Posts: 66
Threads: 7
Joined: May 2013
Biasanya, untuk sniffing dan os fingerprinting jaringan kita gunakan tools yang berbeda, yaitu wireshark (sniffing) dan nmap (os fingerprinting). Ternyata 2 kegiatan itu bisa dilakukan dengan p0f.
Code: root@bumi:~# p0f -h
p0f: invalid option -- 'h'
Usage: p0f [ -f file ] [ -i device ] [ -s file ] [ -o file ]
[ -w file ] [ -Q sock [ -0 ] ] [ -u user ] [ -FXVNDUKASCMROqtpvdlrx ]
[ -c size ] [ -T nn ] [ -e nn ] [ 'filter rule' ]
-f file - read fingerprints from file
-i device - listen on this device
-s file - read packets from tcpdump snapshot
-o file - write to this logfile (implies -t)
-w file - save packets to tcpdump snapshot
-u user - chroot and setuid to this user
-Q sock - listen on local socket for queries
-0 - make src port 0 a wildcard (in query mode)
-e ms - pcap capture timeout in milliseconds (default: 1)
-c size - cache size for -Q and -M options
-M - run masquerade detection
-T nn - set masquerade detection threshold (1-200)
-V - verbose masquerade flags reporting
-F - use fuzzy matching (do not combine with -R)
-N - do not report distances and link media
-D - do not report OS details (just genre)
-U - do not display unknown signatures
-K - do not display known signatures (for tests)
-S - report signatures even for known systems
-A - go into SYN+ACK mode (semi-supported)
-R - go into RST/RST+ACK mode (semi-supported)
-O - go into stray ACK mode (barely supported)
-r - resolve host names (not recommended)
-q - be quiet - no banner
-v - enable support for 802.1Q VLAN frames
-p - switch card to promiscuous mode
-d - daemon mode (fork into background)
-l - use single-line output (easier to grep)
-x - include full packet dump (for debugging)
-X - display payload string (useful in RST mode)
-C - run signature collision check
-t - add timestamps to every entry
'Filter rule' is an optional pcap-style BPF expression (man tcpdump).
Saya praktekkan di jaringan lokal laptop saya dengan virtualbox. Host Kali, guest Windows XP yang penampakannya
![[Image: zon.png]](http://img199.imageshack.us/img199/8375/zon.png)
Keduanya saya sambungkan dengan wlan. IP wlan host = ip gateway guest = 10.42.0.1.
![[Image: tsww.png]](http://img24.imageshack.us/img24/746/tsww.png)
Sekarang saya akan gunakan p0f.
![[Image: 2nxy.png]](http://img838.imageshack.us/img838/6800/2nxy.png)
Code: 10.42.0.64:1249 - Windows XP/2000 (RFC1323+, w+, tstamp-) [GENERIC]
Signature: [65535:128:1:52:M1460,N,W1,N,N,S:.:Windows:?]
-> 173.194.126.126:443 (distance 0, link: ethernet/modem)
10.42.0.64 adalah ip guest.
Windows XP/2000 adalah os nya.
Guest browsing 173.194.126.126. Coba kita lihat buka apa dia?
![[Image: d4vs.png]](http://img849.imageshack.us/img849/3888/d4vs.png)
Ternyata sowan ke mbah gugel.
Kita crosscheck pakai wireshark apa benar 10.42.0.64 (guest) mengakses 173.194.126.126? Ini capturenya
![[Image: k148.png]](http://img197.imageshack.us/img197/363/k148.png)
Sekalian kita buka nmap crosscheck apa os yang dia gunakan
![[Image: 4ygz.png]](http://img849.imageshack.us/img849/8919/4ygz.png)
Dan ternyata cocok, Microsoft Windows XP.
p0f juga bisa digunakan untuk fingerprinting file capture.
Sekian sharenya, mau hunting takjil dulu.
Posts: 929
Threads: 141
Joined: Jul 2011
nice share om, mantab nih ijin coba tar 
ada kodok teroret teroret dipinggir kali terorret teroret mencari makan teroret teroret setiap pagi teroret teroret
visit: http://warungiso.blogspot.com/
I was not smart or special but I was unix
Posts: 2
Threads: 0
Joined: Dec 2011
bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)
pengguna baru nih.. 
Posts: 66
Threads: 7
Joined: May 2013
(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tar maturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)
pengguna baru nih.. insya Allah segera menyusul, share bikin jaringannya tapi di vbox bukan vmware.
atau mungkin temen-temen yang lainnya mau bikin? monggo
wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini http://indonesianbacktrack.or.id/forum/s...ox#pid5866
di sini http://indonesianbacktrack.or.id/forum/s...x#pid17700
juga yang ini http://indonesianbacktrack.or.id/forum/s...x#pid12424
(This post was last modified: 07-24-2013, 11:46 PM by ino_ot.)
Posts: 2
Threads: 0
Joined: Dec 2011
(07-24-2013, 10:30 PM)wonosableng Wrote: (07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tar maturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)
pengguna baru nih.. insya Allah segera menyusul, share bikin jaringannya tapi di vbox bukan vmware.
atau mungkin temen-temen yang lainnya mau bikin? monggo
(07-24-2013, 10:30 PM)wonosableng Wrote: (07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tar maturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)
pengguna baru nih.. wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini /forum/showthread.php?tid=684&pid=5866&highlight=virtualbox#pid5866
di sini /forum/showthread.php?tid=1822&pid=17700&highlight=virtualbox#pid17700
juga yang ini /forum/showthread.php?tid=1241&pid=12424&highlight=virtualbox#pid12424
(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tar maturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)
pengguna baru nih.. wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini /forum/showthread.php?tid=684&pid=5866&highlight=virtualbox#pid5866
di sini /forum/showthread.php?tid=1822&pid=17700&highlight=virtualbox#pid17700
juga yang ini /forum/showthread.php?tid=1241&pid=12424&highlight=virtualbox#pid12424
(07-24-2013, 05:29 PM)wine trochanter Wrote: nice share om, mantab nih ijin coba tar maturnuwun, monggo pak dokter.
(07-24-2013, 07:44 PM)h3cintes Wrote: bro,mau tanya gimana caranya bikin jaringan lokal dengan Vmware seperti yg brobikin itu ya ...(untuk praktek hacking)
pengguna baru nih.. wah, ane ga pake vmware, untuk bikin di vbox gampang kok, sudah ada sih di sini /forum/showthread.php?tid=684&pid=5866&highlight=virtualbox#pid5866
di sini /forum/showthread.php?tid=1822&pid=17700&highlight=virtualbox#pid17700
juga yang ini /forum/showthread.php?tid=1241&pid=12424&highlight=virtualbox#pid12424
tx bgt bro..ini yg aku cari 
Posts: 66
Threads: 7
Joined: May 2013
(07-24-2013, 11:40 PM)h3cintes Wrote: tx bgt bro..ini yg aku cari sama-sama, maaf ini replynya jadi dobel-dobel, internet ane lagi error.
(tolong moderator/admin untuk merapikan, thanks)
Posts: 147
Threads: 9
Joined: Jun 2013
mantaappp omm..
ijin nyoba yaaakkk
Posts: 66
Threads: 7
Joined: May 2013
(07-25-2013, 03:03 AM)C.S Wrote: mantaappp omm..
ijin nyoba yaaakkk yaakk, thanks, silahkan
Posts: 929
Threads: 141
Joined: Jul 2011
kalo spesifik target nya bisa gak om?
jadi gak melihat smuanya
ada kodok teroret teroret dipinggir kali terorret teroret mencari makan teroret teroret setiap pagi teroret teroret
visit: http://warungiso.blogspot.com/
I was not smart or special but I was unix
Posts: 66
Threads: 7
Joined: May 2013
(07-29-2013, 05:27 PM)wine trochanter Wrote: kalo spesifik target nya bisa gak om?
jadi gak melihat smuanya kayaknya ga bisa om,
kalo udah punya target spesifik ane sih biasanya pake nmap, wireshark/tshark (difilter IP nya),dsniff, lebih powerful
|
![[Image: zon.png]](http://imageshack.us/photo/my-images/199/zon.png/)
![[Image: tsww.png]](http://imageshack.us/photo/my-images/24/tsww.png/)
![[Image: 2nxy.png]](http://imageshack.us/photo/my-images/838/2nxy.png/)
![[Image: d4vs.png]](http://imageshack.us/photo/my-images/849/d4vs.png/)
![[Image: k148.png]](http://imageshack.us/photo/my-images/197/k148.png/)
![[Image: 4ygz.png]](http://imageshack.us/photo/my-images/849/4ygz.png/)
