Herramientas de usuario
iran:urls-gobierno
Diferencias
Muestra las diferencias entre dos versiones de la página.
| Ambos lados, revisión anterior Revisión previa Próxima revisión | Revisión previa | ||
|
iran:urls-gobierno [2025/03/26 17:00] anonimo |
iran:urls-gobierno [2025/03/27 01:48] (actual) anonimo |
||
|---|---|---|---|
| Línea 44: | Línea 44: | ||
| 730 | 730 | ||
| </code> | </code> | ||
| - | **Muchos, primeros 15, así se ven:**\\ | + | **Muchos, primeros 10, así se ven:**\\ |
| <code bash> | <code bash> | ||
| cat url_ip_ir.txt | sed -n '1,10p' | cat url_ip_ir.txt | sed -n '1,10p' | ||
| Línea 57: | Línea 57: | ||
| maternaldeath.behdasht.gov.ir 172.21.67.192 | maternaldeath.behdasht.gov.ir 172.21.67.192 | ||
| educationportal.behdasht.gov.ir 185.123.208.106 | educationportal.behdasht.gov.ir 185.123.208.106 | ||
| + | </code> | ||
| + | |||
| + | **nmap a los puertos más comunes y vulnerables**\\ | ||
| + | |||
| + | <code bash> | ||
| + | nmap -Pn -p 20-23,69,139,137,445,53,443,80,8080,8443 -sV --script vuln $(tar -xOzf urls_ips_ir_recon_ng.tar.gz url_ip_ir.txt | awk '{print $2}' | sort | uniq) -oN nmap_vuln_ir_pvarios.txt | ||
| + | </code> | ||
| + | |||
| + | **servicios abiertos**\\ | ||
| + | <code bash> | ||
| + | cat nmap_vuln_ir_pvarios.txt | grep -Ex '^[0-9]+\/.*open.*' | sed -E 's/ {2,}/ /g' | sort | uniq | ||
| + | 443/tcp open ssl/https | ||
| + | 443/tcp open ssl/https ArvanCloud | ||
| + | 443/tcp open ssl/https LiteSpeed | ||
| + | 443/tcp open ssl/tcpwrapped | ||
| + | 443/tcp open tcpwrapped | ||
| + | 53/tcp open tcpwrapped | ||
| + | 8080/tcp open http-proxy ArvanCloud | ||
| + | 80/tcp open http LiteSpeed | ||
| + | 80/tcp open http Microsoft IIS httpd 10.0 | ||
| + | 80/tcp open http nginx (reverse proxy) | ||
| + | 80/tcp open tcpwrapped | ||
| + | 8443/tcp open https-alt | ||
| + | 8443/tcp open ssl/https-alt ArvanCloud | ||
| + | </code> | ||
| + | |||
| + | **servicios cerrados**\\ | ||
| + | <code bash> | ||
| + | cat nmap_vuln_ir_pvarios.txt | grep -Ex '^[0-9]+\/.*closed.*' | sed -E 's/ {2,}/ /g' | sort | uniq | ||
| + | 20/tcp closed ftp-data | ||
| + | 21/tcp closed ftp | ||
| + | 22/tcp closed ssh | ||
| + | 23/tcp closed telnet | ||
| + | 445/tcp closed microsoft-ds | ||
| + | 53/tcp closed domain | ||
| + | 69/tcp closed tftp | ||
| + | 8080/tcp closed http-proxy | ||
| + | 80/tcp closed http | ||
| + | 8443/tcp closed https-alt | ||
| + | </code> | ||
| + | |||
| + | **vulnerabilidades encontradas**\\ | ||
| + | |||
| + | <code bash> | ||
| + | cat nmap_vuln_ir_pvarios.txt | sed -nE '/VULNERABLE:/{n;p}' | sort | uniq | ||
| + | | Authentication bypass by HTTP verb tampering | ||
| + | | Diffie-Hellman Key Exchange Insufficient Group Strength | ||
| + | | phpMyAdmin grab_globals.lib.php subform Parameter Traversal Local File Inclusion | ||
| + | | Slowloris DOS attack | ||
| + | </code> | ||
| + | |||
| + | Estado de cada una: | ||
| + | <code bash> | ||
| + | cat nmap_vuln_ir_pvarios.txt | sed -nE '/VULNERABLE:/{n;n;p}' | sort | uniq | ||
| + | | State: LIKELY VULNERABLE | ||
| + | | State: UNKNOWN (unable to test) | ||
| + | | State: VULNERABLE | ||
| + | | State: VULNERABLE (Exploitable) | ||
| </code> | </code> | ||
iran/urls-gobierno.1743004818.txt.gz · Última modificación: 2025/03/26 17:00 por anonimo
Herramientas de la página
Excepto donde se indique lo contrario, el contenido de este wiki esta bajo la siguiente licencia: CC Attribution 4.0 International
