sintax

port identification...

10 posts in this topic

Hey guys, my first post...I'm assuming you guys are friendlier than the people over at HITB...

But anyway...I have not-so-recently taken an interest in the art of port scanning using nmap (love the interface, by the way) and have come across an easy target (i dont wanna deface...just infiltrate). Adequacy.org, the publisher of the infamous "How to tell if you son is a computer hacker." At last port scan ports 21, 22, 23, 25, 80, 548, and 587 are open (all tcp) and ports 135-139 and 445 are all filtered (also all tcp). Now, following the traditional noob tutorial, I telnet into adequacy.org and begin tying the normal passwords (password, admin, god, try brute-forcing some names, etc) Nothings working, obviously, and so i begin the search for exploitable vulnerabilities. And, this is where im stuck. Here is the full scan:

PORT STATE SERVICE VERSION

21/tcp open ftp ProFTPD 1.3.1rc2

22/tcp open ssh OpenSSH 3.8.1p1 Debian 8.sarge.6 (protocol 2.0)

23/tcp open telnet Linux telnetd

25/tcp open smtp Postfix smtpd

|_ SMTP: HELP with errors or timeout. Enable --script-trace to see what is happening.

80/tcp open http Apache httpd 1.3.37

|_ HTML title: Site Temporarily Unavailable

111/tcp filtered rpcbind

135/tcp filtered msrpc

136/tcp filtered profile

137/tcp filtered netbios-ns

138/tcp filtered netbios-dgm

139/tcp filtered netbios-ssn

445/tcp filtered microsoft-ds

548/tcp open afpovertcp?

587/tcp open smtp Postfix smtpd

|_ SMTP: HELP with errors or timeout. Enable --script-trace to see what is happening.

766/tcp open status 1 (rpc #100024)

No OS matches for host

Uptime: 177.304 days (since Wed Aug 15 17:05:20 2007)

TCP Sequence Prediction: Difficulty=248 (Good luck!)

IP ID Sequence Generation: Randomized

Service Info: OSs: Unix, Linux

So...any suggestions?

0

Share this post


Link to post
Share on other sites

Here's a suggestion:

3. DEFINITION OF "HACKING"

Hacking is about production, not destruction; it involves curiosity, research, analysis, knowledge, the creation of new ideas, the discovery of amazing breakthroughs, and the sharing of information with those who will use it responsibly. Hacking is not illegal activity. The Digital Dawg Pound and the Binary Revolution Forums will not take any responsibility for your actions, nor do we condone any sort of illegal activity, especially in the name of hacking.

Did you read the rules?

0

Share this post


Link to post
Share on other sites

try googling each and every one of those ports. #1 rule for . Google is GOD.

0

Share this post


Link to post
Share on other sites

try...not posting the scan results of some website you want to attack on a public forum Because;

A: Nobody cares

B: Its not smart

and C: its no wonder why you've been getting flamed with posts like that, "infiltrate?" and do what...

negativity ends here

(sort of)

ProFTPD 1.3.1rc2 + vulnerabilites

for starters...although you probably won't find much on that version.

when you say "brute force" do you mean you actually ran a program or you sat there and typed in random shit like an idiot, did you do it behind a proxy? do you know what Telnet is ? don't make the assumption that the target is easy just because it has a bunch of services listening...btw, did you read any manual pages on how nmap works and the different scan options?

0

Share this post


Link to post
Share on other sites
H Now, following the traditional noob tutorial, I telnet into adequacy.org and begin tying the normal passwords (password, admin, god, try brute-forcing some names, etc)

lol. "System administrators love to use the password God man. It's like this whole male ego trip."

-Cereal Killer

Did you watch Hackers? lol.

0

Share this post


Link to post
Share on other sites
H Now, following the traditional noob tutorial, I telnet into adequacy.org and begin tying the normal passwords (password, admin, god, try brute-forcing some names, etc)

lol. "System administrators love to use the password God man. It's like this whole male ego trip."

-Cereal Killer

Did you watch Hackers? lol.

lol. the wolfmaN actually lovEs that movie. every character in the movie is over played. i love the computer Security officer. "my name is the plague" man, that was funny Shit. a long time ago, the wolfman got into a system where the administrators password was "god". i couldn't believe it. it was an old moo that i Used to play in. anyhow, enough of that. dude, you Shouldn't be messing around with any system that you don't own. if you're interested in port scanning and looking for vulnerabilities, setup a vmware server in your own network and attack your own images. it's just a suggestion. who knows, maybe you will be inspired to run something after reading this post.

0

Share this post


Link to post
Share on other sites

Does anyone know of a way of finding out which Ports are open on a default gateway, without going as far as running Nmap?

0

Share this post


Link to post
Share on other sites
Does anyone know of a way of finding out which Ports are open on a default gateway, without going as far as running Nmap?

Look into passive scanning.

0

Share this post


Link to post
Share on other sites
lol. the wolfmaN actually lovEs that movie. every character in the movie is over played. i love the computer Security officer. "my name is the plague" man, that was funny Shit. a long time ago, the wolfman got into a system where the administrators password was "god". i couldn't believe it. it was an old moo that i Used to play in. anyhow, enough of that. dude, you Shouldn't be messing around with any system that you don't own. if you're interested in port scanning and looking for vulnerabilities, setup a vmware server in your own network and attack your own images. it's just a suggestion. who knows, maybe you will be inspired to run something after reading this post.

This is sweet. This is very sweet =)

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now