Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: nmap and windows xp sp3 in virtualbox

  1. #11
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by Mito125 View Post
    Can I conclude that when the firewall block connection I can not exploit the machine?
    Thank you all.
    You could probably conclude that. You can also probably conclude that you don't have a clue what you are doing, and are probably trying to do something as others have already stated you should not be doing and we are not really going to help you.
    Again read and learn how Networks, TCP/IP, and firewalls work. The second part is what I concluded.
    Ohh and that this thread is not going anywhere.

  2. #12
    Just burned his ISO
    Join Date
    May 2010
    Posts
    24

    Default Re: nmap and windows xp sp3 in virtualbox

    I read the cap 15 of doc of nmap... This:

    Firewall/IDS Evasion and Spoofing


    This way is the right way??? Will I continue in this direction???

  3. #13
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by Mito125 View Post
    I read the cap 15 of doc of nmap... This:

    Firewall/IDS Evasion and Spoofing


    This way is the right way??? Will I continue in this direction???
    You need a strong understanding of TCP/IP to use those techniques appropriately, and they probably wont help in your particular case anyway (they are more suitable for IDS/IPS evasion - you need a pretty rubbish or poorly configured firewall for a lot of those techniques to be effective against firewalls.)

    If you want to exploit a client system that has no unfiltered listening ports, you are better off using client side attacks, such as browser based attacks, document reader attacks, etc. Try out one of the many tutorials available on the subject.
    Last edited by lupin; 06-03-2010 at 10:44 AM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  4. #14
    Just burned his ISO
    Join Date
    May 2010
    Posts
    24

    Default Re: nmap and windows xp sp3 in virtualbox

    I continue my mapping of OS... If nmap response is filtered, I try a hping3 to test port... And response of hping3 help me... This way is right way???


    THank you lupin for tip, but (if my translation is correct) client side attack required interaction of victim... Is it correct?

  5. #15
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by Mito125 View Post
    I continue my mapping of OS... If nmap response is filtered, I try a hping3 to test port... And response of hping3 help me... This way is right way???
    If you're really that keen to learn port scanning Id suggest you start off with simpler port scanning goals, and trying to bypass firewall filtering is NOT a simple port scanning goal. Start by scanning a few different systems that DONT have firewalls enabled using a few different scanning tools. See what results you get. Then enable partial firewall filtering (only some ports blocked) and repeat. Compare the different scans and actually watch the traffic being sent in a packet capture tool like Wireshark so you see what the port scanning tools are doing. And you will definitely want to do some reading on TCP/IP so you understand how it works. Understanding how TCP and UDP initiate sessions is critical if you want to be able to do effective port scanning. There is a recent thread here that I responded to about good books for learning TCP/IP - check that out, and also have a read of that nmap book and play around with the tool until you understand what its actually doing and HOW its determining whether ports are open or closed.

    Quote Originally Posted by Mito125 View Post
    THank you lupin for tip, but (if my translation is correct) client side attack required interaction of victim... Is it correct?
    Yes, it requires some sort of client software on the victim system to interact with input you have provided. That generally requires a person using the victim machine to visit a malicious website you host or open a malicious file you have somehow sent to the victim system, but there are cases where automated processes from the victim system might provide an avenue for exploitation. Something like EvilGrade would be one example of the latter case.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #16
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    16

    Default Re: nmap and windows xp sp3 in virtualbox

    Quote Originally Posted by Mito125 View Post
    Can I conclude that when the firewall block connection I can not exploit the machine?


    Thank you all.
    I'm no expert on this my friend, I am also very noob on Backtrack, but if your conclusion is this, then, what have the Backtrack Team been doing all this time?

    Firewall is like a locked door, if you see it, either you use the key or you find a lockpick (Backtrack).

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Virtualbox
    By Mito125 in forum Beginners Forum
    Replies: 10
    Last Post: 05-30-2010, 06:28 AM
  2. Cant add a 2nd NIC in VirtualBox
    By luizf in forum OLD Newbie Area
    Replies: 0
    Last Post: 01-31-2010, 12:02 AM
  3. BT in VirtualBox?
    By knickfan5745 in forum OLD Newbie Area
    Replies: 2
    Last Post: 07-22-2009, 01:38 PM
  4. BT3 under VirtualBox!
    By ioannou.alexandros in forum OLD BT3final Support
    Replies: 9
    Last Post: 12-15-2008, 09:13 AM
  5. Virtualbox
    By Shadowlurker in forum OLD BT3beta Software related issues
    Replies: 8
    Last Post: 04-20-2008, 11:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •