Snippet

Ports list

23 posts in this topic

This is the situation, I have a friend that has giving me full consent to try and access his system from my house. Therefore I used Tcpview to get his ip and I have used NetScanTools 4.12 (Port Probe) to see wich ports he had open. Now I found one, and since im not very good with networking (going to get a book tomorow :D ) I need some help. The port is [00110-TCP-pop3]

Now I would like to know what the pop3 means. Im guessing that 00110 is the port number and that TCP means that its not UDP

Once I know what the service on the port is, I can use an exploit to enter the system, this is correct?

Edited by Snippet
0

Share this post


Link to post
Share on other sites

pop3 is post office protocol. it delivers emails. tcp is transmission control protocol, udp is user datagram protocol.yeah 00110 is port 110 which is what pop3 runs on. and yeah if you find an exploit for a service running on an open port you can exploit it.

0

Share this post


Link to post
Share on other sites

Thx, now is there a website with all of the ports listed? and mayby a site with all of the newer exploits.

0

Share this post


Link to post
Share on other sites

Tcp means it is tcp (see rfc 793) not just that it's not udp. ICMP is not udp, but it is also not tcp. As for the port, yes 110 is the pop3 port, you might want to look at the protocol documentation in rfc 1939.

This is the situation, I have a friend that has giving me full consent to try and access his system from my house. Therefore I used Tcpview to get his ip and I have used NetScanTools 4.12 (Port Probe) to see wich ports he had open. Now I found one, and since im not very good with networking (going to get a book tomorow :D ) I need some help. The port is [00110-TCP-pop3]

Now I would like to know what the pop3 means. Im guessing that 00110 is the port number and that TCP means that its not UDP

Once I know what the service on the port is, I can use an exploit to enter the system, this is correct?

0

Share this post


Link to post
Share on other sites

RFC?

And I cant seem to find an exploit for this, any good sites?

Edited by Snippet
0

Share this post


Link to post
Share on other sites

um.....you're not going to really find anything to exploit....

0

Share this post


Link to post
Share on other sites

You will not find exploitable flaws in popular Internet protocols, except for a few VERY noteworthy exceptions (such as TCP SYN flooding, long ICMP packet DOS, and counting hosts behind private DNS using TCP timestamps). You will, however, find plenty of exploits for programs that implement the standard. Although I hate to give advice like this, go to milw0rm for all you Sploitz needs. See http://en.wikipedia.org/wiki/Transmission_Control_Protocol, http://en.wikipedia.org/wiki/User_Datagram_Protocol, http://en.wikipedia.org/wiki/Request_for_Comments for more information.

Edited by Elzair
0

Share this post


Link to post
Share on other sites

How do I compile a text file? Im guessing you just use a compiler program, but does the program make a difference? like is there diff languages or anything.

Why do programs come un-compiled?

0

Share this post


Link to post
Share on other sites

<flame / rant>

exploits....they're not point and click ware. They come uncompilled to keep kiddies from using them. They are typically written in C, or perl, but i've seen many in php. If you dont know how to compile, then you shouldnt be messing with exploits in the first place.

</flame / rant>

Edited by Evil1
0

Share this post


Link to post
Share on other sites
<flame / rant>

exploits....they're not point and click ware. They come uncompilled to keep kiddies from using them. They are typically written in C, or perl, but i've seen many in php. If you dont know how to compile, then you shouldnt be messing with exploits in the first place.

</flame / rant>

Totally agree... your obviusly a script kiddie since i looked at "Netools 4.12" or watever, it has every single basic command that every single computer has...

[Ping, Telnet, tracert, whois, whoami, ftp, and all that other crap. Its rly a pointless program, its also BS that its a shareware, $25 for something that comes on my computer anyway...

Its okay that your a script kiddie now, dont be offended... just try to get out of "click this button to rape remote computers..."

0

Share this post


Link to post
Share on other sites
<flame / rant>

exploits....they're not point and click ware. They come uncompilled to keep kiddies from using them. They are typically written in C, or perl, but i've seen many in php. If you dont know how to compile, then you shouldnt be messing with exploits in the first place.

</flame / rant>

aye, somthing thats used but not enough is when the code is slightly broken.

0

Share this post


Link to post
Share on other sites

Aiight thx for the advice, I knew that the command prompt had all the commands but I figured it was easier this way. I dont wanna fall into the script kiddie rut therefore netools is gone.

As you said I'l stay away from that stuff [exploits and anything I need to ask 15 questions about] until I actually know what I'm doing, and again, thx for steering me in the right direction.

Edited by Snippet
0

Share this post


Link to post
Share on other sites

Are you sure you got the correct IP address? Does your friend really have a POP3 server running?? That TCPView program tells you all the programs connected to the internet, the ports, and the addresses, just like the DOS command netstat.

What program was connected to your friend's computer directly? From what I've read it looks like you found the IP addy to your e-mail server...

0

Share this post


Link to post
Share on other sites

yea I have the correct one, because once I found it I got his sister to hit up www.whatismyip.com and it was the same one.

I doubt he actually set any POP3 servers I thought it just came with Xp.

I made a direct link using and msn file transfer.

Edited by Snippet
0

Share this post


Link to post
Share on other sites

POP3 is not set up with XP by default. You can set it up with IIS with Windows 2003, but have never tried it with XP.

0

Share this post


Link to post
Share on other sites
since im not very good with networking (going to get a book tomorow biggrin.gif )

if you dont want to be forever marked as a skiddie, start here:

TCP/IP Illustrated, Volume 1

TCP/IP Illustrated, Volume 2

TCP/IP Illustrated, Volume 3

Unix Network Programming, Vol. 1: The Sockets Networking API

but right now you smell like a skiddie :nono:

things that are worthwhile take time, dont watch all these hacker b.s. movies and think its a fucking walk in the park. you have to know your shit. ya you can use metasploit and millworm/k-0tic to get exploits but just because you can pop someones box doesnt mean shit. you need hacker-foo :pirate:

0

Share this post


Link to post
Share on other sites
since im not very good with networking (going to get a book tomorow biggrin.gif )

if you dont want to be forever marked as a skiddie, start here:

TCP/IP Illustrated, Volume 1

TCP/IP Illustrated, Volume 2

TCP/IP Illustrated, Volume 3

Unix Network Programming, Vol. 1: The Sockets Networking API

but right now you smell like a skiddie :nono:

things that are worthwhile take time, dont watch all these hacker b.s. movies and think its a fucking walk in the park. you have to know your shit. ya you can use metasploit and millworm/k-0tic to get exploits but just because you can pop someones box doesnt mean shit. you need hacker-foo :pirate:

I would also like to add 'Hacking: the art of exploration' and any book on 8086 assembly to that list, so you can learn about how to code exploits in assembler. Learning how to do that for yourself is pretty cool but a word of warning: it's pretty 1337 stuff. :D

0

Share this post


Link to post
Share on other sites

Well I went to chapters and I picked up Tcp/ip foundations, Networking security foundations and teach yourself linux ( so I could know a lil more about how it works)

0

Share this post


Link to post
Share on other sites
Well I went to chapters and I picked up Tcp/ip foundations, Networking security foundations  and teach yourself linux ( so I could know a lil more about how it works)

Sounds like a good start. Just keep on reading!

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now