IP port scanning
IP port scanning
What do you do after you find an open port?
Depends on what is listening on the port and what your intentions are, but i will assume you are up to no good.
For example if you find an open port like 21 it's almost always an FTP server thats listening for connections, now you can scan it for vulnerabilities or you can check the version/developer of the server and google for vulnerabilities. there is also a possibility that you can "Brute force" the server but thats like spitting a hole through the Chinese wall.
So the short answer would be to check whats listening and find a vulnerability to use.
For example if you find an open port like 21 it's almost always an FTP server thats listening for connections, now you can scan it for vulnerabilities or you can check the version/developer of the server and google for vulnerabilities. there is also a possibility that you can "Brute force" the server but thats like spitting a hole through the Chinese wall.
So the short answer would be to check whats listening and find a vulnerability to use.
"The best place to hide a tree, is in a forest"
If you find an open port. What type of tool do you use to scan for vulnerabilites? Do you still use a port scanner?
And about doing something bad, I wouldn't aggree. I have no inclination to get in trouble. I just want to learn. I would go to free hack sites, and ask my friends for permission to try and get in there pc.
And about doing something bad, I wouldn't aggree. I have no inclination to get in trouble. I just want to learn. I would go to free hack sites, and ask my friends for permission to try and get in there pc.
-
- cyber messiah
- Posts: 1201
- Joined: 30 Apr 2006, 16:00
- 17
- Location: 127.0.0.1
When you find an open port you need to get more information, find out what type of service it is running, what OS the server is running, then search for vulnerabilities in that service/OS combination, search securityfocus, try different network scanners/security tools, try fuzzers.
Thats something basic, when you go to more 'advanced' level you look for new unknown vulnerabilities, once you find it vulnerable look for the exploit, best places to get 0day exploits are irc chat rooms, the exploits available on the internet are mostly harmless and merely a POCs(proof of concept), if you know a little socket programming try to code your own(they work best).
bruteforcing is mostly useful if your friend has challenged you to hack him or you're from a terrorist country(lmao), its like blowing the walls with TNT and getting in, everyone would know....
Thats something basic, when you go to more 'advanced' level you look for new unknown vulnerabilities, once you find it vulnerable look for the exploit, best places to get 0day exploits are irc chat rooms, the exploits available on the internet are mostly harmless and merely a POCs(proof of concept), if you know a little socket programming try to code your own(they work best).
bruteforcing is mostly useful if your friend has challenged you to hack him or you're from a terrorist country(lmao), its like blowing the walls with TNT and getting in, everyone would know....
-
- cyber messiah
- Posts: 1201
- Joined: 30 Apr 2006, 16:00
- 17
- Location: 127.0.0.1
hmm using exploits when you dont know exactly what you're doing can be dangerous, you may use if from packetstorm but the guys at irc can be really friendly or can be real assholes so be nice to them and they hate n00bs, i m not talking about suck-o irc though, but be careful as you know you can easily get your hands burnt while playing with fire...
regarding brute forcers, check the downloads i m not sure, but you know life is not difficult at all in this google world.
Befriend google, you'll be posting answers instead of queries...
regarding brute forcers, check the downloads i m not sure, but you know life is not difficult at all in this google world.
Befriend google, you'll be posting answers instead of queries...