jjlhlianfangzhizaoportmap
PortMap 时间:2021-04-03 阅读:(
)
InternetScanningCurrentStateandLessonsLearnedMarkSchloesser-Rapid7Labs@BlackHatUSA-August6th2014MarkSchloesserTwitter@repmovsbSecurityResearcheratRapid7LabsCoredeveloperforCuckooSandboxResearchonbotnets,malwareLotsofsmallersideprojects,dexlabs.
org(Android),honeypots,protocols$idQuickRecapInternetScanningIntro/History/Motivation/Ethics/etcProjectSonarResearch/FindingsAssetdiscoveryexampleusecaseOutlineLargescalescanningInternetwidedata-gatheringInternet-widescanningInternetMappingProject,BellLabs/Lumeta,1998+IPv4Census2003-2006EFFSSLObservatory2014InternetCensus2012(thebotnet)ShodanRIPEAtlas(slightlydifferent)Critical.
IO,2012-2013UniversityofMichiganShadowserverErrataSec(R.
Graham/masscan)Rapid7,ProjectSonarResearch/FindinghistoryTop3UPnPsoftwarestackscontainvulnerabilities/areexploitableMostwidespreadserviceontheInternet,millionsofdevicesaffected,patchrateslowuntiltodayIPMIServerManagementProtocolvulnerabilitiesServerManagementControllersauth-bypassandothervulnsWidespreadmisconfigurationsNTPDDoSamplificationproblemsknownsince2010OpenRecursors,OpenSMTPrelays,ElasticSearchinstances,etcMiningPsandQs,UMich/UCSDWeakkeysusedforSSLcommunicationusername=sapassword=Masterkey2011LicenseCheck=DefneDSN=sms;UID=XXX;PWD=XXXsys;DSN=GeoXXX;UID=XXX;PWD=XXXsys;8383passwordh4ve@gr8d3y--daemon--port8020--socks5--s_userWindows--s_passwordSystemXXXX/ssh/auth=password/user=admin/passwd=admin_p@s$wordhttp://a.
b.
c/manage/retail_login.
php3ms_id=14320101&passwd=7325a.
b.
c.
d:3389--useradministrator--passpassw0rd123SNMP–listprocesses,getcredentialsTelnet:RouterShells10,000+Routersdon'tevenbotherwithpasswordsjiuyuan_bt_nm_ah>jiyougongsi>jjcaisanxiaoxue>jjda>jjdc>jjgd>jjlhlianfangzhizao>jjpzx>jjshhshengangzhizao>jjxjy>jjxy>jjxz>jjyljuda>jkx_sdl>jnszy_2692>joelsmith>jsyh>jt_net>jtic>jx123>jzglkyzz>kashiwa>kbbmetro>kd-ip>mp1700-kslp>mp1700E>mp1762>mp2600e>mp2692>mp2700>msk-cat3>mty-3500-1>multivoice01>mvy-rtr-01>mx-fdc-dmz1>mx-frtsw01>mx-frtsw02>nak2ama-east-ps>nak2ama-north-ps>nak2ama-ps>nak2ama-south-ps>nak2ama-west-ps>naldi>nanchang2621>nanquc3550-02>nanshigaosu_A5>narashino>nayana2>telnet@AYRS-CES2k-1>telnet@AdminVideoSW1>telnet@BBG>telnet@BEL-WIFI-1>telnet@BGLWANSW01>telnet@BGLWANSW02>telnet@BI-RX-1>telnet@BI-Solsi>telnet@BIGION-CORE-1>telnet@BR2-NET1-MLXe>telnet@BRCD-ADX-2>telnet@BSI01>telnet@Backbone_Backup>telnet@BigIronRX-4Router>telnet@BigIronRX-8Router>telnet@BigIronRouter>telnet@Bloco.
A1.
Core>telnet@Bloco.
B.
Core>telnet@Border40G-1>telnet@Brocade_ABA_1>telnet@CHD-BOU-CO-2>telnet@CON-LONFESX4801>telnet@CON-LONFESX4802>S1-DNS-3560-NSGK>3,000+WindowsCEdevicesdropCMDshellsTelnet:WindowsCEShellsWelcometotheWindowsCETelnetServiceonWindowsCEPocketCMDv5.
0\>WelcometotheWindowsCETelnetServiceonITPPocketCMDv5.
0\>WelcometotheWindowsCETelnetServiceonWindowsCEPocketCMDv6.
00\>WelcometotheWindowsCETelnetServiceonWindowsCEPocketCMDv4.
20\>WelcometotheWindowsCETelnetServiceonPicoCOM2-SielaffPocketCMDv6.
00\>WelcometotheWindowsCETelnetServiceonWindowsCEPocketCMDv4.
10\>WelcometotheWindowsCETelnetServiceonG4-XRCPocketCMDv5.
0\>WelcometotheWindowsCETelnetServiceonHMI_PanelPocketCMDv5.
0\>WelcometotheWindowsCETelnetServiceonG4-XFCPocketCMDv5.
0\>WelcometotheWindowsCETelnetServiceonPELOADPocketCMDv6.
00\>WelcometotheWindowsCETelnetServiceonMCGSPocketCMDv5.
0\>WelcometotheWindowsCETelnetServiceonDb1200PocketCMDv5.
0\>WelcometotheWindowsCETelnetServiceonVEUIICEPocketCMDv6.
00\>WelcometotheWindowsCETelnetServiceonBorneCebus/HorusPocketCMDv6.
00\>3,000+LinuxsystemsdroptorootTelnet:LinuxShellsMontaVista(R)Linux(R)ProfessionalEdition4.
0.
1(0502020)Linux/armv5tejlWelcometelnetroot@~#Localsystemtime:SunMay2004:12:49UTC2012root:#root@(unknown):/#root@routon-h1:/#root@umts_spyder:/#root@vanquish_u:/#root@smi:/#root@dinara_cg:/#root@BCS5200:/#root@edison:/#root@umts_yangtze:/#root@cdma_spyder:/#root@vanquish:/#root@scorpion_mini:/#root@qinara:/#sh-3.
00#Licenseplatereaders,ontheinternet,viaTelnetATZP372applicationAug29200816:07:45P372RAM:128M@128MEPROM:512kFlexcapabilities003fCamerafirmware:4.
34362ANPRenabledfor:USALouisiana.
Installedoptions:00220018*.
.
.
CompactFlash*.
.
.
BasicVESwithnosecurity*.
.
.
USALicenceplaterecognition*PIPSTechnologyAUTOPLATE(tm)licenseplaterecognition*VES-(violationenforcementsystem)Telnet:otherstuffSerialPortServersDevicesthatmakenetwork-disableddevicesintonetwork-enabledones.
Doesn'tsoundlikeagoodidea…Mostcommonaccessconfig(authenticated/encryptedmethodsavailable):Unauthenticatedclear-textTCPmultiplexportsUnauthenticatedTCPpass-throughportsExampleRemoteSerialPortsIPTVHeadendsystem,sometimesleftlogged-inElasticSearch,codeexecutionisafeatureBydefaultallows"dynamicscripting",executingcodeontheserverNotavulnerability,justmisconfigurationwhenservedonapublicIPwithoutfiltering/protectionOfcoursenottheonlyexample,seeMongoDB,andallotherSQLDBswithoutauthordefaultcredentialsFindingissuesandraisingawarenessaboutthemisimmenselyvaluable.
Rapid7LabsstartsProjectSonar(announcedbyHDatDerbycon2013)443/TCP-SSLCertificates80/TCP–HTTPGET/(IPvhost)ReverseDNS(PTRrecords)ForwardDNS(A/AAAA/ANYlookups)OtherSSLcertificatesources,STARTTLS,etcSeveralUDPprobesUPnP,IPMI,NTP,NetBios,MDNS,MSSQL,Portmap,SIP,etcSonar–Dataoverview443/TCP-SSLCertificates–weekly~40Mopenports,~25MSSLcerts,~55GBin100kdevicesexposedSomefalloutfrompreviousSupermicro/IPMI/BMCpublications(stillgivingawayroot…)Otherrecentfindings–indisclosureprocessUsescanningdatatobuildlookupdatabasesforIPsandnamesStartwithanarrayofdomainnamesandCIDRsandgenerateareportofassociatedassets/relevantdataQuickLivedemoforRapid7ExampleUse-CaseAssetDiscoveryMakedataavailabletotheSecuritycommunityCollaborationwithUniversityofMichiganRawScandatapublishedathttp://scans.
io/Historicalupload(critical.
io,Michigandata)Almost-real-timeuploadofrawscanoutputCollaborationishighlyimportanthttp://scans.
io/TheInternetisbroken.
Widespreadbugs,vulnerabilities,misconfigurationsWeakcredentialsLostandforgottendevices,embeddedhardwarepilingupwithoutupdatepossibilitiesWe'renotimprovingtheoverall"stateofsecurity"Can'tstressenoughtheimportanceofawarenessandvisibilityInternetscanningisapowerfultoolthatcandoalotofgoodforthecommunityIdentify/quantifyvulnerabilities,buildawarenessbeforetheyaremisusedMeasureimprovementscontinuouslyCollaborationisessentialfordatacollectionandanalysisMovingforwardZMapathttp://zmap.
io/ZMapBestPracticeshttps://zmap.
io/documentation.
html#bestpracticesJ.
AlexHaldermanon"FastInternet-wideScanninganditsSecurityApplications"at30C3(Germany)HDMoore'skeynote"ScanningDarkly"atDerbycon2013http://sonar.
labs.
rapid7.
com/MakesuretoalsocheckoutThanks!
Rapid7LabsMarkSchloessermark_schloesser@rapid7.
com@repmovsb
ftlcloud怎么样?ftlcloud(超云)目前正在搞暑假促销,美国圣何塞数据中心的云服务器低至9元/月,系统盘与数据盘分离,支持Windows和Linux,免费防御CC攻击,自带10Gbps的DDoS防御。FTL-超云服务器的主要特色:稳定、安全、弹性、高性能的云端计算服务,快速部署,并且可根据业务需要扩展计算能力,按需付费,节约成本,提高资源的有效利用率。点击进入:ftlcloud官方网站...
官方网站:点击访问亚州云活动官网活动方案:地区:美国CERA(联通)CPU:1核(可加)内存:1G(可加)硬盘:40G系统盘+20G数据盘架构:KVM流量:无限制带宽:100Mbps(可加)IPv4:1个价格:¥128/年(年付为4折)购买:直达订购链接测试IP:45.145.7.3Tips:不满意三天无理由退回充值账户!地区:枣庄电信高防防御:100GCPU:8核(可加)内存:4G(可加)硬盘:...
CloudCone 商家产品还是比较有特点的,支持随时的删除机器按时间计费模式,类似什么熟悉的Vultr、Linode、DO等服务商,但是也有不足之处就在于机房太少。商家的活动也是经常有的,比如这次中国春节期间商家也是有提供活动,比如有限定指定时间段之前注册的用户可以享受年付优惠VPS主机,比如年付13.5美元。1、CloudCone新年礼物限定款仅限2019年注册优惠购买,活动开始时间:1月31...
PortMap为你推荐
百度商城百度知道一般一天能挣多少钱?bbs.99nets.com做一款即时通讯软件难吗 像hi qq这类的百度关键词价格查询百度推广关键词怎么扣费?嘀动网手机一键通用来干嘛呢?777k7.com怎么在这几个网站上下载图片啊www.777mu.com www.gangguan23.com8090lu.com8090看看电影网怎么打不开了bbs2.99nets.com让(bbs www)*****.cn进入同一个站www.henhenlu.com有一个两位数,十位数字是个位数字的二分之一,将十位数字与个位数字对调,新的两位数比原来大36,这个两位数yinrentangweichentang产品功效好不好?www.dm8.cc有谁知道海贼王最新漫画网址是多少??
godaddy域名解析教程 duniu 新世界机房 vultr美国与日本 la域名 56折 500m空间 免费全能空间 免费网站申请 有益网络 可外链网盘 phpmyadmin配置 沈阳主机托管 英国伦敦 web应用服务器 群英网络 登陆qq空间 97rb 国外免费网盘 锐速 更多