Denuncie   Favoritos   Indicar  

nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

1. nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

mayco mendes de almeida
mikeitaly
(usa openSUSE)

Enviado em 29/09/2011 - 16:42h

nmap -v --script=smb-check-vulns 192.168.1.3

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-29 14:46 BRT
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 14:46
Scanning 192.168.1.3 [1 port]
Completed ARP Ping Scan at 14:46, 0.06s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:46
Completed Parallel DNS resolution of 1 host. at 14:46, 0.01s elapsed
Initiating SYN Stealth Scan at 14:46
Scanning 192.168.1.3 [1000 ports]
Discovered open port 135/tcp on 192.168.1.3
Discovered open port 139/tcp on 192.168.1.3
Discovered open port 3389/tcp on 192.168.1.3
Discovered open port 445/tcp on 192.168.1.3
Discovered open port 2869/tcp on 192.168.1.3
Completed SYN Stealth Scan at 14:46, 0.78s elapsed (1000 total ports)
NSE: Script scanning 192.168.1.3.
Initiating NSE at 14:46
Completed NSE at 14:46, 0.08s elapsed
Nmap scan report for 192.168.1.3
Host is up (0.040s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2869/tcp open icslap
3389/tcp open ms-term-serv
MAC Address: 00:15:00:50:2B:04 (Intel Corporate)

Host script results:
| smb-check-vulns:
| MS08-067: NOT VULNERABLE
| Conficker: Likely CLEAN
| regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
| SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)
| MS06-025: CHECK DISABLED (remove 'safe=1' argument to run)
|_ MS07-029: CHECK DISABLED (remove 'safe=1' argument to run)

NSE: Script Post-scanning.
Read data files from: /usr/local/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds
Raw packets sent: 1001 (44.028KB) | Rcvd: 1001 (40.048KB)

PERGUNTAS: COMO FAÇO PARA ATIVAR A ATIVAR O "regsvc DoS" , "SMBv2 DoS" , "MS06-025" , "MS07-029" ?? reparem que os mesmos estao desativados(CHECK DISABLED)

creio que eu tenha que editar o escript que esta sendo usado..

vlw pessoal!


0 0
  • Quote

    •   


    2. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    Renato Carneiro Pacheco
    renato_pacheco
    (usa Debian)

    Enviado em 29/09/2011 - 16:45h 


    
root@bt:~# nmap -v --script=smb-check-vulns --script-args=unsafe=1 10.239.68.18
    

    
Starting Nmap 5.35DC1 ( http://nmap.org ) at 2011-09-29 16:44 BRT
    
NSE: Loaded 1 scripts for scanning.
    
Initiating ARP Ping Scan at 16:44
    
Scanning 10.239.68.18 [1 port]
    
Completed ARP Ping Scan at 16:44, 0.00s elapsed (1 total hosts)
    
Initiating Parallel DNS resolution of 1 host. at 16:44
    
Completed Parallel DNS resolution of 1 host. at 16:44, 0.01s elapsed
    
Initiating SYN Stealth Scan at 16:44
    
Scanning gti-adm01.xxx.net (10.239.68.18) [1000 ports]
    
Discovered open port 139/tcp on 10.239.68.18
    
Discovered open port 3389/tcp on 10.239.68.18
    
Discovered open port 135/tcp on 10.239.68.18
    
Discovered open port 22/tcp on 10.239.68.18
    
Discovered open port 445/tcp on 10.239.68.18
    
Discovered open port 9091/tcp on 10.239.68.18
    
Discovered open port 912/tcp on 10.239.68.18
    
Completed SYN Stealth Scan at 16:44, 1.18s elapsed (1000 total ports)
    
NSE: Script scanning 10.239.68.18.
    
NSE: Starting runlevel 1 (of 1) scan.
    
Initiating NSE at 16:44
    
Completed NSE at 16:44, 5.02s elapsed
    
Nmap scan report for gti-adm01.xxx.net (10.239.68.18)
    
Host is up (0.000031s latency).
    
Not shown: 993 closed ports
    
PORT     STATE SERVICE
    
22/tcp   open  ssh
    
135/tcp  open  msrpc
    
139/tcp  open  netbios-ssn
    
445/tcp  open  microsoft-ds
    
912/tcp  open  unknown
    
3389/tcp open  ms-term-serv
    
9091/tcp open  unknown
    
MAC Address: D8:D3:85:6D:25:43 (Hewlett Packard)
    

    
Host script results:
    
| smb-check-vulns:
    
|   MS08-067: NOT VULNERABLE
    
|   Conficker: Likely CLEAN
    
|   SMBv2 DoS (CVE-2009-3103): NOT VULNERABLE
    
|   MS06-025: NO SERVICE (the Ras RPC service is inactive)
    
|_  MS07-029: NO SERVICE (the Dns Server RPC service is inactive)
    

    
Read data files from: /usr/share/nmap
    
Nmap done: 1 IP address (1 host up) scanned in 6.30 seconds
    
           Raw packets sent: 1082 (47.592KB) | Rcvd: 1003 (40.136KB)
    
root@bt:~#


    Isso responde a sua pergunta?

    0 0
  • Quote

    • 3. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    mayco mendes de almeida
    mikeitaly
    (usa openSUSE)

    Enviado em 29/09/2011 - 17:00h

    repara bem:

    miketrack@bt:~$ nmap -v --script=smb-check-vulns 192.168.1.3
    Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-29 16:59 BRT
    NSE: Loaded 1 scripts for scanning.
    NSE: Script Pre-scanning.
    Initiating Ping Scan at 16:59
    Scanning 192.168.1.3 [2 ports]
    Completed Ping Scan at 16:59, 1.10s elapsed (1 total hosts)
    Initiating Parallel DNS resolution of 1 host. at 16:59
    Completed Parallel DNS resolution of 1 host. at 16:59, 0.01s elapsed
    Initiating Connect Scan at 16:59
    Scanning 192.168.1.3 [1000 ports]
    Discovered open port 135/tcp on 192.168.1.3
    Discovered open port 3389/tcp on 192.168.1.3
    Discovered open port 445/tcp on 192.168.1.3
    Discovered open port 139/tcp on 192.168.1.3
    Completed Connect Scan at 16:59, 0.78s elapsed (1000 total ports)
    NSE: Script scanning 192.168.1.3.
    Initiating NSE at 16:59
    Completed NSE at 16:59, 0.11s elapsed
    Nmap scan report for 192.168.1.3
    Host is up (0.038s latency).
    Not shown: 996 closed ports
    PORT STATE SERVICE
    135/tcp open msrpc
    139/tcp open netbios-ssn
    445/tcp open microsoft-ds
    3389/tcp open ms-term-serv

    Host script results:
    | smb-check-vulns:
    | MS08-067: NOT VULNERABLE
    | Conficker: Likely CLEAN
    | regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
    | SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)
    | MS06-025: CHECK DISABLED (remove 'safe=1' argument to run) AQUI APARECE QUE PRECIZA DO PARAMETRO.. MAS NO COMANDO SEGUINTE ELE NEM APARECE NADA! POXA! PQ?
    |_ MS07-029: CHECK DISABLED (remove 'safe=1' argument to run)

    NSE: Script Post-scanning.
    Read data files from: /usr/local/bin/../share/nmap
    Nmap done: 1 IP address (1 host up) scanned in 2.21 seconds
    miketrack@bt:~$


    miketrack@bt:~$ nmap -v --script=smb-check-vulns --script-args=unsafe=1 192.168.1.3

    Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-29 16:56 BRT
    NSE: Loaded 1 scripts for scanning.
    NSE: Script Pre-scanning.
    Initiating Ping Scan at 16:56
    Scanning 192.168.1.3 [2 ports]
    Completed Ping Scan at 16:56, 1.10s elapsed (1 total hosts)
    Initiating Parallel DNS resolution of 1 host. at 16:56
    Completed Parallel DNS resolution of 1 host. at 16:56, 0.01s elapsed
    Initiating Connect Scan at 16:56
    Scanning 192.168.1.3 [1000 ports]
    Discovered open port 135/tcp on 192.168.1.3
    Discovered open port 3389/tcp on 192.168.1.3
    Discovered open port 139/tcp on 192.168.1.3
    Discovered open port 445/tcp on 192.168.1.3
    Completed Connect Scan at 16:56, 0.79s elapsed (1000 total ports)
    NSE: Script scanning 192.168.1.3.
    Initiating NSE at 16:56
    Completed NSE at 16:56, 0.14s elapsed
    Nmap scan report for 192.168.1.3
    Host is up (0.044s latency).
    Not shown: 996 closed ports
    PORT STATE SERVICE
    135/tcp open msrpc
    139/tcp open netbios-ssn
    445/tcp open microsoft-ds
    3389/tcp open ms-term-serv

    NSE: Script Post-scanning.
    Read data files from: /usr/local/bin/../share/nmap
    Nmap done: 1 IP address (1 host up) scanned in 2.23 seconds


    estranho ne? comigo da diferente..

    0 0
  • Quote

    • 4. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    mayco mendes de almeida
    mikeitaly
    (usa openSUSE)

    Enviado em 29/09/2011 - 17:02h

    mesmo assim vlw pela atençao ae Pacheco!
    oque vc acha o que poderia ser Pache?

    0 0
  • Quote

    • 5. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    Renato Carneiro Pacheco
    renato_pacheco
    (usa Debian)

    Enviado em 29/09/2011 - 17:10h

    Mistério, kra! O q eu t sugiro é atualizar a versão do nmap (ou instalar uma versão anterior) pra v se dá o msm problema.

    0 0
  • Quote

    • 6. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    mayco mendes de almeida
    mikeitaly
    (usa openSUSE)

    Enviado em 30/09/2011 - 08:07h

    vlw pacheco! vc é o cara! =]

    cara, eu faço faculdade de redes e uso somente backtrack, até deixei ele nos trinks com AWN, Docky, Docky Cairo, Compiz, Emerald, + eu gosto muito de modo texto e vi que no back track inclusive a ultima versao que saio R1 Revolution 1 tudo tem que ser feito na unha, aprendi a instalar nvidia etc.. e eu queria um conselho seu, ja procurei muitas comunidades sobre backtrack mas eu vejo que nao tem muita gente que se dedica sobre essa stupenda distribuiçao.. vc conheçe alguma comunidade ou site a respeito disso? vlw!

    0 0
  • Quote

    • 7. Re: nmap -v --script=smb-check-vulns IP (SCRIPT) [RESOLVIDO]

    Renato Carneiro Pacheco
    renato_pacheco
    (usa Debian)

    Enviado em 30/09/2011 - 09:02h

    Kra, tinha o www.backtrack.com.br, mas não sei pq q o site parou d responder (ou tá fora do ar, sei lá!). O lance é ler em inglês msm:

    http://www.backtrack-linux.org

    Ae tem um monte d coisa. Se vc quiser saber o funcionamento d alguma ferramenta em específico, procure no google sobre ela.

    0 0
  • Quote





    • Patrocínio

    Site hospedado pelo provedor RedeHost.
    Linux banner

    Destaques

    Artigos

    Instalar certificado digital Safesign, fornecido pela Certisign e utilizado pela OAB-SP, em qualquer distribuição Linux usando distrobox

    Manutenção de sistemas Linux Debian e derivados com apt-get, apt, aptitude e dpkg

    Criatividade para TI parte 1

    Melhorando o tempo de boot do Fedora e outras distribuições

    Como instalar as extensões Dash To Dock e Hide Top Bar no Gnome 45/46

    Dicas

    Como Atualizar Fedora 39 para 40

    Instalar Google Chrome no Debian e derivados

    Consertando o erro do Sushi e Wayland no Opensuse Leap 15

    Instalar a última versão do PostgreSQL no Lunix mantendo atualizado

    Flathub na sua distribuição Linux e comandos básicos de gerenciamento

    Tópicos

    pacotes 32 bit no void 64 bit (1)

    erro ao clonar repo github (7)

    ASRock H310CM-HG4 vs Linux (1)

    Como adicionar módulo de saúde da bateria dos notebooks Acer ao kernel... (26)

    Problema Envio email GLPI Versao 10.0.15 (1)

    Top 10 do mês

    Scripts

    [Shell Script] Script para desinstalar pacotes desnecessários no OpenSuse

    [Shell Script] Script para criar certificados de forma automatizada no OpenVpn

    [Shell Script] Conversor de vídeo com opção de legenda

    [C/C++] BRT - Bulk Renaming Tool

    [Shell Script] Criação de Usuarios , Grupo e instalação do servidor de arquivos samba

    A maior comunidade GNU/Linux da América Latina! Artigos, dicas, tutoriais, fórum, scripts e muito mais. Ideal para quem busca auto-ajuda.

    Site hospedado por: