Results 1 to 5 of 5

Thread: what to do after open port

  1. #1
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    7

    Default what to do after open port

    hi, i am razak, and i have been practicing pen testing on my xp px.
    And i found a few open port. But i looked at it, there was no ftp,ssh.
    So i can't remotely connect to that pc.
    So i just want to ask if any one could tell and help me what to do after if i found a open port, and what to do if there were no ftp or ssh port open.
    ???

  2. #2
    Member imported_Deathray's Avatar
    Join Date
    Oct 2007
    Posts
    381

    Default

    Depends on what your goal is?
    To view a website?
    Or are you talking about root'ing your xp... If so you could..
    find out what and if possible, what version, is listening on the port.
    Then you check to see if there are any appropriate public exploits, if not.
    You find one yourself or think it over and consider approaching differently.

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Invest in some books or spend some time working on your google'fu. If you don't what what's next then you're not "practicing pen testing". If you believe ftp and ssh are the only way to connect to a system then you're not "practicing pen testing". While it may seem fun to jump in with both feet you won't get very far. As you've discovered. Take the time to do some research and you'll have a lot more fun and progress in a much more effective manner.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  4. #4
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Open port --> Service associated with that port --> vulnerability in specific version of that service --> Exploit to take advantage of that vulnerability --> pwn the box. ;-)

    I can imagine this thread going nowhere fast...
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  5. #5

    Default

    Quote Originally Posted by Razak View Post
    And i found a few open port. But i looked at it, there was no ftp,ssh.
    so what was it? help us help you.
    So i can't remotely connect to that pc.
    probably not. XP offers no "remotely connect-able" services like telnet/ssh by default
    So i just want to ask if any one could tell and help me what to do after if i found a open port, and what to do if there were no ftp or ssh port open.
    ???
    like theprez98 said, now its time to enumerate whats running on that port, determine what version that service is then see if there is a vulnerability and/or exploit code for that vulnerability.

    use the version scan (-sV) with nmap to get you started identifying whats listening on that/those open ports.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •