.

port 5101 any idea ??

<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Wed Jul 15, 2009 5:03 am

port 5101 any idea ??

when i tried to pen testing my friend network i succeded to penetrate his master pc with metasploit with port 445

but i scanned another ip with nmap i found only 1 port opened :) 5101

what is this port and how can i exploit it via metasploit and wat is the payloads for this service

and question about metasploit how i choose the exploit and the payloads when i know the port there's many exploits for port 445 e.g how i pick specific one ?
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1251

Joined: Mon Apr 28, 2008 9:20 am

Post Wed Jul 15, 2009 5:09 am

Re: port 5101 any idea ??

Port 5101 can be associated with many services, however, only because of an open port you can't know for sure that a particular service is running on it.

e.g.
Talarian_TCP/UDP, Yahoo Messenger, ...

However, as I already recommended to you in another thread, try first to obtain some of the more basic concepts before trying to "hack your friend's master pc".
Last edited by UNIX on Wed Jul 15, 2009 5:11 am, edited 1 time in total.
<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Wed Jul 15, 2009 6:20 am

Re: port 5101 any idea ??

hmm seems like u douting me lol man im not hacking them im just testing and once i connected with metasploit its done i dont upload anything inside like trojans or smth cuz he is my friend

the 5101 port got service named as admdog dunno i think its yahoo service but how to exploit it this is the question i wonder maybe something wrong with my nmap command line ??

nmap -O -vv "ip"

cuz 1 only port in this os is weird
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 531

Joined: Sat Sep 08, 2007 7:48 pm

Post Wed Jul 15, 2009 1:43 pm

Re: port 5101 any idea ??

I'm going to back awesec on this one and say that it's most likely because your friends using Yahoo! Messenger that's why the ports open. I could be wrong but I don't know a specific exploit in the framework that targets that specific port. I don't see nothing wrong with your nmap scan, I don't know why your adding the -O parameter, if you say you penetrated the machine with a port 445 exploit, you clearly know what OS he's running. Perhaps the -sV parameter would prove useful to you in identifying the service or just find out if your friends using YIM and your guess would be proven.
<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Wed Jul 15, 2009 3:24 pm

Re: port 5101 any idea ??

hmm wat should i use instead of -O ?? -A ??

i will try -sV but i know the service is admdog dunno wats this service



another question

if i knew the port and the service how can i choose the exploit and the payload

im trying to improve my self in framwork .. i want to figure out the exploits much better
<<

LSOChris

Post Wed Jul 15, 2009 5:45 pm

Re: port 5101 any idea ??

use amap
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1251

Joined: Mon Apr 28, 2008 9:20 am

Post Thu Jul 16, 2009 12:36 am

Re: port 5101 any idea ??

When you know port, service etc. it should't be hard to search in the web for available exploits. Helpful would be of course the exact version and build numbers of the software you want to attack.
<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Sat Jul 18, 2009 9:46 am

Re: port 5101 any idea ??

can u be more specific plz e.g port 135 msrpc microsoft windows rpc

this is the service : msrpc

how can i get the exploit for it cuz as i c port 135 is in almost computers i guess

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software