digininja
-
Posts
4,005 -
Joined
-
Last visited
-
Days Won
210
Posts posted by digininja
-
-
I'd suggest you do quite a bit more reading and research before asking questions like this otherwise you are likely to get flamed quite a lot.
And the way you asked the question, it very much looks like you are asking for a hand out. Do your research, show you've done it and then come back and ask specific questions.
-
When you don't know the correct values for a parameter then it is fuzzing so you'd be fuzzing the filenames and the numeric parameters. You could technically say you are just iterating through the numbers but it is just a type of fuzzing.
You would look at the responses and base decisions on that. You might find that if you get a 500 back rather than a 302 if you change the 428 in your example to 429 so you know that 429 is not a valid value and move on, if 430 gets you a 302 then you can assume you've hit a valid value and move on to the 835 part.
The only way to work out what is valid and what isn't is through experimentation, some times it is obvious, a 200 is OK, anything else is wrong, or it may be really tricky and you have to base answers on the time of responses.
-
Yes, it would be fairly simple to script up a tool to enumerate something like this but with the large potential address space it is unlikely to find anything. If you want to see an example, this is a similar tool I wrote years ago to look through Amazon buckets:
https://digi.ninja/projects/bucket_finder.php
I would strongly advise against doing it and I wouldn't take any proof of concepts to the estate agents as doing so would be admitting to performing unauthorised testing against their site. They may be grateful, they may get police and lawyers involved.
-
Didn't hit the UK till 18 August says IMDB, lots of different dates to celebrate it:
http://www.imdb.com/title/tt0086567/releaseinfo?ref_=tt_dt_dt
-
Back on topic, is your port scanning problem answered now?
-
New members have a limit on the number of posts they can do in a day or something like that. Just wondering when it clears.
-
Not sure what the limit is, @Digi-p will know though.
-
They have a whole range of ways to specify the ranges
https://nmap.org/book/man-target-specification.html
When did you last do this as nmap has been out since early 1999
-
As the difference is the -oA, it probably failed trying to write the log file out if you were in a directory you didn't have write access to.
Which bit is nmap not doing for you? You give it a list or range of IPs and it will scan them for the open ports and then test for anonymous access on any it finds. What additional work is your own script doing?
-
To specify other ports add them to -p
-p 21,2121,1234
-
-iL takes a file full of IPs, subnets or anything else that resolves to a host you want to give it. It can be as long as you want.
-
This should work
nmap -iL <list of IPs> -p 21 -oA ftp_test --script ftp-anon
-
what are you looking for these services for?
-
4 hours ago, PROTOCOLSOCIETY said:
im mean you @digininja
By understanding what a person is trying to do you can give a much better answer than just giving a generic one that may or may not help.
If someone asked me to recommend a good bar in my local city I'd ask what area they were going to be in, what type of bar they liked, what day they were going to be there. Without asking all of those, I'd just recommend my local which is a quiet locals bar that is great if you know everyone but probably a bit quiet if you don't. If they answered all of those and said they wanted a real ale pub in the centre then I'd send them to the Red Lion, if they liked rock music I'd send them to the Dove and Rainbow, if they just wanted to get drunk on the cheap I'd probably go for the Harley.
As the OP didn't seem to understand what a router was and how some basic level networking worked, I felt it was worth putting in the effort to try to learn what they were doing so I could give the best advice. I could have googled the answer and pasted it in but it probably wouldn't have helped and even if it did, the OP would have gone away with a set of instructions rather than an understanding.
Curious to know, why are you dredging up a thread from February?
-
digip, what I was suggesting was that as one scan was being done through Armitage and one through Zenmap, maybe Armitage was dropping privs for some reason or he was starting Zenmap as root but Armitage not. nmap will only scan a machine it recognises as up and as non-root, the way it determines whether it is up or not is to try to connect to 80 and 443, if they aren't open, it assumes the host is down. With, or without the firewall, XP is unlikely to be running a web server so should not be detected by a non-root nmap scan.
When root scans, there is also an ICMP check which may be spotting the host depending on what the firewall is doing. Your -Pn will force nmap to assume the machine is up so should find something if it is there.
I can't remember the default configuration for XP but was file sharing turned off by default? If so, then there probably shouldn't be any ports open by default. Or, the firewall may be on and just dropping everything.
-
As I learnt the other day, if you are not root then nmap only checks ports 80 and 443 to identify if a machine is up, no ICMP. If you are root you get ICMP as well. So, if the XP box isn't running a web server (unlikely) then a non-root user would not find the machine.
-
Are you running either or both scans as root?
-
What command are you using to do the scanning?
-
For a short video I'd have thought it would cache the file in memory after the first read through.
I've not created a ram disk for years, could try it tomorrow.
-
Here is a little script to let you choose which wallpaper to use if you want to be able to pick one every now and then.
Run it without a parameter and you get a list of available wallpapers from the WALLPAPER_DIR directory. Run it with a name to start that wallpaper.
#!/usr/bin/env bash WALLPAPER_DIR=~/Videos/wallpapers/ if [ "$#" -ne 1 ]; then echo "You can choose from:" wallpapers=`ls -1 $WALLPAPER_DIR` for line in $wallpapers ; do echo `echo $line | sed "s/\(.*\)\.mp4/\1/"` done exit 0 fi wallpaper=${WALLPAPER_DIR}${1}.mp4 if [ -f $wallpaper ]; then xwinwrap -ni -fs -s -st -sp -b -nf -- mpv --profile wallpaper --wid WID $wallpaper # If you want it backgrounding. Kill it with killall mpv # nohup xwinwrap -ni -fs -s -st -sp -b -nf -- mpv --profile wallpaper --wid WID $wallpaper > /dev/null & else echo "Wallpaper not found" fiThere are probably nicer ways to do this but it works for me.
-
Worked like a charm, now I just have to find a way to be able to see through the layers of windows to the wallpaper.
For Ubuntu 16.04, I added the PPA then installed through apt rather than grabbing the package from his repo
https://launchpad.net/~varlesh-l/+archive/ubuntu/ubuntu-tools
mpv runs at 14-16% CPU so I'd not recommend this for low spec machines, maybe keep it for when you want to show off or don't need the extra cycles.
-
In which case, I'd suggest learn how to use all the individual tools that it automates and then look to using it if you need to. I'd never go for automation without understanding the underlying tools.
-
It all depends on what you are looking at testing. Nikto is a web app scanner that looks for known issues, OpenVAS is a vulnerability scanner and I've never heard of Sparta. I'd suggest playing with all the common tools, learn what they test for, learn what their limitations are when to use them.
If you want to try to pop network vulns then OpenVAS is worth running, if all you have is a web app then you are more likely to get info out of Nikto. If you want a basic port scan then nmap, if you want a fast scan against a large number of machines then Unicorn Scan.
-
I noticed it in the email but didn't have access to a man page to check it so didn't want to say anything straight away just in case it was correct usage.
HOW TO CREATE AND SEND A PHISHING LINK USING KALI LINUX/KING PHISHER AND BEEF
in Security
Posted
What are you wanting to do with these emails?