21.14
blogkublogmu
in this method i use nmap, zenmap, netifera, wireshark, sites target is:
is2c-dojo.com
is2c-dojo.net
spentera.com
the first must i do is pinging to them..
root@cupenk:~# ping is2c-dojo.net
PING is2c-dojo.net (216.239.38.21) 56(84) bytes of data.
64 bytes from any-in-2615.1e100.net (216.239.38.21): icmp_seq=1 ttl=52 time=40.3 ms
64 bytes from any-in-2615.1e100.net (216.239.38.21): icmp_seq=2 ttl=52 time=40.8 ms
64 bytes from any-in-2615.1e100.net (216.239.38.21): icmp_seq=3 ttl=52 time=40.1 ms
^C
--- is2c-dojo.net ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 40.176/40.469/40.899/0.351 ms
root@cupenk:~# ping is2c-dojo.com
PING is2c-dojo.com (67.222.154.106) 56(84) bytes of data.
^C
--- is2c-dojo.com ping statistics ---
14 packets transmitted, 0 received, 100% packet loss, time 12999ms
root@cupenk:~# ping spentera.com
PING spentera.com (74.81.66.104) 56(84) bytes of data.
^C
--- spentera.com ping statistics ---
14 packets transmitted, 0 received, 100% packet loss, time 13102ms
just is2c-dojo.net can be comunication.
ok next i scan is2c-dojo.net with nmap gui version with syntax => nmap -T4 -A -v is2c-dojo.net:
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-31 11:42 WIT
NSE: Loaded 87 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Ping Scan at 11:42
Scanning is2c-dojo.net (216.239.36.21) [4 ports]
Completed Ping Scan at 11:42, 0.11s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 11:42
Completed Parallel DNS resolution of 1 host. at 11:42, 0.21s elapsed
Initiating SYN Stealth Scan at 11:42
Scanning is2c-dojo.net (216.239.36.21) [1000 ports]
Discovered open port 80/tcp on 216.239.36.21
Completed SYN Stealth Scan at 11:43, 49.08s elapsed (1000 total ports)
Initiating Service scan at 11:43
Scanning 1 service on is2c-dojo.net (216.239.36.21)
Completed Service scan at 11:43, 13.98s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against is2c-dojo.net (216.239.36.21)
Retrying OS detection (try #2) against is2c-dojo.net (216.239.36.21)
Initiating Traceroute at 11:43
Completed Traceroute at 11:43, 0.28s elapsed
Initiating Parallel DNS resolution of 6 hosts. at 11:43
Completed Parallel DNS resolution of 6 hosts. at 11:43, 0.07s elapsed
NSE: Script scanning 216.239.36.21.
Initiating NSE at 11:43
Completed NSE at 11:44, 14.23s elapsed
Nmap scan report for is2c-dojo.net (216.239.36.21)
Host is up (0.62s latency).
Other addresses for is2c-dojo.net (not scanned): 216.239.38.21 216.239.32.21 216.239.34.21
rDNS record for 216.239.36.21: any-in-2415.1e100.net
Not shown: 998 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Google httpd 2.0 (GFE)
|_http-methods: No Allow or Public header in OPTIONS response (status code 301)
| http-title: 301 Moved
|_Did not follow redirect to http://www.is2c-dojo.net/
113/tcp closed ident
Device type: WAP|general purpose
Running (JUST GUESSING): Netgear embedded (86%), OpenBSD 3.X|4.X (85%)
OS CPE: cpe:/o:openbsd:openbsd:3 cpe:/o:openbsd:openbsd:4
Aggressive OS guesses: Netgear WGR614v7 wireless broadband router (86%), OpenBSD 3.8 - 4.6 (85%), OpenBSD 4.3 (85%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 0.000 days (since Tue Jan 31 11:43:52 2012)
Network Distance: 6 hops
TCP Sequence Prediction: Difficulty=252 (Good luck!)
IP ID Sequence Generation: Randomized
Service Info: OS: Linux; CPE: cpe:/o:linux:kernel
TRACEROUTE (using port 113/tcp)
HOP RTT ADDRESS
1 2.68 ms 192.168.4.1
2 6.34 ms 202.162.33.49
3 6.30 ms 202.162.38.74
4 15.09 ms 202.162.38.205
5 31.31 ms ip-117-1.mcs.internet.exchange (119.110.117.1)
6 280.43 ms any-in-2415.1e100.net (216.239.36.21)
NSE: Script Post-scanning.
Read data files from: /usr/local/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 93.92 seconds
Raw packets sent: 3104 (140.644KB) | Rcvd: 96 (4.984KB)
service running port 80 http by google. its blogger.
terminal:
root@cupenk:~# nmap -Pn -sS -A is2c.dojo.net
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-31 12:06 WIT
Nmap scan report for is2c.dojo.net (173.212.56.201)
Host is up (0.34s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.2.3 ((CentOS))
| http-robots.txt: 2 disallowed entries
|_/click.php /result.php
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
|_http-title: dojo.net
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Linux 2.6.X (88%)
OS CPE: cpe:/o:linux:kernel:2.6
Aggressive OS guesses: Linux 2.6.9 - 2.6.18 (88%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 13 hops
TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1 3.07 ms 192.168.4.1
2 4.13 ms 202.162.33.49
3 4.11 ms 202.162.38.74
4 4.86 ms 118.97.5.229
5 30.86 ms 118.subnet118-98-56.astinet.telkom.net.id (118.98.56.118)
6 29.97 ms 30.subnet118-98-58.astinet.telkom.net.id (118.98.58.30)
7 29.07 ms 30.190.240.180.telin.sg (180.240.190.30)
8 43.72 ms 58.27.14.57
9 ...
10 353.55 ms ae3-155.lon25.ip4.tinet.net (77.67.75.149)
11 341.05 ms xe-0-1-0.dal33.ip4.tinet.net (89.149.183.214)
12 343.18 ms hunt-brothers-of-louisiana.ip4.tinet.net (77.67.71.226)
13 342.95 ms 173.212.56.201
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 61.03 seconds
try scan with netifera;
on netifera i can see directory from is2c.dojo.net
try again with wireshark:
Posted in: security
0 komentar:
Posting Komentar