Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-23 05:03:35 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/pentesting-telnet.md

89 lines
4.4 KiB
Markdown
Raw Blame History

# 23 - Kupima Usalama wa Telnet
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
<figure><img src="../.gitbook/assets/image (2) (1) (1).png" alt=""><figcaption></figcaption></figure>
**Usanidi wa papo hapo wa upimaji wa udhaifu & kupenyeza**. Tekeleza ukaguzi kamili wa usalama kutoka mahali popote na zana & vipengele zaidi ya 20 vinavyoanzia uchunguzi hadi ripoti. Hatuchukui nafasi ya wapima usalama - tunaendeleza zana za desturi, moduli za ugunduzi & uchomaji ili kuwarudishia muda wa kuchimba kwa kina, kuzindua mizizi, na kufurahi.
{% embed url="https://pentest-tools.com/" %}
## **Taarifa Msingi**
Telnet ni itifaki ya mtandao inayowapa watumiaji njia isiyo salama ya kufikia kompyuta kupitia mtandao.
**Bandari ya chaguo:** 23
```
23/tcp open telnet
```
## **Uthibitisho**
### **Kukamata Bango**
```bash
nc -vn <IP> 23
```
Unaweza kufanya uchunguzi wa kuvutia kwa kutumia **nmap**:
```bash
nmap -n -sV -Pn --script "*telnet* and safe" -p 23 <IP>
```
Mipango `telnet-ntlm-info.nse` itapata habari za NTLM (toleo la Windows).
Kutoka kwenye [telnet RFC](https://datatracker.ietf.org/doc/html/rfc854): Katika Itifaki ya TELNET kuna "**chaguo**" mbalimbali ambazo zitaruhusiwa na zinaweza kutumika na muundo wa "**DO, DON'T, WILL, WON'T**" kuruhusu mtumiaji na seva kukubaliana kutumia seti ya mazungumzo yenye utata zaidi (au labda tofauti tu) kwa muunganisho wao wa TELNET. Chaguo kama hilo linaweza kujumuisha kubadilisha seti ya wahusika, mode ya kielelezo, n.k.
**Najua inawezekana kuchunguza chaguo hizi lakini sijui jinsi, hivyo nijulishe kama unajua jinsi.**
### [Kuvunja nguvu](../generic-methodologies-and-resources/brute-force.md#telnet)
## Faili ya Mipangilio
```bash
/etc/inetd.conf
/etc/xinetd.d/telnet
/etc/xinetd.d/stelnet
```
## Amri za Kiotomatiki za HackTricks
```
Protocol_Name: Telnet #Protocol Abbreviation if there is one.
Port_Number: 23 #Comma separated if there is more than one.
Protocol_Description: Telnet #Protocol Abbreviation Spelled out
Entry_1:
Name: Notes
Description: Notes for t=Telnet
Note: |
wireshark to hear creds being passed
tcp.port == 23 and ip.addr != myip
https://book.hacktricks.xyz/pentesting/pentesting-telnet
Entry_2:
Name: Banner Grab
Description: Grab Telnet Banner
Command: nc -vn {IP} 23
Entry_3:
Name: Nmap with scripts
Description: Run nmap scripts for telnet
Command: nmap -n -sV -Pn --script "*telnet*" -p 23 {IP}
Entry_4:
Name: consoleless mfs enumeration
Description: Telnet enumeration without the need to run msfconsole
Note: sourced from https://github.com/carlospolop/legion
Command: msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_version; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/brocade_enable_login; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_encrypt_overflow; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_ruggedcom; set RHOSTS {IP}; set RPORT 23; run; exit'
```
<figure><img src="../.gitbook/assets/image (2) (1) (1).png" alt=""><figcaption></figcaption></figure>
**Mipangilio inapatikana mara moja kwa tathmini ya udhaifu na upenyezaji**. Tekeleza pentest kamili kutoka popote ukiwa na zana na vipengele zaidi ya 20 vinavyoanzia uchunguzi hadi ripoti. Hatuchukui nafasi ya wapimaji wa pentest - tuna
Reference in a new issue View git blame Copy permalink