Denuncie   Favoritos   Indicar  

nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

1. nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

mayco mendes de almeida
mikeitaly
(usa openSUSE)

Enviado em 29/09/2011 - 16:42h

nmap -v --script=smb-check-vulns 192.168.1.3

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-29 14:46 BRT
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 14:46
Scanning 192.168.1.3 [1 port]
Completed ARP Ping Scan at 14:46, 0.06s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:46
Completed Parallel DNS resolution of 1 host. at 14:46, 0.01s elapsed
Initiating SYN Stealth Scan at 14:46
Scanning 192.168.1.3 [1000 ports]
Discovered open port 135/tcp on 192.168.1.3
Discovered open port 139/tcp on 192.168.1.3
Discovered open port 3389/tcp on 192.168.1.3
Discovered open port 445/tcp on 192.168.1.3
Discovered open port 2869/tcp on 192.168.1.3
Completed SYN Stealth Scan at 14:46, 0.78s elapsed (1000 total ports)
NSE: Script scanning 192.168.1.3.
Initiating NSE at 14:46
Completed NSE at 14:46, 0.08s elapsed
Nmap scan report for 192.168.1.3
Host is up (0.040s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2869/tcp open icslap
3389/tcp open ms-term-serv
MAC Address: 00:15:00:50:2B:04 (Intel Corporate)

Host script results:
| smb-check-vulns:
| MS08-067: NOT VULNERABLE
| Conficker: Likely CLEAN
| regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
| SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)
| MS06-025: CHECK DISABLED (remove 'safe=1' argument to run)
|_ MS07-029: CHECK DISABLED (remove 'safe=1' argument to run)

NSE: Script Post-scanning.
Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds
Raw packets sent: 1001 (44.028KB) | Rcvd: 1001 (40.048KB)

PERGUNTAS: COMO FAÇO PARA ATIVAR A ATIVAR O "regsvc DoS" , "SMBv2 DoS" , "MS06-025" , "MS07-029" ?? reparem que os mesmos estao desativados(CHECK DISABLED)

creio que eu tenha que editar o escript que esta sendo usado..

vlw pessoal!


0 0
  • Quote

    •   


    2. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    Renato Carneiro Pacheco
    renato_pacheco
    (usa Debian)

    Enviado em 29/09/2011 - 16:45h 


    
root@bt:~# nmap -v --script=smb-check-vulns --script-args=unsafe=1 10.239.68.18
    

    
Starting Nmap 5.35DC1 ( http://nmap.org ) at 2011-09-29 16:44 BRT
    
NSE: Loaded 1 scripts for scanning.
    
Initiating ARP Ping Scan at 16:44
    
Scanning 10.239.68.18 [1 port]
    
Completed ARP Ping Scan at 16:44, 0.00s elapsed (1 total hosts)
    
Initiating Parallel DNS resolution of 1 host. at 16:44
    
Completed Parallel DNS resolution of 1 host. at 16:44, 0.01s elapsed
    
Initiating SYN Stealth Scan at 16:44
    
Scanning gti-adm01.xxx.net (10.239.68.18) [1000 ports]
    
Discovered open port 139/tcp on 10.239.68.18
    
Discovered open port 3389/tcp on 10.239.68.18
    
Discovered open port 135/tcp on 10.239.68.18
    
Discovered open port 22/tcp on 10.239.68.18
    
Discovered open port 445/tcp on 10.239.68.18
    
Discovered open port 9091/tcp on 10.239.68.18
    
Discovered open port 912/tcp on 10.239.68.18
    
Completed SYN Stealth Scan at 16:44, 1.18s elapsed (1000 total ports)
    
NSE: Script scanning 10.239.68.18.
    
NSE: Starting runlevel 1 (of 1) scan.
    
Initiating NSE at 16:44
    
Completed NSE at 16:44, 5.02s elapsed
    
Nmap scan report for gti-adm01.xxx.net (10.239.68.18)
    
Host is up (0.000031s latency).
    
Not shown: 993 closed ports
    
PORT     STATE SERVICE
    
22/tcp   open  ssh
    
135/tcp  open  msrpc
    
139/tcp  open  netbios-ssn
    
445/tcp  open  microsoft-ds
    
912/tcp  open  unknown
    
3389/tcp open  ms-term-serv
    
9091/tcp open  unknown
    
MAC Address: D8:D3:85:6D:25:43 (Hewlett Packard)
    

    
Host script results:
    
| smb-check-vulns:
    
|   MS08-067: NOT VULNERABLE
    
|   Conficker: Likely CLEAN
    
|   SMBv2 DoS (CVE-2009-3103): NOT VULNERABLE
    
|   MS06-025: NO SERVICE (the Ras RPC service is inactive)
    
|_  MS07-029: NO SERVICE (the Dns Server RPC service is inactive)
    

    
Read data files from: /usr/share/nmap
    
Nmap done: 1 IP address (1 host up) scanned in 6.30 seconds
    
           Raw packets sent: 1082 (47.592KB) | Rcvd: 1003 (40.136KB)
    
root@bt:~#


    Isso responde a sua pergunta?

    0 0
  • Quote

    • 3. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    mayco mendes de almeida
    mikeitaly
    (usa openSUSE)

    Enviado em 29/09/2011 - 17:00h

    repara bem:

    miketrack@bt:~$ nmap -v --script=smb-check-vulns 192.168.1.3
    Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-29 16:59 BRT
    NSE: Loaded 1 scripts for scanning.
    NSE: Script Pre-scanning.
    Initiating Ping Scan at 16:59
    Scanning 192.168.1.3 [2 ports]
    Completed Ping Scan at 16:59, 1.10s elapsed (1 total hosts)
    Initiating Parallel DNS resolution of 1 host. at 16:59
    Completed Parallel DNS resolution of 1 host. at 16:59, 0.01s elapsed
    Initiating Connect Scan at 16:59
    Scanning 192.168.1.3 [1000 ports]
    Discovered open port 135/tcp on 192.168.1.3
    Discovered open port 3389/tcp on 192.168.1.3
    Discovered open port 445/tcp on 192.168.1.3
    Discovered open port 139/tcp on 192.168.1.3
    Completed Connect Scan at 16:59, 0.78s elapsed (1000 total ports)
    NSE: Script scanning 192.168.1.3.
    Initiating NSE at 16:59
    Completed NSE at 16:59, 0.11s elapsed
    Nmap scan report for 192.168.1.3
    Host is up (0.038s latency).
    Not shown: 996 closed ports
    PORT STATE SERVICE
    135/tcp open msrpc
    139/tcp open netbios-ssn
    445/tcp open microsoft-ds
    3389/tcp open ms-term-serv

    Host script results:
    | smb-check-vulns:
    | MS08-067: NOT VULNERABLE
    | Conficker: Likely CLEAN
    | regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
    | SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)
    | MS06-025: CHECK DISABLED (remove 'safe=1' argument to run) AQUI APARECE QUE PRECIZA DO PARAMETRO.. MAS NO COMANDO SEGUINTE ELE NEM APARECE NADA! POXA! PQ?
    |_ MS07-029: CHECK DISABLED (remove 'safe=1' argument to run)

    NSE: Script Post-scanning.
    Read data files from: /usr/local/bin/../share/nmap
    Nmap done: 1 IP address (1 host up) scanned in 2.21 seconds
    miketrack@bt:~$


    miketrack@bt:~$ nmap -v --script=smb-check-vulns --script-args=unsafe=1 192.168.1.3

    Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-29 16:56 BRT
    NSE: Loaded 1 scripts for scanning.
    NSE: Script Pre-scanning.
    Initiating Ping Scan at 16:56
    Scanning 192.168.1.3 [2 ports]
    Completed Ping Scan at 16:56, 1.10s elapsed (1 total hosts)
    Initiating Parallel DNS resolution of 1 host. at 16:56
    Completed Parallel DNS resolution of 1 host. at 16:56, 0.01s elapsed
    Initiating Connect Scan at 16:56
    Scanning 192.168.1.3 [1000 ports]
    Discovered open port 135/tcp on 192.168.1.3
    Discovered open port 3389/tcp on 192.168.1.3
    Discovered open port 139/tcp on 192.168.1.3
    Discovered open port 445/tcp on 192.168.1.3
    Completed Connect Scan at 16:56, 0.79s elapsed (1000 total ports)
    NSE: Script scanning 192.168.1.3.
    Initiating NSE at 16:56
    Completed NSE at 16:56, 0.14s elapsed
    Nmap scan report for 192.168.1.3
    Host is up (0.044s latency).
    Not shown: 996 closed ports
    PORT STATE SERVICE
    135/tcp open msrpc
    139/tcp open netbios-ssn
    445/tcp open microsoft-ds
    3389/tcp open ms-term-serv

    NSE: Script Post-scanning.
    Read data files from: /usr/local/bin/../share/nmap
    Nmap done: 1 IP address (1 host up) scanned in 2.23 seconds


    estranho ne? comigo da diferente..

    0 0
  • Quote

    • 4. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    mayco mendes de almeida
    mikeitaly
    (usa openSUSE)

    Enviado em 29/09/2011 - 17:02h

    mesmo assim vlw pela atençao ae Pacheco!
    oque vc acha o que poderia ser Pache?

    0 0
  • Quote

    • 5. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    Renato Carneiro Pacheco
    renato_pacheco
    (usa Debian)

    Enviado em 29/09/2011 - 17:10h

    Mistério, kra! O q eu t sugiro é atualizar a versão do nmap (ou instalar uma versão anterior) pra v se dá o msm problema.

    0 0
  • Quote

    • 6. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    mayco mendes de almeida
    mikeitaly
    (usa openSUSE)

    Enviado em 30/09/2011 - 08:07h

    vlw pacheco! vc é o cara! =]

    cara, eu faço faculdade de redes e uso somente backtrack, até deixei ele nos trinks com AWN, Docky, Docky Cairo, Compiz, Emerald, + eu gosto muito de modo texto e vi que no back track inclusive a ultima versao que saio R1 Revolution 1 tudo tem que ser feito na unha, aprendi a instalar nvidia etc.. e eu queria um conselho seu, ja procurei muitas comunidades sobre backtrack mas eu vejo que nao tem muita gente que se dedica sobre essa stupenda distribuiçao.. vc conheçe alguma comunidade ou site a respeito disso? vlw!

    0 0
  • Quote

    • 7. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    Renato Carneiro Pacheco
    renato_pacheco
    (usa Debian)

    Enviado em 30/09/2011 - 09:02h

    Kra, tinha o www.backtrack.com.br, mas não sei pq q o site parou d responder (ou tá fora do ar, sei lá!). O lance é ler em inglês msm:

    http://www.backtrack-linux.org

    Ae tem um monte d coisa. Se vc quiser saber o funcionamento d alguma ferramenta em específico, procure no google sobre ela.

    0 0
  • Quote





    • Patrocínio

    Site hospedado pelo provedor RedeHost.
    Linux banner

    Destaques

    Artigos

    Compartilhando a tela do Computador no Celular via Deskreen

    Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota

    Configuração para desligamento automatizado de Computadores em um Ambiente Comercial

    O mínimo que você precisa saber sobre o terminal (parte 2)

    O mínimo que você precisa saber sobre o terminal (parte 1)

    Dicas

    Como renomear arquivos de letras maiúsculas para minúsculas

    Imprimindo no formato livreto no Linux

    Vim - incrementando números em substituição

    Efeito "livro" em arquivos PDF

    Como resolver o erro no CUPS: Unable to get list of printer drivers

    Tópicos

    Não to conseguindo resolver este problemas ao instalar o playonelinux (1)

    Excluir banco de dados no xampp (1)

    phpmyadmin não abre no xampp (2)

    Ubuntu não sai som (0)

    KeepOS Não consigo usar o comando sudo. (4)

    Top 10 do mês

    Scripts

    [Python] Automação de scan de vulnerabilidades

    [Python] Script para analise de superficie de ataque

    [Shell Script] Novo script para redimensionar, rotacionar, converter e espelhar arquivos de imagem

    [Shell Script] Iniciador de DOOM (DSDA-DOOM, Doom Retro ou Woof!)

    [Shell Script] Script para adicionar bordas às imagens de uma pasta

    A maior comunidade GNU/Linux da América Latina! Artigos, dicas, tutoriais, fórum, scripts e muito mais. Ideal para quem busca auto-ajuda.

    Site hospedado por: