|
|
|
|
Online Now: 2 0 Members | 2 Guests |
|
|
|
|
|
|
Copy & paste Coding Dibawah ini Untuk Banner kami ================================== <a href="http://www.sekuritionline.net/" target="_blank"><img src= "http://www.sekuritionline.net/ banner/banner.gif" width="125" height="75" alt="sekuritionline.net" title="SO-Te@m" border="0" /></a> |
|
|
|
|
|
|
| -------------------------------- |
|
|
|
|
|
|
|
| January 26, 2009, 6:07 pm |
|
|
|
|
By thesims
Published: July 29, 2007
Print
Email
Mari bermain dengan Nmap ........
Apa itu Nmap jika anda cukup familiar dengan kata kata ini sebaiknya anda menyimpan dalam hati karena nmap bukan makanan dan bukan pula masakan ,
Ok, kembali ke context awal | dalam melakukan hacking jarak jauh tahap awalnya adalah mengintip yap
memang tepat kata ini digunakan dalam artikel ini , mengintip sebuah
port alias service yang dijalankan oleh target dan server , service
yang dijalankan protokol TCP ( transmission control protokol ) .
Port apasih yang kita mau intip ? pertanyaan ini sering diutarakan teman-teman saya ok kita mau melihat gambaran port yang paling umum :
25 SMTP server 80 Webserver 110 Pop3 Server dll
Semakin penasaran dengan nmap mari kita menyelam lebih jauh tentang nmap ini
Nmap dirancang untuk melakukan scanning dalam jaringan , melihat operasi yang sedang berjalan berbagai
teknik yang digunakan seperti UDP, TCP , Connect () TCP SYN ( half open
) ftp proxy (bounce attack), Reverse-ident, ICMP (ping sweep), FIN, ACK
sweep, Xmas Tree, SYN sweep, dan Null scan. , nmap juga
menyediakan fitur remote os ( ping sweep ) FIN , ACK Sweep . Xmas Tree
SYN Sweep [ bingung dengan istilah ilmiah diatas siapkan kamus anda
lalu search digoogle ]
sebagai tools awal saya menggunakan backtrack [ slackware ] dengan Flat 3G
misal target anda :
www.jasakom.com
bt iqbal # nmap -v sS -O www.jasakom.com
Starting Nmap 4.20 ( http://insecure.org ) at 2007-07-29 07:15 GMT Failed to resolve given hostname/IP: sS. Note that you can't use '/mask' AND '1-4,7,100-' style IP ranges Initiating Parallel DNS resolution of 1 host. at 07:15 Completed Parallel DNS resolution of 1 host. at 07:15, 0.91s elapsed Initiating System CNAME DNS resolution of 1 host. at 07:15 Completed System CNAME DNS resolution of 1 host. at 07:15, 0.40s elapsed Initiating SYN Stealth Scan at 07:15 Scanning web115.discountasp.net (216.177.77.9) [1697 ports] Discovered open port 21/tcp on 216.177.77.9 Discovered open port 80/tcp on 216.177.77.9 Discovered open port 25/tcp on 216.177.77.9 Discovered open port 443/tcp on 216.177.77.9 Increasing send delay for 216.177.77.9 from 0 to 5 due to 11 out of 29 dropped probes since last increase. SYN Stealth Scan Timing: About 9.93% done; ETC: 07:20 (0:04:32 remaining) Stats: 0:00:43 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 14.81% done; ETC: 07:19 (0:03:37 remaining) Stats: 0:00:59 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 21.71% done; ETC: 07:19 (0:03:14 remaining) Stats: 0:01:31 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 34.08% done; ETC: 07:19 (0:02:46 remaining) Stats: 0:01:33 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 34.87% done; ETC: 07:19 (0:02:43 remaining) Stats: 0:01:36 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 35.50% done; ETC: 07:19 (0:02:44 remaining) Stats: 0:02:05 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 49.70% done; ETC: 07:19 (0:02:00 remaining) Discovered open port 8080/tcp on 216.177.77.9 Discovered open port 1027/tcp on 216.177.77.9 Stats: 0:03:26 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 85.89% done; ETC: 07:19 (0:00:32 remaining) Stats: 0:03:30 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 88.03% done; ETC: 07:19 (0:00:27 remaining) Stats: 0:03:53 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 96.62% done; ETC: 07:19 (0:00:07 remaining) Stats: 0:04:00 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 99.15% done; ETC: 07:19 (0:00:02 remaining) Stats: 0:04:03 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 99.99% done; ETC: 07:19 (0:00:00 remaining) Stats: 0:04:04 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan SYN Stealth Scan Timing: About 99.99% done; ETC: 07:19 (0:00:00 remaining) Completed SYN Stealth Scan at 07:19, 242.96s elapsed (1697 total ports) Initiating OS detection (try #1) against web115.discountasp.net (216.177.77.9) Retrying OS detection (try #2) against web115.discountasp.net (216.177.77.9) Initiating gen1 OS Detection against 216.177.77.9 at 269.212s Stats: 0:04:29 elapsed; 0 hosts completed (1 up), 1 undergoing OS Scan For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled Stats: 0:05:08 elapsed; 0 hosts completed (1 up), 1 undergoing OS Scan For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled For OSScan assuming port 21 is open, 1 is closed, and neither are firewalled Host web115.discountasp.net (216.177.77.9) appears to be up ... good. Interesting ports on web115.discountasp.net (216.177.77.9): Not shown: 1684 closed ports PORT STATE SERVICE 21/tcp open ftp 25/tcp open smtp 80/tcp open http 135/tcp filtered msrpc 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 443/tcp open https 445/tcp filtered microsoft-ds 554/tcp filtered rtsp 1027/tcp open IIS 8000/tcp filtered http-alt 8080/tcp open http-proxy Device type: general purpose|web proxy|broadband router|firewall|WAP Running
(JUST GUESSING) : Microsoft Windows NT/2K/XP|2003/.NET (88%), Blue Coat
SGOS (87%), Netopia embedded (86%), ZyXel ZyNOS (86%), Linux 1.X (85%),
D-Link embedded (85%) Aggressive OS guesses: Microsoft Windows XP
Home Edition (German) SP2 (88%), Microsoft Windows 2003 Server or XP
SP2 (88%), Microsoft Windows XP Pro SP2 (88%), BlueCoat SG4 (87%),
Microsoft Windows 2003 Server SP1 (86%), Netopia DSL Router (86%),
ZyXel ZyWALL 1 firewall (86%), ZyXel Zywall 10W firewall (86%), Linux
1.3.20 (x86) (85%), D-Link DI-774 WAP (85%) No exact OS matches for host (test conditions non-ideal). Network Distance: 19 hops TCP Sequence Prediction: Difficulty=0 (Trivial joke) IPID Sequence Generation: Busy server or unknown class
OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ . Nmap finished: 1 IP address (1 host up) scanned in 360.207 seconds
Raw packets sent: 2050 (94.832KB) | Rcvd: 1908 (89.312KB)
Ada banyak option yang mengatur cara kerja nmap, beberapa yang sering saya gunakan misalnya:
-P0 - tidak melakukan ping ke target, untuk menghindari kita terlihat oleh target.
-f - menggunakan potongan paket kecil-kecil (fragmented) agar
sulit di deteksi oleh software pendeteksi penyusup.
-v - verbose mode, untuk melihat hasil antara proses scan pada layar.
-O - mencoba menebak sistem operasi yang digunakan oleh mesin target. masih penasaran tentang perintah nmap
bt ~ # man nmap
Itulah dasar pondasi dalam hacking , selanjutnya ada dapat berkreasi untuk mencoba menemukan bug service tersebut , cari source di www.milw0rm.com dll tergantung kreasi anda selamat mencoba
Thanks
to : Ratna Indah atas keindahannya .. , SO Crew yang memberikan
pengetahuan share ilmu kepada saya , broaband crew ......
wassallam
iqbal@sekuritionline.net
View Comments (1)
|
|
|
|
|
great...artikel untuk para pemula.. semangat truss kawan