您好,欢迎光临本网站![请登录][注册会员]  
文件名称: 靶机漏洞报告.pdf
  所属分类: 其它
  开发工具:
  文件大小: 246kb
  下载次数: 0
  上传时间: 2019-10-12
  提 供 者: m0_37******
 详细说明:该文档 主要是针对靶机做的渗透测试报告,用的扫描工具是OpenVas2 RESULT'S PER HOST 1 Rcsult Overview Host High Medium Low Log False Positive 192.168.10.14919 32 0 0 Total: 1 19 2 0 0 Vendor security updates are not trusted Overrides are oIl. When a result has an override, lhis report uses the threat of the override Information on overrides is included in the report Notes are included in the report This report might not show details of all issues that were found It only lists hosts that produced issues Issues with the threat level log are not shown Issues with the threat level"Debug'" are not shown Issues with the threat level“ False上 ositive” are not shown Only resulis with a IniniinuIn QoD of 70 are showIl This report contains all 53 results selected by the filtering described above. Before filtering there were 390 results 1. 1 Host authentications Protocol Result Port/U 192.168.10.149 SMB Success Protocol SMB, Port 415,User 2 Results per host 2.1192.168.10.149 Host scan start Sat Oct 12 02: 30: 16 2019UTC Host scan end Sat oct 1203: 01: 47 2019 UTC Service(port) Threat Level 3306/tcp High 6200/t High 80/tcp High 3632/cp High 5432/t High eral/tcpHigh High 5900/t Higl 1099/t High 512/t High (conti 2 RESULT'S PER HOST (continued) Service(Port) Threat Level 21/tcp High 8787/tc High High 513/+p High 1524/tcp High High 80/tcp Medium 5432/tcp Medium 5900/t Medium 2121/tcp 21/ tcp Medium 6667/tcp Medium Medium 445/tcp Medium Medium general/tc 22/tcp Ow 211High3306/t 9. VT: MySQL/ MariaDB weak password Product detection result cpe: /a: mysql: mysql: 5.0. 51a Detected by My SQL/MariaDB Detection (OID: 1.3.6.1.4.1. 25623.1.0.100152 Summary It was possible lo login inlo the remote MysQl as root using weak credentials Vulnerability Detection Result It was possible to login as root with an empty password. Solution Solution type: Mitigation Change the password as soon as possible Vulnerability Detection Method Details: My SQL / MariaDB weak password OID:1.3.6.1.41.25623.1.0.103551 Ⅴ ersion used:2019-09-06T14:17:49+0000 Product Detection result ontinnles on next. page 2 RESULT'S PER HOST continued from previous page Product: cpe: /a: mysql: mysql: 5.0.51a Method: MySQL/MariaDB Detection OlD:1.36.1.41.25623.1.0.100152) return to192.168.10.149 2.1.2 High 6200/ tcp High(C VT: vsftpd Compromised Source Packages Backdoor Vulnerability Summary vsftpd is prone to a backdoor vulnerability Vulnerability Detection Result Vulnerability was detected according to the vulnerability Detection Method Attackers can exploit this issue to execute arbitrary commands in the context of the application Successful attacks will coinpronnise Che affected applicalion ution Solution type: VendorFix The repaired package can be downloaded from the referenced link. Please validate the package with its signature Affected Software/os The vsftpd 2.3. 4 source package is affected Vulnerability Detection Method Details: vsftpd Compromised Source Packages Backdoor Vulnerability OID:1.3.6.1.4.1.25623.10.103185 Version used: REvision: 12076 References B工D:48539 Url:http://www.securityfocus.com/bid/48539 Url:http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-back Url:https://security.appspot.com/vsftpd.html [return Lo192.168.10.149 2.1.3 High 80/tcp 2 RESULT'S PER HOST NVT: TWiki XSS and Command Execution VulNerabilities Product detection result cpe: /a: twiki: twiki: 01Feb 2003 Detected by TWiki Version Detection (OID: 1.3.6.1.4.1. 25623.1.0.800399) Summary The host is running TWiki and is prone to Cross-Site Scripting(XSS) and Colllnianld Execution Vulnerabilities Vulnerability Detection Result Installed version: 01, feb 2003 Fixed version 4.2.4 Impact Successful exploitation could allow execution of arbitrary script code or commands. This could let attackers steal cookie- based authentication credentials or compromise the affected application Solution type: Vendor lx Upgrade to version 4.2.4 or later Affected Software/os TWiki, TWiki version prior to 4.2.4 Vulnerability Insight The Aaws are due to VURLPARAM% variable is not properly sanitized which lets attackers conduct cross-site scripting attack TSEARCHI variable is not properly sanitised before being used in an eval( call which lets t, he att ackers execute perl code through e val injection att ack Vulnerability Detection Method Details: TWiki XSs and Command Execution vulnerabilities ODD:1.3.6.1.4.1.25623.10800320 Version used Revision: 12952 Product detection result Product: cpe: /a: twiki: twiki: 01 Feb 2003 Method: TWiki Version detection OID:136.14.1.2562310.800399) References CVE:cVE-2008-5304,cVE-2008-5305 BID:32668,32669 continues on next page 2 RESULT'S PER HOST continued from previous page Other Url:http://twiki.org/cgi-bin/view/codev.Securityalert-cve-2008-5304 Url:http://twiki.org/cgi-bin/view/codev/securityalert-cve-2008-5305 VT: phpinfo() output Reporting Summary Many PHP installation tutorials instruct the user to create a file called phpinfo. php or similar containing the phpinfo( statement. Such a file is often left back in the webserver directory Vulnerability Detection Result The following files are calling the function phpinfo which disclose potentiall cy sensitive information: http://192.168.10.149/mutillidae/phpinfo.php http://192.168.10.149/phpinfo.php Im Some of the information that can be gathered from this file includes The username of the user running the PHP process, if it is a sudo user, the IP address of the host the web server version, the system version(Unix Linux. Windows,.) and the root directory of the web seryer Solution Solution type: Workaround Delete the listed files or restrict access to them Vulnerability Detection Method Details: phpinfo() output Report ing OID:1.3.6.1.4.1.25623.1.0.11229 Ⅴ ersion used:$Reⅴ Ison:11992$ High(CVSS: 7 VT: PHP-CGI-based setups vulnerability when parsing query string parameters from php files Summary PHP is prone lo all inlorInlaLion-disclosure vulnerability Vulnerability Detection Result Vulnerableurl:http://192.168.10.149/cgi-bin/php lmpact Exploiling lhis issue allows r'elllote attackers to view the source code of liles in Lhe context of the PHP code on the affected computer. Other attacks are also possible ation and to run arbitrary server process. This may allow the attacker to obtain sensitive inform continues on next page 2 RESULT'S PER HOST continued from previous page vP Vendor上i PHP has released version 5.4.3 and 5. 3. 13 to address this vulnerability. PHP is recommending that users upgrade to the latest version of PHP Vulnerability Insight When PHP is used in a CGT-based set1p(Such as A,'s mod cgid; the php-cgi receives a processed query string parameter as command line arguments which allows command-line switches, such as -S, -d or-c lo be passed to the php-cgi binary, which can be exploited lo disclose source code and obtaiN arbiirary code execution An example of the -s command, allowing an attacker to view the source code of index. php is below http://example.com/index.php?-s Vulnerability Detection Method Details: PHP-CGI-based setups vulnerability when parsing query string parameters from ph OID:1.3.6.1.4.1.25623.1.0.103482 Ⅴ ersion used:Reⅴ siOn:13679$ R eferences CVE:CVE-2012-1823,CVE-2012-2311,CVE-2012-2336,CVE-2012-2335 BID:53388 Other Url:http://www.h-online.com/open/news/item/critical-open-hole-in-php-creates-r isks-Update-1567532.html Url:http://www.kb.cert.org/vuls/id/520827 Url:http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/ Url:https://bugs.phpnet/bug.php?id=61910 LL:http://www.php.net/manual/en/security.cgi-bin.php Url:Http://www.securityfocus.com/bid/53388 Vt: Test Http dangerous methods Summary Misconfigured web servers allows remote clients to perform dangerous Http methods such as PUT and dELete This script checks if they are enabled and can be misused to upload or delete files Vulnerability Detection Result le could upload the following files via the PUT method at this web server: http://192.168.10.149/dav/puttest901690022.htm1 We could delete the following files via the DELETE method at this web server: http://192.168.10.149/dav/puttest901690022.htm1 conllinlues oll ilex page 2 RESULT'S PER HOST continued from previous page Impact Enabled PUT method This might allow an attacker to upload and run arbitrary code on this web server Enabled deletE method This might allow an attacker to delete additional files on this web server Solution Solution type: Mitigation Cse access restrictions to these dagerous Http Inethods or disable Lheill completely Vulnerability Detection Method Details:Testhttpdangerousmethods OID:1.3.6.1.4.1.25623.1.0.10498 Version used:2019-04-24To7:26:10+0000 References BID:12141 Other OWASP: OWASP-CM-001 return to192.168.10.149 2.1. 4 High 3632/ tcp High(C 9.3 T: DislCC Remote Code Execution Vulnerability Summary Dist CC 2. x, as used in XCode 1.5 and others, when not configured to restrict access to the server executed by the server without authorization che commands via, compilation jobs which are Vulnerability Detection Result It was possible to execute the id command Result: uid=1(daemon) gid=1(daemon) Impact Dist cc by default trusts its clients completely that in turn could allow a malicious client to execute arbitrary commands on the server Solution Solution type: VendorFix Vendor updates are available. Please see the references for more information For more information about DistCC's securitv see the references continues on next page 2 RESULT'S PER HOST continued from previous page Vulnerability Detection Method Details: DistCC Remote Code Execution Vulnerability OID:1.3.6.1.4.1.25623.1.0.103553 Version used: rEvision: 12032 References CVE:CVE-2004-2687 Other Url:https://distcc.github.io/security.html Url:https://web.archive.org/web/20150511045306/http://archives.neohapsis.com 80/archives/bugtraq2005-030183html return to192.168.10.149 2.1.5igh5432/tcp High(CVSS: 9 VT: Post gresQr weak password Produet detection result cpe: /a: postgresql: postgresql: 8.3.1 Detected by PostgreSQL Detection (OID: 1. 3.6.1.4.1.25623.1.0 100151) Summary Il was possible to login into the remote postgresQL as user postgres using weak credentials. Vulnerability Detection Result It was possible to login as user postgres with password postgres Solution Solution type: Mitigation Change the password as soon as possible Vulnerability Detection Method Details: PostgresQL weak password OID:1.3.6.1.4.1.25623.10.103552 Ⅴ ersion used:2019-09-06T14:17:49+0000 Product Detection result Product: cpe: /a: postgresql: postgresql: 8.3.1 Method: PostgreSQL Detection OID:136.1.4.1.25623.1.0.100151 return to192.168.10.149]
(系统自动生成,下载前可以参看下载内容)

下载文件列表

相关说明

  • 本站资源为会员上传分享交流与学习,如有侵犯您的权益,请联系我们删除.
  • 本站是交换下载平台,提供交流渠道,下载内容来自于网络,除下载问题外,其它问题请自行百度
  • 本站已设置防盗链,请勿用迅雷、QQ旋风等多线程下载软件下载资源,下载后用WinRAR最新版进行解压.
  • 如果您发现内容无法下载,请稍后再次尝试;或者到消费记录里找到下载记录反馈给我们.
  • 下载后发现下载的内容跟说明不相乎,请到消费记录里找到下载记录反馈给我们,经确认后退回积分.
  • 如下载前有疑问,可以通过点击"提供者"的名字,查看对方的联系方式,联系对方咨询.
 相关搜索: 靶机漏洞报告.pdf
 输入关键字,在本站1000多万海量源码库中尽情搜索: