MID TEST KEAMANAN JARINGAN KOMPUTER “Scanning & CVE Mapping” www.bukalapak.com
Disusun oleh :
Andreas Samosir (09121001019) Sistem Komputer 8
Jurusan Sistem Komputer Fakultas Ilmu Komputer Universitas Sriwijaya
Soal MID Test :
Lakukan Scanning & CVE pada sebuah situs yang merupakan target :
1. Menggunakan NMAP/ZenMap pada Sistem operasi Windows, NESSUS., dan tools improve lainnya. 2. Presentasi analysis a. Open Port (main/major) b. Daemon c. Vulnerable 3. CVE : a. CVE Mapping b. cari risk ratingnya c. saverity 4. daftar pustaka
Situs target yang saya scan adalah “ www.bukalapak.com “ www.bukalapak.com adalah salah satu pasar daring (online marketplace) terkemuka di Indonesia (biasa dikenal juga dengan jaringan toko daring ) yang dimiliki dan dijalankan oleh PT. Bukalapak. Seperti halnya situs layanan jual - beli daring (online) dengan model bisnis consumer-to-consumer (C2C), Bukalapak menyediakan sarana penjualan dari konsumen-ke-konsumen di mana pun. Siapa pun bisa membuka toko daring untuk kemudian melayani calon pembeli dari seluruh Indonesia baik satuan ataupun dalam jumlah banyak.
1. Scanning menggunakan ZenMap : Masukkan web target pada kolom target pada aplikasi ZenMap.
2. Tunggu sampai hasil scan nya menjadi “completed” 100%
3. Jika sudah 100%, maka akan dapat di lihat Port yang terbuka pada situs www.bukalapak.com
4. Hasil pada Host-Detail
5. Topology situs www.bukalapak.com
6. Hasil Scanning ZenMap pada situs www.bukalapak.com Starting Nmap 7.10 ( https://nmap.org ) at 2016-03-26 10:00 SE Asia Standard Time NSE: Loaded 138 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 10:00 Completed NSE at 10:00, 0.01s elapsed Initiating NSE at 10:00 Completed NSE at 10:00, 0.00s elapsed Initiating Ping Scan at 10:00 Scanning www.bukalapak.com (182.253.238.102) [4 ports] Completed Ping Scan at 10:00, 0.56s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 10:00 Completed Parallel DNS resolution of 1 host. at 10:00, 16.50s elapsed Initiating SYN Stealth Scan at 10:00 Scanning www.bukalapak.com (182.253.238.102) [65535 ports] Discovered open port 53/tcp on 182.253.238.102 Discovered open port 80/tcp on 182.253.238.102 Discovered open port 25/tcp on 182.253.238.102 Discovered open port 111/tcp on 182.253.238.102 Discovered open port 443/tcp on 182.253.238.102 SYN Stealth Scan Timing: About 9.58% done; ETC: 10:06 (0:04:53 remaining) Increasing send delay for 182.253.238.102 from 0 to 5 due to max_successful_tryno increase to 5 SYN Stealth Scan Timing: About 12.80% done; ETC: 10:08 (0:06:55 remaining) Discovered open port 8999/tcp on 182.253.238.102 SYN Stealth Scan Timing: About 27.96% done; ETC: 10:09 (0:06:29 remaining) SYN Stealth Scan Timing: About 33.48% done; ETC: 10:09 (0:06:00 remaining) Increasing send delay for 182.253.238.102 from 5 to 10 due to max_successful_tryno increase to 6 Warning: 182.253.238.102 giving up on port because retransmission cap hit (6). SYN Stealth Scan Timing: About 39.14% done; ETC: 10:11 (0:06:29 remaining) SYN Stealth Scan Timing: About 48.89% done; ETC: 10:12 (0:05:55 remaining) SYN Stealth Scan Timing: About 55.55% done; ETC: 10:12 (0:05:20 remaining) SYN Stealth Scan Timing: About 61.53% done; ETC: 10:12 (0:04:44 remaining) SYN Stealth Scan Timing: About 67.71% done; ETC: 10:13 (0:04:05 remaining)
SYN Stealth Scan Timing: About 73.17% done; ETC: 10:13 (0:03:26 remaining) SYN Stealth Scan Timing: About 78.46% done; ETC: 10:13 (0:02:47 remaining) SYN Stealth Scan Timing: About 83.70% done; ETC: 10:13 (0:02:08 remaining) Discovered open port 62608/tcp on 182.253.238.102 SYN Stealth Scan Timing: About 89.10% done; ETC: 10:13 (0:01:26 remaining) SYN Stealth Scan Timing: About 94.22% done; ETC: 10:13 (0:00:46 remaining) Completed SYN Stealth Scan at 10:14, 817.30s elapsed (65535 total ports) Initiating Service scan at 10:14 Scanning 7 services on www.bukalapak.com (182.253.238.102) Completed Service scan at 10:16, 148.16s elapsed (7 services on 1 host) Initiating OS detection (try #1) against www.bukalapak.com (182.253.238.102) adjust_timeouts2: packet supposedly had rtt of 11216000 microseconds. Ignoring time. adjust_timeouts2: packet supposedly had rtt of 11216000 microseconds. Ignoring time. RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 Retrying OS detection (try #2) against www.bukalapak.com (182.253.238.102) Initiating Traceroute at 10:16 Completed Traceroute at 10:16, 3.02s elapsed Initiating Parallel DNS resolution of 6 hosts. at 10:16 Completed Parallel DNS resolution of 6 hosts. at 10:17, 16.50s elapsed NSE: Script scanning 182.253.238.102. Initiating NSE at 10:17 Completed NSE at 10:17, 14.83s elapsed Initiating NSE at 10:17 Completed NSE at 10:17, 1.63s elapsed Nmap scan report for www.bukalapak.com (182.253.238.102) Host is up (0.11s latency). Not shown: 65528 closed ports PORT
STATE SERVICE VERSION
25/tcp open smtp |_smtp-commands: [182.253.238.102] Hello [192.168.130.137], pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, 8BITMIME, SIZE 10485760, DSN, AUTH LOGIN PLAIN, DELIVERBY, HELP, 53/tcp open domain? 80/tcp open http
nginx
| http-methods: |_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: nginx |_http-title: Did not follow redirect to https://www.bukalapak.com/ 111/tcp open rpcbind 2-4 (RPC #100000) 443/tcp open ssl/http nginx | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: nginx | ssl-cert: Subject: commonName=*.bukalapak.com | Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-03-21T00:00:00 | Not valid after: 2019-04-05T23:59:59 | MD5: 1a49 725e ae70 12ea c18a f275 5404 a723 |_SHA-1: 8e49 a53a 13e2 b6e8 a790 3a83 948a e088 b296 f211 |_ssl-date: 2016-03-26T03:17:24+00:00; +8s from scanner time. | tls-nextprotoneg: | spdy/3.1 |_ http/1.1 8999/tcp open http
nginx
|_http-favicon: Unknown favicon MD5: E409801E2F53B00A5C1599E5D3F85973 | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS | http-robots.txt: 1 disallowed entry |_/payment/transactions? |_http-server-header: nginx |_http-title: Situs Jual Beli Online Mudah Dan Terpercaya | Bukalapak 62608/tcp open status 1 (RPC #100024) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port25-TCP:V=7.10%I=7%D=3/26%Time=56F5FE95%P=i686-pc-windows-windows%r( SF:Hello,6C,"220\x20\[182\.253\.238\.102\]\x20ESMTP\x20Smtpd;\x20Sat,\x202 SF:6\x20Mar\x202016\x2010:14:30\x20\+0700\r\n501\x205\.0\.0\x20EHLO\x20req SF:uires\x20domain\x20address\r\n")%r(Help,6D,"220\x20\[182\.253\.238\.102
SF:\]\x20ESMTP\x20Smtpd;\x20Sat,\x2026\x20Mar\x202016\x2010:14:37\x20\+070 SF:0\r\n502\x205\.3\.0\x20Smtpd\x20--\x20HELP\x20not\x20implemented\r\n")% SF:r(GenericLines,8C,"220\x20\[182\.253\.238\.102\]\x20ESMTP\x20Smtpd;\x20 SF:Sat,\x2026\x20Mar\x202016\x2010:14:45\x20\+0700\r\n500\x205\.5\.1\x20Co SF:mmand\x20unrecognized:\x20\"\"\r\n500\x205\.5\.1\x20Command\x20unrecogn SF:ized:\x20\"\"\r\n")%r(GetRequest,88,"220\x20\[182\.253\.238\.102\]\x20E SF:SMTP\x20Smtpd;\x20Sat,\x2026\x20Mar\x202016\x2010:14:52\x20\+0700\r\n42 SF:1\x204\.7\.0\x20\[182\.253\.238\.102\]\x20Rejecting\x20open\x20proxy\x2 SF:0\[192\.168\.130\.165\]\r\n"); Device type: general purpose Running (JUST GUESSING): OpenBSD 4.X (87%) OS CPE: cpe:/o:openbsd:openbsd:4.0 Aggressive OS guesses: OpenBSD 4.0 (87%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 343.554 days (since Fri Apr 17 20:59:22 2015) Network Distance: 9 hops TCP Sequence Prediction: Difficulty=258 (Good luck!) IP ID Sequence Generation: Randomized
TRACEROUTE (using port 993/tcp) HOP RTT
ADDRESS
1 1.00 ms 192.168.43.1 2 ... 4 5 97.00 ms 114.120.194.78 6 98.00 ms 114.127.254.30 7 100.00 ms 103.28.74.158 8 88.00 ms 203.142.67.142 9 88.00 ms 182.253.238.102
NSE: Script Post-scanning. Initiating NSE at 10:17 Completed NSE at 10:17, 0.00s elapsed Initiating NSE at 10:17 Completed NSE at 10:17, 0.00s elapsed Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 1035.67 seconds Raw packets sent: 70571 (3.111MB) | Rcvd: 70234 (2.812MB)
7. Selain Nmap, saya juga melakukan scanning melalui aplikasi scanner lainnya , yaitu „Superscan 4.1”.
8. Pada aplikasi ini juga di tampilkan mengenai PORT yang terbuka dari situs www.bukalapak.com ini .
9. Pada scanner Acunetix juga didapat hasil sebagai berikut :
10. Dan juga di temukan beberapa kelemahan dari situs www.bukalapak.com , yaitu dengan ada nya beberapa ancaman terhadap situs www.bukalapak , meskipun kebanyakan hanya berupa medium alert. Dan di temukan Risk rating nya Level 2 ; Medium.
Hasil scanning menggunakan Nessus
CVE Mapping www.bukalapak.com
Daftar Pustaka 1. http://www.tenable.com/products/nessus-vulnerability scanner?gclid=CMHAzZzc4MsCFdMRaAodQl8Mkw 2. http://www.acunetix.com/vulnerability-scanner/getting-started/?id=trial 3. http://scanme.nmap.org/ 4. https://nmap.org/download.html#windows 5. https://www.acunetix.com/vulnerability-scanner/download/