Google+

lunes, 6 de julio de 2009

Conocer el Sistema Operativo de un servidor remoto


Con el comando xprobe2 podréis conocer que sistema operativos esta usando un servidor remoto, lo podréis encontrar en los repositorios, aun que si no lo tenéis, siempre lo podéis compilar:
#wget http://freefr.dl.sourceforge.net/sourceforge/xprobe/xprobe2-0.3.tar.gz
#tar xvf  xprobe2-0.3.tar.gz
#cd xprobe2-0.3
#./configure
#make
#make install

Si lo tenéis en los repositorios los pasos de atrás os los ahorráis.
root@linux-q23:~# xprobe2 linuxadmin.es

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is linuxadmin.es
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping  -  ICMP echo discovery module
[x] [2] ping:tcp_ping  -  TCP-based ping discovery module
[x] [3] ping:udp_ping  -  UDP-based ping discovery module
[x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
[x] [5] infogather:portscan  -  TCP and UDP PortScanner
[x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
[x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
[x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
[x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
[x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
[x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
[x] [12] fingerprint:smb  -  SMB fingerprinting module
[x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
[+] 13 modules registered
[+] Initializing scan engine
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on 217.13.94.24. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on 217.13.94.24. Module test failed
[-] No distance calculation. 217.13.94.24 appears to be dead or no ports known
[+] Host: 217.13.94.24 is up (Guess probability: 50%)
[+] Target: 217.13.94.24 is alive. Round-Trip Time: 0.01639 sec
[+] Selected safe Round-Trip Time value is: 0.03277 sec
[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
[-] fingerprint:smb need either TCP port 139 or 445 to run
[-] fingerprint:snmp: need UDP port 161 open
[+] Primary guess:
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.19" (Guess probability: 100%)
[+] Other guesses:
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.20" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.21" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.22" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.23" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.24" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.25" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.26" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.27" (Guess probability: 100%)
[+] Host 217.13.94.24 Running OS: "Linux Kernel 2.4.28" (Guess probability: 100%)
[+] Cleaning up scan engine
[+] Modules deinitialized
[+] Execution completed.

Como veis saca las probabilidades de que sea un sistema u otro. Es curioso ver como la gran mayoría son Linux