{"id":4815,"date":"2012-07-20T11:04:19","date_gmt":"2012-07-20T14:04:19","guid":{"rendered":"http:\/\/www.ethicalhacker.com.br\/site\/?page_id=4815"},"modified":"2023-01-31T19:42:13","modified_gmt":"2023-01-31T22:42:13","slug":"reconhecimento","status":"publish","type":"page","link":"https:\/\/www.ethicalhacker.com.br\/site\/reconhecimento\/","title":{"rendered":"Reconhecimento"},"content":{"rendered":"<p><strong>PARTE III &#8211; Reconhecimento<\/strong><\/p>\n<p>A primeira fase de um pentest \u00e9 a reuni\u00e3o de informa\u00e7\u00f5es ou reconhecimento. Atrav\u00e9s da metodologia o invasor pode extrair informa\u00e7\u00f5es relevantes sobre seu futuro alvo. A seguir &nbsp;utilizaremos algumas t\u00e1ticas de reconhecimento utilizando o MSFCONSOLE.<\/p>\n<ul>\n<li>Buscando vers\u00e3o de servidores WEB.<\/li>\n<\/ul>\n<pre prompt=\"#\" lang=\"shell\"> msf &gt; connect 192.168.1.105 80\n[*] Connected to 192.168.1.105:80\nHEAD \/ HTTP\/1.0\n\n\nHTTP\/1.1 200 OK\nDate: Thu, 05 Jul 2012 17:17:23 GMT\nServer: Apache\/2.2.8 (Ubuntu) PHP\/5.2.4-2ubuntu5.10 with Suhosin-Patch\nLast-Modified: Wed, 17 Mar 2010 14:08:25 GMT\nETag: \"107f7-2d-481ffa5ca8840\"\nAccept-Ranges: bytes\nContent-Length: 45\nConnection: close\nContent-Type: text\/html\n\n\n<\/pre>\n<ul>\n<li>Buscando vers\u00e3o de servidores FTP.<\/li>\n<\/ul>\n<pre prompt=\"#\" lang=\"shell\"> msf &gt; connect 192.168.1.105 21\n[*] Connected to 192.168.1.105:21\n\n220 ProFTPD 1.3.1 Server (Debian) [::ffff:192.168.1.105]\n\n<\/pre>\n<ul>\n<li>Buscando vers\u00e3o de servidores SSH.<\/li>\n<\/ul>\n<pre prompt=\"#\" lang=\"shell\"> msf &gt; connect 192.168.1.105 22\n[*] Connected to 192.168.1.105:22\n\nSSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1\n\n<\/pre>\n<ul>\n<li>Buscando vers\u00e3o de servidores FTP.<\/li>\n<\/ul>\n<pre prompt=\"#\" lang=\"shell\"> msf &gt; connect 192.168.1.105 21\n[*] Connected to 192.168.1.105:21\n\n220 ProFTPD 1.3.1 Server (Debian) [::ffff:192.168.1.105]\n\n<\/pre>\n<ul>\n<li>Buscando vers\u00e3o do MySQL, repare que aqui n\u00e3o utilizamos o connect, mas sim um m\u00f3dulo auxiliar e setamos o HOST remoto<\/li>\n<\/ul>\n<pre prompt=\"#\" lang=\"shell\"> msf &gt; use auxiliary\/scanner\/mysql\/mysql_version\nmsf  auxiliary(mysql_version) &gt; set RHOSTS 192.168.1.105\nRHOSTS =&gt; 192.168.1.105\nmsf  auxiliary(mysql_version) &gt; run\n\n\n\n[*] 192.168.1.105:3306 is running MySQL 5.0.51a-3ubuntu5 (protocol 10)\n[*] Scanned 1 of 1 hosts (100% complete)\n[*] Auxiliary module execution completed\n<\/pre>\n<ul>\n<li>Buscando vers\u00e3o SMB<\/li>\n<\/ul>\n<pre prompt=\"#\" lang=\"shell\">msf &gt; use auxiliary\/scanner\/smb\/smb_version\nmsf  auxiliary(smb_version) &gt; set RHOSTS 192.168.1.105\nRHOSTS =&gt; 192.168.1.105\nmsf  auxiliary(smb_version) &gt; run\n\n\n\n[*] 192.168.1.105:445 is running Unix Samba 3.0.20-Debian (language: Unknown) (domain:WORKGROUP)\n[*] Scanned 1 of 1 hosts (100% complete)\n[*] Auxiliary module execution completed\n\n<\/pre>\n\r\n\t\t<div class='author-shortcodes'>\r\n\t\t\t<div class='author-inner'>\r\n\t\t\t\t<div class='author-image'>\r\n\t\t\t<img src='https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/186048_100001838322519_1550894_n-11668_57x57.jpg' alt='' \/>\r\n\t\t\t<div class='author-overlay'><\/div>\r\n\t\t<\/div> <!-- .author-image --> \r\n\t\t<div class='author-info'>\r\n\t\t\t<p>Autor:&nbsp;<strong>S\u00edlvio C\u00e9sar Roxo Giavaroto<\/strong><\/p>\n<p>\u00c9 MBA Especialista em Gest\u00e3o de Seguran\u00e7a da Informa\u00e7\u00e3o,\nTecn\u00f3logo em Redes de Computadores, C|EH Certified Ethical Hacker,\natua como Pentest e Analista de Seguran\u00e7a em Servidores Linux no\nGoverno do Estado de S\u00e3o Paulo, Professor Universit\u00e1rio , &nbsp;Instrutor\nC|EH e C|HFI.<\/p>\n<p><em>&nbsp;<\/em>\r\n\t\t<\/div> <!-- .author-info --><\/p>\r\n\t\t\t<\/div> <!-- .author-inner -->\r\n\t\t<\/div> <!-- .author-shortcodes -->\n","protected":false},"excerpt":{"rendered":"<p>PARTE III &#8211; Reconhecimento A primeira fase de um pentest \u00e9 a reuni\u00e3o de informa\u00e7\u00f5es ou reconhecimento. Atrav\u00e9s da metodologia o invasor pode extrair informa\u00e7\u00f5es relevantes sobre seu futuro alvo. A seguir &nbsp;utilizaremos algumas t\u00e1ticas de reconhecimento utilizando o MSFCONSOLE. Buscando vers\u00e3o de servidores WEB. msf &gt; connect 192.168.1.105 80 [*] Connected to 192.168.1.105:80 HEAD [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-4815","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/pages\/4815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=4815"}],"version-history":[{"count":10,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/pages\/4815\/revisions"}],"predecessor-version":[{"id":19760,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/pages\/4815\/revisions\/19760"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=4815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}