MID TEST KEAMANAN JARINGAN KOMPUTER Scanning & CVE Mapping

Transkripsi

1 MID TEST KEAMANAN JARINGAN KOMPUTER Scanning & CVE Mapping Disusun oleh : Andreas Samosir ( ) Sistem Komputer 8 Jurusan Sistem Komputer Fakultas Ilmu Komputer Universitas Sriwijaya

2 Soal MID Test : Lakukan Scanning & CVE pada sebuah situs yang merupakan target : 1. Menggunakan NMAP/ZenMap pada Sistem operasi Windows, NESSUS., dan tools improve lainnya. 2. Presentasi analysis a. Open Port (main/major) b. Daemon c. Vulnerable 3. CVE : a. CVE Mapping b. cari risk ratingnya c. saverity 4. daftar pustaka

3 Situs target yang saya scan adalah adalah salah satu pasar daring (online marketplace) terkemuka di Indonesia (biasa dikenal juga dengan jaringan toko daring ) yang dimiliki dan dijalankan oleh PT. Bukalapak. Seperti halnya situs layanan jual - beli daring (online) dengan model bisnis consumer-to-consumer (C2C), Bukalapak menyediakan sarana penjualan dari konsumen-ke-konsumen di mana pun. Siapa pun bisa membuka toko daring untuk kemudian melayani calon pembeli dari seluruh Indonesia baik satuan ataupun dalam jumlah banyak. 1. Scanning menggunakan ZenMap : Masukkan web target pada kolom target pada aplikasi ZenMap.

4 2. Tunggu sampai hasil scan nya menjadi completed 100% 3. Jika sudah 100%, maka akan dapat di lihat Port yang terbuka pada situs

5 4. Hasil pada Host-Detail 5. Topology situs

6 6. Hasil Scanning ZenMap pada situs Starting Nmap 7.10 ( ) at :00 SE Asia Standard Time NSE: Loaded 138 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 10:00 Completed NSE at 10:00, 0.01s elapsed Initiating NSE at 10:00 Completed NSE at 10:00, 0.00s elapsed Initiating Ping Scan at 10:00 Scanning ( ) [4 ports] Completed Ping Scan at 10:00, 0.56s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 10:00 Completed Parallel DNS resolution of 1 host. at 10:00, 16.50s elapsed Initiating SYN Stealth Scan at 10:00 Scanning ( ) [65535 ports] Discovered open port 53/tcp on Discovered open port 80/tcp on Discovered open port 25/tcp on Discovered open port 111/tcp on Discovered open port 443/tcp on SYN Stealth Scan Timing: About 9.58% done; ETC: 10:06 (0:04:53 remaining) Increasing send delay for from 0 to 5 due to max_successful_tryno increase to 5 SYN Stealth Scan Timing: About 12.80% done; ETC: 10:08 (0:06:55 remaining) Discovered open port 8999/tcp on SYN Stealth Scan Timing: About 27.96% done; ETC: 10:09 (0:06:29 remaining) SYN Stealth Scan Timing: About 33.48% done; ETC: 10:09 (0:06:00 remaining) Increasing send delay for from 5 to 10 due to max_successful_tryno increase to 6 Warning: giving up on port because retransmission cap hit (6). SYN Stealth Scan Timing: About 39.14% done; ETC: 10:11 (0:06:29 remaining) SYN Stealth Scan Timing: About 48.89% done; ETC: 10:12 (0:05:55 remaining) SYN Stealth Scan Timing: About 55.55% done; ETC: 10:12 (0:05:20 remaining) SYN Stealth Scan Timing: About 61.53% done; ETC: 10:12 (0:04:44 remaining) SYN Stealth Scan Timing: About 67.71% done; ETC: 10:13 (0:04:05 remaining)

7 SYN Stealth Scan Timing: About 73.17% done; ETC: 10:13 (0:03:26 remaining) SYN Stealth Scan Timing: About 78.46% done; ETC: 10:13 (0:02:47 remaining) SYN Stealth Scan Timing: About 83.70% done; ETC: 10:13 (0:02:08 remaining) Discovered open port 62608/tcp on SYN Stealth Scan Timing: About 89.10% done; ETC: 10:13 (0:01:26 remaining) SYN Stealth Scan Timing: About 94.22% done; ETC: 10:13 (0:00:46 remaining) Completed SYN Stealth Scan at 10:14, s elapsed (65535 total ports) Initiating Service scan at 10:14 Scanning 7 services on ( ) Completed Service scan at 10:16, s elapsed (7 services on 1 host) Initiating OS detection (try #1) against ( ) adjust_timeouts2: packet supposedly had rtt of microseconds. Ignoring time. adjust_timeouts2: packet supposedly had rtt of microseconds. Ignoring time. RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 Retrying OS detection (try #2) against ( ) Initiating Traceroute at 10:16 Completed Traceroute at 10:16, 3.02s elapsed Initiating Parallel DNS resolution of 6 hosts. at 10:16 Completed Parallel DNS resolution of 6 hosts. at 10:17, 16.50s elapsed NSE: Script scanning Initiating NSE at 10:17 Completed NSE at 10:17, 14.83s elapsed Initiating NSE at 10:17 Completed NSE at 10:17, 1.63s elapsed Nmap scan report for ( ) Host is up (0.11s latency). Not shown: closed ports PORT STATE SERVICE VERSION 25/tcp open smtp _smtp-commands: [ ] Hello [ ], pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE , DSN, AUTH LOGIN PLAIN, DELIVERBY, HELP, 53/tcp open domain? 80/tcp open http nginx http-methods: _ Supported Methods: GET HEAD POST OPTIONS

8 _http-server-header: nginx _http-title: Did not follow redirect to 111/tcp open rpcbind 2-4 (RPC #100000) 443/tcp open ssl/http nginx http-methods: _ Supported Methods: GET HEAD POST OPTIONS _http-server-header: nginx ssl-cert: Subject: commonname=*.bukalapak.com Issuer: commonname=comodo RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB Public Key type: rsa Public Key bits: 2048 Signature Algorithm: sha256withrsaencryption Not valid before: T00:00:00 Not valid after: T23:59:59 MD5: 1a49 725e ae70 12ea c18a f a723 _SHA-1: 8e49 a53a 13e2 b6e8 a790 3a83 948a e088 b296 f211 _ssl-date: T03:17:24+00:00; +8s from scanner time. tls-nextprotoneg: spdy/3.1 _ http/ /tcp open http nginx _http-favicon: Unknown favicon MD5: E409801E2F53B00A5C1599E5D3F85973 http-methods: _ Supported Methods: GET HEAD POST OPTIONS http-robots.txt: 1 disallowed entry _/payment/transactions? _http-server-header: nginx _http-title: Situs Jual Beli Online Mudah Dan Terpercaya Bukalapak 62608/tcp open status 1 (RPC #100024) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at : SF-Port25-TCP:V=7.10%I=7%D=3/26%Time=56F5FE95%P=i686-pc-windows-windows%r( SF:Hello,6C,"220\x20\[182\.253\.238\.102\]\x20ESMTP\x20Smtpd;\x20Sat,\x202 SF:6\x20Mar\x202016\x2010:14:30\x20\+0700\r\n501\x205\.0\.0\x20EHLO\x20req SF:uires\x20domain\x20address\r\n")%r(Help,6D,"220\x20\[182\.253\.238\.102

9 SF:\]\x20ESMTP\x20Smtpd;\x20Sat,\x2026\x20Mar\x202016\x2010:14:37\x20\+070 SF:0\r\n502\x205\.3\.0\x20Smtpd\x20--\x20HELP\x20not\x20implemented\r\n")% SF:r(GenericLines,8C,"220\x20\[182\.253\.238\.102\]\x20ESMTP\x20Smtpd;\x20 SF:Sat,\x2026\x20Mar\x202016\x2010:14:45\x20\+0700\r\n500\x205\.5\.1\x20Co SF:mmand\x20unrecognized:\x20\"\"\r\n500\x205\.5\.1\x20Command\x20unrecogn SF:ized:\x20\"\"\r\n")%r(GetRequest,88,"220\x20\[182\.253\.238\.102\]\x20E SF:SMTP\x20Smtpd;\x20Sat,\x2026\x20Mar\x202016\x2010:14:52\x20\+0700\r\n42 SF:1\x204\.7\.0\x20\[182\.253\.238\.102\]\x20Rejecting\x20open\x20proxy\x2 SF:0\[192\.168\.130\.165\]\r\n"); Device type: general purpose Running (JUST GUESSING): OpenBSD 4.X (87%) OS CPE: cpe:/o:openbsd:openbsd:4.0 Aggressive OS guesses: OpenBSD 4.0 (87%) No exact OS matches for host (test conditions non-ideal). Uptime guess: days (since Fri Apr 17 20:59: ) Network Distance: 9 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: Randomized TRACEROUTE (using port 993/tcp) HOP RTT ADDRESS ms ms ms ms ms ms NSE: Script Post-scanning. Initiating NSE at 10:17 Completed NSE at 10:17, 0.00s elapsed Initiating NSE at 10:17 Completed NSE at 10:17, 0.00s elapsed Read data files from: C:\Program Files (x86)\nmap

10 OS and Service detection performed. Please report any incorrect results at Nmap done: 1 IP address (1 host up) scanned in seconds Raw packets sent: (3.111MB) Rcvd: (2.812MB) 7. Selain Nmap, saya juga melakukan scanning melalui aplikasi scanner lainnya, yaitu Superscan Pada aplikasi ini juga di tampilkan mengenai PORT yang terbuka dari situs ini.

11 9. Pada scanner Acunetix juga didapat hasil sebagai berikut : 10. Dan juga di temukan beberapa kelemahan dari situs yaitu dengan ada nya beberapa ancaman terhadap situs meskipun kebanyakan hanya berupa medium alert. Dan di temukan Risk rating nya Level 2 ; Medium.

12 Hasil scanning menggunakan Nessus

13

14 CVE Mapping

15

16

17 Daftar Pustaka 1. scanner?gclid=cmhazzzc4mscfdmraaodql8mkw