Thus at some point in your career, it’s almost certain that a port scan will knock something over. Unfortunately, port scanning more or less relies on these two edge cases. It’s a fact of life that software bugs happen, and are often triggered by edge cases never considered by the software’s author.Ī common edge case is something connecting to a service and disconnecting before the conversation starts, or connecting to a service and sending unexpected input. If you have a copy of virtualbox, it's worth playing along with this post.īefore we start, I’d like to share a pentester story with you about knocking systems over. In this example I have a copy of metasploitable 2 running on IP address 10.0.2.4. Here we'll put the theory into practice and see what we find on a lab network. Earlier we looked at the theory behind different types of port scans.
0 kommentar(er)
