Pues la verdad es que me he cansado de preguntar y esperar, a si que mando mi duda principal y si los moderadores no están de acuerdo con mi pregunta, pues que saquen mi post, claro está que a mi no me molestará de todas formas...
Pues he aquí lo que pude sacar con el dsniff, nmap y el nessus:
Starting nmap 3.55 ( xxxx ) at 2005-02-05 02:28 ART
Interesting ports on xxxxxxxxxxxxx (xxxxx):
(The 1641 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
135/tcp filtered msrpc
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
143/tcp open imap
145/tcp filtered uaac
179/tcp open bgp
443/tcp open https
993/tcp open imaps
995/tcp open pop3s
2601/tcp open zebra
2605/tcp open bgpd
3306/tcp open mysql
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 21.655 days (since Fri Jan 14 10:46:44 2005)
dsniff: listening on eth1
-----------------
02/11/05 07:16:55 tcp ***.***.***.***.57434 -> *******.******.*****.7117 (http)
GET / HTTP/1.1
Host: *****************************
Authorization: Basic cTFraTk6ZDA5a2xt [q1ki9:d09klm]
-----------------
02/11/05 07:17:02 tcp ***.***.***.***.57478 -> **************************.80 (http)
GET / HTTP/1.1
Host: *******************************
Authorization: Basic cTFraTk6ZDA5a2xt [q1ki9:d09klm]
-----------------
02/11/05 07:17:48 tcp ***.***.***.***.57864 -> ******************************.7117 (http)
GET /products_archivos/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: **********************
GET /_derived/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ****************************
GET /_borders/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ****************************
GET /_derived/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: *****************************
-----------------
02/11/05 07:18:00 tcp ***.***.***.***.57955 -> *******************************.80 (http)
GET /products_archivos/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ******************************
-----------------
02/11/05 07:18:00 tcp ***.***.***.***.57958 -> *******************************.80 (http)
GET /_derived/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: *******************************
-----------------
02/11/05 07:18:05 tcp ***.***.***.***.58009 -> ******************************.80 (http)
GET /products_archivos/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: *********************************
-----------------
02/11/05 07:18:06 tcp ***.***.***.***.58018 -> ******************************.80 (http)
GET /mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ***************************
-----------------
02/11/05 07:18:09 tcp ***.***.***.***.8024 -> ***********************.80 (http)
GET /imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ***************************
-----------------
02/11/05 07:19:37 tcp ***.***.***.***.58764 -> ***************************.7117 (http)
GET / HTTP/1.1
Host: ***************************
Authorization: Basic c3VwZXJtYW46MjEyNDEwMzY= [superman:21241036]
GET / HTTP/1.1
Host: ****************************
Authorization: Basic c3VwZXI6NTc3NzM2NA== [super:5777364]
-----------------
02/11/05 07:20:43 tcp ***.***.***.***.57963 -> **************************.80 (http)
GET /_borders/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ********************************
-----------------
02/11/05 07:20:45 tcp ***.***.***.***.57969 -> *******************************.80 (http)
GET /_derived/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: *********************************
-----------------
02/11/05 07:20:49 tcp ***.***.***.***.58011 -> *****************************.80 (http)
GET /cgi-bin/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ******************************
-----------------
02/11/05 07:20:53 tcp ***.***.***.***.58058 -> *****************************.80 (http)
GET /horde/imp/mailbox.php3?actionID=6&server=x&imapuser=x';somesql&pass=x HTTP/1.1
Host: ***************************
-----------------
02/11/05 07:24:41 tcp ***.***.***.***.60981 -> *************************.7117 (http)
GET /piranha/secure/ HTTP/1.1
Host: ***************************
Authorization: Basic cGlyYW5oYTpx [piranha:q]
GET /piranha/secure/ HTTP/1.1
Host: ******************************
Authorization: Basic cGlyYW5oYTpwaXJhbmhh [piranha:piranha]
-----------------
02/11/05 07:25:36 tcp ***.***.***.***.33238 -> *****************************.7117 (http)
GET / HTTP/1.1
Host: ****************************
Authorization: Basic c3VwZXJ2aXNvcjo= [supervisor:]
-----------------
02/11/05 07:27:17 tcp ***.***.***.***.60998 -> *****************************.80 (http)
GET /piranha/secure/ HTTP/1.1
Host: *********************************
Authorization: Basic cGlyYW5oYTpx [piranha:q]
-----------------
02/11/05 07:27:19 tcp ***.***.***.***.32773 -> ******************************.80 (http)
GET /piranha/secure/ HTTP/1.1
Host: *********************************
Authorization: Basic cGlyYW5oYTpwaXJhbmhh [piranha:piranha]
Vulnerability found on port http (80/tcp)
The remote server is running at least one instance of IMP whose version
number is between 2.0 and 3.2.3 inclusive. Such versions are vulnerable
to a cross-scripting attack whereby an attacker may be able to cause a
victim to unknowingly run arbitrary Javascript code simply by reading a
MIME message with a specially crafted Content-Type header.
For information about the vulnerability, including exploits, see :
-
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-2.txt -
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt Note : Nessus has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there
it has
not attempted to actually exploit the vulnerability.
Solution : Upgrade to IMP version 3.2.4 or later.
Risk factor : High
CVE : CAN-2004-0584
BID : 10501
Other references : GLSA:GLSA-200406-11
Nessus ID : 12263
Vulnerability found on port http (80/tcp)
The remote server is running at least one instance of IMP whose version
number is 3.2.4 or lower. Such versions are vulnerable to a
cross-scripting attack whereby an attacker may be able to inject
arbitrary content, including script, in a specially crafted MIME
message. To have an effect, the victim must be using Internet Explorer
to access IMP and be using the inline MIME viewer for HTML messages.
This vulnerability is a variation on the one reported here :
-
http://www.greymagic.com/security/advisories/gm005-mc/ Note : Nessus has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there, it has
not attempted to actually exploit the vulnerability.
Solution : Upgrade to IMP version 3.2.5 or later.
Risk factor : High
BID : 10845
Other references : OSVDB:8293
Nessus ID : 13857
Vulnerability found on port https (443/tcp)
The remote server is running at least one instance of IMP whose version
number is between 2.0 and 3.2.3 inclusive. Such versions are vulnerable
to a cross-scripting attack whereby an attacker may be able to cause a
victim to unknowingly run arbitrary Javascript code simply by reading a
MIME message with a specially crafted Content-Type header.
For information about the vulnerability, including exploits, see :
-
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-2.txt -
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt Note : Nessus has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there
it has
not attempted to actually exploit the vulnerability.
Solution : Upgrade to IMP version 3.2.4 or later.
Risk factor : High
CVE : CAN-2004-0584
BID : 10501
Other references : GLSA:GLSA-200406-11
Nessus ID : 12263
Vulnerability found on port https (443/tcp)
The remote server is running at least one instance of IMP whose version
number is between 3.0 and 3.2.1 inclusive. Such versions are vulnerable
to several cross-scripting attacks whereby an attacker can cause a
victim to unknowingly run arbitrary Javascript code simply by reading an
HTML message from the attacker.
Announcements of the vulnerabilities can be found at :
-
http://marc.theaimsgroup.com/?l=imp&m=105940167329471&w=2 -
http://marc.theaimsgroup.com/?l=imp&m=105981180431599&w=2 -
http://marc.theaimsgroup.com/?l=imp&m=105990362513789&w=2 Note : Nessus has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there. If the
installation has already been patched, consider this a false positive.
Solution : Upgrade to IMP version 3.2.2 or later or apply patches found
in the announcements to imp/lib/MIME/Viewer/html.php.
Risk factor : High
Nessus ID : 11815
Vulnerability found on port https (443/tcp)
The remote server is running at least one instance of IMP whose version
number is 3.2.4 or lower. Such versions are vulnerable to a
cross-scripting attack whereby an attacker may be able to inject
arbitrary content, including script, in a specially crafted MIME
message. To have an effect, the victim must be using Internet Explorer
to access IMP and be using the inline MIME viewer for HTML messages.
This vulnerability is a variation on the one reported here :
-
http://www.greymagic.com/security/advisories/gm005-mc/ Note : Nessus has determined the vulnerability exists on the target
simply by looking at the version number of IMP installed there, it has
not attempted to actually exploit the vulnerability.
Solution : Upgrade to IMP version 3.2.5 or later.
Risk factor : High
BID : 10845
Other references : OSVDB:8293
Nessus ID : 13857
Information found on port https (443/tcp)
Here is the SSLv2 server certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=localhost.localdomain/emailAddress=root@localhost.localdomain
Validity
Not Before: Jun 16 07:25:20 2004 GMT
Not After : Jun 16 07:25:20 2005 GMT
Subject: C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=localhost.localdomain/emailAddress=root@localhost.localdomain
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:bd:ed:9b:0d:7c:ad:ca:e1:ee:20:9c:6c:0b:20:
8b:17:dc:59:15:2e:ad:2b:0e:94:37:20:c0:c2:79:
52:90:4f:13:fc:03:1a:df:f4:4f:42:be:9f:16:a9:
0b:c6:82:72:35:00:8e:75:a2:dc:1d:f5:67:95:b5:
0e:97:a3:c8:79:e8:5f:72:30:c0:25:aa:9f:52:9e:
ed:1d:fd:3f:46:24:25:c3:a9:3d:f7:c3:36:3f:7c:
c2:af:c5:4e:c0:8a:2c:9f:b8:bc:cd:80:12:86:97:
6d:4f:80:40:c5:c4:04:3c:67:92:c5:05:7d:de:5c:
97:5a:70:f2:1a:ee:49:64:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:88:55:9E:B9:56:DD:93:18:ED:23:09:D4:F2:A9:97:93:ED:4D:48
X509v3 Authority Key Identifier:
keyid:08:88:55:9E:B9:56:DD:93:18:ED:23:09:D4:F2:A9:97:93:ED:4D:48
DirName:/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@localhost.localdomain
serial:00
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: md5WithRSAEncryption
67:75:ad:f0:f3:f2:86:cf:73:ec:f2:34:fb:e8:11:02:57:f6:
28:90:49:a5:bb:12:7c:ad:51:d5:0a:22:bd:e6:3c:4e:2b:d3:
03:e8:ff:30:97:eb:17:cd:86:db:47:e0:f0:18:0f:36:e0:48:
7c:ee:73:c3:26:85:fe:6c:ec:66:96:27:82:11:a3:7c:3d:1c:
83:2b:1b:f1:8c:4d:c6:81:24:e0:94:2a:7e:1a:b2:9f:96:80:
dc:52:58:8a:ba:1c:2d:97:20:cc:46:92:d5:dd:79:b4:ea:7a:
9e:3d:6a:c0:3e:16:cf:96:eb:02:6b:37:d2:13:38:62:6e:5a:
da:95
Here is the list of available SSLv2 ciphers:
RC4-MD5
EXP-RC4-MD5
RC2-CBC-MD5
EXP-RC2-CBC-MD5
DES-CBC-MD5
DES-CBC3-MD5
RC4-64-MD5
The SSLv2 server offers 5 strong ciphers, but also
0 medium strength and 2 weak "export class" ciphers.
The weak/medium ciphers may be chosen by an export-grade
or badly configured client software. They only offer a
limited protection against a brute force attack
Warning found on port unknown (7117/tcp)
Your webserver supports the TRACE and/or TRACK methods. TRACE and TRACK
are HTTP methods which are used to debug web server connections.
It has been shown that servers supporting this method are subject
to cross-site-scripting attacks, dubbed XST for
"Cross-Site-Tracing", when used in conjunction with
various weaknesses in browsers.
An attacker may use this flaw to trick your
legitimate web users to give him their
credentials.
Solution: Disable these methods.
If you are using Apache, add the following lines for each virtual
host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
If you are using Microsoft IIS, use the URLScan tool to deny HTTP TRACE
requests or to permit only the methods needed to meet site requirements
and policy.
If you are using Sun ONE Web Server releases 6.0 SP2 and later, add the
following to the default object section in obj.conf:
<Client method="TRACE">
AuthTrans fn="set-variable"
remove-headers="transfer-encoding"
set-headers="content-length: -1"
error="501"
</Client>
If you are using Sun ONE Web Server releases 6.0 SP2 or below, compile
the NSAPI plugin located at:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603 See
http://www.whitehatsec.com/press_releases/WH-PR-20030120.pdf http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0035.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603 http://www.kb.cert.org/vuls/id/867593 Risk factor : Medium
BID : 9506, 9561, 11604
Nessus ID : 11213
Vulnerability found on port ssh (22/tcp)
You are running a version of OpenSSH which is older than 3.7.1
Versions older than 3.7.1 are vulnerable to a flaw in the buffer management
functions which might allow an attacker to execute arbitrary commands on this
host.
An exploit for this issue is rumored to exist.
Note that several distribution patched this hole without changing
the version number of OpenSSH. Since Nessus solely relied on the
banner of the remote SSH server to perform this check, this might
be a false positive.
If you are running a RedHat host, make sure that the command :
rpm -q openssh-server
Returns :
openssh-server-3.1p1-13 (RedHat 7.x)
openssh-server-3.4p1-7 (RedHat 8.0)
openssh-server-3.5p1-11 (RedHat 9)
Solution : Upgrade to OpenSSH 3.7.1
See also :
http://marc.theaimsgroup.com/?l=openbsd-misc&m=106375452423794&w=2 http://marc.theaimsgroup.com/?l=openbsd-misc&m=106375456923804&w=2 Risk factor : High
CVE : CAN-2003-0682, CAN-2003-0693, CAN-2003-0695
BID : 8628
Other references : RHSA:RHSA-2003:279-02, SuSE:SUSE-SA:2003:039
Nessus ID : 11837
Information found on port imaps (993/tcp)
Here is the SSLv2 server certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=NY, L=New York, O=Courier Mail Server, OU=Automatically-generated IMAP SSL key, CN=localhost/emailAddress=postmaster@example.com
Validity
Not Before: Jun 16 21:38:41 2004 GMT
Not After : Jun 16 21:38:41 2005 GMT
Subject: C=US, ST=NY, L=New York, O=Courier Mail Server, OU=Automatically-generated IMAP SSL key, CN=localhost/emailAddress=postmaster@example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b7:45:03:4a:5e:87:96:0c:59:d7:29:57:ce:14:
08:49:21:40:ad:c0:eb:91:ee:05:4e:2f:28:5c:d9:
23:8c:ba:17:4c:ac:5f:8d:3e:5e:04:ea:e9:06:71:
34:c4:63:0f:94:1a:7e:b0:76:71:cb:19:4b:79:2b:
cb:ff:be:ec:4a:e6:64:d1:bc:00:ee:0e:af:4e:f3:
a1:21:39:95:eb:fd:f6:4f:ff:fe:2a:5b:d8:98:43:
ff:0d:43:36:11:c0:87:1c:6b:a3:96:a7:cc:c3:8d:
4c:ea:96:5d:a3:a9:27:cc:59:eb:c3:a6:ba:fd:59:
df:6a:6f:13:3b:2a:5b:0e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
Netscape Cert Type:
SSL Server
Signature Algorithm: md5WithRSAEncryption
0e:02:b0:fa:ec:8e:0b:18:30:20:9a:68:88:72:ca:bd:79:49:
88:e0:d7:9b:5a:30:c0:61:09:0f:6d:ea:6e:58:0a:24:42:db:
d5:4d:90:c1:bd:2e:18:c7:7e:92:96:d6:d1:6f:69:99:9d:12:
3c:f7:53:09:32:8a:b2:46:fc:b5:c9:bd:f4:cc:7f:70:fc:2f:
b5:f4:2b:67:33:4a:01:2e:cc:4e:52:17:3a:81:ff:18:0c:52:
ef:0b:0a:ce:14:34:b3:28:a4:af:72:cf:e8:8d:87:e5:6c:48:
4a:84:e5:4b:65:c7:8a:14:e0:96:eb:76:59:e0:06:e8:05:5e:
ce:b6
Here is the list of available SSLv2 ciphers:
RC4-MD5
EXP-RC4-MD5
RC2-CBC-MD5
EXP-RC2-CBC-MD5
DES-CBC-MD5
DES-CBC3-MD5
RC4-64-MD5
The SSLv2 server offers 5 strong ciphers, but also
0 medium strength and 2 weak "export class" ciphers.
The weak/medium ciphers may be chosen by an export-grade
or badly configured client software. They only offer a
limited protection against a brute force attack
Solution: disable those ciphers and upgrade your client
software if necessary.
See
http://support.microsoft.com/default.aspx?scid=kb en-us
216482
or
http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslciphersuite This SSLv2 server also accepts SSLv3 connections.
This SSLv2 server also accepts TLSv1 connections.
Nessus ID : 10863
Information found on port pop3s (995/tcp)
Here is the SSLv2 server certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=NY, L=New York, O=Courier Mail Server, OU=Automatically-generated POP3 SSL key, CN=localhost/emailAddress=postmaster@example.com
Validity
Not Before: Jun 16 21:38:51 2004 GMT
Not After : Jun 16 21:38:51 2005 GMT
Subject: C=US, ST=NY, L=New York, O=Courier Mail Server, OU=Automatically-generated POP3 SSL key, CN=localhost/emailAddress=postmaster@example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b9:96:34:f9:37:d4:24:16:f4:35:4e:5e:e7:97:
fa:fc:4d:4e:b1:11:1b:67:36:90:eb:70:2d:41:b5:
b8:2f:0c:ed:2c:f4:75:99:df:69:d2:36:bb:d3:a2:
8a:43:f9:eb:b0:14:5d:db:ce:7a:1a:5a:6f:d4:b9:
1f:3c:59:37:73:7a:b7:45:a8:ab:2d:76:e8:48:cb:
1d:28:52:09:4c:30:d6:82:95:cf:74:0b:46:15:c4:
e6:6d:f7:e2:f7:7f:d6:81:2f:ef:ce:b4:fe:35:90:
40:5a:11:69:85:51:9f:07:60:8c:aa:17:0c:01:cd:
5c:e3:06:e4:db:f1:43:ea:af
Exponent: 65537 (0x10001)
X509v3 extensions:
Netscape Cert Type:
SSL Server
Signature Algorithm: md5WithRSAEncryption
af:85:94:f8:19:46:e5:cc:46:4f:0b:ac:27:fc:96:49:ab:c7:
7a:da:46:29:bd:5d:d1:d6:db:8e:b7:7e:6b:be:c4:7d:7b:55:
13:ef:b9:1a:4f:38:dd:d4:45:e9:7e:e9:4f:ea:6e:ff:4c:41:
67:74:9b:d2:04:ad:c2:e6:e0:f0:58:83:f6:ef:e5:f6:89:d4:
ad:89:0d:85:f7:e8:01:1b:d0:61:61:64:63:2c:a2:b1:4e:3e:
c9:02:20:3f:56:9d:9d:db:a6:0b:a0:a4:12:e6:8d:12:af:12:
c3:e7:42:cc:5e:b5:1f:e4:ad:1f:74:70:81:70:d3:d5:22:76:
65:c4
Here is the list of available SSLv2 ciphers:
RC4-MD5
EXP-RC4-MD5
RC2-CBC-MD5
EXP-RC2-CBC-MD5
DES-CBC-MD5
DES-CBC3-MD5
RC4-64-MD5
The SSLv2 server offers 5 strong ciphers, but also
0 medium strength and 2 weak "export class" ciphers.
The weak/medium ciphers may be chosen by an export-grade
or badly configured client software. They only offer a
limited protection against a brute force attack
Solution: disable those ciphers and upgrade your client
software if necessary.
See
http://support.microsoft.com/default.aspx?scid=kb en-us
216482
or
http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslciphersuite This SSLv2 server also accepts SSLv3 connections.
This SSLv2 server also accepts TLSv1 connections.
Nessus ID : 10863
Pues... esa fue una de la info más destacada para atacar que saqué... la cosa es que de acá use varios programas (ningún exploit) para poder penetrar, pero no pude... y con el comando ftp me he fijado que para la entrada está encriptada, según lo que se, ya que cuando trato de entrar me dice:
Connected to ***.***.***.***.
220 ProFTPD 1.2.9 Server (ProFtp Server) [pc300.jnfnet.com.ar]
500 AUTH not understood
500 AUTH not understood
KERBEROS_V4 rejected as an authentication type // según lo que se KERBEROS significa que el pass está encriptada tonces no puedo entrar.
Name (***.***.***.***:zeta):
Por otro lado, y según el nessus, el puerto 22=ssh está muy bien abierta, y que con un exploit puedo penetrar, pero la verdad es que no se usar bien el tema de exploits y mucho menos se cúal es...
Pues bueno... espero un poco de ayuda de mano de los expertos!!!
Gracias por todo de antemano!!!
Autor
En línea
, o sea, redes, seguridad y todo con el tema de hacking, he estado mucho tiempo con esto.
(como por ejemplo, tengo los users y pass de muchas ip para entrar por el puerto http, que ENCIMA los escaneé y me dice, por medio del nessus, que está en peligro, o sea, que tiene un hollo.
, entrar en un sistema con los puertos del net-bios abiertos de una máquina de un ciber donde estará mi amigo, para decirme por medio de una telecomunicación (MSN posiblemente) para comprobar si puedo entrar como dice en un documento by Rojodos y qué es lo que le ocurre a esa máquina al estar integrada por alguien más de su propio usuario.
, Pero lo que puedes hacer es subirla a una shell y ejecutarla desde alli para que no quede tu ip.
