ProHoster > Blog > Utongi > Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Toolkit yeanovice pentester: isu tinopa pfupi digest yematurusi makuru ayo anozobatsira kana pentesting yemukati network. Zvishandiso izvi zvatove zvichishandiswa zvakanyanya neakasiyana siyana nyanzvi, saka zvichave zvinobatsira kune wese munhu kuziva nezve kugona kwavo uye kugona kwavo zvakakwana.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Zviri Mukati:

Nmap

Nmap - iyo yakavhurika sosi yekushandisa yekutarisa network, ndechimwe chezvishandiso zvakakurumbira pakati penyanzvi dzekuchengetedza uye vatariri vehurongwa. Inonyanya kushandiswa pachiteshi chekuongorora, asi kunze kweizvi, ine huwandu hukuru hwemabasa anobatsira, izvo chaizvo izvo Nmap inoita. super-harvester yekutsvaga network.

Pamusoro pekutarisa madoko akavhurika/akavharwa, nmap inogona kuona sevhisi inoteerera pane yakavhurika chiteshi uye vhezheni yayo, uye dzimwe nguva inobatsira kuona iyo OS. Nmap ine rutsigiro rwekuongorora zvinyorwa (NSE - Nmap Scripting Engine). Uchishandisa zvinyorwa, zvinokwanisika kutarisa kusakanganiswa kweakasiyana masevhisi (kana, chokwadi, kune script kwavari, kana iwe unogona kugara uchinyora yako) kana kudzoreredza mapassword emabasa akasiyana.

Saka, Nmap inokutendera iwe kuti ugadzire mepu yakadzama yetiweki, tora ruzivo rwakanyanya pamusoro pekumhanya masevhisi pane anotambira panetiweki, uye zvakare tarisa nekuchenjerera kumwe kusasimba. Nmap zvakare ine inochinjika scanning marongero; unogona kugadzirisa iyo yekumhanyisa kumhanya, nhamba yetambo, nhamba yemapoka ekutarisa, nezvimwe.
Yakanakira kuongorora madiki madiki uye yakakosha pakuona kwenzvimbo yemunhu anotambira.

Pros:

  • Inoshanda nekukurumidza nehuwandu hudiki hwemauto;
  • Kuchinjika kwezvigadziriso - unogona kusanganisa sarudzo nenzira yekuwana iyo inonyanya kudzidzisa data munguva inogamuchirwa;
  • Parallel scanning - rondedzero yevanotarirwa inopatsanurwa kuita mapoka, uyezve boka rega rega rinoongororwa pamwe chete, parallel scanning inoshandiswa mukati meboka. Uyewo kupatsanurwa mumapoka idambudziko diki (ona pazasi);
  • Yakafanotsanangurwa seti yezvinyorwa zvemabasa akasiyana - haufanirwe kupedza nguva yakawanda uchisarudza magwaro chaiwo, asi tsanangura mapoka ezvinyorwa;
  • Mhedzisiro yekubuda - 5 mafomati akasiyana, kusanganisira XML, anogona kuendeswa kune mamwe maturusi;

Cons:

  • Kupenengura boka revanotambira - ruzivo nezve chero muenzi haawanikwe kusvika kutariswa kweboka rese kwapera. Izvi zvinogona kugadziriswa nekuisa mune zvakasarudzika saizi yakakura yeboka uye iyo yakanyanya nguva yenguva panguva iyo mhinduro yechikumbiro ichatarisirwa usati wamira kuedza kana kuita imwe;
  • Kana ichitarisa, Nmap inotumira SYN mapaketi kune yakanangwa chiteshi uye inomirira chero mhinduro pakiti kana nguva yekupera kana pasina mhinduro. Izvi zvinokanganisa kushanda kwe scanner yose, mukuenzanisa neasynchronous scanners (somuenzaniso, zmap kana masscan);
  • Paunenge uchitarisa mahombe network, kushandisa mireza kukurumidza kutarisisa (-min-rate, --min-parallelism) inogona kuburitsa nhema-negative mhedzisiro, kushayikwa madoko akavhurika pane anotambira. Zvakare, idzi sarudzo dzinofanirwa kushandiswa nekuchenjerera, zvichipihwa kuti hombe yepakiti-yero inogona kutungamirira kuDoS isingaite.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Zmap

Zmap (kwete yekuvhiringwa neZenMap) - zvakare yakavhurika sosi scanner, yakagadzirwa seimwe inokurumidza imwe nzira yeNmap.

Kusiyana nenmap, kana uchitumira SYN mapaketi, Zmap haimirire kusvika mhinduro yadzoka, asi inoenderera mberi ichiongorora, panguva imwe chete ichimirira mhinduro kubva kune vese mauto, saka hainyatso chengetedza mamiriro ekubatanidza. Kana mhinduro kuSYN packet yasvika, Zmap inonzwisisa kubva mukati mepacket kuti chiteshi chakavhurwa uye pane muenzi upi. Pamusoro pezvo, Zmap inongotumira pakiti imwe chete yeSYN pachiteshi ichiongororwa. Zvinogoneka zvakare kushandisa PF_RING kukurumidza kutarisisa network hombe kana iwe uine 10-Gigabit interface uye inoenderana network kadhi iripo.

Pros:

  • Scan speed;
  • Zmap inogadzira Ethernet mafuremu nekupfuura system TCP/IP stack;
  • Mikana yekushandisa PF_RING;
  • ZMap inomisikidza zvibodzwa kugovera zvakaenzana mutoro padivi rakaongororwa;
  • Kugona kwekubatanidzwa neZGrab (chishandiso chekuunganidza ruzivo nezvesevhisi padanho rekushandisa reL7).

Cons:

  • Inogona kukonzera kurambwa kwesevhisi kune network zvishandiso, semuenzaniso, kuparadza ma routers epakati, kunyangwe mutoro wakagoverwa, sezvo mapaketi ese achapfuura neimwe router.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Masscan

Masscan - zvinoshamisa, iyo zvakare yakavhurika sosi scanner, iyo yakagadzirwa nechinangwa chimwe - kuongorora Internet nekukurumidza (musingasviki 6 maminetsi nekumhanya kwe ~ 10 miriyoni mapaketi / s). Chaizvoizvo inoshanda zvakangofanana neZmap, chete nekukurumidza.

Pros:

  • Iyo syntax yakafanana neNmap, uye chirongwa chinotsigirawo dzimwe Nmap-inoenderana sarudzo;
  • Kumhanyisa kwekushanda - imwe yeanomhanyisa asynchronous scanners.
  • Flexible scanning mechanism - kutangazve kukanganiswa kutarisisa, kugovera mutoro pamidziyo yakati wandei (sepaZmap).

Cons:

  • Sezvakangoita neZmap, mutoro uri pamanetiweki pachawo wakakwira zvakanyanya, izvo zvinogona kutungamira kuDoS;
  • Nekutadza, hapana kugona kuongorora paL7 application layer;

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Nessus

Nessus - scanner kuti iite otomatiki kuongorora uye kuona kwekusagadzikana kunozivikanwa muhurongwa. Ichiri yakavharwa sosi, kune yemahara vhezheni yeNessus Kumba iyo inokutendera kuti utarise anosvika gumi nematanhatu IP kero nekumhanya kwakafanana uye kuongororwa kwakadzama seyakabhadharwa vhezheni.

Kugona kuona vhezheni dzemasevhisi kana maseva, kuona zvikanganiso mukumisikidzwa kwehurongwa, uye kuita hutsinye hwemapassword eduramazwi. Inogona kushandiswa kuona iko kurongeka kwemasetirwo ebasa (tsamba, zvigadziriso, nezvimwewo), pamwe nekugadzirira kuongororwa kwePCI DSS. Uye zvakare, iwe unogona kupfuudza magwaro ekugamuchira kuNessus (SSH kana domain account muActive Directory) uye scanner ichawana mukana wemugamuchiri uye kuita cheki pairi, iyi sarudzo inonzi credential scan. Yakanakira makambani ari kuita maodhisheni ezvawo network.

Pros:

  • Mamiriro akasiyana ekusagadzikana kwega kwega, iyo dhatabhesi iyo inogara ichivandudzwa;
  • Kubuda kwemhedzisiro - yakajeka mavara, XML, HTML uye LaTeX;
  • API Nessus - inokutendera kuti uite otomatiki maitiro ekuongorora uye kuwana mhinduro;
  • Credential Scan, unogona kushandisa Windows kana Linux zvinyorwa kuti utarise zvigadziriso kana zvimwe zvinokanganisa;
  • Kugona kunyora ako akavakirwa-mukati ekuchengetedza mamodule - scanner ine yayo yekunyora mutauro NASL (Nessus Attack Scripting Mutauro);
  • Iwe unogona kuseta nguva yekugara uchitarisisa network yemuno - nekuda kweizvi, iyo Information Security Service ichaziva nezve shanduko dzese mukugadziriswa kwekuchengetedza, kubuda kwevaenzi vatsva uye kushandiswa kweduramazwi kana default password.

Cons:

  • Panogona kunge paine malfunctions mukushanda kweiyo masisitimu ari kutariswa - iwe unofanirwa kushanda nemazvo neakachengeteka cheki sarudzo yakaremara;
  • Shanduro yekutengeserana haisi yemahara.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Net-Credits

Net-Credits chishandiso muPython chekuunganidza mapassword uye hashes, pamwe nerumwe ruzivo, semuenzaniso, akashanyira ma URL, akadhawunirodha mafaera uye mamwe ruzivo kubva mumigwagwa, zvese munguva chaiyo panguva yekurwiswa kweMiTM, uye kubva kune yakambochengetwa mafaira ePCAP. Inokodzera kuongororwa nekukurumidza uye kwepamusoro kwehuwandu hukuru hwetraffic, semuenzaniso, panguva yetiweki MiTM kurwiswa, kana nguva ishoma, uye ongororo yemanyorero uchishandisa Wireshark inoda nguva yakawanda.

Pros:

  • Kuzivikanwa kwesevhisi kunoenderana nekuongororwa kwepaketi pachinzvimbo chekuzivisa sevhisi nenhamba yechiteshi inoshandiswa;
  • Easy kushandisa;
  • Yakasiyana-siyana ye data yakabviswa - inosanganisira logins uye passwords yeFTP, POP, IMAP, SMTP, NTLMv1/v2 protocol, pamwe neruzivo kubva kuHTTP zvikumbiro, senge mafomu ekupinda uye yekutanga auth;

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

network-miner

network-miner - analogue yeNet-Creds maererano nekushanda, asi ine basa rakakura, semuenzaniso, zvinokwanisika kubvisa mafaera anotamiswa kuburikidza neSMB protocol. Kufanana neNet-Creds, zviri nyore kana iwe uchida kukurumidza kuongorora huwandu hukuru hwetraffic. Iyo ine zvakare mushandisi-inoshamwaridzika graphical interface.

Pros:

  • Graphical interface;
  • Kuona uye kuiswa kwedata mumapoka kunorerutsa kuongororwa kwetraffic uye kunoita kuti ikurumidze.

Cons:

  • Iyo yekuedza vhezheni ine mashandiro mashoma.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

mitm6

mitm6 - chishandiso chekurwisa IPv6 (SLAAC-kurwisa). IPv6 inonyanya kukosha muWindows OS (kazhinji kutaura, mune mamwe masisitimu anoshanda futi), uye mukumisikidzwa kweiyo IPv6 interface inogoneswa, izvi zvinobvumira anorwisa kuisa yake yega DNS server kune akabatwa achishandisa Router Advertisement mapaketi, mushure meizvozvo anorwisa anokwanisa kukanganisa DNS yemunhu akabatwa. Yakakwana pakuita Relay kurwisa pamwe chete nentlmrelayx utility, iyo inokutendera kuti ubudirire kurwisa Windows network.

Pros:

  • Inoshanda zvikuru pamanetiweki mazhinji chaizvo nekuda kweiyo yakajairwa gadziriso yeWindows mahosti uye network;

mhinduro

mhinduro - chishandiso che spoofing nhepfenyuro yekugadzirisa zita mapuroteni (LLMNR, NetBIOS, MDNS). Chishandiso chakakosha muActive Directory network. Kuwedzera kune spoofing, inogona kubata NTLM kuvimbiswa; inouyawo neseti yezvishandiso zvekuunganidza ruzivo uye kuita NTLM-Relay kurwisa.

Pros:

  • Nekutadza, inosimudza maseva mazhinji nerutsigiro rweNTLM yekutendesa: SMB, MSSQL, HTTP, HTTPS, LDAP, FTP, POP3, IMAP, SMTP;
  • Inobvumira DNS spoofing kana MITM kurwisa (ARP spoofing, nezvimwewo);
  • Fingerprint yevatambi vakaita chikumbiro chenhepfenyuro;
  • Ongorora modhi - yekutarisa zvikumbiro zvezvikumbiro;
  • Mafomati emahara akabatwa echokwadi cheNTLM anofambirana naJohn the Ripper uye Hashcat.

Cons:

  • Kana uchimhanya pasi peWindows, port 445 (SMB) inosunga yakazara nemamwe matambudziko (inoda kumisa masevhisi anoenderana uye kutangazve);

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Evil_Foca

Evil Foca - chishandiso chekutarisa kwakasiyana kurwisa network muIPv4 uye IPv6 network. Inotarisisa network yemuno, inozivisa zvishandiso, ma routers uye netiweki yavo yekusangana, mushure mezvo zvinokwanisika kuita kwakasiyana kurwisa vatori vechikamu.

Pros:

  • Yakanakira kuita MITM kurwisa (ARP spoofing, DHCP ACK jekiseni, SLAAC kurwisa, DHCP spoofing);
  • Unogona kuita kurwisa kweDoS - neARP spoofing yeIPv4 network, ine SLAAC DoS muIPv6 network;
  • Zvinokwanisika kuita DNS hijacking;
  • Zviri nyore kushandisa, mushandisi-ane hushamwari graphical interface.

Cons:

  • Inoshanda chete pasi peWindows.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Bettercap

Bettercap - chimiro chine simba chekuongorora uye kurwisa network, uye isu tiri kutaura zvakare nezve kurwiswa kune isina waya network, BLE (bluetooth yakaderera simba) uye kunyangwe MouseJack inorwisa pane isina waya HID zvishandiso. Uye zvakare, ine mashandiro ekuunganidza ruzivo kubva mumigwagwa (yakafanana nenet-creds). Kazhinji, banga reSwitzerland (zvose mune imwe). Munguva ichangopfuura ichine graphical web-based interface.

Pros:

  • Credential Sniffer - unogona kubata akashanyirwa maURL uye HTTPS mauto, HTTP chokwadi, zvitupa zveakasiyana maprotocol;
  • Kurwiswa kwakawanda kwakavakirwa muMITM;
  • Modular HTTP (S) proxy yakajeka - unogona kubata traffic zvichienderana nezvaunoda;
  • Yakavakwa-mukati HTTP sevha;
  • Tsigiro yemacaplets - mafaera anobvumira kuomarara uye otomatiki kurwiswa kutsanangurwa mumutauro wekunyora.

Cons:

  • Mamwe mamodule - semuenzaniso, ble.enum - haana kutsigirwa neMacOS neWindows, mamwe akagadzirirwa Linux chete - packet.proxy.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

gateway_finder

gateway finder -Chinyorwa chePython chinobatsira kuona magedhi anobvira pane network. Inobatsira kuyedza segmentation kana kutsvaga vanotambira vanogona kuenda kune inodiwa subnet kana Internet. Inokodzera mapentest emukati kana iwe uchida kukurumidza kutarisa nzira dzisina kutenderwa kana nzira dzekuenda kune mamwe emukati ma network.

Pros:

  • Zviri nyore kushandisa uye kugadzirisa.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

mitmproxy

mitmproxy - chishandiso chakavhurika chekuongorora traffic yakachengetedzwa uchishandisa SSL/TLS. mitmproxy yakanakira kubata uye kugadzirisa yakachengetedzwa traffic, hongu, nemamwe mapako; Chishandiso hachiite SSL/TLS decryption kurwisa. Inoshandiswa kana iwe uchida kubata uye kurekodha shanduko mutraffic yakachengetedzwa neSSL/TLS. Iyo ine Mitmproxy - ye proxying traffic, mitmdump - yakafanana netcpdump, asi yeHTTP(S) traffic, uye mitmweb - yewebhu interface yeMitmproxy.

Pros:

  • Inoshanda nemaprotocol akasiyana, uye zvakare inotsigira kugadziridzwa kweakasiyana mafomati, kubva kuHTML kuenda kuProtobuf;
  • API yePython - inobvumidza iwe kunyora zvinyorwa zveasiri-standard mabasa;
  • Inogona kushanda mune yakajeka proxy modhi ine traffic interception.

Cons:

  • Iyo yekurasa fomati haienderane nechero chinhu - zvakaoma kushandisa grep, unofanirwa kunyora zvinyorwa;

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

ZVINOMWE

ZVINOMWE - chishandiso chekushandisa hunyanzvi hweCisco Smart Install protocol. Izvo zvinokwanisika kuwana uye kugadzirisa iyo gadziriso, pamwe nekubata kutonga kweCisco mudziyo. Kana iwe wakakwanisa kuwana iyo Cisco mudziyo kumisikidzwa, unogona kuitarisa uchishandisa CCAT, chishandiso ichi chinobatsira pakuongorora kuchengetedzwa kweCisco zvishandiso.

Pros:

Kushandisa iyo Cisco Smart Install protocol inobvumidza iwe ku:

  • Chinja tftp server kero pamutengi mudziyo nekutumira imwe isina kurongeka TCP packet;
  • Kopa faira yekumisikidza mudziyo;
  • Shandura dhizaini yekumisikidza, semuenzaniso, nekuwedzera mushandisi mutsva;
  • Gadziridza iyo iOS mufananidzo pane mudziyo;
  • Ita zvisina kujairika seti yemirairo pane mudziyo. Ichi chinhu chitsva chinongoshanda mushanduro dzeIOS 3.6.0E uye 15.2(2)E;

Cons:

  • Inoshanda neyakaganhurwa seti yeCisco zvishandiso; iwe zvakare unoda "chena" IP kuti ugamuchire mhinduro kubva kune mudziyo, kana iwe unofanirwa kunge uri pane imwecheteyo network semudziyo;

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

yersinia

yersinia iri L2 kurwisa chimiro chakagadzirirwa kushandisa zvikanganiso zvekuchengetedza mune akasiyana L2 network protocol.

Pros:

  • Inokutendera kuti uite kurwisa STP, CDP, DTP, DHCP, HSRP, VTP nevamwe.

Cons:

  • Kwete iyo inonyanya kushandisa-inoshamwaridzika interface.

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

proxychains

proxychains - chishandiso chinokutendera kuti udzorere application traffic kuburikidza neyakatsanangurwa SOCKS proxy.

Pros:

  • Inobatsira kutungamira traffic kubva kune mamwe maapplication ayo nekusarudzika haagone kushanda nemaproxies;

Network zvishandiso, kana kuti pentester inofanira kutanga kupi?

Muchinyorwa chino, takatarisa muchidimbu zvakanakira uye zvakaipira zvematurusi makuru emukati network pentesting. Gara wakatarisa, isu tinoronga kuburitsa zvakaunganidzwa zvakadaro mune ramangwana: Webhu, dhatabhesi, nharembozha - isu tichanyora nezve izvi zvakare.

Govera zvaunofarira zvekushandisa mumhinduro!

Source: www.habr.com

Voeg