Author Topic: Unknown Server Intrusion  (Read 3592 times)

li9h7

  • Guest
on: February 22, 2012, 09:55:28 PM
Let's think I have a server on my network.
I don't know what is its OS and what services are running on it.
and any other kind of informations too!

I only have IP address.
How can I find some information about it?
like OS and services?
I think it's possible to find port by nmap and guess which  services are running.

and finally how is  possible to take control of it? (method name not description)
i know this topic may have very long answers, but only I need some guide,
it will be good if you put some link here.

li9h7
« Last Edit: February 22, 2012, 09:58:22 PM by li9h7 »



ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #1 on: February 22, 2012, 10:12:27 PM
Did you see forum TOPIC : " Howtos " it's not General support forum. And, you said that you know to use nmap ? If you know how to use nmap, you can see that nmap can give you this info as well.

nmap -O 127.0.0.1 (TCP/IP fingerprint)

And if nmap can't find, he can guess OS :

nmap -O --osscan-guess 127.0.0.1

Try it !

EDIT :

1st you need to learn how to use nmap to get server infos. After that you try to find ftp, ssh, panel, etc. version. If they use version "out of date" you can exploite any issue. You have big online BIBLE about : GOOGLE. You need to learn how to run and use php, perl, python,bash etc.. exploits and you know what, you will become pentester king in your hood :). Hope that you have got your response.
« Last Edit: February 22, 2012, 10:21:26 PM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


li9h7

  • Guest
Reply #2 on: February 23, 2012, 04:28:31 AM
nmap -O --osscan-guess 127.0.0.1

1st you need to learn how to use nmap to get server infos. After that you try to find ftp, ssh, panel, etc. version. If they use version "out of date" you can exploite any issue. You have big online BIBLE about : GOOGLE. You need to learn how to run and use php, perl, python,bash etc.. exploits and you know what, you will become pentester king in your hood :). Hope that you have got your response.

yes it worked. and this the result.

Linux 2.6.X|2.4.X (98%), Linksys embedded (93%), Netgear embedded (93%), Nokia Linux 2.6.X (92%), AXIS Linux 2.6.X (90%), AXIS embedded (90%)
Aggressive OS guesses: Linux 2.6.31 - 2.6.35 (98%), Linux 2.6.19 - 2.6.36 (95%), Linux 2.6.17 - 2.6.28 (95%), Linux 2.6.22 (95%), Linux 2.6.22 (Ubuntu 7.10, x86_64) (95%), Linux 2.6.32 (95%), Linux 2.6.31 - 2.6.32 (94%), Linksys WRV54G WAP (93%), Netgear DG834G WAP (93%), Linux 2.6.17 - 2.6.30 (92%)

it's good.
in the other hand in all the above answers services are working same.


EDIT:
ZEROF, You r right, i need to know more about exploits.
and what is the appropriate forum for this question? :!
« Last Edit: February 23, 2012, 04:37:17 AM by li9h7 »



ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #3 on: February 23, 2012, 09:16:56 AM
Quote
Did you see forum TOPIC : " Howtos " it's not General support forum.
. If you want to learn only about NMAP, you can ask inside : Software Support forum. In this forum people write tutorial to help BBox users to learn basic and advanced use of tools.
« Last Edit: April 18, 2012, 07:18:51 AM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


li9h7

  • Guest
Reply #4 on: February 23, 2012, 09:25:36 AM
Quote
Did you see forum TOPIC : " Howtos " it's not General support forum.
. Uf you want to learn only about NMAP, you can ask inside : Software Support forum. In this forum people write tutorial to help BBox users to learn basic and advanced use of tools.

OK i got it, but I know about nmap, i write nmap just for sample.
I wanted to know is there any tools to help me.



ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #5 on: February 23, 2012, 02:31:07 PM
From your question we can see that you know how to use some tools, that is good start, but you need to know what you want. I use paper to write down when i run pentest against clients server. I said you, nmap guide book is good stuff to start. After that you need to learn how server works. Install server and try to run exploits against ssh protection, ftp, root etc ...Now i see that you will ask but i need tools for it ? Sure, but, all what you need to do your personal start, open Linux best friend : MR. TERMINAL. Tools will not help you if you don't know how system works.

If i say you that BBox have more then 10 tools to use for information gathering, can you give me their names ? We can say you try Nikto2, but what you will do with, when scanning is over ? If you know how system works, you can move to step 2, if you don't know, tools can't help you. It's not only your problem, it's problem for many people.

How many times you watched WEP cracking tutorial ? 95% of tuts don't say you what to do with KEY you get. Why ? Because pentester knows  that people only use their tools to get KEY and show them to friends, they will not use them. Crazy no. Only people with idea to become pentesters will ask, and now, what i need to do ? !.

Hope this will help you !
« Last Edit: February 23, 2012, 05:40:57 PM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


break0x90

  • Newbie
  • *
  • Posts: 30
    • View Profile
Reply #6 on: February 24, 2012, 01:38:31 AM
Quote
Did you see forum TOPIC : " Howtos " it's not General support forum.
. Uf you want to learn only about NMAP, you can ask inside : Software Support forum. In this forum people write tutorial to help BBox users to learn basic and advanced use of tools.

OK i got it, but I know about nmap, i write nmap just for sample.
I wanted to know is there any tools to help me.
only your brain... it's the best one !
LOL

without flaming this is a serious project and not a lamer board like eurohackers or "h4cker in 24h". Perhaps you should study the OSI model, TCP/IP stack and your protocols before ask us "how to hack a remote server".
I'm sorry but everyone of us lived a "lamer time" and the only way to improve our skills was read more comments like this to understand that there isn't any "intrusion vademecum" or standard procedure.
This is hacking... curiosity and talent.



r00tuuu123

  • Newbie
  • *
  • Posts: 2
    • View Profile
Reply #7 on: April 18, 2012, 04:43:17 AM
Dude I know this is an older post and the language difference may be a problem but you discovered your router.
inux 2.6.X|2.4.X (98%), Linksys embedded (93%), Netgear embedded (93%), Nokia Linux 2.6.X (92%), AXIS Linux 2.6.X (90%), AXIS embedded (90%)
Aggressive OS guesses: Linux 2.6.31 - 2.6.35 (98%), Linux 2.6.19 - 2.6.36 (95%), Linux 2.6.17 - 2.6.28 (95%), Linux 2.6.22 (95%), Linux 2.6.22 (Ubuntu 7.10, x86_64) (95%), Linux 2.6.32 (95%), Linux 2.6.31 - 2.6.32 (94%), Linksys WRV54G WAP (93%), Netgear DG834G WAP (93%), Linux 2.6.17 - 2.6.30 (92%)