|
 | 作者: bird [huoniao]
 论坛用户 |
登录 |
| 请问3389端口开放着, 能暴力获取用户密码吗? |
| 地主 发表时间: 04-02-20 12:34 |
 | 回复: bridex [bridex]  论坛用户 |
登录 |
|
看客户端的用户名和密码输入这两项是可以的. 用户guest不可登陆.[guest是管理除外] 知道管理员用户名就行 然后就试试密码 大部分是administrator或是许多简单的密码 有时在国内的3389各人用户机上密码为空也可蒙进. 大部分靠运气,破解速度不如ipc$连接快和成功率高.而且极浪费网速. 但,只要有3389客户端连接软件就可以....方便了win2000以下系统的用户使用. 全属孤寡之见...就当灌水贴看好了. 不要做坏事就行 |
| B1层 发表时间: 04-02-20 13:13 |
| 回复: bird [huoniao] 论坛用户 |
登录 |
|
没那末简单的 X-Scan v2.3 检测报告 [扫描结果索引]:xx.xx.xx.xx 路由信息 开放端口 Snmp信息 SSL漏洞 RPC漏洞 SQL-Server弱口令 FTP弱口令 NT-Server弱口令 SMTP漏洞 POP3弱口令 CGI漏洞 IIS漏洞 BIND漏洞 Finger漏洞 Sygate漏洞 [NetBios信息] 远程注册表信息 服务器信息 主域控制器名称 网络传输列表 网络会话列表 网络服务器列表 网络磁盘列表 网络共享资源列表 网络用户列表 本地组列表 组列表 网络文件列表 计划任务列表 网络映射列表 -------------------------------------------------------------------------------- 详细资料 [路由信息] 01 0040 ms - 218.5.254.1 02 timeout - * 03 timeout - * 04 timeout - * -------------------------------------------------------------------------------- [开放端口] 端口21开放: FTP (Control) [Banner] 220 Serv-U FTP Server v4.2 for WinSock ready... [End of banner] 端口25开放: SMTP, Simple Mail Transfer Protocol [Banner] 220 ESMTP on WebEasyMail [3.5.3.1] ready. http://www.51webmail.com [End of banner] 端口26开放: Unassigned [Banner] 220 sandriver Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 ready at Fri, 20 Feb 2004 12:10:07 +0800 [End of banner] 端口80开放: HTTP, World Wide Web [Banner] HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Content-Location: http://192.168.1.82/index.htm Date: Fri, 20 Feb 2004 04:10:43 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Tue, 16 Dec 2003 02:49:26 GMT ETag: "b0244387fc3c31:1a96" Content-Length: 1018 [End of banner] 端口110开放: Pop3, Post Office Protocol - Version 3 [Banner] +OK POP3 on WebEasyMail [3.5.3.1] ready. http://www.51webmail.com [End of banner] 端口1433开放: Microsoft-SQL-Server [Banner] [None] [End of banner] 端口3389开放: Windows 2000 remote admin [Banner] [None] [End of banner] 插件类型: PORT 插件成员名称: 开放端口 插件作者: glacier 插件版本: 1.7 风险等级: 低 漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎 -------------------------------------------------------------------------------- [Snmp信息] Snmp口令: public [Snmp系统信息]: sysDescr.0 = Hardware: x86 Family 15 Model 2 Stepping 7 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free) sysUpTime.0 = 79 Days, 23 Hours, 21 Minutes, 46 Seconds sysContact.0 = sysName.0 = SANDRIVER sysLocation.0 = sysServices.0 = 76 [Snmp界面信息]: ifNumber.0 = 2 ifIndex.0 = 1 ifDescr.0 = MS TCP Loopback interface ifType.0 = Loopback ifMtu.0 = 1500 ifSpeed.0 = 10000000 ifPhysicalAddress.0 = ifAdminStatus.0 = Working normally ifOperStatus.0 = Working normally ifLastChange.0 = 0 ifInOctets.0 = 1246011 ifInUcastPkts.0 = 23703 ifInNUcastPkts.0 = 0 ifInDiscards.0 = 0 ifInErrors.0 = 0 ifInUnknownProtos.0 = 0 ifOutOctets.0 = 1246011 ifOutUcastPkts.0 = 23703 ifOutNUcastPkts.0 = 0 ifOutDiscards.0 = 0 ifOutErrors.0 = 0 ifOutQLen.0 = 0 ifIndex.1 = 2 ifDescr.1 = Intel(R) PRO Adapter ifType.1 = Ethernet Network ifMtu.1 = 1500 ifSpeed.1 = 100000000 ifPhysicalAddress.1 = ifAdminStatus.1 = Working normally ifOperStatus.1 = Working normally ifLastChange.1 = 0 ifInOctets.1 = 1080980172 ifInUcastPkts.1 = 4259138 ifInNUcastPkts.1 = 162167 ifInDiscards.1 = 0 ifInErrors.1 = 0 ifInUnknownProtos.1 = 0 ifOutOctets.1 = 987356809 ifOutUcastPkts.1 = 5318055 ifOutNUcastPkts.1 = 60151 ifOutDiscards.1 = 0 ifOutErrors.1 = 0 ifOutQLen.1 = 0 [Snmp-IP信息]: Address Net_Mask Bcast_Address Reasm_Max_Size 127.0.0.1 255.0.0.0 1 65535 192.168.1.81 255.255.255.0 1 65535 192.168.1.82 255.255.255.0 1 65535 [Snmp-TCP信息]: State Local Remote LISTEN 0.0.0.0: 21 0.0.0.0: 35000 LISTEN 0.0.0.0: 25 0.0.0.0: 18469 LISTEN 0.0.0.0: 26 0.0.0.0: 59526 LISTEN 0.0.0.0: 80 0.0.0.0: 51393 LISTEN 0.0.0.0: 110 0.0.0.0: 34857 LISTEN 0.0.0.0: 135 0.0.0.0: 26744 LISTEN 0.0.0.0: 445 0.0.0.0: 26797 LISTEN 0.0.0.0: 1025 0.0.0.0: 26872 LISTEN 0.0.0.0: 1027 0.0.0.0: 10397 LISTEN 0.0.0.0: 1038 0.0.0.0: 43126 LISTEN 0.0.0.0: 1433 0.0.0.0: 59641 LISTEN 0.0.0.0: 1468 0.0.0.0: 10241 LISTEN 0.0.0.0: 1470 0.0.0.0: 18602 LISTEN 0.0.0.0: 1473 0.0.0.0: 18612 LISTEN 0.0.0.0: 1479 0.0.0.0: 18586 LISTEN 0.0.0.0: 2433 0.0.0.0: 35052 LISTEN 0.0.0.0: 3372 0.0.0.0: 26723 LISTEN 0.0.0.0: 3389 0.0.0.0: 51403 LISTEN 127.0.0.1: 43958 0.0.0.0: 18442 ESTABLISHED 192.168.1.81: 80 211.114.189.28: 3764 TIME_WAIT 192.168.1.81: 80 218.5.254.49: 3163 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4219 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4220 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4255 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4257 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4258 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4259 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4265 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4276 CLOSE_WAIT 192.168.1.81: 80 218.18.40.87: 4286 LISTEN 192.168.1.81: 139 0.0.0.0: 34954 ESTABLISHED 192.168.1.81: 1479 209.249.114.107: 80 TIME_WAIT 192.168.1.82: 80 218.5.254.49: 3185 [Snmp-UDP信息]: Address Port 0.0.0.0 135 0.0.0.0 161 0.0.0.0 445 0.0.0.0 1434 0.0.0.0 2023 0.0.0.0 2435 0.0.0.0 2436 0.0.0.0 2437 0.0.0.0 3456 127.0.0.1 7255 127.0.0.1 7299 192.168.1.81 137 192.168.1.81 138 192.168.1.81 500 192.168.1.82 500 [Snmp-Wins用户列表]: Guest SQLDebugger Administrator IUSR_SANDRIVER IWAM_SANDRIVER TsInternetUser 插件类型: SNMP 插件成员名称: Snmp信息 插件作者: glacier 插件版本: 1.0 风险等级: 高 漏洞描述: "安全焦点"漏洞搜索引擎 "安全焦点"漏洞利用程序搜索引擎 -------------------------------------------------------------------------------- [SSL漏洞] -------------------------------------------------------------------------------- [RPC漏洞] -------------------------------------------------------------------------------- [SQL-Server弱口令] -------------------------------------------------------------------------------- [FTP弱口令] -------------------------------------------------------------------------------- [NT-Server弱口令] -------------------------------------------------------------------------------- [NetBios信息] -------------------------------------------------------------------------------- [SMTP漏洞] Timeout, terminated by force. -------------------------------------------------------------------------------- [POP3弱口令] -------------------------------------------------------------------------------- [CGI漏洞] -------------------------------------------------------------------------------- [IIS漏洞] -------------------------------------------------------------------------------- [BIND漏洞] -------------------------------------------------------------------------------- [Finger漏洞] -------------------------------------------------------------------------------- [Sygate漏洞] -------------------------------------------------------------------------------- 扫描全部完成 [此贴被 bird(huoniao) 在 02月20日16时01分 编辑过] |
| B2层 发表时间: 04-02-20 16:00 |
| 回复: lixing6841 [lixing6841]  论坛用户 |
登录 |
|
3389不会有怎么厉害的吧 现在的3389软件不是那么简单了  |
| B3层 发表时间: 04-02-26 14:47 |
 | 回复: hnex [hnex]  论坛用户 |
登录 |
|
开放了3389很好办,干嘛要用暴力,自己利用这个漏洞建立用户不就行了吗?当然还得升级权限。 |
| B4层 发表时间: 04-02-26 14:56 |
| 回复: newmyth21 [newmyth21]  论坛用户 |
登录 |
这样的文章太多了,找找看,没有一堆也有两堆啊 |
| B5层 发表时间: 04-02-26 15:08 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 菜鸟乐园 标题: 又是3389???