> > > > >


SMB Scanning Vulnerability
h3ll0s Offline
Beginner
12 - 52
#1
03-31-2012, 10:43 PM
Dengan memanfaatkan scanning nmap, kali ini ane membuat sebuah code sederhana yang dikemas dalam Perl. Berikut codenya :

Code:
#!/usr/bin/perl
# Author       : h3ll0s
# Date         : 30 Maret 2012
# Tittle       : SMB Scanning Vulnerabillity
# Used nmap --script smb-check-vulns.nse -p445 <host>
# Spesial Thank's To : [3rr0r c0de | PasuruanCyber] [BinusHacker]
# http://www.nmap.org
# http://pastebin.com/Qdxyra2n

use strict;

system('cls','clear');
   system('title SMB Scanning.....');

      print"\n";
      print "\t//+ + + + + + + + + + + + + + + + + +//\n";
      print "\n";;
      print "\t  =    SMB Scanning Vulnerability   =\n";
      print "\n";;
      print "\t//+ + + + + + + + + + + + + + + + + +//\n";
      print "\n";;

print "Masukkan Host : ";
chomp(my $net = <STDIN>);
my $host = $net;
print "Menunggu Proses Scan\n";
print "$host\n";
`nmap --script smb-check-vulns.nse -p445 '$host' >> hasil.txt`;
print "Selesai\n";

jika sudah menjalankan code tersebut, maka akan membuat sebuah output laporan scanning. Yaitu yang bernama "hasil.txt"

ini adalah hasil.txt
Code:
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-03-31 21:17 WIT
Nmap scan report for 192.168.20.2
Host is up (0.00067s latency).
PORT    STATE SERVICE
445/tcp open  microsoft-ds
MAC Address: 08:00:27:8C:B8:51 (Cadmus Computer Systems)

Host script results:
| smb-check-vulns:
|   MS08-067: LIKELY VULNERABLE (host stopped responding)
|   Conficker: UNKNOWN; got error NT_STATUS_WERR_INVALID_PARAMETER (srvsvc.netpathcanonicalize)
|   regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
|   SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)
|   MS06-025: CHECK DISABLED (remove 'safe=1' argument to run)
|_  MS07-029: CHECK DISABLED (remove 'safe=1' argument to run)

Nmap done: 1 IP address (1 host up) scanned in 0.82 seconds

ternyata target memiliki vulnerability pada ms08_067 :badpc:

sekarang kita buka metasploit pro dan search ms08_067

Code:
root@h3ll0s:~#msfpro
[*] Please wait while the Metasploit Pro Console initializes...

[*] Starting Metasploit Console...

     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||


         =[ metasploit v4.1.1-release [core:4.1 api:1.0]
+ -- --=[ 807 exploits - 476 auxiliary - 139 post
+ -- --=[ 246 payloads - 27 encoders - 8 nops
[*] Successfully loaded plugin: pro
msf >search ms08_067
Matching Modules
================

   Name                                 Disclosure Date  Rank   Description
   ----                                 ---------------  ----   -----------
   exploit/windows/smb/ms08_067_netapi  2008-10-28       great  Microsoft Server Service Relative Path Stack Corruption
msf >selamat melanjutkan

download SMB_Scanning

Document 1
Document 2
Bagi pengguna Win**ws, ane kasih link untuk menutup vulnerability pada ms08_067. Silahkan download dan install patch, ini asli dari M******ft

Download Patch
(This post was last modified: 03-31-2012, 10:47 PM by h3ll0s.)  
Website Find
Reply

iKONspirasi Offline
Sysadmin
56 - 2,544
#2
04-01-2012, 04:41 AM
thx udah share tentang nmap skrip smb vuln-nya dan skrip perl-nya jg bro

+2 dari ane Big Grin
I'm @ikonspirasi - Facebook
Personal blog: http://ikonspirasi.net
 
Website Find
Reply

f4st3r_d0wn Offline

0 - 4
#3
04-01-2012, 08:09 PM
terimasih om .. nice post om ....izin praktek nih
 
Find
Reply

h3ll0s Offline
Beginner
12 - 52
#4
04-02-2012, 06:28 AM
terima kasih om +2 nya Angel

update lebih detail dan pembhasan vulnerbility ms08_067
 
Website Find
Reply






Users browsing this thread: 1 Guest(s)