+- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum)
+-- Forum: Penetration Testing Os (https://www.indonesianbacktrack.or.id/forum/forum-170.html)
+--- Forum: Kali Linux (https://www.indonesianbacktrack.or.id/forum/forum-232.html)
+---- Forum: Kali Linux Tutorial (https://www.indonesianbacktrack.or.id/forum/forum-227.html)
+---- Thread: Sniffing sekalian os fingerprinting (/thread-4828.html)
Pages:
1
2
Sniffing sekalian os fingerprinting - wonosableng - 07-24-2013
Biasanya, untuk sniffing dan os fingerprinting jaringan kita gunakan tools yang berbeda, yaitu wireshark (sniffing) dan nmap (os fingerprinting). Ternyata 2 kegiatan itu bisa dilakukan dengan p0f.
Code:
root@bumi:~# p0f -h
p0f: invalid option -- 'h'
Usage: p0f [ -f file ] [ -i device ] [ -s file ] [ -o file ]
[ -w file ] [ -Q sock [ -0 ] ] [ -u user ] [ -FXVNDUKASCMROqtpvdlrx ]
[ -c size ] [ -T nn ] [ -e nn ] [ 'filter rule' ]
-f file - read fingerprints from file
-i device - listen on this device
-s file - read packets from tcpdump snapshot
-o file - write to this logfile (implies -t)
-w file - save packets to tcpdump snapshot
-u user - chroot and setuid to this user
-Q sock - listen on local socket for queries
-0 - make src port 0 a wildcard (in query mode)
-e ms - pcap capture timeout in milliseconds (default: 1)
-c size - cache size for -Q and -M options
-M - run masquerade detection
-T nn - set masquerade detection threshold (1-200)
-V - verbose masquerade flags reporting
-F - use fuzzy matching (do not combine with -R)
-N - do not report distances and link media
-D - do not report OS details (just genre)
-U - do not display unknown signatures
-K - do not display known signatures (for tests)
-S - report signatures even for known systems
-A - go into SYN+ACK mode (semi-supported)
-R - go into RST/RST+ACK mode (semi-supported)
-O - go into stray ACK mode (barely supported)
-r - resolve host names (not recommended)
-q - be quiet - no banner
-v - enable support for 802.1Q VLAN frames
-p - switch card to promiscuous mode
-d - daemon mode (fork into background)
-l - use single-line output (easier to grep)
-x - include full packet dump (for debugging)
-X - display payload string (useful in RST mode)
-C - run signature collision check
-t - add timestamps to every entry
'Filter rule' is an optional pcap-style BPF expression (man tcpdump).![[Image: zon.png]](http://imageshack.us/photo/my-images/199/zon.png/)
Keduanya saya sambungkan dengan wlan. IP wlan host = ip gateway guest = 10.42.0.1.
![[Image: tsww.png]](http://imageshack.us/photo/my-images/24/tsww.png/)
Sekarang saya akan gunakan p0f.
![[Image: 2nxy.png]](http://imageshack.us/photo/my-images/838/2nxy.png/)
Code:
10.42.0.64:1249 - Windows XP/2000 (RFC1323+, w+, tstamp-) [GENERIC]
Signature: [65535:128:1:52:M1460,N,W1,N,N,S:.:Windows:?]
-> 173.194.126.126:443 (distance 0, link: ethernet/modem)Windows XP/2000 adalah os nya.
Guest browsing 173.194.126.126. Coba kita lihat buka apa dia?
![[Image: d4vs.png]](http://imageshack.us/photo/my-images/849/d4vs.png/)
Ternyata sowan ke mbah gugel.
Kita crosscheck pakai wireshark apa benar 10.42.0.64 (guest) mengakses 173.194.126.126? Ini capturenya
![[Image: k148.png]](http://imageshack.us/photo/my-images/197/k148.png/)
Sekalian kita buka nmap crosscheck apa os yang dia gunakan
![[Image: 4ygz.png]](http://imageshack.us/photo/my-images/849/4ygz.png/)
Dan ternyata cocok, Microsoft Windows XP.
p0f juga bisa digunakan untuk fingerprinting file capture.
Code:
p0f -s fileSekian sharenya, mau hunting takjil dulu.
RE: Sniffing sekalian os fingerprinting - wine trochanter - 07-24-2013
nice share om, mantab nih ijin coba tar
RE: Sniffing sekalian os fingerprinting - h3cintes - 07-24-2013
bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)
pengguna baru nih..
RE: Sniffing sekalian os fingerprinting - wonosableng - 07-24-2013
(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tarmaturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)insya Allah segera menyusul, share bikin jaringannya tapi di vbox bukan vmware.
pengguna baru nih..
atau mungkin temen-temen yang lainnya mau bikin? monggo
wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini http://indonesianbacktrack.or.id/forum/showthread.php?tid=684&pid=5866&highlight=virtualbox#pid5866
di sini http://indonesianbacktrack.or.id/forum/showthread.php?tid=1822&pid=17700&highlight=virtualbox#pid17700
juga yang ini http://indonesianbacktrack.or.id/forum/showthread.php?tid=1241&pid=12424&highlight=virtualbox#pid12424
RE: Sniffing sekalian os fingerprinting - h3cintes - 07-24-2013
(07-24-2013, 10:30 PM)wonosableng Wrote:(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tarmaturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)insya Allah segera menyusul, share bikin jaringannya tapi di vbox bukan vmware.
pengguna baru nih..
atau mungkin temen-temen yang lainnya mau bikin? monggo
(07-24-2013, 10:30 PM)wonosableng Wrote:(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tarmaturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini /forum/showthread.php?tid=684&pid=5866&highlight=virtualbox#pid5866
pengguna baru nih..
di sini /forum/showthread.php?tid=1822&pid=17700&highlight=virtualbox#pid17700
juga yang ini /forum/showthread.php?tid=1241&pid=12424&highlight=virtualbox#pid12424
(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tarmaturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini /forum/showthread.php?tid=684&pid=5866&highlight=virtualbox#pid5866
pengguna baru nih..
di sini /forum/showthread.php?tid=1822&pid=17700&highlight=virtualbox#pid17700
juga yang ini /forum/showthread.php?tid=1241&pid=12424&highlight=virtualbox#pid12424
(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tarmaturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini /forum/showthread.php?tid=684&pid=5866&highlight=virtualbox#pid5866
pengguna baru nih..
di sini /forum/showthread.php?tid=1822&pid=17700&highlight=virtualbox#pid17700
juga yang ini /forum/showthread.php?tid=1241&pid=12424&highlight=virtualbox#pid12424
tx bgt bro..ini yg aku cari
RE: Sniffing sekalian os fingerprinting - wonosableng - 07-24-2013
(07-24-2013, 11:40 PM)h3cintes Wrote: tx bgt bro..ini yg aku carisama-sama, maaf ini replynya jadi dobel-dobel, internet ane lagi error.
(tolong moderator/admin untuk merapikan, thanks)
RE: Sniffing sekalian os fingerprinting - C.S - 07-25-2013
mantaappp omm..
ijin nyoba yaaakkk
RE: Sniffing sekalian os fingerprinting - wonosableng - 07-25-2013
(07-25-2013, 03:03 AM)C.S Wrote: mantaappp omm..yaakk, thanks, silahkan
ijin nyoba yaaakkk
RE: Sniffing sekalian os fingerprinting - wine trochanter - 07-29-2013
kalo spesifik target nya bisa gak om?
jadi gak melihat smuanya
RE: Sniffing sekalian os fingerprinting - wonosableng - 07-31-2013
(07-29-2013, 05:27 PM)wine trochanter Wrote: kalo spesifik target nya bisa gak om?kayaknya ga bisa om,
jadi gak melihat smuanya
kalo udah punya target spesifik ane sih biasanya pake nmap, wireshark/tshark (difilter IP nya),dsniff, lebih powerful