5.7 KiB
23 - Pentesting Telnet
{% hint style="success" %}
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Mchakato wa haraka wa kutathmini udhaifu & kupenya. Fanya pentest kamili kutoka mahali popote na zana 20+ & vipengele vinavyotoka kwenye recon hadi ripoti. Hatubadilishi wapimaji wa udhaifu - tunatengeneza zana maalum, moduli za kugundua & kutumia ili kuwapa muda wa kuchimba zaidi, kufungua shells, na kufurahia.
{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}
Taarifa za Msingi
Telnet ni protokali ya mtandao inayowapa watumiaji njia isiyo salama ya kufikia kompyuta kupitia mtandao.
Bandari ya kawaida: 23
23/tcp open telnet
Uhesabu
Kuchukua Bango
nc -vn <IP> 23
Mchango wote wa kuvutia unaweza kufanywa na nmap:
nmap -n -sV -Pn --script "*telnet* and safe" -p 23 <IP>
The script telnet-ntlm-info.nse itapata taarifa za NTLM (matoleo ya Windows).
Kutoka kwenye telnet RFC: Katika Protokali ya TELNET kuna "chaguzi" mbalimbali ambazo zitaidhinishwa na zinaweza kutumika na muundo wa "FANYA, USIFANYE, ITAFANYIKA, HAITAFANYIKA" ili kuruhusu mtumiaji na seva kukubaliana kutumia seti ya makubaliano ya kina (au labda tofauti tu) kwa ajili ya muunganisho wao wa TELNET. Chaguzi kama hizo zinaweza kujumuisha kubadilisha seti ya wahusika, hali ya echo, n.k.
Ninajua inawezekana kuhesabu chaguzi hizi lakini sijui jinsi, hivyo nijulishe kama unajua jinsi.
Brute force
Faili ya usanidi
/etc/inetd.conf
/etc/xinetd.d/telnet
/etc/xinetd.d/stelnet
HackTricks Amri za Otomatiki
Protocol_Name: Telnet #Protocol Abbreviation if there is one.
Port_Number: 23 #Comma separated if there is more than one.
Protocol_Description: Telnet #Protocol Abbreviation Spelled out
Entry_1:
Name: Notes
Description: Notes for t=Telnet
Note: |
wireshark to hear creds being passed
tcp.port == 23 and ip.addr != myip
https://book.hacktricks.xyz/pentesting/pentesting-telnet
Entry_2:
Name: Banner Grab
Description: Grab Telnet Banner
Command: nc -vn {IP} 23
Entry_3:
Name: Nmap with scripts
Description: Run nmap scripts for telnet
Command: nmap -n -sV -Pn --script "*telnet*" -p 23 {IP}
Entry_4:
Name: consoleless mfs enumeration
Description: Telnet enumeration without the need to run msfconsole
Note: sourced from https://github.com/carlospolop/legion
Command: msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_version; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/brocade_enable_login; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_encrypt_overflow; set RHOSTS {IP}; set RPORT 23; run; exit' && msfconsole -q -x 'use auxiliary/scanner/telnet/telnet_ruggedcom; set RHOSTS {IP}; set RPORT 23; run; exit'
Mchakato wa haraka wa kutathmini udhaifu & upimaji wa penya. Fanya upimaji kamili kutoka mahali popote kwa zana 20+ na vipengele vinavyotoka kwenye utafiti hadi ripoti. Hatubadilishi wapimaji wa udhaifu - tunatengeneza zana maalum, moduli za kugundua na kutumia ili kuwapa muda wa kuchimba zaidi, kufungua shells, na kufurahia.
{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}
{% hint style="success" %}
Jifunze & fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze & fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Angalia mpango wa usajili!
- Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
- Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.