Metasploit Exploit und Payload (Samba): Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 2: | Zeile 2: | ||
*Mittels nmap einen Port suchen. In diesem Fall Samba. | *Mittels nmap einen Port suchen. In diesem Fall Samba. | ||
*'''Befehl:''' root@kali:~# nmap -sV 10.82.1.101 | *'''Befehl:''' root@kali:~# nmap -sV 10.82.1.101 | ||
| − | + | ||
| − | Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-02 12:48 CET | + | Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-02 12:48 CET |
| − | Nmap scan report for 10.82.1.101 | + | Nmap scan report for 10.82.1.101 |
| − | Host is up (0.00015s latency). | + | Host is up (0.00015s latency). |
| − | Not shown: 977 closed ports | + | Not shown: 977 closed ports |
| − | PORT STATE SERVICE VERSION | + | PORT STATE SERVICE VERSION |
| − | 21/tcp open ftp vsftpd 2.3.4 | + | 21/tcp open ftp vsftpd 2.3.4 |
| − | 22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) | + | 22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) |
| − | 23/tcp open telnet Linux telnetd | + | 23/tcp open telnet Linux telnetd |
| − | 25/tcp open smtp Postfix smtpd | + | 25/tcp open smtp Postfix smtpd |
| − | 53/tcp open domain ISC BIND 9.4.2 | + | 53/tcp open domain ISC BIND 9.4.2 |
| − | 80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2) | + | 80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2) |
| − | 111/tcp open rpcbind | + | 111/tcp open rpcbind |
| − | <b>139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) | + | <b>139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) |
| − | 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)</b> | + | 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)</b> |
| − | 512/tcp open exec netkit-rsh rexecd | + | 512/tcp open exec netkit-rsh rexecd |
| − | 513/tcp open login | + | 513/tcp open login |
| − | 514/tcp open tcpwrapped | + | 514/tcp open tcpwrapped |
| − | 1099/tcp open java-rmi GNU Classpath grmiregistry | + | 1099/tcp open java-rmi GNU Classpath grmiregistry |
| − | 1524/tcp open bindshell Metasploitable root shell | + | 1524/tcp open bindshell Metasploitable root shell |
| − | 2049/tcp open rpcbind | + | 2049/tcp open rpcbind |
| − | 2121/tcp open ftp ProFTPD 1.3.1 | + | 2121/tcp open ftp ProFTPD 1.3.1 |
| − | 3306/tcp open mysql MySQL 5.0.51a-3ubuntu5 | + | 3306/tcp open mysql MySQL 5.0.51a-3ubuntu5 |
| − | 5432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7 | + | 5432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7 |
| − | 5900/tcp open vnc VNC (protocol 3.3) | + | 5900/tcp open vnc VNC (protocol 3.3) |
| − | 6000/tcp open X11 (access denied) | + | 6000/tcp open X11 (access denied) |
| − | 6667/tcp open irc UnrealIRCd | + | 6667/tcp open irc UnrealIRCd |
| − | 8009/tcp open ajp13 Apache Jserv (Protocol v1.3) | + | 8009/tcp open ajp13 Apache Jserv (Protocol v1.3) |
| − | 8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1 | + | 8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1 |
| − | |||
Version vom 2. November 2020, 13:12 Uhr
Schwachstelle suchen
- Mittels nmap einen Port suchen. In diesem Fall Samba.
- Befehl: root@kali:~# nmap -sV 10.82.1.101
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-02 12:48 CET Nmap scan report for 10.82.1.101 Host is up (0.00015s latency). Not shown: 977 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.3.4 22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) 23/tcp open telnet Linux telnetd 25/tcp open smtp Postfix smtpd 53/tcp open domain ISC BIND 9.4.2 80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2) 111/tcp open rpcbind 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 512/tcp open exec netkit-rsh rexecd 513/tcp open login 514/tcp open tcpwrapped 1099/tcp open java-rmi GNU Classpath grmiregistry 1524/tcp open bindshell Metasploitable root shell 2049/tcp open rpcbind 2121/tcp open ftp ProFTPD 1.3.1 3306/tcp open mysql MySQL 5.0.51a-3ubuntu5 5432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7 5900/tcp open vnc VNC (protocol 3.3) 6000/tcp open X11 (access denied) 6667/tcp open irc UnrealIRCd 8009/tcp open ajp13 Apache Jserv (Protocol v1.3) 8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1