Probing www.kpu.go.id

Cara yang digunakan untuk mengetahui webserver dari KPU adalah menTELNET port webserver yaitu port 80,

kemudian saya menggunakan perintah GET/ PEMILU.HTML untuk mendapatkan halaman web

namun server web mereply Bad Request 400, yang artinya halaman yang dimaksud tidak ada

Dari respon server dapat diketahui bahwa webserver yang digunakan adalah nginx 0.6.35

Berikut dibawah ini adalah hasil telnet port 80nya

====================================

root@X-Mobile:/home/cyclops# telnet www.kpu.go.id 80
Trying 203.130.201.130…
Connected to www.kpu.go.id.
Escape character is ‘^]’.
GET/ PEMILU.HTML
<html>
<head><title>400 Bad Request</title></head>
<body bgcolor=”white”>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/0.6.35</center>
</body>
</html>
Connection closed by foreign host.
========================================

Sekarang untuk mencari tahu server yang digunakan, menggunakan tools nmap

dengan perintah nmap -A www.kpu.go.id -PN

dari hasilnya diketahui bahwa 98% kemungkinan KPU menggunakan server FreeBSD 6.2-Release

Berikut dibawah ini adalah hasil nmapnya

=====================================================

root@X-Mobile:/home/cyclops# nmap -A www.kpu.go.id -PN

Starting Nmap 4.62 ( http://nmap.org ) at 2009-04-16 17:45 WIT
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
LUA INTERPRETER in nse_init.cc:763: /usr/share/nmap/scripts/robots.nse:4: module ‘http’ not found:
no field package.preload[‘http’]
no file ‘/usr/share/nmap/nselib/http.lua’
no file ‘./http.lua’
no file ‘/usr/local/share/lua/5.1/http.lua’
no file ‘/usr/local/share/lua/5.1/http/init.lua’
no file ‘/usr/local/lib/lua/5.1/http.lua’
no file ‘/usr/local/lib/lua/5.1/http/init.lua’
no file ‘/usr/lib/nmap/nselib-bin/http.so’
no file ‘./http.so’
no file ‘/usr/local/lib/lua/5.1/http.so’
no file ‘/usr/local/lib/lua/5.1/loadall.so’
SCRIPT ENGINE: Aborting script scan.
Interesting ports on www.kpu.go.id (203.130.201.130):
Not shown: 1714 filtered ports
PORT   STATE SERVICE    VERSION
80/tcp open  http-proxy nginx http proxy 0.6.35
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING) : FreeBSD 6.X (98%)
Aggressive OS guesses: FreeBSD 6.2-RELEASE (98%)
No exact OS matches for host (test conditions non-ideal).

TRACEROUTE (using port 80/tcp)
HOP RTT    ADDRESS
1   0.50   mygateway1.ar7 (192.168.1.1)
2   483.20 1.subnet125-163-64.speedy.telkom.net.id (125.163.64.1)
3   254.24 125.160.0.141
4   267.26 192.168.74.206
5   …
6   479.91 www.kpu.go.id (203.130.201.130)

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 190.536 seconds
============================================================

Leave a Reply

Your email address will not be published. Required fields are marked *