Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hasil Scan Situs Internet Bank Onno W. Purbo

Published byAlanis Wattles Modified over 9 years ago

Similar presentations

Presentation on theme: "Hasil Scan Situs Internet Bank Onno W. Purbo"— Presentation transcript:

1 Hasil Scan Situs Internet Bank Onno W. Purbo Onno@indo.net.id

2 Tool yang digunakan nmap openssl

3 Korban www.bi.go.id www.bii.co.id www.bni.co.id www.bankmandiri.co.id www.klikbca.com ibank.klikbca.com

4 www.bi.go.id [root@yc1dav onno]# nmap -v -sS www.bi.go.id Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host psk.bi.go.id (202.152.5.17) appears to be up... good. Initiating SYN half-open stealth scan against psk.bi.go.id (202.152.5.17) Adding TCP port 21 (state open). Adding TCP port 22 (state open). Adding TCP port 20 (state open). Adding TCP port 80 (state open). Adding TCP port 5631 (state open). Adding TCP port 23 (state open). The SYN scan took 75 seconds to scan 1523 ports.

5 www.bi.go.idwww.bi.go.id.. Interesting ports on psk.bi.go.id (202.152.5.17): (The 1508 ports scanned but not shown below are in state: closed) Port State Service 20/tcp open ftp-data 21/tcp open ftp 22/tcp open ssh 23/tcp open telnet 80/tcp open http 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 1524/tcp filtered ingreslock 2041/tcp filtered interbase 5631/tcp open pcanywheredata 6000/tcp filtered X11 12345/tcp filtered NetBus 12346/tcp filtered NetBus 27665/tcp filtered Trinoo_Master Nmap run completed -- 1 IP address (1 host up) scanned in 80 seconds

6 www.bni.co.id [root@yc1dav onno]# nmap -v -sS www.bni.co.id Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host admin.bankmandiri.co.id (202.155.27.222) appears to be up... good. Initiating SYN half-open stealth scan against admin.bankmandiri.co.id (202.155.27.222) Adding TCP port 80 (state open). Adding TCP port 21 (state open). caught SIGINT signal, cleaning up

7 www.bii.co.id [root@yc1dav onno]# nmap -v -sS www.bii.co.id Starting nmap V. 2.53 by fyodor@insecure.org (www.insecure.org/nmap/ ) Host www.bii.co.id (202.152.2.29) appears to be up... good. Initiating SYN half-open stealth scan against www.bii.co.id (202.152.2.29) Adding TCP port 80 (state open). The SYN scan took 332 seconds to scan 1523 ports. Interesting ports on www.bii.co.id (202.152.2.29): (The 1522 ports scanned but not shown below are in state: filtered) Port State Service 80/tcp open http TCP Sequence Prediction: Class=random positive increments Difficulty=411558 (Good luck!) Sequence numbers: C24AB963 C253AB47 C265AEC6 C2796858 C28974CE C2A5E185 Nmap run completed -- 1 IP address (1 host up) scanned in 394 seconds

8 http://www.btn.co.id [root@586 onno]# nmap -v -sS www.btn.co.id Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host www.btn.co.id (202.147.255.18) appears to be up... good. Initiating SYN half-open stealth scan against www.btn.co.id (202.147.255.18) Adding TCP port 80 (state open). The SYN scan took 283 seconds to scan 1523 ports. Interesting ports on www.btn.co.id (202.147.255.18): (The 1522 ports scanned but not shown below are in state: filtered) Port State Service 80/tcp open http Nmap run completed -- 1 IP address (1 host up) scanned in 284 seconds

9 http://www.lippobank.com [root@586 onno]# nmap -v -sS www.lippobank.com Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host www3.infostreet.com (206.185.24.3) appears to be up... good. Initiating SYN half-open stealth scan against www3.infostreet.com (206.185.24.3)Adding TCP port 25 (state open). Adding TCP port 21 (state open). Adding TCP port 80 (state open). caught SIGINT signal, cleaning up [root@586 onno]#

10 http://www.bankmandiri.co.id [root@586 onno]# nmap -v -sS www.bankmandiri.co.id Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host www.bankmandiri.co.id (202.155.27.222) appears to be up... good. Initiating SYN half-open stealth scan against www.bankmandiri.co.id (202.155.27.222) Adding TCP port 21 (state open). Adding TCP port 80 (state open). The SYN scan took 512 seconds to scan 1523 ports. Interesting ports on www.bankmandiri.co.id (202.155.27.222): (The 1520 ports scanned but not shown below are in state: filtered) Port State Service 20/tcp closed ftp-data 21/tcp open ftp 80/tcp open http Nmap run completed -- 1 IP address (1 host up) scanned in 515 seconds

11 http://www.bankdanamon.co m [root@586 onno]# nmap -v -sS www.bankdanamon.com Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host redirect.dnsix.com (64.75.34.136) appears to be up... good. Initiating SYN half-open stealth scan against redirect.dnsix.com (64.75.34.136) Adding TCP port 80 (state open). The SYN scan took 214 seconds to scan 1523 ports. Interesting ports on redirect.dnsix.com (64.75.34.136): (The 1522 ports scanned but not shown below are in state: filtered) Port State Service 80/tcp open http Nmap run completed -- 1 IP address (1 host up) scanned in 217 seconds

12 ibank.klikbca.com [root@yc1dav onno]# nmap -vv -sS -O ibank.klikbca.com Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host (202.158.15.52) appears to be down, skipping it. Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 Nmap run completed -- 1 IP address (0 hosts up) scanned in 43 seconds

13 www.klikbca.com [root@yc1dav onno]# nmap -vv -sS -O www.klikbca.com Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host (202.158.15.51) appears to be down, skipping it. Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 Nmap run completed -- 1 IP address (0 hosts up) scanned in 60 seconds

14 Keamanan https://ibank...https://ibank $ openssl s_client -host ibank.klikbca.com -port 443 CONNECTED(00000003) depth=1 /O=VeriSign Trust Network /OU=VeriSign, Inc. /OU=VeriSign International Server CA - Class 3 /OU=www.verisign.com /CPS Incorp.by Ref. LIABILITY LTD.©97 VeriSign verify error:num=20:unable to get local issuer certificate verify return:0 ---

15 Keamanan https://ibank...https://ibank Certificate chain 0 s:/C=ID/ST=Jakarta/L=Jakarta /O=PT. Bank Central Asia /OU=Divisi Sistem Informasi /OU=Terms of use at www.verisign.com/rpa ©00www.verisign.com/rpa /CN=ibank.klikbca.com i:/O=VeriSign Trust Network/OU=VeriSign, Inc. /OU=VeriSign International Server CA – Class 3 /OU=www.verisign.com /CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign 1 s:/O=VeriSign Trust Network/OU=VeriSign, Inc. /OU=VeriSign International Server CA - Class 3 /OU=www.verisign.com /CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign i:/C=US/O=VeriSign, Inc. /OU=Class 3 Public Primary Certification Authority ---

16 Keamanan https://ibank...https://ibank Server certificate -----BEGIN CERTIFICATE----- MIIFiTCCBPKgAwIBAgIQNJxhVugbaLL091k1nDHipzANBgkqhkiG9w0BAQQFAD ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVm aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2 8m/rIsc6SA19ranlBFx0zT9AURZDDcVy12ZM9T0ZvWY5xF2frWRibYnw3zyQVC a6cK5U0JK0T/ddqrgRggeqH8ushwef68etrEqgw= -----END CERTIFICATE----- subject=/C=ID/ST=Jakarta/L=Jakarta/O=PT. Bank Central Asia /OU=Divisi Sistem Informasi /OU=Terms of use at www.verisign.com/rpa ©00www.verisign.com/rpa /CN=ibank.klikbca.com issuer=/O=VeriSign Trust Network/OU=VeriSign, Inc. /OU=VeriSign International Server CA - Class 3 /OU=www.verisign.com /CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign ---

17 Keamanan https://ibank...https://ibank No client certificate CA names sent --- SSL handshake has read 2637 bytes and written 312 bytes --- New, TLSv1/SSLv3, Cipher is RC4-MD5 Server public key is 1024 bit SSL-Session: Protocol : TLSv1 Cipher : RC4-MD5 Session-ID: 850000001702595756FADE4AFEE7F652BC790CC606376 Session-ID-ctx: Master-Key: 3CD841954D698035E5C82941F608D200929A3636CA07D Key-Arg : None Start Time: 991984495 Timeout : 300 (sec) Verify return code: 0 (ok) --- QUIT DONE $

18 www.plasa.com [root@yc1dav onno]# nmap -v -sS -O www.plasa.com Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Host plasa.com (202.134.0.172) appears to be up... good. Initiating SYN half-open stealth scan against plasa.com (202.134.0.172) Adding TCP port 32771 (state open). Adding TCP port 2049 (state open). Adding TCP port 22 (state open). Adding TCP port 21 (state open). Adding TCP port 111 (state open). Adding TCP port 80 (state open). Adding TCP port 32773 (state open). Adding TCP port 32772 (state open). The SYN scan took 77 seconds to scan 1523 ports.

19 www.plasa.comwww.plasa.com.. For OSScan assuming that port 21 is open and port 1 is closed and neither are firewalled sendto in send_udp_raw_decoys: Message too long For OSScan assuming that port 21 is open and port 1 is closed and neither are firewalled sendto in send_udp_raw_decoys: Message too long For OSScan assuming that port 21 is open and port 1 is closed and neither are firewalled sendto in send_udp_raw_decoys: Message too long Nmap run completed -- 1 IP address (1 host up) scanned in 121 seconds

20 www.plasa.comwww.plasa.com.. Interesting ports on plasa.com (202.134.0.172): (The 1506 ports scanned but not shown below are in state: closed) Port State Service 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open sunrpc 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 1524/tcp filtered ingreslock 2041/tcp filtered interbase 2049/tcp open nfs 6000/tcp filtered X11 12345/tcp filtered NetBus 12346/tcp filtered NetBus 27665/tcp filtered Trinoo_Master 32771/tcp open sometimes-rpc5 32772/tcp open sometimes-rpc7 32773/tcp open sometimes-rpc9

21 www.plasa.comwww.plasa.com.. TCP Sequence Prediction: Class=random positive increments Difficulty=31064 (Worthy challenge) Sequence numbers: 819C110D 819E6958 81A11F58 81A44188 81A613A1 81A816DB No OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: TSeq(Class=RI%gcd=1%SI=9335) TSeq(Class=RI%gcd=1%SI=235DC) TSeq(Class=RI%gcd=1%SI=7958) T1(Resp=Y%DF=Y%W=109%ACK=S++%Flags=AS%Ops=NNTME) T2(Resp=N) T3(Resp=N) T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=N)

Download ppt "Hasil Scan Situs Internet Bank Onno W. Purbo"

Similar presentations

1 Radio Maria World. 2 Postazioni Transmitter locations.

1 Radio Maria World. 2 Postazioni Transmitter locations.
MCT620 – Distributed Systems

MCT620 – Distributed Systems
2 20 107 1 106 13 19 21 25 22/24 3 12 14 23 4 11 15 26 27 30 5 7 6 9 16 18 28 104 29 8/17 32/109 100 99 105 108 31 34 40/42 41 98 68 93 90/92 91 81 80.

/ /17 32/ / /
Andrew Newbigging Vice President, Integrations Development

Andrew Newbigging Vice President, Integrations Development
Reflection nurulquran.com.

Reflection nurulquran.com.
Worksheets.

Worksheets.
ISA 662 SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later.

ISA 662 SSL Prof. Ravi Sandhu. 2 © Ravi Sandhu SECURE SOCKETS LAYER (SSL) layered on top of TCP SSL versions 1.0, 2.0, 3.0, 3.1 Netscape protocol later.
1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 2 Getting Started.

1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 2 Getting Started.
Network Layer: Address Mapping, Error Reporting, and Multicasting

Network Layer: Address Mapping, Error Reporting, and Multicasting
Packet filtering using cisco access listsINET97 / track 2 # 1 packet filters using cisco access lists Fri 19 June 97.

Packet filtering using cisco access listsINET97 / track 2 # 1 packet filters using cisco access lists Fri 19 June 97.
AI3 Contact Server Takeshi Usui

AI3 Contact Server Takeshi Usui
Summative Math Test Algebra (28%) Geometry (29%)

Summative Math Test Algebra (28%) Geometry (29%)
© Tally Solutions Pvt. Ltd. All Rights Reserved Shoper 9 License Management December 09.

© Tally Solutions Pvt. Ltd. All Rights Reserved Shoper 9 License Management December 09.
Everything.

Everything.
Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.
What is access control list (ACL)?

What is access control list (ACL)?
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 2 The OSI Model and the TCP/IP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 2 The OSI Model and the TCP/IP.
Nov-03 ©Cisco Systems CCNA Semester 1 Version 3 Comp11 Mod11 – St. Lawrence College – Cornwall Campus, ON, Canada – Clark slide 1 Cisco Systems CCNA Version.

Nov-03 ©Cisco Systems CCNA Semester 1 Version 3 Comp11 Mod11 – St. Lawrence College – Cornwall Campus, ON, Canada – Clark slide 1 Cisco Systems CCNA Version.
Network Fundamentals – Chapter 4 Sandra Coleman, CCNA, CCAI

Network Fundamentals – Chapter 4 Sandra Coleman, CCNA, CCAI
1 A Study on SYN Flooding Student: Tao-Wei Huang Advisor: Prof. Wen-Nung Tasi 2001/06/13.

1 A Study on SYN Flooding Student: Tao-Wei Huang Advisor: Prof. Wen-Nung Tasi 2001/06/13.

Similar presentations

Ads by Google