scanline

For beginners, flames not allowed...(just by the staff :P)
Post Reply
User avatar
slipparse
On the way to fame!
On the way to fame!
Posts: 31
Joined: 11 Jul 2005, 16:00
15

scanline

Post by slipparse »

I have been using this programm to check my scan results for vulnerabilities. The process itself runs very fine and it does what needs to be done thanks to the command below
sl -bhpt 3306 -f sfind.txt -o vuln.txt
My problem is I can't interprete my results. Which are vulnerable and which not? for example this one below: is it vulnerable?

-------------------------------------------------------------------------------
xx.xxx.xxx.xxx
Responds with ICMP unreachable: No
TCP ports: 10000


TCP 10000:
[$ C Y]

-----------------------------------------------------------------------------

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11566
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

hm, the only thing it says is that the box isn´t blocking pings... :?

User avatar
slipparse
On the way to fame!
On the way to fame!
Posts: 31
Joined: 11 Jul 2005, 16:00
15

Post by slipparse »

hmm... that's quite disappointing :cry:

to be honest I don't understand much about grabbing banners... It's very interesting to have more information about the scanned ip (like the running OS, ....) At the other hand I don't know how this information can be vital to know if the ip is vulnerable or not....

this attempt below to get a banner seems to have been successful... but how can I see if it's vulnerable or not?

-------------------------------------------------------------------------------
xx.xxx.xxx.xx
Responds with ICMP unreachable: No
TCP ports: 10000


TCP 10000:
[HTTP/1.1 200 OK Date: Fri, 02 Sep 2005 14:13:30 GMT Server: Apache/2.0.40 (Red Hat Linux) Accept-Ranges: bytes X-Powered-By: PHP/4.2.2 Content-Length: 108295]

-------------------------------------------------------------------------------

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11566
Joined: 06 Apr 2005, 16:00
16
Location: The zone.
Contact:

Post by bad_brain »

to make it short: you can´t see it this way... :wink:

when you have gathered informations like the used OS you have to look for known vulnerabilities by yourself. there are vulnerability scanners like the Attack Toolkit (you can get it in the dl-section), but how good these tools are depends on how up-to-date the vulnerability databases they use are.
when a vulnerability is found you have to find the exploit on one of the usual sites like packetstormsecurity or milw0rm.... :wink:

User avatar
slipparse
On the way to fame!
On the way to fame!
Posts: 31
Joined: 11 Jul 2005, 16:00
15

Post by slipparse »

ow, I have always thought that scanline is a vulnerability scanner itself.... :?:

cheers for the useful reply tho. At least now I know that I must not be looking for answers in my scanline results....

my main problem is that I have this veritas exploit and now I am looking for some vulnerable targets. I will keep on searching but something says me it's not going to be easy to find what I am after. I checked that "attack toolkit' from the download section but I am afraid it won't do the job.

Post Reply