iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (1)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Mini Nmap tut
  • Xin
    Posts: 3,251
    [align=center]Finding Versions of Web Applications[/align]
    [list]
    [*]In this Tutorial i will show you how to manually find the version of an application running on a server rather than using a tool like Acunetix which is very noisy and likely to get detected.[/*:m][/list:u]
    [list]
    [*]In this tutorial we will be using NMAP and Telnet, Download NMAP GUI HERE o In this tutorial we will be using the GUI version but both is good.[/*:m][/list:u]
    [list]
    [*]I recommand learning to use the Command Line version as the skills are the same on both linux and Windows, so i will post an update for command line at another time.[/*:m][/list:u]
    [list]
    [*]So load up NMAP and enter the IP address of your target in the Target box, you can also enter the host name for example "www.site.com" but its better practice to use the IP address, in the drop down window to the right, click "Quick Scan" this is the fastest and quietest scan, which is best for staying undetected. You should get something like this:
    7/tcp filtered
    echo 9/tcp filtered discard
    13/tcp filtered daytime
    21/tcp open
    ftp 22/tcp filtered
    ssh 25/tcp open
    smtp 26/tcp open
    rsftp 37/tcp filtered
    time 53/tcp open
    domain 80/tcp open
    http 110/tcp open
    pop3 135/tcp filtered
    msrpc 139/tcp filtered
    netbios-ssn 143/tcp open
    imap 443/tcp open
    https 445/tcp filtered
    microsoft-ds 465/tcp open
    smtps 993/tcp open
    imaps 995/tcp open
    pop3s 1720/tcp filtered
    H.323/Q.931 3306/tcp open
    .
    This shows all the interesting ports on the server. By interesting i mean ports that are common to being exploited and more well known[/*:m][/list:u]
    [list]
    [*]Okay now we have our portlist, open up telnet, On Windows its Start>Run>Telnet Okay now type the following command o (ipaddress of your target) (port) for example o 1.23.53.63 21 Here we telnetted the FTP server of the Target, this is where we get the information the server. If you did this right, the Server such send a message back saying Welcome to Pure_FTPd 2.0.3 (for example) This is the version of the application, from here we can search Milworm or packetstorm for an exploit for this version, which will come in a later tutorial. [/*:m][/list:u]

    [align=center]Congratulations you have now learned how to quietly find the version of programs on the server, *Written 100% By Xinapse

    [/align]
    Xin
  • Bursihido
    Posts: 406
    simple but cool :)



    too shrt...............
  • Xin
    Posts: 3,251
    Glad you liked it burshido :)
    Xin
  • zcmiko
    Posts: 15
    I really dont know what this thing is all about but it sounds like its kinda cool.
    So imma try it! :D
  • Xin
    Posts: 3,251
    Its an essential tool, you deffo need it! This is just a basic tutorial but you can do so much with it :)
    Xin
Add a Comment