• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Dane presentation
 

Dane presentation

on

  • 959 views

 

Statistics

Views

Total Views
959
Views on SlideShare
942
Embed Views
17

Actions

Likes
0
Downloads
2
Comments
0

2 Embeds 17

http://www.slideshare.net 11
http://www.linkedin.com 6

Accessibility

Categories

Upload Details

Uploaded via as OpenOffice

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Dane presentation Dane presentation Presentation Transcript

    • Ankit Singh Masters Student (second Semester) in High Integrity System Fachhochschule Frankfurt am Main University of Applied Sciences
      • Working on Analyzer Scanner Module and developing remote control for various scans
      • Development using following softwares:
      * Linux Ubuntu 9.10 * Java development Kit: Sun Java 6 * Eclipse for RCP/Plug-in Developers * Nmap 5.21 * JAXB 2.1.10 (Java Architecture for XML Binding)
    • Stages/Flow of the Scanner module: Scanner (Nmap scripts) -> XML Doc -> JAXB -> Database
      • Using Nmap Scripting Engine (nse) for extracting information of the systems in the network.
      • Targeting Server Message Block ( SMB , also known as Common Internet File System, CIFS) traffic, which is a Windows protocol.
      • SMB traffic is normally sent to/from ports 139 or 445 of Windows systems.
    • Various given SMB scripts given by Nmap to be used for Scanning the network: smb-brute.nse, smb-enum-sessions.nse smb-security-mode.nse, smb-check-vulns.nse , smb-enum-shares.nse, smb-server-stats.nse, smb-enum-domains.nse, smb-enum-users.nse, smb-system-info.nse, smb-enum-groups.nse, smb-os-discovery.nse, smbv2-enabled.nse, smb-enum-processes.nse, smb-psexec.nse
    • smb-brute.nse:
      • This script is specifically targeted towards security auditors or penetration testers.
      • Attempts to guess username/password combinations over SMB, storing discovered combinations for use in other scripts.
      • Usage :
      • sudo nmap -sU -sS --script smb-brute.nse -p U:137,T:139 <host> -oX <filename.xml>
    • smb-check-vulns.nse:
      • Check for vulnerabilities in the system
      • This is one of the dangerous Script to Run and more likely it will bring down the server.
      • Not recommended to use in Production environment.
    • smb-os-discovery.nse:
      • Attempts to determine the operating system, computer name, domain, and current time over the SMB protocol
      • This is done by starting a session with the anonymous
      • account (or with a proper user account, if one is given -- likely doesn't make a difference); in response to a session starting, the server will send back all this information.
    • Enumeration SMB scripts : smb-enum-sessions.nse , smb-enum-shares.nse, smb-enum-domains.nse, smb-enum-users.nse, smb-enum-groups.nse, smb-enum-processes.nse These scripts responsible for:
      • Pulling a list of processes from the remote server over SMB.
      • Enumerates the users logged into a system either locally or through an SMB share.
      • Attempts to enumerate domains on a system, along with their policies.
      • Pulls a list of processes from the remote server over SMB.
      • Attempts to enumerate the users on a remote Windows system, with as much information as possible
    • DaNe Plugin CAS Server Side Remote Control
    • Thank You
    •  
    •  
    •