Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   What a hacker may do after this NMap scan??? (http://www.go4expert.com/forums/hacker-nmap-scan-t1116/)

cyberquest 3Aug2006 14:10

What a hacker may do after this NMap scan???
 
Interesting ports on xxx.xxx.xxx.xxx (This is the IP address of course):
Not shown: 1654 closed ports
PORT STATE SERVICE
25/tcp open smtp
42/tcp open nameserver
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
110/tcp open pop3
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
443/tcp open https
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
691/tcp open resvc
995/tcp open pop3s
1026/tcp open LSA-or-nterm
1029/tcp open ms-lsa
1720/tcp filtered H.323/Q.931
2105/tcp open eklogin
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3389/tcp open ms-term-serv
5631/tcp open pcanywheredata
6001/tcp open X11:1
6002/tcp open X11:2
Nmap finished: 1 IP address (1 host up) scanned in 18.578 seconds

cyberquest 3Aug2006 14:11

Re: What a hacker may do after this NMap scan???
 
The question I am about to ask is for educational purpose. I would like to know after the attacker scan

with NMap on a targeted host... what can he do with a Windows XP OS???

Interesting ports on xxx.xxx.xxx.xxx (This is the IP address of course):
Not shown: 1654 closed ports
PORT STATE SERVICE
25/tcp open smtp
42/tcp open nameserver
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
110/tcp open pop3
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
443/tcp open https
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
691/tcp open resvc
995/tcp open pop3s
1026/tcp open LSA-or-nterm
1029/tcp open ms-lsa
1720/tcp filtered H.323/Q.931
2105/tcp open eklogin
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3389/tcp open ms-term-serv
5631/tcp open pcanywheredata
6001/tcp open X11:1
6002/tcp open X11:2
Nmap finished: 1 IP address (1 host up) scanned in 18.578 seconds

I hope this can be a long thread bcoz there are so many ports available in this scan. And pls feel free

to comment. I am a total newbie... Any help will truly be appreciated.

Xerei 9Jun2010 00:20

Re: What a hacker may do after this NMap scan???
 
first you want an internet browser to connect to the different ports and EVENTUALLY find info:
xxx.xxx.xxx.xxx: (port) example:
111.111.111.111:3306
but since you have this many ports you may want to check if it's an old server:
111.111.111.111/index/somethingthatdoesnotexist
some servers gives you info that way
You can also try using telnet to connect to each port:
telnet target.com port
note that there's a space between target and port.
Sometimes that gives you information.
once you got some information about it's hosting tools you can go to milw0rm.com or inj3ct0r.com and find an exploit for that hosting program they use (if any).
You can also try bruteforcing passwords for the system (which is easy to catch, and they may have a time-limit for log-ins.
You may also want to try different SQL injection attacks and XSS (lots of sites are vulnerable to those)
try those, should do it...
oh, and windows is bad, try Linux.. and remember: cracking is bad, hacking is good.


All times are GMT +5.5. The time now is 00:19.