Форум АНТИЧАТ

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)
-   Проверка на уязвимости (https://forum.antichat.xyz/forumdisplay.php?f=110)
-   -   Nikto обнаружил уязвимости, как их применить? (https://forum.antichat.xyz/showthread.php?t=482520)

doctordradd 06.01.2021 02:15
День добрый

Nikto обнаружил кучу предположительных уязвимостей. Начал проверять их и похоже, что на самом деле их нет... насколько верить сканнеру Nikto? Возможно что-то неправильно делаю, может кто подскажет, как работать с Nikto? Ниже прилагаю уязвимости, найденные Nikto, Nmaр. Подскажите, пож, куда копать для получения надежного доступа meterpreter или доступа к базам данных?

.SpoilerTarget" type="button">Spoiler: Порты
Host is up (0.12s latency).

Not shown: 732 filtered ports

PORT STATE SERVICE VERSION

25/tcp open ssl/smtp?

53/tcp open domain?

80/tcp open http

81/tcp open ssl/hosts2-ns?

82/tcp open ssl/xfer?

83/tcp open ssl/mit-ml-dev?

84/tcp open ctf?

85/tcp open ssl/mit-ml-dev?

88/tcp open ssl/kerberos-sec?

89/tcp open su-mit-tg?

90/tcp open ssl/dnsix?

99/tcp open ssl/metagram?

389/tcp open ssl/ldap?

443/tcp open ssl/https

444/tcp open ssl/snpp?

445/tcp open ssl/microsoft-ds?

500/tcp open ssl/isakmp?

554/tcp open ssl/rtsp?

555/tcp open dsf?

587/tcp open ssl/submission?

631/tcp open ssl/ipp

636/tcp open ssl/ldapssl?

777/tcp open ssl/multiling-http?

800/tcp open mdbs_daemon?

801/tcp open device?

888/tcp open ssl/accessbuilder?

990/tcp open ssl/ftps?

995/tcp open ssl/pop3s?

999/tcp open ssl/garcon?

1000/tcp open ssl/cadlock?

1002/tcp open ssl/windows-icfw?

1024/tcp open kdm?

1025/tcp open ssl/NFS-or-IIS?

1080/tcp open ssl/socks?

1111/tcp open ssl/lmsocialserver?

1234/tcp open ssl/hotline?

1433/tcp open ms-sql-s?

1443/tcp open ssl/ies-lm?

1455/tcp open esl-lm?

1494/tcp open ssl/citrix-ica?

1521/tcp open ssl/oracle?

1700/tcp open ssl/mps-raft?

1935/tcp open ssl/rtmp?

1971/tcp open ssl/netop-school?

1972/tcp open ssl/intersys-cache?

1974/tcp open ssl/drp?

1984/tcp open ssl/bigbrother?

2000/tcp open ssl/cisco-sccp?

2001/tcp open ssl/dc?

2006/tcp open invokator?

2020/tcp open ssl/xinupageserver?

2022/tcp open ssl/down?

2048/tcp open ssl/dls-monitor?

2049/tcp open nfs?

2065/tcp open dlsrpn?

2068/tcp open avocentkvm?

2100/tcp open ssl/amiganetfs?

2107/tcp open ssl/msmq-mgmt?

2200/tcp open ssl/ici?

2222/tcp open ssl/EtherNetIP-1?

2557/tcp open nicetec-mgmt?

3000/tcp open ssl/ppp?

3001/tcp open ssl/nessus?

3003/tcp open ssl/cgms?

3005/tcp open ssl/deslogin?

3006/tcp open deslogind?

3007/tcp open ssl/lotusmtap?

3011/tcp open ssl/trusted-web?

3013/tcp open ssl/gilatskysurfer?

3017/tcp open ssl/event_listener?

3030/tcp open ssl/arepa-cas?

3052/tcp open powerchute?

3071/tcp open csd-mgmt-port?

3077/tcp open orbix-loc-ssl?

3306/tcp open ssl/mysql?

3333/tcp open ssl/dec-notes?

3389/tcp open ssl/ms-wbt-server?

3551/tcp open apcupsd?

3580/tcp open ssl/nati-svrloc?

4000/tcp open ssl/remoteanything?

4001/tcp open ssl/newoak?

4002/tcp open ssl/mlchat-proxy?

4343/tcp open ssl/unicall?

4443/tcp open ssl/pharos?

4444/tcp open ssl/krb524?

4445/tcp open ssl/upnotifyp?

4449/tcp open ssl/privatewire?

4848/tcp open appserv-http?

5000/tcp open ssl/upnp?

5001/tcp open ssl/commplex-link?

5002/tcp open rfe?

5003/tcp open filemaker?

5004/tcp open avt-profile-1?

5009/tcp open airport-admin?

5050/tcp open ssl/mmcc?

5051/tcp open ssl/ida-agent?

5060/tcp open ssl/sip?

5061/tcp open ssl/sip-tls?

5080/tcp open ssl/onscreen?

5100/tcp open ssl/admd?

5120/tcp open ssl/barracuda-bbs?

5222/tcp open ssl/xmpp-client?

5225/tcp open ssl/hp-server?

5226/tcp open ssl/hp-status?

5269/tcp open ssl/xmpp-server?

5280/tcp open ssl/xmpp-bosh?

5500/tcp open hotline?

5555/tcp open ssl/freeciv?

5900/tcp open vnc?

5901/tcp open ssl/vnc-1?

5902/tcp open ssl/vnc-2?

5903/tcp open ssl/vnc-3?

5910/tcp open ssl/cm?

5911/tcp open ssl/cpdlc?

5987/tcp open ssl/wbem-rmi?

5988/tcp open ssl/wbem-http?

5989/tcp open ssl/wbem-https?

5998/tcp open ssl/ncd-diag?

5999/tcp open ssl/ncd-conf?

6000/tcp open ssl/X11?

6001/tcp open X11:1?

6002/tcp open ssl/X11:2?

6003/tcp open X11:3?

6004/tcp open X11:4?

6005/tcp open X11:5?

6006/tcp open X11:6?

6007/tcp open X11:7?

6009/tcp open X11:9?

6100/tcp open ssl/synchronet-db?

6510/tcp open ssl/mcer-port?

6543/tcp open ssl/mythtv?

6580/tcp open ssl/parsec-master?

6666/tcp open ssl/irc?

6699/tcp open ssl/napster?

6789/tcp open ibm-db2-admin?

7000/tcp open ssl/afs3-fileserver?

7001/tcp open ssl/afs3-callback?

7002/tcp open ssl/afs3-prserver?

7004/tcp open ssl/afs3-kaserver?

7007/tcp open ssl/afs3-bos?

7070/tcp open ssl/realserver?

7100/tcp open ssl/font-service?

7443/tcp open ssl/oracleas-https?

7777/tcp open ssl/cbt?

7778/tcp open ssl/interwise?

7999/tcp open ssl/irdmi2?

8000/tcp open ssl/http-alt

8001/tcp open ssl/vcom-tunnel?

8002/tcp open ssl/teradataordbms?

8007/tcp open ssl/ajp12?

8008/tcp open ssl/http

8009/tcp open ssl/ajp13?

8010/tcp open ssl/xmpp?

8021/tcp open ssl/ftp-proxy?

8022/tcp open ssl/oa-system?

8042/tcp open ssl/fs-agent?

8080/tcp open ssl/http-proxy

8081/tcp open ssl/blackice-icecap?

8082/tcp open ssl/blackice-alerts?

8083/tcp open ssl/us-srv?

8086/tcp open ssl/d-s-n?

8087/tcp open ssl/simplifymedia?

8088/tcp open ssl/radan-http

8090/tcp open ssl/opsmessaging?

8100/tcp open ssl/xprint-server?

8181/tcp open ssl/intermapper?

8192/tcp open sophos?

8193/tcp open sophos?

8194/tcp open sophos?

8200/tcp open ssl/trivnet1?

8300/tcp open ssl/tmi?

8333/tcp open ssl/bitcoin?

8383/tcp open ssl/m2mservices?

8402/tcp open abarsd?

8443/tcp open ssl/https-alt

8500/tcp open ssl/fmtp?

8600/tcp open ssl/asterix?

8701/tcp open ssl/unknown

8800/tcp open ssl/sunwebadmin?

8873/tcp open dxspider?

8888/tcp open ssl/sun-answerbook?

8899/tcp open ssl/ospf-lite?

9000/tcp open ssl/cslistener?

9001/tcp open ssl/tor-orport?

9002/tcp open ssl/dynamid?

9009/tcp open ssl/pichat?

9010/tcp open ssl/sdr?

9011/tcp open ssl/d-star?

9040/tcp open ssl/tor-trans?

9050/tcp open ssl/tor-socks?

9080/tcp open ssl/glrpc?

9081/tcp open ssl/cisco-aqos?

9090/tcp open ssl/zeus-admin?

9091/tcp open ssl/xmltec-xmlmail?

9100/tcp open jetdirect?

9101/tcp open jetdirect?

9102/tcp open jetdirect?

9103/tcp open jetdirect?

9111/tcp open ssl/DragonIDSConsole?

9200/tcp open ssl/wap-wsp?

9207/tcp open ssl/wap-vcal-s?

9500/tcp open ssl/ismserver?

9998/tcp open ssl/distinct32?

9999/tcp open ssl/abyss?

10000/tcp open ssl/snet-sensor-mgmt?

10001/tcp open ssl/scp-config?

10002/tcp open ssl/documentum?

10003/tcp open ssl/documentum_s?

10004/tcp open ssl/emcrmirccd?

10009/tcp open ssl/swdtp-sv?

10010/tcp open ssl/rxapi?

10082/tcp open ssl/amandaidx?

11110/tcp open ssl/sgi-soap?

12345/tcp open netbus?

15002/tcp open ssl/onep-tls?

16000/tcp open ssl/fmsas?

16001/tcp open ssl/fmsascon?

16080/tcp open ssl/osxwebadmin?

20000/tcp open ssl/dnp?

30000/tcp open ssl/ndmps?

31337/tcp open ssl/Elite?

50000/tcp open ssl/ibm-db2?

50002/tcp open ssl/iiimsf?
Nmap не определяет сервис, есть ли какой другой хороший сканнер для определения сервиса, работающего на порту?

grimnir 09.01.2021 00:42
Цитата:
Сообщение от doctordradd
doctordradd said:

Возможно что-то неправильно делаю
скорее всего это просто WAF сработал ,сильно уж много открыто портов.

Цитата:
Сообщение от doctordradd
doctordradd said:

другой хороший сканнер для определения сервиса
Nessus

по теме рекомендую ознакомиться с https://rutracker.org/forum/viewtopic.php?t=5193952 чтобы базу наработать и понимание .


Время: 21:25