Hi, i'm trying to exploit a server but i haven't gone far.I scanned it and these are the results:
_____________________________________________________________
21 File Transfer [Control]
22 SSH Remote Login Protocol
25 Simple Mail Transfer
53 Domain Name Server
80 World Wide Web HTTP
81 HOSTS2 Name Server
110 Post Office Protocol - Version 3
119 Network News Transfer Protocol
143 Internet Message Access Protocol
443 HTTP protocol over TLS/SSL
465 SMTPS
563 nntp protocol over TLS/SSL
1080 Socks
3128 Squid HTTP Proxy
3306 MySQL
8000 HTTP/iRDMI
8080 HTTP / HTTP Proxy
8888 NewsEDGE server TCP / AnswerBook2
TCP Port Banner
21
File Transfer [Control]
220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 10:53. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
--> USER anonymous
530 This is a private system - No anonymous login
--> PASS anon@anon.com
[Connection closed by remote host]
22
SSH Remote Login Protocol
SSH-1.99-OpenSSH_3.9p1
25
Simple Mail Transfer
220-removed by b_b ESMTP Exim 4.52 #1 Wed, 03 Jan 2007 10:53:35 +0000
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
--> HELO anon.com
250 removed by b_b Hello anon.com [62.162.184.216]
--> HELP
214-Commands supported:
214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
80
World Wide Web HTTP
HTTP/1.1 200 OK
Date: Wed, 03 Jan 2007 10:53:33 GMT
Server: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2
mod_bwlimited/1.4 PHP/4.4.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28
OpenSSL/0.9.7a
Last-Modified: Thu, 20 Jul 2006 22:10:04 GMT
ETag: "36804a-81-44bfff3c"
Accept-Ranges: bytes
Content-Length: 129
Connection: close
Content-Type: text/html
110
Post Office Protocol - Version 3
+OK Hello there.
--> USER root
+OK Password required.
--> PASS password
-ERR Login failed.
143
Internet Message Access Protocol
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT
THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready.
Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution
information.
3306
MySQL
G....j.Host '62.162.184.216' is not allowed to connect to this MySQL server
_____________________________________________________________
Can anyone tell me what can i do with this server or what can i exploit?
Need a litle help exploiting
- accelerator_dd
- Newbie
- Posts: 2
- Joined: 17 Aug 2006, 16:00
- 17
This
I'm trying to hack the server, there's a site on it that i want to put down. I got this info with SuperScan. What should i do next?
-
- Fame ! Where are the chicks?!
- Posts: 412
- Joined: 03 May 2006, 16:00
- 17
- Location: United States Of America
- Contact:
Sorry Can't Help You If I Did I'd Be Breaking The Rules.
3. No explicit questions, such as 'can someone hack www.somesite.com' or 'how do i hack www.blah.com', etc. We are not here to do work for you, but to help you on your way to learn how to do it yourself. Nor do we support the defacing, or hacking of websites.
3. No explicit questions, such as 'can someone hack www.somesite.com' or 'how do i hack www.blah.com', etc. We are not here to do work for you, but to help you on your way to learn how to do it yourself. Nor do we support the defacing, or hacking of websites.
If Man Made It Man Can Crack Or Hack It & If You Want To Be A True Hacker You Need To Keep Your Mind Open And Always Be Willing To Learn
[img]http://img384.imageshack.us/img384/9996/chaos19862ub.png[/img]
[img]http://img384.imageshack.us/img384/9996/chaos19862ub.png[/img]
- bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
read the forum rules before posting....man, even the description of the hacking board says "no explicit questions"....
and if you really don't know what to do next I recommend to keep away from any hacking attempts because you will get caught.
but well, because I am a nice guy I will give you a hint before locking this thread:
what you need are the version infos of the services and look for available exploits on the usual sites like packetstormsecurity.org or milw0rm.com....but I can tell you already that it will be very hard, the services seem to be up to date, points to a good admin....another reason to keep your hands off this server if you don't want to end up dancing with a knotted shirt in front of big hairy guys which call you "pony"..
and if you really don't know what to do next I recommend to keep away from any hacking attempts because you will get caught.
but well, because I am a nice guy I will give you a hint before locking this thread:
what you need are the version infos of the services and look for available exploits on the usual sites like packetstormsecurity.org or milw0rm.com....but I can tell you already that it will be very hard, the services seem to be up to date, points to a good admin....another reason to keep your hands off this server if you don't want to end up dancing with a knotted shirt in front of big hairy guys which call you "pony"..