... potential country code (Haiti) interesting... potential country code (Heard I interesting... potential country code (Holy Se interesting... potential country code (Hondura interesting... potential country code (Hong Ko interesting... potential country code (Hungary interesting... potential country code (Iceland interesting... potential country code (India) interesting... potential country code (Indones interesting... potential country code (Islamic interesting... potential country code (Iraq) interesting... potential country code (Ireland interesting... potential country code (Isle Of interesting... potential country code (Israel) interesting... potential country code (Italy) interesting... potential country code (Jamaica interesting... interesting... interesting... interesting... potential potential potential potential country country country country code code code code (Japan) (Jersey) (Jordan) (Kazakhs
interesting... potential country code (Kenya) interesting... potential country code (Kiribat interesting... potential country code (Democra interesting... potential country code (Republi interesting... potential country code (Kuwait) interesting... potential country code (Kyrgyzs interesting... potential country code (Lao Peo interesting... potential country code (Latvia) interesting... potential country code (Lebanon interesting... potential country code (Lesotho interesting... potential country code (Liberia interesting... potential country code (Libyan
+ OSVDB-3092: /li/: This nstein) + OSVDB-3092: /lt/: This ia) + OSVDB-3092: /lu/: This urg) + OSVDB-3092: /mo/: This + OSVDB-3092: /mk/: This ia) + OSVDB-3092: /mg/: This car) + OSVDB-3092: /mw/: This + OSVDB-3092: /my/: This a) + OSVDB-3092: /mv/: This s) + OSVDB-3092: /ml/: This + OSVDB-3092: /mt/: This + OSVDB-3092: /mh/: This l Islands) + OSVDB-3092: /mq/: This que) + OSVDB-3092: /mr/: This nia) + OSVDB-3092: /mu/: This us) + OSVDB-3092: /yt/: This ) + OSVDB-3092: /mx/: This + OSVDB-3092: /fm/: This ed States Of Micronesia) + OSVDB-3092: /md/: This c Of Moldova) + OSVDB-3092: /mc/: This + OSVDB-3092: /mn/: This a) + OSVDB-3092: /me/: This gro) + OSVDB-3092: /ms/: This rat) + OSVDB-3092: /ma/: This ) + OSVDB-3092: /mz/: This que) + OSVDB-3092: /mm/: This ) + OSVDB-3092: /na/: This ) + OSVDB-3092: /nr/: This + OSVDB-3092: /np/: This + OSVDB-3092: /nl/: This ands) + OSVDB-3092: /an/: This ands Antilles) + OSVDB-3092: /nc/: This edonia) + OSVDB-3092: /nz/: This land) + OSVDB-3092: /ni/: This ua)
might be interesting... potential country code (Liechte might be interesting... potential country code (Lithuan might be interesting... potential country code (Luxembo might be interesting... potential country code (Macao) might be interesting... potential country code (Macedon might be interesting... potential country code (Madagas might be interesting... potential country code (Malawi) might be interesting... potential country code (Malaysi might be interesting... potential country code (Maldive might be interesting... potential country code (Mali) might be interesting... potential country code (Malta) might be interesting... potential country code (Marshal might be interesting... potential country code (Martini might be interesting... potential country code (Maurita might be interesting... potential country code (Mauriti might be interesting... potential country code (Mayotte might be interesting... potential country code (Mexico) might be interesting... potential country code (Federat might be interesting... potential country code (Republi might be interesting... potential country code (Monaco) might be interesting... potential country code (Mongoli might be interesting... potential country code (Montene might be interesting... potential country code (Montser might be interesting... potential country code (Morocco might be interesting... potential country code (Mozambi might be interesting... potential country code (Myanmar might be interesting... potential country code (Namibia might be interesting... potential country code (Nauru) might be interesting... potential country code (Nepal) might be interesting... potential country code (Netherl might be interesting... potential country code (Netherl might be interesting... potential country code (New Cal might be interesting... potential country code (New Zea might be interesting... potential country code (Nicarag
+ + ) + +
OSVDB-3092: /ne/: This might be interesting... potential country code (Niger) OSVDB-3092: /ng/: This might be interesting... potential country code (Nigeria be interesting... potential country code (Niue) be interesting... potential country code (Norfolk be interesting... potential country code (Norther be interesting... potential country code (Norway) be interesting... potential country code (Oman) be interesting... potential country code (Pakista be interesting... potential country code (Palau) be interesting... potential country code (Palesti be interesting... potential country code (Panama) be interesting... potential country code (Papua N be interesting... potential country code (Paragua be interesting... potential country code (Peru) be interesting... potential country code (Philipp be interesting... potential country code (Pitcair be interesting... potential country code (Poland) be interesting... potential country code (Portuga be interesting... potential country code (Puerto be interesting... potential country code (Qatar) be interesting... potential country code (Runion) be interesting... potential country code (Romania be interesting... potential country code (Russian be interesting... potential country code (Rwanda) be interesting... potential country code (Saint B be interesting... potential country code (Saint H be interesting... potential country code (Saint K be interesting... potential country code (Saint L be interesting... potential country code (Saint M be interesting... potential country code (Saint P be interesting... potential country code (Saint V be interesting... potential country code (Samoa) be interesting... potential country code (San Mar be interesting... potential country code (Sao Tom be interesting... potential country code (Saudi A be interesting... potential country code (Senegal
OSVDB-3092: /nu/: This might OSVDB-3092: /nf/: This might Island) + OSVDB-3092: /mp/: This might n Mariana Islands) + OSVDB-3092: /no/: This might + OSVDB-3092: /om/: This might + OSVDB-3092: /pk/: This might n) + OSVDB-3092: /pw/: This might + OSVDB-3092: /ps/: This might nian Territory) + OSVDB-3092: /pa/: This might + OSVDB-3092: /pg/: This might ew Guinea) + OSVDB-3092: /py/: This might y) + OSVDB-3092: /pe/: This might + OSVDB-3092: /ph/: This might ines) + OSVDB-3092: /pn/: This might n) + OSVDB-3092: /pl/: This might + OSVDB-3092: /pt/: This might l) + OSVDB-3092: /pr/: This might Rico) + OSVDB-3092: /qa/: This might + OSVDB-3092: /re/: This might + OSVDB-3092: /ro/: This might ) + OSVDB-3092: /ru/: This might Federation) + OSVDB-3092: /rw/: This might + OSVDB-3092: /bl/: This might arthlemy) + OSVDB-3092: /sh/: This might elena) + OSVDB-3092: /kn/: This might itts And Nevis) + OSVDB-3092: /lc/: This might ucia) + OSVDB-3092: /mf/: This might artin) + OSVDB-3092: /pm/: This might ierre And Miquelon) + OSVDB-3092: /vc/: This might incent And The Grenadines) + OSVDB-3092: /ws/: This might + OSVDB-3092: /sm/: This might ino) + OSVDB-3092: /st/: This might e And Principe) + OSVDB-3092: /sa/: This might rabia) + OSVDB-3092: /sn/: This might )
+ OSVDB-3092: /rs/: This might be interesting... + OSVDB-3092: /sc/: This might be interesting... les) + OSVDB-3092: /sl/: This might be interesting... Leone) + OSVDB-3092: /sg/: This might be interesting... re) + OSVDB-3092: /sk/: This might be interesting... a) + OSVDB-3092: /si/: This might be interesting... a) + OSVDB-3092: /sb/: This might be interesting... Islands) + OSVDB-3092: /so/: This might be interesting... ) + OSVDB-3092: /za/: This might be interesting... frica) + OSVDB-3092: /gs/: This might be interesting... eorgia And The South Sandwich Islands) + OSVDB-3092: /es/: This might be interesting... + OSVDB-3092: /lk/: This might be interesting... ka) + OSVDB-3092: /sd/: This might be interesting... + OSVDB-3092: /sr/: This might be interesting... e) + OSVDB-3092: /sj/: This might be interesting... d And Jan Mayen) + OSVDB-3092: /sz/: This might be interesting... nd) + OSVDB-3092: /se/: This might be interesting... + OSVDB-3092: /ch/: This might be interesting... land) + OSVDB-3092: /sy/: This might be interesting... Arab Republic) + OSVDB-3092: /tw/: This might be interesting... + OSVDB-3092: /tj/: This might be interesting... tan) + OSVDB-3092: /tz/: This might be interesting... Republic Of Tanzania) + OSVDB-3092: /th/: This might be interesting... d) + OSVDB-3092: /tl/: This might be interesting... este) + OSVDB-3092: /tg/: This might be interesting... + OSVDB-3092: /tk/: This might be interesting... ) + OSVDB-3092: /to/: This might be interesting... + OSVDB-3092: /tt/: This might be interesting... d And Tobago) + OSVDB-3092: /tn/: This might be interesting... ) + OSVDB-3092: /tr/: This might be interesting... + OSVDB-3092: /tm/: This might be interesting... istan) + OSVDB-3092: /tc/: This might be interesting... nd Caicos Islands) + OSVDB-3092: /tv/: This might be interesting... + OSVDB-3092: /ug/: This might be interesting... + OSVDB-3092: /ua/: This might be interesting... )
potential country code (Serbia) potential country code (Seychel potential country code (Sierra potential country code (Singapo potential country code (Slovaki potential country code (Sloveni potential country code (Solomon potential country code (Somalia potential country code (South A potential country code (South G potential country code (Spain) potential country code (Sri Lan potential country code (Sudan) potential country code (Surinam potential country code (Svalbar potential country code (Swazila potential country code (Sweden) potential country code (Switzer potential country code (Syrian potential country code (Taiwan) potential country code (Tajikis potential country code (United potential country code (Thailan potential country code (Timor-l potential country code (Togo) potential country code (Tokelau potential country code (Tonga) potential country code (Trinida potential country code (Tunisia potential country code (Turkey) potential country code (Turkmen potential country code (Turks A potential country code (Tuvalu) potential country code (Uganda) potential country code (Ukraine
+ OSVDB-3092: /ae/: This might be interesting... potential country code (United Arab Emirates) + OSVDB-3092: /gb/: This might be interesting... potential country code (United Kingdom) + OSVDB-3092: /us/: This might be interesting... potential country code (United States) + OSVDB-3092: /um/: This might be interesting... potential country code (United States Minor Outlying Islands) + OSVDB-3092: /uy/: This might be interesting... potential country code (Uruguay ) + OSVDB-3092: /uz/: This might be interesting... potential country code (Uzbekis tan) + OSVDB-3092: /vu/: This might be interesting... potential country code (Vanuatu ) + OSVDB-3092: /ve/: This might be interesting... potential country code (Venezue la) + OSVDB-3092: /vn/: This might be interesting... potential country code (Viet Na m) + OSVDB-3092: /vg/: This might be interesting... potential country code (British Virgin Islands) + OSVDB-3092: /vi/: This might be interesting... potential country code (U.S. Vi rgin Islands) + OSVDB-3092: /wf/: This might be interesting... potential country code (Wallis And Futuna) + OSVDB-3092: /eh/: This might be interesting... potential country code (Western Sahara) + OSVDB-3092: /ye/: This might be interesting... potential country code (Yemen) + OSVDB-3092: /zm/: This might be interesting... potential country code (Zambia) + OSVDB-3092: /zw/: This might be interesting... potential country code (Zimbabw e) + OSVDB-3092: /www/2: This might be interesting... + /administration/: Admin login page/section found. + OSVDB-3092: /test.php: This might be interesting... + /phpMyAdmin/: phpMyAdmin directory found + 6474 items checked: 2565 error(s) and 1154 item(s) reported on remote host + End Time: 2012-09-15 12:10:21 (GMT-4) (5462 seconds) --------------------------------------------------------------------------+ 1 host(s) tested root@bt:/pentest/web/nikto# /////////////////////////////////////////////////////////////////// root@bt:~# nmap Nmap 6.01 ( http://nmap.org ) Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 -iL <inputfilename>: Input from list of hosts/networks -iR <num hosts>: Choose random targets --exclude <host1[,host2][,host3],...>: Exclude hosts/networks --excludefile <exclude_file>: Exclude list from file HOST DISCOVERY: -sL: List Scan - simply list targets to scan -sn: Ping Scan - disable port scan -Pn: Treat all hosts as online -- skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] --dns-servers <serv1[,serv2],...>: Specify custom DNS servers --system-dns: Use OS's DNS resolver
--traceroute: Trace hop path to each host SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans --scanflags <flags>: Customize TCP scan flags -sI <zombie host[:probeport]>: Idle scan -sY/sZ: SCTP INIT/COOKIE-ECHO scans -sO: IP protocol scan -b <FTP relay host>: FTP bounce scan PORT SPECIFICATION AND SCAN ORDER: -p <port ranges>: Only scan specified ports Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9 -F: Fast mode - Scan fewer ports than the default scan -r: Scan ports consecutively - don't randomize --top-ports <number>: Scan <number> most common ports --port-ratio <ratio>: Scan ports more common than <ratio> SERVICE/VERSION DETECTION: -sV: Probe open ports to determine service/version info --version-intensity <level>: Set from 0 (light) to 9 (try all probes) --version-light: Limit to most likely probes (intensity 2) --version-all: Try every single probe (intensity 9) --version-trace: Show detailed version scan activity (for debugging) SCRIPT SCAN: -sC: equivalent to --script=default --script=<Lua scripts>: <Lua scripts> is a comma separated list of directories, script-files or script-categories --script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts --script-args-file=filename: provide NSE script args in a file --script-trace: Show all data sent and received --script-updatedb: Update the script database. --script-help=<Lua scripts>: Show help about scripts. <Lua scripts> is a comma separted list of script-files or script-categories. OS DETECTION: -O: Enable OS detection --osscan-limit: Limit OS detection to promising targets --osscan-guess: Guess OS more aggressively TIMING AND PERFORMANCE: Options which take <time> are in seconds, or append 'ms' (milliseconds), 's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m). -T<0-5>: Set timing template (higher is faster) --min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes --min-parallelism/max-parallelism <numprobes>: Probe parallelization --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies probe round trip time. --max-retries <tries>: Caps number of port scan probe retransmissions. --host-timeout <time>: Give up on target after this long --scan-delay/--max-scan-delay <time>: Adjust delay between probes --min-rate <number>: Send packets no slower than <number> per second --max-rate <number>: Send packets no faster than <number> per second FIREWALL/IDS EVASION AND SPOOFING: -f; --mtu <val>: fragment packets (optionally w/given MTU) -D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys -S <IP_Address>: Spoof source address -e <iface>: Use specified interface -g/--source-port <portnum>: Use given port number --data-length <num>: Append random data to sent packets --ip-options <options>: Send packets with specified ip options --ttl <val>: Set IP time-to-live field
--spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address --badsum: Send packets with a bogus TCP/UDP/SCTP checksum OUTPUT: -oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3, and Grepable format, respectively, to the given filename. -oA <basename>: Output in the three major formats at once -v: Increase verbosity level (use -vv or more for greater effect) -d: Increase debugging level (use -dd or more for greater effect) --reason: Display the reason a port is in a particular state --open: Only show open (or possibly open) ports --packet-trace: Show all packets sent and received --iflist: Print host interfaces and routes (for debugging) --log-errors: Log errors/warnings to the normal-format output file --append-output: Append to rather than clobber specified output files --resume <filename>: Resume an aborted scan --stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML --webxml: Reference stylesheet from Nmap.Org for more portable XML --no-stylesheet: Prevent associating of XSL stylesheet w/XML output MISC: -6: Enable IPv6 scanning -A: Enable OS detection, version detection, script scanning, and traceroute --datadir <dirname>: Specify custom Nmap data file location --send-eth/--send-ip: Send using raw ethernet frames or IP packets --privileged: Assume that the user is fully privileged --unprivileged: Assume the user lacks raw socket privileges -V: Print version number -h: Print this help summary page. EXAMPLES: nmap -v -A scanme.nmap.org nmap -v -sn 192.168.0.0/16 10.0.0.0/8 nmap -v -iR 10000 -Pn -p 80 SEE THE MAN PAGE (http://nmap.org/book/man.html) FOR MORE OPTIONS AND EXAMPLES root@bt:~# nmap www.bnf.fin.ec -O -sA -A -v Starting Nmap 6.01 ( http://nmap.org ) at 2012-09-15 10:35 EDT NSE: Loaded 93 scripts for scanning. NSE: Script Pre-scanning. Initiating Ping Scan at 10:35 Scanning www.bnf.fin.ec (190.152.71.150) [4 ports] Completed Ping Scan at 10:35, 0.12s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 10:35 Completed Parallel DNS resolution of 1 host. at 10:35, 0.05s elapsed Initiating ACK Scan at 10:35 Scanning www.bnf.fin.ec (190.152.71.150) [1000 ports] Completed ACK Scan at 10:35, 0.07s elapsed (1000 total ports) Initiating Service scan at 10:35 Initiating OS detection (try #1) against www.bnf.fin.ec (190.152.71.150) Initiating Traceroute at 10:35 Completed Traceroute at 10:35, 0.05s elapsed Initiating Parallel DNS resolution of 2 hosts. at 10:35 Completed Parallel DNS resolution of 2 hosts. at 10:35, 0.21s elapsed NSE: Script scanning 190.152.71.150. Initiating NSE at 10:35 Completed NSE at 10:36, 83.25s elapsed Nmap scan report for www.bnf.fin.ec (190.152.71.150) Host is up (0.00038s latency). All 1000 scanned ports on www.bnf.fin.ec (190.152.71.150) are unfiltered Warning: OSScan results may be unreliable because we could not find at least 1 o pen and 1 closed port Device type: general purpose
Running: Microsoft Windows 2008|7 OS CPE: cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_7:::e nterprise OS details: Microsoft Windows Server 2008 SP1, Microsoft Windows 7 Enterprise Network Distance: 2 hops TRACEROUTE (using port 443/tcp) HOP RTT ADDRESS 1 0.12 ms 192.168.160.2 2 0.13 ms www.bnf.fin.ec (190.152.71.150) NSE: Script Post-scanning. Read data files from: /usr/local/bin/../share/nmap OS and Service detection performed. Please report any incorrect results at http: //nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 95.36 seconds Raw packets sent: 1032 (43.174KB) | Rcvd: 1013 (40.674KB) root@bt:~# nmap www.bnf.fin.ec -O -sA -A -v -Pn Starting Nmap 6.01 ( http://nmap.org ) at 2012-09-15 10:37 EDT NSE: Loaded 93 scripts for scanning. NSE: Script Pre-scanning. Initiating Parallel DNS resolution of 1 host. at 10:37 Completed Parallel DNS resolution of 1 host. at 10:37, 0.02s elapsed Initiating ACK Scan at 10:37 Scanning www.bnf.fin.ec (190.152.71.150) [1000 ports] Completed ACK Scan at 10:37, 0.07s elapsed (1000 total ports) Initiating Service scan at 10:37 Initiating OS detection (try #1) against www.bnf.fin.ec (190.152.71.150) Initiating Traceroute at 10:37 Completed Traceroute at 10:37, 0.02s elapsed Initiating Parallel DNS resolution of 2 hosts. at 10:37 Completed Parallel DNS resolution of 2 hosts. at 10:37, 0.03s elapsed NSE: Script scanning 190.152.71.150. Initiating NSE at 10:37 Completed NSE at 10:38, 83.11s elapsed Nmap scan report for www.bnf.fin.ec (190.152.71.150) Host is up (0.0014s latency). All 1000 scanned ports on www.bnf.fin.ec (190.152.71.150) are unfiltered Warning: OSScan results may be unreliable because we could not find at least 1 o pen and 1 closed port Device type: general purpose Running: Microsoft Windows 2008|7 OS CPE: cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_7:::e nterprise OS details: Microsoft Windows Server 2008 SP1, Microsoft Windows 7 Enterprise Network Distance: 2 hops TRACEROUTE (using port 111/tcp) HOP RTT ADDRESS 1 0.13 ms 192.168.160.2 2 0.12 ms www.bnf.fin.ec (190.152.71.150) NSE: Script Post-scanning. Read data files from: /usr/local/bin/../share/nmap OS and Service detection performed. Please report any incorrect results at http: //nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 91.49 seconds Raw packets sent: 1028 (43.022KB) | Rcvd: 1012 (40.646KB) root@bt:~# nmap www.bnf.fin.ec -v -Pn
Starting Nmap 6.01 ( http://nmap.org ) at 2012-09-15 10:40 EDT Initiating Parallel DNS resolution of 1 host. at 10:40 Completed Parallel DNS resolution of 1 host. at 10:40, 0.01s elapsed Initiating SYN Stealth Scan at 10:40 Scanning www.bnf.fin.ec (190.152.71.150) [1000 ports] Discovered open port 80/tcp on 190.152.71.150 Discovered open port 443/tcp on 190.152.71.150 Completed SYN Stealth Scan at 10:40, 7.07s elapsed (1000 total ports) Nmap scan report for www.bnf.fin.ec (190.152.71.150) Host is up (0.030s latency). Not shown: 998 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp open https Read data files from: /usr/local/bin/../share/nmap Nmap done: 1 IP address (1 host up) scanned in 7.19 seconds Raw packets sent: 2001 (88.044KB) | Rcvd: 369 (54.928KB) root@bt:~# nmap www.bnf.fin.ec -v -Pn -O Starting Nmap 6.01 ( http://nmap.org ) at 2012-09-15 10:51 EDT Initiating Parallel DNS resolution of 1 host. at 10:51 Completed Parallel DNS resolution of 1 host. at 10:51, 0.01s elapsed Initiating SYN Stealth Scan at 10:51 Scanning www.bnf.fin.ec (190.152.71.150) [1000 ports] Discovered open port 80/tcp on 190.152.71.150 Discovered open port 443/tcp on 190.152.71.150 Increasing send delay for 190.152.71.150 from 0 to 5 due to 11 out of 14 dropped probes since last increase. Increasing send delay for 190.152.71.150 from 5 to 10 due to 11 out of 11 droppe d probes since last increase. Increasing send delay for 190.152.71.150 from 10 to 20 due to 11 out of 11 dropp ed probes since last increase. Completed SYN Stealth Scan at 10:52, 53.78s elapsed (1000 total ports) Initiating OS detection (try #1) against www.bnf.fin.ec (190.152.71.150) Nmap scan report for www.bnf.fin.ec (190.152.71.150) Host is up (0.020s latency). Not shown: 998 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp open https Warning: OSScan results may be unreliable because we could not find at least 1 o pen and 1 closed port Device type: general purpose Running: Microsoft Windows 2008|7 OS CPE: cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_7:::e nterprise OS details: Microsoft Windows Server 2008 SP1, Microsoft Windows 7 Enterprise TCP Sequence Prediction: Difficulty=259 (Good luck!) IP ID Sequence Generation: Busy server or unknown class Read data files from: /usr/local/bin/../share/nmap OS detection performed. Please report any incorrect results at http://nmap.org/s ubmit/ . Nmap done: 1 IP address (1 host up) scanned in 56.23 seconds Raw packets sent: 2068 (93.014KB) | Rcvd: 495 (76.269KB) root@bt:~#

Comandos Backtrack

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Comandos Backtrack

Încărcat de

Drepturi de autor:

Formate disponibile

root@bt:~# cd /pentest/web/nikto/ root@bt:/pentest/web/nikto# ./nikto.pl -h ip_host - Nikto v2.1.5 --------------------------------------------------------------------------+ Target IP: 190.12.0.

S-ar putea să vă placă și