Nmap - chida chotsegula pa intaneti, ndi chimodzi mwa zida zodziwika kwambiri pakati pa akatswiri achitetezo ndi oyang'anira dongosolo. Imagwiritsidwa ntchito poyang'ana padoko, koma kupatula kuti ili ndi zinthu zambiri zothandiza, zomwe ndizomwe Nmap imachita. wapamwamba wokolola zofufuza pa intaneti.
Kusanthula gulu la olandila - zambiri za wolandila aliyense sizikupezeka mpaka kusanthula kwa gulu lonse kukamalizidwa. Izi zimathetsedwa mwa kuyika muzosankha kukula kwakukulu kwa gulu ndi nthawi yochuluka yomwe yankho la pempho lidzayembekezeredwa musanayimitse kuyesa kapena kupanga wina;
Mukasanthula, Nmap imatumiza mapaketi a SYN kumalo omwe mukufuna ndikudikirira paketi iliyonse yoyankha kapena kutha kwanthawi ngati palibe yankho. Izi zimasokoneza magwiridwe antchito a scanner yonse, poyerekeza ndi ma scanner asynchronous (mwachitsanzo, zmap kapena masscan);
zmapa (osati kusokonezedwa ndi ZenMap) - komanso chosatsegula gwero, chopangidwa ngati njira yofulumira ku Nmap.
Mosiyana ndi nmap, potumiza mapaketi a SYN, Zmap samadikirira mpaka yankho libwerere, koma ikupitiliza kusanthula, kudikirira mayankho kuchokera kwa makamu onse ofanana, kotero siyimasunga mawonekedwe olumikizana. Yankho la paketi ya SYN likafika, Zmap idzamvetsetsa zomwe zili mu paketi yomwe ndi doko komanso pomwe idatsegulidwa. Komanso, Zmap imangotumiza paketi imodzi ya SYN padoko lojambulidwa. Palinso mwayi wogwiritsa ntchito PF_RING kuti mufufuze mwachangu maukonde akulu ngati mwadzidzidzi mukhala ndi mawonekedwe a 10-gigabit ndi khadi yolumikizirana pamanja.
Zotsatira:
Kusanthula liwiro;
Zmap imapanga mafelemu a Efaneti kudutsa dongosolo la TCP/IP stack;
Kutha kugwiritsa ntchito PF_RING;
ZMap imasinthiratu mipherezero kuti igawanitse katunduyo mozungulira mbali yojambulidwa;
Kutha kuphatikiza ndi ZGrab (chida chosonkhanitsira zidziwitso pazantchito pagawo la L7).
Wotsatsa:
Zitha kuyambitsa kukana kwa mautumiki pazida zapaintaneti, monga kutsitsa ma routers apakatikati ngakhale atanyamula katundu, chifukwa mapaketi onse amadutsa pa rauta yomweyo.
masscan
masscan - chodabwitsa, komanso chojambulira chotseguka, chomwe chidapangidwa ndi cholinga chimodzi - kuyang'ana intaneti mwachangu kwambiri (osakwana mphindi 6 pa liwiro la ~ 10 miliyoni mapaketi / s). M'malo mwake, imagwira ntchito mofanana ndi Zmap, mwachangu kwambiri.
Zotsatira:
Mawuwa ndi ofanana ndi Nmap, ndipo pulogalamuyi imathandiziranso zosankha zina zomwe zimagwirizana ndi Nmap;
Kuthamanga kwa ntchito ndi imodzi mwama scanner othamanga kwambiri asynchronous.
Mtundu wowunikira uli ndi magwiridwe antchito ochepa.
mtm6
mtm6 - chida chothandizira kuukira IPv6 (SLAAC-attack). IPv6 ndiyofunika kwambiri mu Windows OS (nthawi zambiri, mu OS inanso), ndipo pakuyimitsidwa kosasintha, mawonekedwe a IPv6 amayatsidwa, izi zimalola wowukirayo kukhazikitsa seva yake ya DNS pogwiritsa ntchito mapaketi a Router Advertisement, pambuyo pake wowukirayo amapeza mwayi. kusintha DNS ya wozunzidwayo. Zokwanira bwino pakuyendetsa kuukira kwa Relay pamodzi ndi chida cha ntlmrelayx, chomwe chimakupatsani mwayi kuti muwononge maukonde a Windows.
Zotsatira:
Zimagwira ntchito bwino pamanetiweki ambiri chifukwa cha kasinthidwe wamba kwa makamu a Windows ndi maukonde;
yankho
yankho - chida chowonongera ma protocol osintha dzina (LLMNR, NetBIOS, MDNS). Chida chofunikira kwambiri mu Active Directory network. Kuphatikiza pa spoofing, imatha kuletsa kutsimikizika kwa NTLM, imabweranso ndi zida zingapo zosonkhanitsira zidziwitso ndikukhazikitsa ziwopsezo za NTLM-Relay.
Zotsatira:
Mwachikhazikitso, imakweza ma seva ambiri ndi chithandizo cha kutsimikizika kwa NTLM: SMB, MSSQL, HTTP, HTTPS, LDAP, FTP, POP3, IMAP, SMTP;
Amalola DNS spoofing ngati MITM kuukira (ARP spoofing, etc.);
Zolemba zala za omwe adapanga zomwe adapempha kuwulutsa;
Kusanthula mode - poyang'anitsitsa zopempha;
Mawonekedwe a ma hashes olandidwa panthawi yotsimikizika ya NTLM amagwirizana ndi John the Ripper ndi Hashcat.
Wotsatsa:
Mukamagwira pansi pa Windows, doko lomanga 445 (SMB) limakhala ndi zovuta zina (zimafunika kuyimitsa ntchito zoyenera ndikuyambiranso);
Zoyipa_Foca
Kuyikira Koyipa - chida chowonera ma netiweki osiyanasiyana pamanetiweki a IPv4 ndi IPv6. Imayang'ana maukonde akomweko, zida zozindikiritsa, ma routers ndi maukonde awo, pambuyo pake mutha kuchita ziwonetsero zosiyanasiyana pamembala wapaintaneti.
Zotsatira:
Zosavuta kuukira kwa MITM (ARP spoofing, jekeseni wa DHCP ACK, SLAAC attack, DHCP spoofing);
Mutha kuchita ziwonetsero za DoS - ndi ARP spoofing pamanetiweki a IPv4, ndi SLAAC DoS mumanetiweki a IPv6;
Bettercap ndi chimango champhamvu chowunikira ndikuwukira maukonde, ndipo tikukambanso za kuwukira kwa ma netiweki opanda zingwe, BLE (bluetooth low energy) komanso ngakhale MouseJack ikuukira zida zopanda zingwe za HID. Kuphatikiza apo, ili ndi magwiridwe antchito osonkhanitsira zambiri kuchokera pamagalimoto (zofanana ndi ma net-cred). Kawirikawiri, mpeni wa ku Switzerland (zonse m'modzi). Posachedwapa zatero graphical ukonde mawonekedwe.
Zotsatira:
Credential sniffer - mutha kugwira ma URL ochezera ndi makamu a HTTPS, kutsimikizika kwa HTTP, zidziwitso pama protocol osiyanasiyana osiyanasiyana;
kutchfuneralhome ndi chida chotseguka chowunikira magalimoto otetezedwa ndi SSL/TLS. mitmproxy ndiyosavuta kuletsa ndikusintha magalimoto otetezeka, inde, ndikusungitsa kwina; chida sichilimbana ndi SSL/TLS decryption. Amagwiritsidwa ntchito ngati kuli kofunikira kuletsa ndi kukonza kusintha kwa magalimoto otetezedwa ndi SSL/TLS. Zili ndi Mitmproxy - ya proxying traffic, mitmdump - yofanana ndi tcpdump, koma ya HTTP (S) traffic, ndi mitmweb - mawonekedwe a intaneti a Mitmproxy.
Zotsatira:
Imagwira ntchito ndi ma protocol osiyanasiyana, komanso imathandizira kusinthidwa kwamitundu yosiyanasiyana, kuchokera ku HTML kupita ku Protobuf;
API ya Python - imakulolani kuti mulembe zolemba za ntchito zomwe sizili zoyenera;
Itha kugwira ntchito munjira yowonekera bwino yolumikizirana ndi magalimoto.
ZISANU NDI ZIWIRI - chida chogwiritsira ntchito mphamvu za Cisco Smart Install protocol. Ndizotheka kupeza ndikusintha kasinthidwe, komanso kuwongolera chipangizo cha Cisco. Ngati mudatha kupeza kasinthidwe ka chipangizo cha Cisco, mutha kuyang'ana nawo CCAT, chida ichi ndi chothandiza pofufuza kasinthidwe ka chitetezo cha zida za Cisco.
Zotsatira:
Kugwiritsa ntchito protocol ya Cisco Smart Install kumakupatsani mwayi:
Sinthani adilesi ya seva ya tftp pa chipangizo cha kasitomala potumiza paketi imodzi ya TCP yolakwika;
Koperani fayilo yosinthira chipangizo;
Sinthani mawonekedwe a chipangizocho, mwachitsanzo powonjezera wogwiritsa ntchito watsopano;
Sinthani chithunzi iOS pa chipangizo;
Perekani malamulo angapo pa chipangizocho. Ichi ndi chinthu chatsopano chomwe chimangogwira ntchito mumitundu 3.6.0E ndi 15.2(2)E ya iOS;
Wotsatsa:
Zimagwira ntchito ndi zida zochepa za Cisco, mumafunikanso ip "yoyera" kuti mulandire yankho kuchokera ku chipangizocho, kapena muyenera kukhala pa intaneti yomweyo ndi chipangizocho;
yersinia
yersinia ndi njira yowukira ya L2 yopangidwira kugwiritsa ntchito zolakwika zachitetezo pama protocol osiyanasiyana a L2 network.
Zotsatira:
Amalola kuukira pa STP, CDP, DTP, DHCP, HSRP, VTP ndi ma protocol ena.
Wotsatsa:
Osati mawonekedwe osavuta kugwiritsa ntchito.
ma proxychains
ma proxychains - chida chomwe chimakupatsani mwayi wowongolera kuchuluka kwa magalimoto kudzera pa proxy yodziwika ya SOCKS.
Zotsatira:
Imathandizira kuwongolera kuchuluka kwa mapulogalamu ena omwe sadziwa momwe angagwiritsire ntchito ndi proxy mwachisawawa;
M'nkhaniyi, tapenda mwachidule ubwino ndi kuipa kwa zida zazikulu zoyesera zolowera mkati mwamaneti. Khalani tcheru, tikufuna kutumiza zosonkhanitsidwa izi mtsogolomo: Webusaiti, nkhokwe, mafoni a m'manja - tidzalembanso za izi.