hacktricks/network-services-pentesting/pentesting-telnet.md

# 23 - Kupima Usalama wa Telnet

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>

<figure><img src="../.gitbook/assets/image (2) (1).png" alt=""><figcaption></figcaption></figure>

**Usanidi wa papo hapo wa upimaji wa udhaifu & kupenyeza**. Tekeleza ukaguzi kamili wa usalama kutoka mahali popote na zana & vipengele zaidi ya 20 vinavyoanzia uchunguzi hadi ripoti. Hatuchukui nafasi ya wapima usalama - tunatengeneza zana za desturi, moduli za ugunduzi & uchomaji ili kuwarudishia muda wa kuchimba kwa kina, kuzindua mizizi, na kufurahi.

{% embed url="https://pentest-tools.com/" %}

## **Taarifa Msingi**

Telnet ni itifaki ya mtandao inayowapa watumiaji njia ISIYOsalama ya kufikia kompyuta kupitia mtandao.

**Bandari ya chaguo:** 23
```
23/tcp open  telnet
```
## **Uthibitisho**

### **Kukamata Bango**
```bash
nc -vn <IP> 23
```
Unaweza kufanya uchunguzi wa kuvutia kwa kutumia **nmap**:
```bash
nmap -n -sV -Pn --script "*telnet* and safe" -p 23 <IP>
```
Skripti `telnet-ntlm-info.nse` itapata habari za NTLM (toleo la Windows).

Kutoka kwenye [telnet RFC](https://datatracker.ietf.org/doc/html/rfc854): Katika Itifaki ya TELNET kuna "**chaguo**" mbalimbali ambazo zitaidhinishwa na zinaweza kutumika na muundo wa "**DO, DON'T, WILL, WON'T**" kuruhusu mtumiaji na seva kukubaliana kutumia seti ya mazungumzo ya TELNET yenye utata zaidi (au labda tofauti tu). Chaguo kama hilo linaweza kujumuisha kubadilisha seti ya wahusika, hali ya kielezo, n.k.

**Najua inawezekana kuchunguza chaguo hizi lakini sijui jinsi, hivyo nijulishe kama unajua jinsi.**

### [Mabavu nguvu](../generic-methodologies-and-resources/brute-force.md#telnet)

## Faili ya Usanidi
```bash
/etc/inetd.conf
/etc/xinetd.d/telnet
/etc/xinetd.d/stelnet
```
## Amri za Kiotomatiki za HackTricks
```
Protocol_Name: Telnet    #Protocol Abbreviation if there is one.
Port_Number:  23     #Comma separated if there is more than one.
Protocol_Description: Telnet          #Protocol Abbreviation Spelled out

Entry_1:
Name: Notes
Description: Notes for t=Telnet
Note: |
wireshark to hear creds being passed
tcp.port == 23 and ip.addr != myip

https://book.hacktricks.xyz/pentesting/pentesting-telnet

Entry_2:
Name: Banner Grab
Description: Grab Telnet Banner
Command: nc -vn {IP} 23

Entry_3:
Name: Nmap with scripts
Description: Run nmap scripts for telnet
Command: nmap -n -sV -Pn --script "*telnet*" -p 23 {IP}

Entry_4:
Name: consoleless mfs enumeration
Description: Telnet enumeration without the need to run msfconsole
Note: sourced from https://github.com/carlospolop/legion
Command: msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_version; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/brocade_enable_login; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_encrypt_overflow; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_ruggedcom; set RHOSTS {IP}; set RPORT 23; run; exit'

```
<figure><img src="../.gitbook/assets/image (2) (1).png" alt=""><figcaption></figcaption></figure>

**Mipangilio inapatikana mara moja kwa tathmini ya udhaifu na upenyezaji**. Tekeleza pentest kamili kutoka mahali popote na zana na vipengele zaidi ya 20 vinavyoanzia uchunguzi hadi ripoti. Hatuchukui nafasi ya wapimaji wa pentest - tunatengeneza zana za desturi, moduli za ugunduzi na unyonyaji ili kuwapa muda wa kuchimba kwa kina, kufungua mabakuli, na kufurahi.

{% embed url="https://pentest-tools.com/" %}

<details>

<summary><strong>Jifunze kuhusu kuvamia AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kuvamia kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>