0
Ankit Singh Masters Student (second Semester) in  High Integrity System Fachhochschule Frankfurt am Main University of App...
<ul><li>Working on Analyzer Scanner Module and  developing remote control for various scans
Development using following softwares: </li></ul>* Linux Ubuntu 9.10 * Java development Kit: Sun Java 6 * Eclipse for RCP/...
Stages/Flow of the Scanner module: Scanner (Nmap scripts) -> XML Doc -> JAXB -> Database
<ul><li>Using  Nmap Scripting Engine (nse)  for extracting information of the systems in the network. </li></ul><ul><li>Ta...
SMB traffic is normally sent to/from ports 139 or 445 of Windows systems. </li></ul>
Various given SMB scripts given by Nmap to be used for Scanning the network: smb-brute.nse,  smb-enum-sessions.nse  smb-se...
smb-brute.nse:  <ul><li>This script is specifically targeted towards security auditors or penetration testers. </li></ul><...
Usage :
sudo nmap -sU -sS --script smb-brute.nse -p U:137,T:139 <host> -oX <filename.xml> </li></ul>
smb-check-vulns.nse: <ul><li>Check for vulnerabilities in the system
This is one of the dangerous Script to Run and more likely it will bring down the server.
Not recommended to use in Production environment. </li></ul>
smb-os-discovery.nse: <ul><li>Attempts to determine the  operating system,  computer name, domain, and current time  over ...
Upcoming SlideShare
Loading in...5
×

Dane presentation

711

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
711
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Dane presentation"

  1. 1. Ankit Singh Masters Student (second Semester) in High Integrity System Fachhochschule Frankfurt am Main University of Applied Sciences
  2. 2. <ul><li>Working on Analyzer Scanner Module and developing remote control for various scans
  3. 3. Development using following softwares: </li></ul>* Linux Ubuntu 9.10 * Java development Kit: Sun Java 6 * Eclipse for RCP/Plug-in Developers * Nmap 5.21 * JAXB 2.1.10 (Java Architecture for XML Binding)
  4. 4. Stages/Flow of the Scanner module: Scanner (Nmap scripts) -> XML Doc -> JAXB -> Database
  5. 5. <ul><li>Using Nmap Scripting Engine (nse) for extracting information of the systems in the network. </li></ul><ul><li>Targeting Server Message Block ( SMB , also known as Common Internet File System, CIFS) traffic, which is a Windows protocol.
  6. 6. SMB traffic is normally sent to/from ports 139 or 445 of Windows systems. </li></ul>
  7. 7. Various given SMB scripts given by Nmap to be used for Scanning the network: smb-brute.nse, smb-enum-sessions.nse smb-security-mode.nse, smb-check-vulns.nse , smb-enum-shares.nse, smb-server-stats.nse, smb-enum-domains.nse, smb-enum-users.nse, smb-system-info.nse, smb-enum-groups.nse, smb-os-discovery.nse, smbv2-enabled.nse, smb-enum-processes.nse, smb-psexec.nse
  8. 8. smb-brute.nse: <ul><li>This script is specifically targeted towards security auditors or penetration testers. </li></ul><ul><li>Attempts to guess username/password combinations over SMB, storing discovered combinations for use in other scripts.
  9. 9. Usage :
  10. 10. sudo nmap -sU -sS --script smb-brute.nse -p U:137,T:139 <host> -oX <filename.xml> </li></ul>
  11. 11. smb-check-vulns.nse: <ul><li>Check for vulnerabilities in the system
  12. 12. This is one of the dangerous Script to Run and more likely it will bring down the server.
  13. 13. Not recommended to use in Production environment. </li></ul>
  14. 14. smb-os-discovery.nse: <ul><li>Attempts to determine the operating system, computer name, domain, and current time over the SMB protocol
  15. 15. This is done by starting a session with the anonymous
  16. 16. account (or with a proper user account, if one is given -- likely doesn't make a difference); in response to a session starting, the server will send back all this information. </li></ul>
  17. 17. Enumeration SMB scripts : smb-enum-sessions.nse , smb-enum-shares.nse, smb-enum-domains.nse, smb-enum-users.nse, smb-enum-groups.nse, smb-enum-processes.nse These scripts responsible for: <ul><li>Pulling a list of processes from the remote server over SMB.
  18. 18. Enumerates the users logged into a system either locally or through an SMB share.
  19. 19. Attempts to enumerate domains on a system, along with their policies.
  20. 20. Pulls a list of processes from the remote server over SMB.
  21. 21. Attempts to enumerate the users on a remote Windows system, with as much information as possible </li></ul>
  22. 22. DaNe Plugin CAS Server Side Remote Control
  23. 23. Thank You
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×