Networking is a major topic in penetration testing. In this appendix, I have gathered together all the important information so that you can refer to it when you need to.
You're reading from Practical Web Penetration Testing
Network subnets
Sometimes, you will be given subnet masks (a range of IP addresses) to test, and in some cases, you will test only one single IP address. If you're using a subnet mask, then use the following table as a reference:
CIDR | Hosts | Net mask |
/30 | 2 | 255.255.255.252 |
/29 | 6 | 255.255.255.248 |
/28 | 14 | 255.255.255.240 |
/27 | 30 | 255.255.255.224 |
/26 | 62 | 255.255.255.192 |
/25 | 126 | 255.255.255.128 |
/24 | 254 | 255.255.255.0 |
/23 | 510 | 255.255.254.0 |
/22 | 1022 | 255.255.252.0 |
/21 | 2046 | 255.255.248.0 |
/20 | 4094 | 255.255.240.0 |
/19 | 8190 | 255.255.224.0 |
/18 | 16382 | 255.255.192.0 |
/17 | 32766 | 255.255.128.0 |
/16 | 65534 | 255.255.0.0 |
Port numbers and services
Well-known ports: 0-1023
Registered ports: 1024-49,151
Dynamic ports: 49,152-65,535
Most common ports and services:
Protocol name | TCP/UDP | Port number |
File Transfer Protocol (FTP) | TCP | 20, 21 |
Secure Shell (SSH) | TCP | 22 |
Telnet | TCP | 23 |
Simple Mail Transfer Protocol (SMTP) | TCP | 25 |
Domain Name System (DNS) | TCP/UDP | 53 |
Dynamic Host Configuration Protocol (DHCP) | UDP | 67, 68 |
Trivial File Transfer Protocol (TFTP) | UDP | 69 |
Hypertext Transfer Protocol (HTTP) | TCP | 80 |
Post Office Protocol version 3 (POP3) | TCP | 110 |
NetBIOS | TCP/UDP | 137, 138, 139 |
Internet Message Access Protocol (IMAP) | TCP | 143 |
Simple Network Management Protocol (SNMP) | UDP | 161, 162 |
Lightweight Directory Access Protocol (LDAP) | TCP | 389 |
Hypertext Transfer Protocol over SSL/TLS (HTTPS) | TCP | 443 |
Lightweight Directory Access Protocol over TLS/SSL (LDAPS) | TCP | 636 |
FTPS — FTP over... |
The rest of the chapter is locked
You have been reading a chapter from
Practical Web Penetration TestingPublished in: Jun 2018Publisher: PacktISBN-13: 9781788624039
© 2018 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $15.99/month. Cancel anytime