jodienda

1. root@kali:~# unicornscan -mU 1.1.1.3:137
2. UDP open netbios-ns[ 137] from 1.1.1.3 ttl 64
3. Main [Error chld.c:53] am i missing children?, oh well
4. root@kali:~# unicornscan -mU 1.1.1.3:1
5. Main [Error chld.c:53] am i missing children?, oh well
6. root@kali:~# unicornscan -mU 1.1.1.3:53
7. UDP open domain[ 53] from 1.1.1.3 ttl 64
8. Main [Error chld.c:53] am i missing children?, oh well
9. root@kali:~# unicornscan -mU 1.1.1.3:69
10. UDP open unknown[50832] from 1.1.1.3 ttl 64
11.  
12.  
13.  
14.  
15.  
16.  
17.  
18.  
19. root@kali:~# xprobe2 1.1.1.1
20.  
21. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
22.  
23. [+] Target is 1.1.1.1
24. [+] Loading modules.
25. [+] Following modules are loaded:
26. [x] [1] ping:icmp_ping - ICMP echo discovery module
27. [x] [2] ping:tcp_ping - TCP-based ping discovery module
28. [x] [3] ping:udp_ping - UDP-based ping discovery module
29. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
30. [x] [5] infogather:portscan - TCP and UDP PortScanner
31. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
32. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
33. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
34. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
35. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
36. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
37. [x] [12] fingerprint:smb - SMB fingerprinting module
38. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
39. [+] 13 modules registered
40. [+] Initializing scan engine
41. [+] Running scan engine
42. [-] ping:tcp_ping module: no closed/open TCP ports known on 1.1.1.1. Module test failed
43. [-] ping:udp_ping module: no closed/open UDP ports known on 1.1.1.1. Module test failed
44. [-] No distance calculation. 1.1.1.1 appears to be dead or no ports known
45. [+] Host: 1.1.1.1 is up (Guess probability: 50%)
46. [+] Target: 1.1.1.1 is alive. Round-Trip Time: 0.50074 sec
47. [+] Selected safe Round-Trip Time value is: 1.00147 sec
48. [-] icmp_port_unreach::build_DNS_reply(): gethostbyname() failed! Using static ip for www.securityfocus.com in UDP probe
49. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
50. [-] fingerprint:smb need either TCP port 139 or 445 to run
51. [-] fingerprint:snmp: need UDP port 161 open
52. [+] Primary guess:
53. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2003 Server Standard Edition" (Guess probability: 100%)
54. [+] Other guesses:
55. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2003 Server Enterprise Edition" (Guess probability: 100%)
56. [+] Host 1.1.1.1 Running OS: "Microsoft Windows XP SP2" (Guess probability: 100%)
57. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2000 Workstation" (Guess probability: 100%)
58. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2000 Workstation SP1" (Guess probability: 100%)
59. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2000 Workstation SP2" (Guess probability: 100%)
60. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2000 Workstation SP3" (Guess probability: 100%)
61. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2000 Workstation SP4" (Guess probability: 100%)
62. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2000 Server" (Guess probability: 100%)
63. [+] Host 1.1.1.1 Running OS: "Microsoft Windows 2000 Server Service Pack 1" (Guess probability: 100%)
64. [+] Cleaning up scan engine
65. [+] Modules deinitialized
66. [+] Execution completed.
67.  
68.  
69.  
70.  
71.  
72.  
73.  
74.  
75.  
76.  
77.  
78.  
79.  
80.  
81.  
82.  
83.  
84.  
85.  
86.  
87.  
88. root@kali:~# xprobe2 1.1.1.3
89.  
90. Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
91.  
92. [+] Target is 1.1.1.3
93. [+] Loading modules.
94. [+] Following modules are loaded:
95. [x] [1] ping:icmp_ping - ICMP echo discovery module
96. [x] [2] ping:tcp_ping - TCP-based ping discovery module
97. [x] [3] ping:udp_ping - UDP-based ping discovery module
98. [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
99. [x] [5] infogather:portscan - TCP and UDP PortScanner
100. [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
101. [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
102. [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
103. [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
104. [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
105. [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
106. [x] [12] fingerprint:smb - SMB fingerprinting module
107. [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
108. [+] 13 modules registered
109. [+] Initializing scan engine
110. [+] Running scan engine
111. [-] ping:tcp_ping module: no closed/open TCP ports known on 1.1.1.3. Module test failed
112. [-] ping:udp_ping module: no closed/open UDP ports known on 1.1.1.3. Module test failed
113. [-] No distance calculation. 1.1.1.3 appears to be dead or no ports known
114. [+] Host: 1.1.1.3 is up (Guess probability: 50%)
115. [+] Target: 1.1.1.3 is alive. Round-Trip Time: 0.50357 sec
116. [+] Selected safe Round-Trip Time value is: 1.00715 sec
117. [-] icmp_port_unreach::build_DNS_reply(): gethostbyname() failed! Using static ip for www.securityfocus.com in UDP probe
118. [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
119. [-] fingerprint:smb need either TCP port 139 or 445 to run
120. [-] fingerprint:snmp: need UDP port 161 open
121. [+] Primary guess:
122. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.22" (Guess probability: 100%)
123. [+] Other guesses:
124. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.23" (Guess probability: 100%)
125. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.21" (Guess probability: 100%)
126. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.20" (Guess probability: 100%)
127. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.19" (Guess probability: 100%)
128. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.24" (Guess probability: 100%)
129. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.25" (Guess probability: 100%)
130. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.26" (Guess probability: 100%)
131. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.27" (Guess probability: 100%)
132. [+] Host 1.1.1.3 Running OS: "Linux Kernel 2.4.28" (Guess probability: 100%)
133. [+] Cleaning up scan engine
134. [+] Modules deinitialized
135. [+] Execution completed.
136.  
137.  
138. EL PUTO P0F
139.  
140.  
141. root@kali:~# p0f
142. --- p0f 3.07b by Michal Zalewski <lcamtuf@coredump.cx> ---
143.  
144. [+] Closed 1 file descriptor.
145. [+] Loaded 320 signatures from 'p0f.fp'.
146. [+] Intercepting traffic on default interface 'eth0'.
147. [+] Default packet filtering configured [+VLAN].
148. [+] Entered main event loop.
149.  
150. .-[ 1.1.1.1/1041 -> 1.1.1.2/80 (syn) ]-
151. |
152. | client = 1.1.1.1/1041
153. | os = Windows NT kernel
154. | dist = 0
155. | params = generic
156. | raw_sig = 4:128+0:0:1460:mss*44,0:mss,nop,nop,sok:df,id+:0
157. |
158. `----
159.  
160. .-[ 1.1.1.1/1041 -> 1.1.1.2/80 (mtu) ]-
161. |
162. | client = 1.1.1.1/1041
163. | link = Ethernet or modem
164. | raw_mtu = 1500
165. |
166. `----
167.  
168. .-[ 1.1.1.1/1041 -> 1.1.1.2/80 (syn) ]-
169. |
170. | client = 1.1.1.1/1041
171. | os = Windows NT kernel
172. | dist = 0
173. | params = generic
174. | raw_sig = 4:128+0:0:1460:mss*44,0:mss,nop,nop,sok:df,id+:0
175. |
176. `----
177.  
178. .-[ 1.1.1.1/1041 -> 1.1.1.2/80 (mtu) ]-
179. |
180. | client = 1.1.1.1/1041
181. | link = Ethernet or modem
182. | raw_mtu = 1500
183. |
184. `----
185.  
186. .-[ 1.1.1.1/1041 -> 1.1.1.2/80 (syn) ]-
187. |
188. | client = 1.1.1.1/1041
189. | os = Windows NT kernel
190. | dist = 0
191. | params = generic
192. | raw_sig = 4:128+0:0:1460:mss*44,0:mss,nop,nop,sok:df,id+:0
193. |
194. `----
195.  
196. .-[ 1.1.1.1/1041 -> 1.1.1.2/80 (mtu) ]-
197. |
198. | client = 1.1.1.1/1041
199. | link = Ethernet or modem
200. | raw_mtu = 1500
201. |
202. `----
203.  
204. ^C[!] WARNING: User-initiated shutdown.
205.  
206. All done. Processed 6 packets.
207.  
208.  
209.  
210.  
211.  
212.  
213.  
214.  
215.  
216. root@kali:~# p0f
217. --- p0f 3.07b by Michal Zalewski <lcamtuf@coredump.cx> ---
218.  
219. [+] Closed 1 file descriptor.
220. [+] Loaded 320 signatures from 'p0f.fp'.
221. [+] Intercepting traffic on default interface 'eth0'.
222. [+] Default packet filtering configured [+VLAN].
223. [+] Entered main event loop.
224.  
225. .-[ 1.1.1.2/55822 -> 1.1.1.3/23 (syn) ]-
226. |
227. | client = 1.1.1.2/55822
228. | os = Linux 2.2.x-3.x
229. | dist = 0
230. | params = generic tos:0x04
231. | raw_sig = 4:64+0:0:1460:mss*20,5:mss,sok,ts,nop,ws:df,id+:0
232. |
233. `----
234.  
235. .-[ 1.1.1.2/55822 -> 1.1.1.3/23 (mtu) ]-
236. |
237. | client = 1.1.1.2/55822
238. | link = Ethernet or modem
239. | raw_mtu = 1500
240. |
241. `----
242.  
243. .-[ 1.1.1.2/55822 -> 1.1.1.3/23 (syn+ack) ]-
244. |
245. | server = 1.1.1.3/23
246. | os = Linux 2.6.x
247. | dist = 0
248. | params = none
249. | raw_sig = 4:64+0:0:1460:mss*4,4:mss,sok,ts,nop,ws:df:0
250. |
251. `----
252.  
253. .-[ 1.1.1.2/55822 -> 1.1.1.3/23 (mtu) ]-
254. |
255. | server = 1.1.1.3/23
256. | link = Ethernet or modem
257. | raw_mtu = 1500
258. |
259. `----
260.  
261. ^C[!] WARNING: User-initiated shutdown.
262.  
263. All done. Processed 25 packets.