How to enable port 80 on windows xp?

Viewing 9 reply threads
  • Author
    Posts
    • #7705
      skorpinok
      Participant

      Hello,
                How to enable port 80 in windows xp sp2 virtual machine, i have bactrack 5R2 & when i run an nmap scan against my xp machine i dont see port 80, please help me with this.

      Nmap scan report for 192.168.56.102
      Host is up (0.00052s latency).
      Not shown: 997 closed ports
      PORT    STATE SERVICE
      135/tcp open  msrpc
      139/tcp open  netbios-ssn
      445/tcp open  microsoft-ds
      MAC Address: 08:00:27:3C:9B:C3 (Cadmus Computer Systems)

      Regards
      skorpinok

    • #48050
      shadowzero
      Participant

      A port opens up when there’s a service listening on it. In this case, port 80 is usually open if you have a webserver running on the machine. If you’re just playing around with nmap, then you can use netcat to listen on port 80 so nmap sees it as open. Of course if you plan on playing with exploits that specifically attack a webserver, you’ll need to install the actual webserver to get it working.

    • #48051
      skorpinok
      Participant

      Thank you..

    • #48052
      CrazyTalk
      Participant

      In addition to shadow’s response, an easy server to put out with a minimum of fuss is to get the XAMP suite from apachedfriends.org.

      What I did when first starting was to just drop it on my VM, start it up and start hitting it.  Then I started to apply hardening measures until the easy stuff wouldn’t work.  After that you can search for new vulnerabilities and get creative.

      regards

      CT

    • #48053
      cyber.spirit
      Participant

      You can add iis webserver on ur window xp machine it opens and listens port 80 besides its so easily

      Check it:
      http://www.webwiz.co.uk/kb/asp-tutorials/installing-iis-winXP-pro.htm

    • #48054
      Triban
      Participant

      Webgoat is a fun thing to run on an XP system, basically turns it into a vulnerable web server running on Apache I think.  Run the exe and boom you have a web server to attack, to close it down, stop the app and you are back to normal. 

      You can throw IIS on if you want to go more specific with learning Windows based Webservers.  It isn’t really IIS in WinXP, but it is the Web Services.  Very limited version of IIS.  Designed mostly for putting up quick and dirty pages or even for testing basic web development.

    • #48055
      cyber.spirit
      Participant

      i agree with webgoat but if he has winxp i think the exploit must be for iis

    • #48056
      Triban
      Participant

      If he is just playing around with nmap to learn it really doesn’t matter what the web server is running.  I go with Webgoat because it is designed with flaws.  The Win XP webserver is close to IIS but missing a ton of features.  The best bet for learning to pen test IIS is to grab an eval copy of Windows 2008 and build a web server on IIS 7.  This way he will learn first how to build a Windows web server and then work toward hardening it as he is testing against it.  Sadly there are not that many publicly known exploits for IIS 7.  Webgoat is a nice quick and dirty web server that requires little setup.  Run the exe and boom, server is up, proceed to testing.

    • #48057
      skorpinok
      Participant

      Great thanks guy’s for all your’s really helpful suggestions,  i will try with webgoat..& how about Mutillidae ? is that any good for practice ? can i install it on windows xp ?

      Best Regards
      Skorpinok.

    • #48058
      shadowzero
      Participant

      @skorpinok wrote:

      Great thanks guy’s for all your’s really helpful suggestions,  i will try with webgoat..& how about Mutillidae ? is that any good for practice ? can i install it on windows xp ?

      Best Regards
      Skorpinok.

      Yes, the website tells you that: http://sourceforge.net/projects/mutillidae/ Quickest way to set it up is to just install XAMPP.

Viewing 9 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?