|
Mostrar Mensajes
|
Páginas: [1] 2 3 4 5
|
5
|
Seguridad Informática / Hacking / como explotar vulnerabilidades de Adobe Flash Media Server?
|
en: 15 Julio 2011, 21:38 pm
|
escaneando un host encotre estas vulneranilidades: 38700 1 Adobe Flash Media Server RPC Privilege Escalation (APSB09-05) High Severity problem(s) found 53895 1 Adobe Flash Media Server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11) High Severity problem(s) found 50562 1 Adobe Flash Media Server < 3.0.7 / 3.5.5 / 4.0.1 Multiple Vulnerabilities (APSB10-27) High Severity problem(s) found 48298 1 Adobe Flash Media Server < 3.0.6 / 3.5.4 Multiple Vulnerabilities (APSB10-19) High Severity problem(s) found 43390 1 Adobe Flash Media Server < 3.0.5 / 3.5.3 Multiple Vulnerabilities (APSB09-18) High Severity problem(s) found 31096 1 Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities High Severity problem(s) found
he buscado en internet informacion de como explotsrlas pero no encontrado nada ... tambien probe varios exploit de metasploit y no he podido explotarla. es que no se mucho pero quiero aprender.
|
|
|
6
|
Seguridad Informática / Hacking / problema con metaexploit
|
en: 14 Julio 2011, 22:18 pm
|
trato de integrar nessus con msf y al darle el comando db_destroy me da este error This database command requires the following tools to be installed: dropdb no se si es que tengo que instalarle algo o tengo que cargar algun modulo primero. si alguin me puede ayudar se lo agradeceria
|
|
|
7
|
Seguridad Informática / Hacking / Re: ayuda sobre vulnerabilidades de servidor web?
|
en: 13 Julio 2011, 21:03 pm
|
esto es lo que dice Synopsis: This plugin determines which HTTP methods are allowed on various CGI directories.
Description By calling the OPTIONS method, it is possible to determine which HTTP methods are allowed on each directory.
As this list may be incomplete, the plugin also tests - if 'Thorough tests' are enabled or 'Enable web applications tests' is set to 'yes' in the scan policy - various known HTTP methods on each directory and considers them as unsupported if it receives a response code of 400, 403, 405, or 501.
Note that the plugin output is only informational and does not necessarily indicate the presence of any security vulnerabilities.
|
|
|
9
|
Seguridad Informática / Hacking / Re: ayuda sobre vulnerabilidades de servidor web?
|
en: 9 Julio 2011, 21:24 pm
|
este es el reporte de nessus
Plugin IDs Severity # of issues Synopsis 24260 Low 1 HyperText Transfer Protocol (HTTP) Information Some information about the remote HTTP configuration can be extracted.
25220 Low 1 TCP/IP Timestamps Supported The remote service implements TCP timestamps.
19506 Low 1 Nessus Scan Information Information about the Nessus scan.
10107 Low 1 HTTP Server Type and Version A web server is running on the remote host.
12053 Low 1 Host Fully Qualified Domain Name (FQDN) Resolution It was possible to resolve the name of the remote host.
43111 Low 1 HTTP Methods Allowed (per directory) This plugin determines which HTTP methods are allowed on various CGI directories.
54615 Low 1 Device Type It is possible to guess the remote device type.
10287 Low 1 Traceroute Information It was possible to obtain traceroute information.
22964 Low 1 Service Detection The remote service could be identified.
11936 Low 1 OS Identification It is possible to guess the remote operating system
49704 Low 1 External URLs Links to external sites were gathered.
45590 Low 1 Common Platform Enumeration (CPE) It is possible to enumerate CPE names that matched on the remote system.
10114 Low 1 ICMP Timestamp Request Remote Date Disclosure It is possible to determine the exact time set on the remote host.
10386 Low 1 Web Server No 404 Error Code Check The remote web server does not return 404 error codes.
es que no se mucho pero quiero aprender.
|
|
|
|
|
|
|