سلام دوستان
ایا باز بودن پورت روی سایت باعث هک شدن میشه ؟
مثلا پورت 443
میشه به این روش به سایت نفوذ کرد ؟
چون هر سایتی رو اسکن میکنم با این باگ درگیر میشم اموزشی هم ازش نیست
ایا باز بودن پورت روی سایت باعث هک شدن میشه ؟
مثلا پورت 443
443/tcp open ssl/https nginx
| http-methods:
|_ Supported Methods: GET HEAD POST
| http-title: \xD9\x85\xD8\xAF\xD8\xB1\xD8\xB3\xD9\x87 \xD8\xAD\xDA\xA9\xD9\x85\xD8\xB1\xD8\xA7\xD9\x86\x DB\x8C \xD8\xB4\xD9\x87\xDB\x8C\xD8\xAF \xD8\xA8\xD9\x87\xD8\xB4\xD8\xAA\xDB\x8C
|_Requested resource was https://***)
|_ssl-date: TLS randomness does not represent time
|_http-server-header: nginx
| ssl-cert: Subject: commonName=*.88888
| Subject Alternative Name: DNS:*.999999999 DNS:8888888
| Issuer: commonName=Certum Domain Validation CA SHA2/organizationName=Unizeto Technologies S.A./countryName=PL
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2023-05-30T06:31:52
| Not valid after: 2024-05-29T06:31:51
| MD5: 368d:956a:37a3:2a08:85f8:b9e6:fe5d:e030
|_SHA-1: 959b:e7a7:a0b4:a07a:29d3:1188:8824:c2b8:025a:ae0e
Device type: general purpose|WAP
Running (JUST GUESSING): Linux 2.4.X|3.X (99%), Actiontec embedded (99%), Microsoft Windows XP|7|2012 (95%)
OS CPE: cpe:/o:linux:linux_kernel:2.4.37 cpe:/h:actiontec:mi424wr-gen3i cpe:/o:linux:linux_kernel cpe:/o:linux:linux_kernel:3.2 cpe:/o:linux:linux_kernel:4.4 cpe:/o:microsoft:windows_xp::sp3 cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows_server_2012
Aggressive OS guesses: DD-WRT v24-sp2 (Linux 2.4.37) (99%), Actiontec MI424WR-GEN3I WAP (99%), Linux 3.2 (96%), Linux 4.4 (96%), Microsoft Windows XP SP3 or Windows 7 or Windows Server 2012 (95%), Microsoft Windows XP SP3 (94%)
No exact OS matches for host (test conditions non-ideal).
| http-methods:
|_ Supported Methods: GET HEAD POST
| http-title: \xD9\x85\xD8\xAF\xD8\xB1\xD8\xB3\xD9\x87 \xD8\xAD\xDA\xA9\xD9\x85\xD8\xB1\xD8\xA7\xD9\x86\x DB\x8C \xD8\xB4\xD9\x87\xDB\x8C\xD8\xAF \xD8\xA8\xD9\x87\xD8\xB4\xD8\xAA\xDB\x8C
|_Requested resource was https://***)
|_ssl-date: TLS randomness does not represent time
|_http-server-header: nginx
| ssl-cert: Subject: commonName=*.88888
| Subject Alternative Name: DNS:*.999999999 DNS:8888888
| Issuer: commonName=Certum Domain Validation CA SHA2/organizationName=Unizeto Technologies S.A./countryName=PL
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2023-05-30T06:31:52
| Not valid after: 2024-05-29T06:31:51
| MD5: 368d:956a:37a3:2a08:85f8:b9e6:fe5d:e030
|_SHA-1: 959b:e7a7:a0b4:a07a:29d3:1188:8824:c2b8:025a:ae0e
Device type: general purpose|WAP
Running (JUST GUESSING): Linux 2.4.X|3.X (99%), Actiontec embedded (99%), Microsoft Windows XP|7|2012 (95%)
OS CPE: cpe:/o:linux:linux_kernel:2.4.37 cpe:/h:actiontec:mi424wr-gen3i cpe:/o:linux:linux_kernel cpe:/o:linux:linux_kernel:3.2 cpe:/o:linux:linux_kernel:4.4 cpe:/o:microsoft:windows_xp::sp3 cpe:/o:microsoft:windows_7 cpe:/o:microsoft:windows_server_2012
Aggressive OS guesses: DD-WRT v24-sp2 (Linux 2.4.37) (99%), Actiontec MI424WR-GEN3I WAP (99%), Linux 3.2 (96%), Linux 4.4 (96%), Microsoft Windows XP SP3 or Windows 7 or Windows Server 2012 (95%), Microsoft Windows XP SP3 (94%)
No exact OS matches for host (test conditions non-ideal).
میشه به این روش به سایت نفوذ کرد ؟
چون هر سایتی رو اسکن میکنم با این باگ درگیر میشم اموزشی هم ازش نیست