-
Notifications
You must be signed in to change notification settings - Fork 0
/
TODO.txt
52 lines (36 loc) · 2.07 KB
/
TODO.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
really need to figure out the OS here...it speaks NETBIOS, but it *feels* like *nix
***Seems to be a stripped down version of https://wifi-helpcenter.nokia.com/hc/en-us/articles/360034143793-Nokia-WiFi-Web-GUI***
***See if we can find an admin guide for that Nokia WiFi***
DONE Perhaps a hint at https://cvs.opengroup.org/cgi-bin/viewcvs.cgi/*checkout*/pegasus/README.html?rev=1.7.14.1
DONE nmap all TCP and UDP ports (may crash device...do this during the night)
- nmap OS scan came back as Linux/OpenWRT
- httprecon came back as winblows
* httprecon 7.3 Report
Target: http://192.168.12.1:80
Tests: 9 test cases
Auditor: johnl
Scan: 4/17/2021 - 6:23:00 PM
Export: 4/17/2021 - 6:23:45 PM
1. CONTENTS
* Summary
* Matches
* Responses
* Details
2. SUMMARY
An advanced web server fingerprinting for the host 192.168.12.1 and port tcp/80 was done with 9 test cases at 4/17/2021 6:23:00 PM.
This analysis was able to determine the target httpd service as Microsoft IIS 6.0 with 68 fingerprint hits in the database.
TCP port 8099 is open and *appears* to be a webserver supporting only HTTP/1.0
- DIG INTO THIS MORE!
Brute crawl and find hidden directories/files (also may crash server...)
- perhaps use this info to guess at the webserver? we need to know the webserver and it doesn't pass a SERVER field
- parse through all HTML, image, JS, etc files and use as clues to figure out webserver/OS. See what meta data is in the images...
- look at HTML or JS comments
- google search for the files to try to figure out the underlying webserver/OS
Find all the POST pages and think about ways to break/inject/whatever
NETBIOS
- spoof DHCP
- immediately after the DHCP request, the requestIP will be sent a NETBIOS check
Does it speak SSDP?
Lots of .js files...download them 1) look for opensource projects and 2) run code through static code analyzer
Full scan on external interface using the IPv6 addr...find ports that may be used for management
physically look at the device and see if there are any config ports or interfaces that may allow me to boot into a terminal mode????