Skip to main content

πŸ™‡πŸ»‍♂️ Port Scanners πŸ™‡πŸ»‍♂️

 A port scanner is basically a software utility that can be used to determine which ports a host is accepting connections on. For example, if I wanted to see if I could pull up a web page from any hosts on my network, I would scan my subnet to see if any hosts have port 80 open. But this is a basic example. The information obtained from a port scanner can help attackers read between the lines and determine the purpose of a host on their network. For example, if a port scanner showed that a host had port 9100 open, you could reasonably assume that the host you scanned is either a printer or a print server since port 9100 is used for printing. I know, I know, printers are boring. But it is amusing to think that you could send print jobs to your neighbor’s printer and print anything you wanted to after identifying their printer with a port scanner (don’t actually do that, it’s just funny to think about). 


But think how far an attacker could take this concept. By identifying the services that are running on a host, they can determine what type of server they are dealing with, whether or not they have found an infrastructure device like a router, switch, or firewall, or find ways to attack end user computers by making connections on their active ports. 


Now take a moment to consider things from a white hat perspective. An ethical hacker could use a port scanner to verify that all of the ports on a network that should be closed are actually closed. It is a useful verification tool that can be used to prevent vulnerabilities.

Labels:

Comments

Post a Comment

Popular posts from this blog

SQL Injection Authentication Bypass Cheat Sheet

  This list can be used by penetration testers when testing for SQL injection authentication bypass.A penetration tester can use it manually or through burp in order to automate the process.The creator of this list is Dr. Emin Δ°slam TatlΔ±If (OWASP Board Member).If you have any other suggestions please feel fr ee to leave a comment in order to improve and expand the list. or 1=1 or 1=1-- or 1=1# or 1=1/* admin' -- admin' # admin'/* admin' or '1'='1 admin' or '1'='1'-- admin' or '1'='1'# admin' or '1'='1'/* admin'or 1=1 or ''=' admin' or 1=1 admin' or 1=1-- admin' or 1=1# admin' or 1=1/* admin') or ('1'='1 admin') or ('1'='1'-- admin') or ('1'='1'# admin') or ('1'='1'/* admin') or '1'='1 admin') or '1'='1'-- admin') or '1'='1'# admin') ...
Post a Comment
Read more

WHAT IS SESSION HIJACKING?

  What is Session Hijacking? A session is the period of time when you as a user are actively accessing an application, website, or other online service. Each user session begins when you log into a website or app and ends when you log out of it. For example, when you type your username and password into a banking application, that begins your session on that online application. When you log into an online application, for example, amzon.com, their server typically generates a temporary session cookie in your browser. This cookie tells your browser that you are logged in and have been authenticated on the server by Amazon. Each temporary session cookie is marked by a unique session ID, or key. If a hacker is able to access your unique session ID, they can access your session. Let us take the example of Facebook. For example, when you log into Facebook, a session begins. This allows you to keep using Facebook (even if you close and reopen the web browser) until you click on ‘log out’...
Post a Comment
Read more