'scanning'에 해당되는 글 6건

  1. 2013.08.05 NMAP을 사용한 Conficker 탐지(Scanning)
  2. 2011.12.16 SQL Injection Scanning Update - Filter Evasions Detected
  3. 2011.09.28 Metasploit: The Penetration Tester’s Guide
2013.08.05 15:50

NMAP을 사용한 Conficker 탐지(Scanning)

■ Install

1. 다운/패키지설치(소스설치-비추천 : http://nmap.org/download.html)

wget  http://nmap.org/dist/nmap-5.00-1.i386.rpm
rpm -vhU nmap-5.00-1.i386.rpm



2. nmap 사용 ( 콘피커 관련 설정 )

nmap -PN -T4 -p139,445 -n -v --script smb-check-vulns,smb-os-discovery --script-args safe=1 10.1.1.10

* 맨끝에 10.1.1.10을 타겟이 될 Windows 관련IP로 변경하시면 됩니다.


■ 사용 예제

1-1. 콘피커 비감염시 - 간편모드(grep만 줫을뿐입니다)

[root@localhost /]#  nmap -PN -T4 -p139,445 -n -v --script smb-check-vulns 10.1.1.10  | grep Conficker

|  Conficker: Likely CLEAN



1-2. 콘피커 비감염시 - 관련 풀모드

[root@localhost /]#  nmap -PN -T4 -p139,445 -n -v --script smb-check-vulns 10.1.1.10  

.................
Host script results:
|  smb-check-vulns:  
|  MS08-067: FIXED
|  Conficker: Likely CLEAN
|_ regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)



2-1. 콘피커 감염시 - 간편모드(grep만 줫을뿐입니다)

[root@localhost /]#  nmap -PN -T4 -p139,445 -n -v --script smb-check-vulns 10.1.1.10  | grep Conficker

|  Conficker: Likely INFECTED



2-2. 콘피커 감염시 - 풀모드

[root@localhost /]#  nmap -PN -T4 -p139,445 -n -v --script smb-check-vulns 10.1.1.10  | grep Conficker

.................
Host script results:
|  smb-check-vulns:
|  MS08-067: FIXED
|  Conficker: Likely INFECTED
|_ regsvc DoS: VULNERABLE



■ Reference
NMAP : http://nmap.org
NMAP 스크립트 : http://nmap.org/nsedoc/index.html



출처 : dec9.tistory.com



Trackback 0 Comment 0
2011.12.16 18:43

SQL Injection Scanning Update - Filter Evasions Detected


Trackback 1 Comment 0
2011.09.28 18:55

Metasploit: The Penetration Tester’s Guide

It gives me great pleasure to review this book ‘Metasploit – The Penetration Tester’s Guide’, not only because it is written on most popular penetration testing framework but the way it is written doing complete justice to the title!

Here is the core information about the book,

  • Title: Metasploit: The Penetration Tester’s Guide
  • Author: David Kennedy, Jim O’Gorman, Devon Kearns, Mati Aharoni
  • Publisher: No Starch Press
  • Pages: 328
  • Release Date: July 22, 2011
  • Rating(Amazon): 

.

Here is the table of contents

Chapter 1: The Absolute Basics of Penetration Testing
Chapter 2: Metasploit Basics
Chapter 3: Intelligence Gathering
Chapter 4: Vulnerability Scanning
Chapter 5: The Joy of Exploitation
Chapter 6: Meterpreter
Chapter 7: Avoiding Detection
Chapter 8: Exploitation Using Client-side Attacks
Chapter 9: Metasploit Auxiliary Modules
Chapter 10: The Social-Engineer Toolkit
Chapter 11: Fast-Track
Chapter 12: Karmetasploit
Chapter 13: Building Your Own Module
Chapter 14: Creating Your Own Exploits
Chapter 15: Porting Exploits to the Metasploit Framework
Chapter 16: Meterpreter Scripting
Chapter 17: Simulated Penetration Test
Appendix A: Configuring Your Target Machines
Appendix B: Cheat Sheet



출처 : nagareshwar.securityxploded.com

Trackback 0 Comment 0