Page 1 of 2 12 LastLast
Results 1 to 10 of 23

Thread: [sugestão] - Ajuda identificar páginas escondidas no router

Hybrid View

  1. #1
    Just burned his ISO BmwStreetRacer's Avatar
    Join Date
    Feb 2010
    Location
    Portugal
    Posts
    15

    Question [sugestão] - Ajuda identificar páginas escondidas no router

    Olá a todos, preciso de uma pequena ajuda com o meu modem/router é um Hitron BVW-3653 fornecido pelo meu ISP, este equipamento tem por defeito 3 contas de utilizador, uma para administração remota, uma de admin e outra que fornecem aos clientes.
    Já consegui eliminar as 2 primeiras mas estou com um problema, o equipamento tem páginas escondidas para aceder às configurações avançadas mas não as consigo descobrir
    Tem maneira de descobrir quais são?

    Obrigado pela ajuda

  2. #2
    Moderator firebits's Avatar
    Join Date
    Mar 2010
    Location
    Brazil
    Posts
    353

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Bom. Isso não tem muito haver com o Backtrack 4. Tá mais para segurança e monitoramento, do que pentest (Backtrack 4).
    Mas você pode usar o Backtrack para isso também. No caso, você pode tentar fazer um portscan ou uma scanning por vulnerabilidades. Se você detectar com o firwmare ser um linux, por exemplo, talvez você consegui conectar por ssh e putty e ter acesso interno ao router, nas profundezas do firmware instalado e rodando. De lá você consegue dar comandos de linux, por exemplo, explorar os processos /proc.

    Fiz isso nesta dica no site Viva o Linux - A maior comunidade Linux da Am

    e Adicionei um post agora em:

    http://www.backtrack-linux.org/forum...via-putty.html
    Last edited by firebits; 05-02-2010 at 03:33 PM.

  3. #3
    Just burned his ISO BmwStreetRacer's Avatar
    Join Date
    Feb 2010
    Location
    Portugal
    Posts
    15

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Obrigado mas o problema é mesmo pentest, o router corre sobre bsd, com plantaforma desenvolvida pela Jungo, o SSH e o Telnet fazem parte do S.O. mas não estão activos.
    Já tentei o teu tutorial para usar o Hydra a tentar descobrir a pass do user remoto, mas sem exito.
    Já tentei executar
    Code:
    wget -r 192.168.1.1
    depois de me logar no equipamento mas apenas me faz o download da pagina de login.
    O interface de admin é parece-me que é Ajax, haverá algum exploit CGI para aceder ao que não se vê?


    Mais uma vez obrigado

  4. #4
    Moderator firebits's Avatar
    Join Date
    Mar 2010
    Location
    Brazil
    Posts
    353

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Faz um portscan com NMAP e posta aqui o fingerprint.

    Podemos tentar ver o que esta executando.

  5. #5
    Just burned his ISO BmwStreetRacer's Avatar
    Join Date
    Feb 2010
    Location
    Portugal
    Posts
    15

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Isto é o que aparece:
    Code:
    root@bt:~# nmap -v -A 192.168.1.1
    
    Starting Nmap 5.00 ( http://nmap.org ) at 2010-05-02 23:10 WEST
    NSE: Loaded 30 scripts for scanning.
    Initiating ARP Ping Scan at 23:10
    Scanning 192.168.1.1 [1 port]
    Completed ARP Ping Scan at 23:10, 0.01s elapsed (1 total hosts)
    Initiating Parallel DNS resolution of 1 host. at 23:10
    Completed Parallel DNS resolution of 1 host. at 23:10, 0.01s elapsed
    Initiating SYN Stealth Scan at 23:10
    Scanning zonhub.home (192.168.1.1) [1000 ports]
    Discovered open port 80/tcp on 192.168.1.1
    Discovered open port 445/tcp on 192.168.1.1
    Discovered open port 443/tcp on 192.168.1.1
    Discovered open port 8080/tcp on 192.168.1.1
    Discovered open port 139/tcp on 192.168.1.1
    Discovered open port 5000/tcp on 192.168.1.1
    Discovered open port 8443/tcp on 192.168.1.1
    Completed SYN Stealth Scan at 23:10, 6.09s elapsed (1000 total ports)
    Initiating Service scan at 23:10
    Scanning 7 services on zonhub.home (192.168.1.1)
    Completed Service scan at 23:10, 27.85s elapsed (7 services on 1 host)
    Initiating OS detection (try #1) against zonhub.home (192.168.1.1)
    NSE: Script scanning 192.168.1.1.
    NSE: Starting runlevel 1 scan
    Initiating NSE at 23:10
    Completed NSE at 23:10, 0.81s elapsed
    NSE: Starting runlevel 2 scan
    Initiating NSE at 23:10
    Completed NSE at 23:10, 10.06s elapsed
    NSE: Script Scanning completed.
    Host zonhub.home (192.168.1.1) is up (0.0035s latency).
    Interesting ports on zonhub.home (192.168.1.1):
    Not shown: 993 closed ports
    PORT     STATE SERVICE        VERSION
    80/tcp   open  http?
    |_ html-title: Consola de gest\xC3\xA3o do ZON HUB
    139/tcp  open  netbios-ssn    Samba smbd 3.X (workgroup: HOME)
    443/tcp  open  ssl/https?
    |_ sslv2: server still supports SSLv2
    |_ html-title: Consola de gest\xC3\xA3o do ZON HUB
    445/tcp  open  netbios-ssn    Samba smbd 3.X (workgroup: HOME)
    5000/tcp open  upnp?
    8080/tcp open  http-proxy?
    8443/tcp open  ssl/https-alt?
    |_ sslv2: server still supports SSLv2
    |_ html-title: Consola de gest\xC3\xA3o do ZON HUB
    5 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
    ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
    SF-Port80-TCP:V=5.00%I=7%D=5/2%Time=4BDDF84B%P=i686-pc-linux-gnu%r(GetRequ
    SF:est,2AA7,"HTTP/1\.0\x20200\x20OK\r\nContent-Type:\x20text/html\r\nSet-C
    SF:ookie:\x20rg_cookie_session_id=1296481755;\x20path=/;\x20expires=Fri,\x
    SF:2001\x20Jan\x202038\x2000:00:00\x20GMT\r\nCache-Control:\x20no-cache,no
    SF:-store\r\nPragma:\x20no-cache\r\nExpires:\x20Sun,\x2002\x20May\x202010\
    SF:x2022:10:19\x20GMT\r\nDate:\x20Sun,\x2002\x20May\x202010\x2022:10:19\x2
    SF:0GMT\r\nAccept-Ranges:\x20bytes\r\nConnection:\x20close\r\nP3P:\x20CP=\
    SF:"NOI\x20NID\x20ADMa\x20OUR\x20LEG\x20DSP\x20COR\"\r\n\r\n<!---\x20Page\
    SF:(page_wl_mgt_blocked\)=\[\]\x20---><HTML><HEAD><META\x20HTTP-EQUIV=\"Co
    SF:ntent-Type\"\x20CONTENT=\"text/html;\x20charset=UTF-8\"><META\x20HTTP-E
    SF:QUIV=\"EXPIRES\"\x20CONTENT=\"Sun,\x2002\x20May\x202010\x2022:10:19\x20
    SF:GMT\"><META\x20HTTP-EQUIV=\"CACHE-CONTROL\"\x20CONTENT=\"NO-CACHE\"><ME
    SF:TA\x20HTTP-EQUIV=\"PRAGMA\"\x20CONTENT=\"NO-CACHE\"><META\x20HTTP-EQUIV
    SF:=\"Page-Enter\"\x20CONTENT=\"blendTrans\(Duration=0\.3\)\"><META\x20HTT
    SF:P-EQUIV=\"Page-Exit\"\x20CONTENT=\"blendTrans\(Duration=0\.3\)\"><link\
    SF:x20rel=\"shortcut\x20icon\"\x20href=\"images/zon_favicon\.ico\"\x20type
    SF:=\"image/x-icon\"><TITLE>Consola\x20de\x20gest\xc3\xa3o\x20do\x20ZON\x2
    SF:0HUB</TITLE><STYLE\x20type=\"text/css\">")%r(HTTPOptions,19A,"HTTP/1\.0
    SF:\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/html\r\nCache-Co
    SF:ntrol:\x20public,max-age=8640\r\nPragma:\x20cache\r\nExpires:\x20Sun,\x
    SF:2002\x20May\x202010\x2022:40:19\x20GMT\r\nDate:\x20Sun,\x2002\x20May\x2
    SF:02010\x2022:10:19\x20GMT\r\nLast-Modified:\x20Sun,\x2002\x20May\x202010
    SF:\x2022:10:19\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnection:\x20close\
    SF:r\n\r\n<html>\n<head>\n\x20\x20<title>501\x20Not\x20Implemented</title>
    SF:\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h2>501\x20Not\x20Impl
    SF:emented<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n")%r(RTSPRequest,
    SF:19A,"HTTP/1\.0\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/ht
    SF:ml\r\nCache-Control:\x20public,max-age=8640\r\nPragma:\x20cache\r\nExpi
    SF:res:\x20Sun,\x2002\x20May\x202010\x2022:40:19\x20GMT\r\nDate:\x20Sun,\x
    SF:2002\x20May\x202010\x2022:10:19\x20GMT\r\nLast-Modified:\x20Sun,\x2002\
    SF:x20May\x202010\x2022:10:19\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnect
    SF:ion:\x20close\r\n\r\n<html>\n<head>\n\x20\x20<title>501\x20Not\x20Imple
    SF:mented</title>\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h2>501\
    SF:x20Not\x20Implemented<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n");
    Continua...

  6. #6
    Just burned his ISO BmwStreetRacer's Avatar
    Join Date
    Feb 2010
    Location
    Portugal
    Posts
    15

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Code:
    ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
    SF-Port443-TCP:V=5.00%T=SSL%I=7%D=5/2%Time=4BDDF852%P=i686-pc-linux-gnu%r(
    SF:GetRequest,2AA6,"HTTP/1\.0\x20200\x20OK\r\nContent-Type:\x20text/html\r
    SF:\nSet-Cookie:\x20rg_cookie_session_id=996312737;\x20path=/;\x20expires=
    SF:Fri,\x2001\x20Jan\x202038\x2000:00:00\x20GMT\r\nCache-Control:\x20no-ca
    SF:che,no-store\r\nPragma:\x20no-cache\r\nExpires:\x20Sun,\x2002\x20May\x2
    SF:02010\x2022:10:26\x20GMT\r\nDate:\x20Sun,\x2002\x20May\x202010\x2022:10
    SF::26\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnection:\x20close\r\nP3P:\x
    SF:20CP=\"NOI\x20NID\x20ADMa\x20OUR\x20LEG\x20DSP\x20COR\"\r\n\r\n<!---\x2
    SF:0Page\(page_wl_mgt_blocked\)=\[\]\x20---><HTML><HEAD><META\x20HTTP-EQUI
    SF:V=\"Content-Type\"\x20CONTENT=\"text/html;\x20charset=UTF-8\"><META\x20
    SF:HTTP-EQUIV=\"EXPIRES\"\x20CONTENT=\"Sun,\x2002\x20May\x202010\x2022:10:
    SF:26\x20GMT\"><META\x20HTTP-EQUIV=\"CACHE-CONTROL\"\x20CONTENT=\"NO-CACHE
    SF:\"><META\x20HTTP-EQUIV=\"PRAGMA\"\x20CONTENT=\"NO-CACHE\"><META\x20HTTP
    SF:-EQUIV=\"Page-Enter\"\x20CONTENT=\"blendTrans\(Duration=0\.3\)\"><META\
    SF:x20HTTP-EQUIV=\"Page-Exit\"\x20CONTENT=\"blendTrans\(Duration=0\.3\)\">
    SF:<link\x20rel=\"shortcut\x20icon\"\x20href=\"images/zon_favicon\.ico\"\x
    SF:20type=\"image/x-icon\"><TITLE>Consola\x20de\x20gest\xc3\xa3o\x20do\x20
    SF:ZON\x20HUB</TITLE><STYLE\x20type=\"text/css\">\n")%r(GenericLines,18E,"
    SF:HTTP/1\.0\x20400\x20Bad\x20Request\r\nContent-Type:\x20text/html\r\nCac
    SF:he-Control:\x20public,max-age=8640\r\nPragma:\x20cache\r\nExpires:\x20S
    SF:un,\x2002\x20May\x202010\x2022:40:26\x20GMT\r\nDate:\x20Sun,\x2002\x20M
    SF:ay\x202010\x2022:10:26\x20GMT\r\nLast-Modified:\x20Sun,\x2002\x20May\x2
    SF:02010\x2022:10:26\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnection:\x20c
    SF:lose\r\n\r\n<html>\n<head>\n\x20\x20<title>400\x20Bad\x20Request</title
    SF:>\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h2>400\x20Bad\x20Req
    SF:uest<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n")%r(HTTPOptions,19A
    SF:,"HTTP/1\.0\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/html\
    SF:r\nCache-Control:\x20public,max-age=8640\r\nPragma:\x20cache\r\nExpires
    SF::\x20Sun,\x2002\x20May\x202010\x2022:40:26\x20GMT\r\nDate:\x20Sun,\x200
    SF:2\x20May\x202010\x2022:10:26\x20GMT\r\nLast-Modified:\x20Sun,\x2002\x20
    SF:May\x202010\x2022:10:26\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnection
    SF::\x20close\r\n\r\n<html>\n<head>\n\x20\x20<title>501\x20Not\x20Implemen
    SF:ted</title>\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h2>501\x20
    SF:Not\x20Implemented<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n");

  7. #7
    Just burned his ISO BmwStreetRacer's Avatar
    Join Date
    Feb 2010
    Location
    Portugal
    Posts
    15

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Code:
    ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
    SF-Port8080-TCP:V=5.00%I=7%D=5/2%Time=4BDDF84C%P=i686-pc-linux-gnu%r(GetRe
    SF:quest,21F0,"HTTP/1\.0\x20200\x20OK\r\nContent-Type:\x20text/html\r\nSet
    SF:-Cookie:\x20rg_cookie_session_id=1237308872;\x20path=/;\x20expires=Fri,
    SF:\x2001\x20Jan\x202038\x2000:00:00\x20GMT\r\nCache-Control:\x20no-cache,
    SF:no-store\r\nPragma:\x20no-cache\r\nExpires:\x20Sun,\x2002\x20May\x20201
    SF:0\x2022:10:19\x20GMT\r\nDate:\x20Sun,\x2002\x20May\x202010\x2022:10:19\
    SF:x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnection:\x20close\r\nP3P:\x20CP
    SF:=\"NOI\x20NID\x20ADMa\x20OUR\x20LEG\x20DSP\x20COR\"\r\n\r\n<!---\x20Pag
    SF:e\(page_wl_mgt_blocked\)=\[\]\x20---><HTML><HEAD><META\x20HTTP-EQUIV=\"
    SF:Content-Type\"\x20CONTENT=\"text/html;\x20charset=UTF-8\"><META\x20HTTP
    SF:-EQUIV=\"EXPIRES\"\x20CONTENT=\"Sun,\x2002\x20May\x202010\x2022:10:19\x
    SF:20GMT\"><META\x20HTTP-EQUIV=\"CACHE-CONTROL\"\x20CONTENT=\"NO-CACHE\"><
    SF:META\x20HTTP-EQUIV=\"PRAGMA\"\x20CONTENT=\"NO-CACHE\"><META\x20HTTP-EQU
    SF:IV=\"Page-Enter\"\x20CONTENT=\"blendTrans\(Duration=0\.3\)\"><META\x20H
    SF:TTP-EQUIV=\"Page-Exit\"\x20CONTENT=\"blendTrans\(Duration=0\.3\)\"><lin
    SF:k\x20rel=\"shortcut\x20icon\"\x20href=\"images/zon_favicon\.ico\"\x20ty
    SF:pe=\"image/x-icon\"><TITLE>Consola\x20de\x20gest\xc3\xa3o\x20do\x20ZON\
    SF:x20HUB</TITLE><STYLE\x20type=\"text/css\">")%r(HTTPOptions,19A,"HTTP/1\
    SF:.0\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/html\r\nCache-
    SF:Control:\x20public,max-age=8640\r\nPragma:\x20cache\r\nExpires:\x20Sun,
    SF:\x2002\x20May\x202010\x2022:40:20\x20GMT\r\nDate:\x20Sun,\x2002\x20May\
    SF:x202010\x2022:10:20\x20GMT\r\nLast-Modified:\x20Sun,\x2002\x20May\x2020
    SF:10\x2022:10:20\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnection:\x20clos
    SF:e\r\n\r\n<html>\n<head>\n\x20\x20<title>501\x20Not\x20Implemented</titl
    SF:e>\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h2>501\x20Not\x20Im
    SF:plemented<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n")%r(RTSPReques
    SF:t,19A,"HTTP/1\.0\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/
    SF:html\r\nCache-Control:\x20public,max-age=8640\r\nPragma:\x20cache\r\nEx
    SF:pires:\x20Sun,\x2002\x20May\x202010\x2022:40:20\x20GMT\r\nDate:\x20Sun,
    SF:\x2002\x20May\x202010\x2022:10:20\x20GMT\r\nLast-Modified:\x20Sun,\x200
    SF:2\x20May\x202010\x2022:10:20\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConne
    SF:ction:\x20close\r\n\r\n<html>\n<head>\n\x20\x20<title>501\x20Not\x20Imp
    SF:lemented</title>\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h2>50
    SF:1\x20Not\x20Implemented<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n"
    SF:);

  8. #8
    Just burned his ISO BmwStreetRacer's Avatar
    Join Date
    Feb 2010
    Location
    Portugal
    Posts
    15

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Code:
    ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
    SF-Port8443-TCP:V=5.00%T=SSL%I=7%D=5/2%Time=4BDDF85E%P=i686-pc-linux-gnu%r
    SF:(GenericLines,18E,"HTTP/1\.0\x20400\x20Bad\x20Request\r\nContent-Type:\
    SF:x20text/html\r\nCache-Control:\x20public,max-age=8640\r\nPragma:\x20cac
    SF:he\r\nExpires:\x20Sun,\x2002\x20May\x202010\x2022:40:38\x20GMT\r\nDate:
    SF:\x20Sun,\x2002\x20May\x202010\x2022:10:38\x20GMT\r\nLast-Modified:\x20S
    SF:un,\x2002\x20May\x202010\x2022:10:38\x20GMT\r\nAccept-Ranges:\x20bytes\
    SF:r\nConnection:\x20close\r\n\r\n<html>\n<head>\n\x20\x20<title>400\x20Ba
    SF:d\x20Request</title>\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h
    SF:2>400\x20Bad\x20Request<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n"
    SF:)%r(GetRequest,2AA6,"HTTP/1\.0\x20200\x20OK\r\nContent-Type:\x20text/ht
    SF:ml\r\nSet-Cookie:\x20rg_cookie_session_id=718573960;\x20path=/;\x20expi
    SF:res=Fri,\x2001\x20Jan\x202038\x2000:00:00\x20GMT\r\nCache-Control:\x20n
    SF:o-cache,no-store\r\nPragma:\x20no-cache\r\nExpires:\x20Sun,\x2002\x20Ma
    SF:y\x202010\x2022:10:38\x20GMT\r\nDate:\x20Sun,\x2002\x20May\x202010\x202
    SF:2:10:38\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnection:\x20close\r\nP3
    SF:P:\x20CP=\"NOI\x20NID\x20ADMa\x20OUR\x20LEG\x20DSP\x20COR\"\r\n\r\n<!--
    SF:-\x20Page\(page_wl_mgt_blocked\)=\[\]\x20---><HTML><HEAD><META\x20HTTP-
    SF:EQUIV=\"Content-Type\"\x20CONTENT=\"text/html;\x20charset=UTF-8\"><META
    SF:\x20HTTP-EQUIV=\"EXPIRES\"\x20CONTENT=\"Sun,\x2002\x20May\x202010\x2022
    SF::10:38\x20GMT\"><META\x20HTTP-EQUIV=\"CACHE-CONTROL\"\x20CONTENT=\"NO-C
    SF:ACHE\"><META\x20HTTP-EQUIV=\"PRAGMA\"\x20CONTENT=\"NO-CACHE\"><META\x20
    SF:HTTP-EQUIV=\"Page-Enter\"\x20CONTENT=\"blendTrans\(Duration=0\.3\)\"><M
    SF:ETA\x20HTTP-EQUIV=\"Page-Exit\"\x20CONTENT=\"blendTrans\(Duration=0\.3\
    SF:)\"><link\x20rel=\"shortcut\x20icon\"\x20href=\"images/zon_favicon\.ico
    SF:\"\x20type=\"image/x-icon\"><TITLE>Consola\x20de\x20gest\xc3\xa3o\x20do
    SF:\x20ZON\x20HUB</TITLE><STYLE\x20type=\"text/css\">\n")%r(HTTPOptions,19
    SF:A,"HTTP/1\.0\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/html
    SF:\r\nCache-Control:\x20public,max-age=8640\r\nPragma:\x20cache\r\nExpire
    SF:s:\x20Sun,\x2002\x20May\x202010\x2022:40:38\x20GMT\r\nDate:\x20Sun,\x20
    SF:02\x20May\x202010\x2022:10:38\x20GMT\r\nLast-Modified:\x20Sun,\x2002\x2
    SF:0May\x202010\x2022:10:38\x20GMT\r\nAccept-Ranges:\x20bytes\r\nConnectio
    SF:n:\x20close\r\n\r\n<html>\n<head>\n\x20\x20<title>501\x20Not\x20Impleme
    SF:nted</title>\n</head>\n<body\x20bgcolor=\"ffffff\">\n\x20\x20<h2>501\x2
    SF:0Not\x20Implemented<h2>\n\x20\x20<p>\n\x20\x20\n</body>\n</html>\n");
    MAC Address: 00:05:CA:87:B2:45 (Hitron Technology)
    Device type: general purpose
    Running: Linux 2.6.X
    OS details: Linux 2.6.9 - 2.6.28
    Uptime guess: 1.330 days (since Sat May  1 15:15:20 2010)
    Network Distance: 1 hop
    TCP Sequence Prediction: Difficulty=198 (Good luck!)
    IP ID Sequence Generation: All zeros
    
    Host script results:
    |  nbstat: NetBIOS name: ZONDRIVE, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
    |  Name: ZONDRIVE<00>         Flags: <unique><active>
    |  Name: ZONDRIVE<03>         Flags: <unique><active>
    |  Name: ZONDRIVE<20>         Flags: <unique><active>
    |  Name: \x01\x02__MSBROWSE__\x02<01>  Flags: <group><active>
    |  Name: HOME<1d>             Flags: <unique><active>
    |  Name: HOME<1e>             Flags: <group><active>
    |_ Name: HOME<00>             Flags: <group><active>
    |  smb-os-discovery: Unix
    |  LAN Manager: Samba 3.0.28
    |  Name: HOME\Unknown
    |_ System time: 2010-05-02 23:10:43 UTC+0
    
    Read data files from: /usr/share/nmap
    OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up) scanned in 47.53 seconds
               Raw packets sent: 1135 (50.700KB) | Rcvd: 1123 (45.660KB)
    Será que dá para passar por cima das restriçoes?

    Obrigado!

  9. #9
    Moderator firebits's Avatar
    Join Date
    Mar 2010
    Location
    Brazil
    Posts
    353

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    No começo do seu fingerprint aparece:

    SF-Port80-TCP:V=5.00%I=7%D=5/2%Time=4BDDF84B%P=i686-pc-linux-gnu%r(GetRequ
    SF:est,2AA7,"HTTP/1\.0\x20200\x20OK\r\nContent-Type:

    e depois mais abaixo:

    Running: Linux 2.6.X
    OS details: Linux 2.6.9 - 2.6.28

    Se o fingerprint não estiver errado, consideramos que é um linux.

    As seguintes portas estão abertas:

    80/tcp open http?
    |_ html-title: Consola de gest\xC3\xA3o do ZON HUB
    139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)
    443/tcp open ssl/https?
    |_ sslv2: server still supports SSLv2
    |_ html-title: Consola de gest\xC3\xA3o do ZON HUB
    445/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)
    5000/tcp open upnp?
    8080/tcp open http-proxy?
    8443/tcp open ssl/https-alt?


    Por padrão, SSH está na 22, que não está sendo usada/aberta no momento. Talvez o serviço de SSH não esteja rodando ou não nessa porta.

    Repare, que por exemplo:

    80/tcp open http?

    Há uma interrogação na frente do http, (http?), isso que dizer que o NMAP não detectou 100% que aquele serviço é por exemplo HTTP ou há mais de um serviço que pode talvez executar nesta porta. Então ele fica com dúvida, será que é fulano ou siclano, dono do serviço dessa porta?

    A única que ele deu certeza é daemon do Samba, em:

    139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)

    Não aparece interrogação.

    Você já tentou conectar por putty, no serviço SSH, por tentativa sabendo que pode nem ser este serviço?

    Eu perguntando, para nós esclarecermos todas as possibilidades, por SSH.

    Senão der certo, posta aqui de novo.

    Tenho outras idéias.

  10. #10
    Just burned his ISO BmwStreetRacer's Avatar
    Join Date
    Feb 2010
    Location
    Portugal
    Posts
    15

    Default re: [sugestão] - Ajuda identificar páginas escondidas no router

    Oi, estou a tentar entrar via SSH e Telnet em todas as portas marcadas como funcionais mas obtenho sempre a mesma resposta " Server Unexpectedly Closed Network Connection".
    Obtenho isto tanto no putty como na consola


    Obrigado pela paciencia

Page 1 of 2 12 LastLast

Similar Threads

  1. [solicitação] Movendo os topicos [Moderadores]
    By Bhior in forum Duvidas Gerais
    Replies: 3
    Last Post: 08-07-2010, 06:53 PM
  2. [FAQ] - Quais são as formas de se obter ajuda?
    By santiagocyl in forum Iniciantes
    Replies: 0
    Last Post: 06-24-2010, 10:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •