Blog Curso Hacking Etico MOOC Mondragon: Unidad 1, Tarea 1

TAREA 1: Herramientas básicas para obtener información de servidores externos

Objetivo de investigación: www.kit-drone.com

Test 1, Ping:

Datos Obtenidos:

IP 184.168.47.225

Test 2. Whois:

C:\>whois www.kit-drone.com

Whois v1.12 - Domain information lookup utility
Sysinternals - www.sysinternals.com
Copyright (C) 2005-2014 Mark Russinovich

Connecting to COM.whois-servers.net...
Connecting to whois.godaddy.com...

Domain ID: 1902164105_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2015-02-11T19:05:37Z
Creation Date: 2015-02-11T19:05:37Z
Registrar Registration Expiration Date: 2017-02-11T19:05:37Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registry Registrant ID:
Registrant Name: Rafael Salmoral
Registrant Organization:
Registrant Street: Avenida Sanchez Pizjuan N23 7A
Registrant City: Sevilla
Registrant State/Province: Sevilla
Registrant Postal Code: 41009
Registrant Country: Spain
Registrant Phone: +34.610000420
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dronecasero@gmail.com
Registry Admin ID:
Admin Name: Rafael Salmoral
Admin Organization:
Admin Street: Avenida Sanchez Pizjuan N23 7A
Admin City: Sevilla
Admin State/Province: Sevilla
Admin Postal Code: 41009
Admin Country: Spain
Admin Phone: +34.610000420
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: dronecasero@gmail.com
Registry Tech ID:
Tech Name: Rafael Salmoral
Tech Organization:
Tech Street: Avenida Sanchez Pizjuan N23 7A
Tech City: Sevilla
Tech State/Province: Sevilla
Tech Postal Code: 41009
Tech Country: Spain
Tech Phone: +34.610000420
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: dronecasero@gmail.com
Name Server: NS41.DOMAINCONTROL.COM
Name Server: NS42.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2015-09-22T20:00:00Z <<<

For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en

The data contained in GoDaddy.com, LLC's WhoIs database,
while believed by the company to be reliable, is provided "as is"
with no guarantee or warranties regarding its accuracy. This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, LLC. By submitting an inquiry,
you agree to these terms of usage and limitations of warranty. In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam. You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes.

Please note: the registrant of the domain name is specified
in the "registrant" section. In most cases, GoDaddy.com, LLC
is not the registrant of domain names listed in this database.

Datos Obtenidos:

Proveedor de servicio: http://www.godaddy.com
Nombre: Rafael Salmoral
Dirección: Avenida Sanchez Pizjuan N23 7A, Sevilla, 41009
Teléfono: +34.610000420
Email: dronecasero@gmail.com

3. NMAP

Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-09-22 22:26 Hora de verano romance
NSE: Loaded 122 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 22:26
Completed NSE at 22:26, 0.00s elapsed
Initiating NSE at 22:26
Completed NSE at 22:26, 0.00s elapsed
Initiating Ping Scan at 22:26
Scanning www.kit-drone.com (184.168.47.225) [4 ports]
Completed Ping Scan at 22:26, 0.27s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 22:26
Completed Parallel DNS resolution of 1 host. at 22:26, 0.00s elapsed
Initiating SYN Stealth Scan at 22:26
Scanning www.kit-drone.com (184.168.47.225) [1000 ports]
Discovered open port 143/tcp on 184.168.47.225
Discovered open port 993/tcp on 184.168.47.225
Discovered open port 3389/tcp on 184.168.47.225
Discovered open port 113/tcp on 184.168.47.225
Discovered open port 139/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 2.75% done; ETC: 22:45 (0:18:16 remaining)
Discovered open port 4001/tcp on 184.168.47.225
Increasing send delay for 184.168.47.225 from 0 to 5 due to 11 out of 14 dropped probes since last increase.
Discovered open port 40193/tcp on 184.168.47.225
Discovered open port 22/tcp on 184.168.47.225
Increasing send delay for 184.168.47.225 from 5 to 10 due to max_successful_tryno increase to 5
Discovered open port 995/tcp on 184.168.47.225
Warning: 184.168.47.225 giving up on port because retransmission cap hit (6).
Discovered open port 111/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 3.59% done; ETC: 22:55 (0:27:20 remaining)
Discovered open port 3351/tcp on 184.168.47.225
Discovered open port 1057/tcp on 184.168.47.225
Discovered open port 5815/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 5.61% done; ETC: 22:53 (0:25:30 remaining)
Discovered open port 8089/tcp on 184.168.47.225
Discovered open port 9998/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 9.04% done; ETC: 22:48 (0:20:17 remaining)
SYN Stealth Scan Timing: About 11.97% done; ETC: 22:51 (0:21:27 remaining)
Discovered open port 2013/tcp on 184.168.47.225
Discovered open port 5061/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 25.80% done; ETC: 22:52 (0:19:02 remaining)
SYN Stealth Scan Timing: About 32.46% done; ETC: 22:52 (0:17:43 remaining)
SYN Stealth Scan Timing: About 38.87% done; ETC: 22:53 (0:16:23 remaining)
Discovered open port 30718/tcp on 184.168.47.225
Discovered open port 3031/tcp on 184.168.47.225
Discovered open port 16016/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 44.14% done; ETC: 22:53 (0:14:57 remaining)
Discovered open port 19315/tcp on 184.168.47.225
Discovered open port 88/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 47.89% done; ETC: 22:52 (0:13:24 remaining)
SYN Stealth Scan Timing: About 53.47% done; ETC: 22:52 (0:12:07 remaining)
SYN Stealth Scan Timing: About 58.99% done; ETC: 22:52 (0:10:47 remaining)
SYN Stealth Scan Timing: About 64.34% done; ETC: 22:53 (0:09:27 remaining)
Discovered open port 5226/tcp on 184.168.47.225
Discovered open port 3030/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 68.94% done; ETC: 22:52 (0:08:07 remaining)
SYN Stealth Scan Timing: About 74.80% done; ETC: 22:53 (0:06:48 remaining)
SYN Stealth Scan Timing: About 80.40% done; ETC: 22:54 (0:05:25 remaining)
Discovered open port 5825/tcp on 184.168.47.225
SYN Stealth Scan Timing: About 85.17% done; ETC: 22:53 (0:04:02 remaining)
SYN Stealth Scan Timing: About 90.36% done; ETC: 22:54 (0:02:39 remaining)
SYN Stealth Scan Timing: About 95.54% done; ETC: 22:54 (0:01:14 remaining)
Discovered open port 1141/tcp on 184.168.47.225
Discovered open port 42510/tcp on 184.168.47.225
Completed SYN Stealth Scan at 22:54, 1663.90s elapsed (1000 total ports)
Initiating Service scan at 22:54
Scanning 27 services on www.kit-drone.com (184.168.47.225)
Completed Service scan at 22:54, 5.02s elapsed (27 services on 1 host)
Initiating OS detection (try #1) against www.kit-drone.com (184.168.47.225)
Retrying OS detection (try #2) against www.kit-drone.com (184.168.47.225)
Initiating Traceroute at 22:54
Completed Traceroute at 22:54, 9.05s elapsed
Initiating Parallel DNS resolution of 1 host. at 22:54
Completed Parallel DNS resolution of 1 host. at 22:54, 0.00s elapsed
NSE: Script scanning 184.168.47.225.
Initiating NSE at 22:54
Completed NSE at 23:00, 306.43s elapsed
Initiating NSE at 23:00
Completed NSE at 23:00, 0.01s elapsed
Nmap scan report for www.kit-drone.com (184.168.47.225)
Host is up (0.21s latency).
rDNS record for 184.168.47.225: kit-drone.com
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: specialized|WAP|phone
Running (JUST GUESSING): iPXE 1.X (93%), Linksys Linux 2.4.X (93%), Linux 2.6.X (93%), Sony Ericsson embedded (91%)
OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linksys:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6 cpe:/h:sonyericsson:u8i_vivaz
Aggressive OS guesses: iPXE 1.0.0+ (93%), Tomato 1.28 (Linux 2.4.20) (93%), Tomato firmware (Linux 2.6.22) (93%), Sony Ericsson U8i Vivaz mobile phone (91%)
No exact OS matches for host (test conditions non-ideal).

TRACEROUTE (using port 143/tcp)
HOP RTT ADDRESS
1 0.00 ms Livebox (192.168.1.1)
2 ... 30

NSE: Script Post-scanning.
Initiating NSE at 23:00
Completed NSE at 23:00, 0.00s elapsed
Initiating NSE at 23:00
Completed NSE at 23:00, 0.00s elapsed
Read data files from: E:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2002.70 seconds
Raw packets sent: 7750 (345.802KB) | Rcvd: 84 (8.026KB)

Ports: