This topic contains 6 replies, has 4 voices, and was last updated by 
-
Posts
-
Ello all. I have an odd question. I was watching a video on how to do the de-ice lvl 1.110 challenge because i am having issues with the image working correctly in vmplayer. However, i did not watch any of the actual how to. i just watched up to a point to ensure i wasnt crazy. Here is my odd question.
He/she performs a ncat 192.168.1.110 21 and the following shows up:
vsFTPd2.0.4
he/she then states that this is important to know
then ncat 192.168.1.110 22:
OPENSSH_4.x
ncat 192.168.1.110 80:
Allows: Get,Post,Options,Head,Trace
So why is it so vital to know that the server is running vsFTPd2.0.4 or openssh?? to me its just saying that it has ftp and ssh on it. no big deal? what is it about those versions im not aware of?
Thanks
-
I also googled the version numbers and not finding out what is so great about them haha
-
@The New LT72884 wrote:
So why is it so vital to know that the server is running vsFTPd2.0.4 or openssh?? to me its just saying that it has ftp and ssh on it. no big deal? what is it about those versions im not aware of?
IIRC, service version is not important (for determining possible exploits), it’s that those services are available to connect to.
-
As mowgli noted, in this case, the key importance is in that you know the services are there.
The version IS important to grab, as a habit, though, where you can, as often times that’ll lead you to a known exploit vector, etc.
-
Interesting. ok that makes more sense to me. I know that they are available to connect to, but the only problem is… how can i connect if i have no user name or password. I wish ftp was like routers where there was a basic log in like admin admin haha.
I do not want to watch the movie or askfor spoilers AT ALL!!! so please dont tell me any. I just dont no exactly where to look or research in my books. haha
thansk much and ill keep this thread open in case i run into an issue
-
ok, so after like a 30 second exhausting, tiring google search, i discovered that there are 2 default usernames… ftp or anonymous with no password. this is used for most public servers according to microsoft and iis. it just “allows” “basic” options. so lets see if this server allows default username. dun dun dun. if it does, then ill browse around and be like “i have no idea what im looking for” hahaha
-
The first phase of hacking is information gathering
the information that you collect will be useful during
other phases of hacking for exploiting and password crack
social engineering and etc.in order to exploit a service you need to know 3 things about your target:
1- The Operating system and it’s version (Windows server 2008 r2 for example)
2- The server’s version for example IIS 7.5 (your answer is here!!)
3- the patch level of the serverSome exploits can be launched only for vsFTPd2.0.4 (for example)
and other exploits can only be launched for vsFTPd2.0.1 so knowing the version i REALLY important!
You must be logged in to reply to this topic.
