Search the Community
Showing results for tags 'nessus'.
I've got a device popping up on my wireless that I'm having a hard time identifying. I scanned it with NMAP and it identified itself as a Fortigate Device (see details below). I also tried to hit it with Nessus, but unfortunately whenever I attempt to scan the device for any period of time, it drops off the network. I've blocked it from any outbound traffic in my firewall an logging packets (so far none seen). I also created a static DHCP address for the MAC address so when it does come online, it always gets the same IP address. Trying to determine whether I have a wireless interloper or this
I'm currently trying to gain access to a practice server, according to Nessus it has 1x Critical vuln and 2x Medium vulns, they are: Critical: CVE-2004-1154 Samba smbd Security Descriptor Parsing Remote Overflow. Medium: CVE-2016-2118 Samba Badlock Vulnerability. Medium: SMB Signing Disabled. I've searched Google, ExploitDB and msf for exploits for the Critical vuln but I keep coming up blank. Nessus explains that crafting packets with hundreds of thousands of ACLs would cause a remote buffer overrun, but how do I take advantage of that? Or, am I focussing too much on the
Hello, Does anyone have used port scanners like nmap, or vulnerability scaners like nessus, openvas, etc. while providing internet via computer? I'm using the nano on Ubuntu 14.04 using wp6.sh. I've succesfully deauthed some clients (i'm still learning so it's not perfect) and bumped them to connect to the pineapple but when i try to use any scanner using the pineapple's ip, the results are as if i was scanning a host that's not connected. So, nmap shows "scanned X ips, 0 hosts where up", nessus and openvas finish the task with zero results and metasploit can't complete any exploits because
I have scanned for vulnerabilities with nessus, and i found this (PHP 5.4.x < 5.4.5 _php_stream_scandir Overflow). So i went to the www.exploit-db.com/exploits/19231/ where it is Exploit Code written in python, i tried to use it with metasploit+armitage. But i don't know how to load the script in the existing database on my pc, i am using windows 7, and the "victim" is not on local network, i am new to this so i need some help. Also i am asking for some tutorials, or useful links where can i learn new things.