Izixhobo zenethiwekhi, okanye ungaqala phi njengepentester?

I-Toolkit ye-novice pentester: sinikezela ukugaya okufutshane kwezixhobo eziphambili eziya kuba luncedo xa ufaka inethiwekhi yangaphakathi. Ezi zixhobo sele zisetyenziswe ngokusebenzayo luluhlu olubanzi lweengcali, ngoko kuya kuba luncedo ukuba wonke umntu azi malunga nobuchule babo kwaye awazi kakuhle ngokugqibeleleyo.

Iziqulatho:

• Nmap
• Zmap
• UMascan
• Nessus
• Net-Credits
• inethiwekhi-mgodini
• mtm6
• impendulo
• Evil_Foca
• Bettercap
• isango_umfumani
• i-mitmproxy
• SIXHENGXE
• yersinia
• iiproxychains

Nmap

Nmap -isixhobo esivulelekileyo sokuskena uthungelwano, sesinye sezona zixhobo zidumileyo phakathi kweengcali zokhuseleko kunye nabalawuli benkqubo. Isetyenziselwa ikakhulu ukuskena izibuko, kodwa ngaphandle koku, inomthamo omkhulu wemisebenzi eluncedo, eyona nto yenziwa yiNmap. super-mvuni kuphando lwenethiwekhi.

Ukongeza ekujongeni amazibuko avulekileyo / avaliweyo, i-nmap inokuchonga inkonzo yokuphulaphula kwizibuko elivulekileyo kunye noguqulelo lwayo, kwaye ngamanye amaxesha inceda ukumisela i-OS. I-Nmap inenkxaso yokuskena izikripthi (NSE-Nmap Scripting Engine). Ukusebenzisa izikripthi, kuyenzeka ukuba ukhangele ubuthathaka kwiinkonzo ezahlukeneyo (ukuba, kunjalo, kukho iscript kuzo, okanye ungasoloko ubhala eyakho) okanye ukubuyisela amagama agqithisiweyo kwiinkonzo ezahlukeneyo.

Ke, i-Nmap ikuvumela ukuba wenze imephu eneenkcukacha zothungelwano, ufumane ulwazi oluninzi malunga nokuqhuba iinkonzo kwiinginginya kwinethiwekhi, kwaye ujonge ubuthathaka obuthile. I-Nmap inesetingi zokuskena eziguquguqukayo; ungaqwalasela isantya sokuskena, inani lemisonto, inani lamaqela ukuskena, njl.
Ilungele ukuskena uthungelwano oluncinci kwaye iyimfuneko ekuhlolweni kweendawo zomkhosi ngamnye.

Iinkonzo:

• Isebenza ngokukhawuleza kunye noluhlu oluncinci lwemikhosi;
• Ukuguquguquka kwezicwangciso - unokudibanisa iinketho ngendlela yokufumana idatha enolwazi kakhulu ngexesha elamkelekileyo;
• Ukuskena okunxuseneyo - uluhlu lweenginginya ekujoliswe kuzo lwahlulwe ngokwamaqela, kwaye ke iqela ngalinye liskenwa ngokulandelelana, ukuskena okuhambelanayo kusetyenziswa ngaphakathi kweqela. Kwakhona ulwahlulo ngokwamaqela luyinto encinci (jonga ngezantsi);
• Iiseti ezichazwe kwangaphambili zezikripthi zemisebenzi eyahlukeneyo - akufuneki uchithe ixesha elininzi ukhetha izikripthi ezithile, kodwa khankanya amaqela ezikripthi;
• Iziphumo zeziphumo - iifomathi ezi-5 ezahlukeneyo, kuquka i-XML, enokuthi ingeniswe kwezinye izixhobo;

Umgcini:

• Ukuskena iqela lenginginya - ulwazi malunga nawuphi na umamkeli alufumaneki de ukuskena kweqela lonke kugqitywe. Oku kunokusonjululwa ngokuseta kwiinketho ubungakanani beqela elikhulu kunye nesithuba esiphezulu sexesha apho impendulo yesicelo iya kulindeleka phambi kokuyeka iinzame okanye ukwenza enye;
• Xa uskena, iNmap ithumela iipakethi zeSYN kwizibuko ekujoliswe kulo kwaye ilinde nayiphi na impendulo ipakethi okanye ixesha lokuvala ukuba akukho mpendulo. Oku kuchaphazela kakubi ukusebenza kweskena ngokubanzi, xa kuthelekiswa nezikena ezi-asynchronous (umzekelo, i-zmap okanye i-mascan);
• Xa uskena uthungelwano olukhulu, usebenzisa iiflegi ukukhawulezisa ukuskena (-min-rate, --min-parallelism) inokuvelisa iziphumo ezingezizo ezingalunganga, ezilahlekileyo izibuko ezivulekileyo kumamkeli. Kwakhona, olu khetho kufuneka lusetyenziswe ngononophelo, lunikezwe ukuba i-packet-rate enkulu inokukhokelela kwi-DoS engenziwanga ngabom.

Zmap

Zmap (akufunekanga ubhidaniswe neZenMap) -kwakunye neskena somthombo ovulekileyo, esenziwe njengenye indlela ekhawulezayo kwi-Nmap.

Ngokungafaniyo ne-nmap, xa uthumela iipakethi ze-SYN, i-Zmap ayilindi de impendulo ibuye, kodwa iyaqhubeka nokuskena, ngaxeshanye ilinde iimpendulo ezivela kuzo zonke iinginginya, ngoko ayigcini imeko yoqhagamshelwano. Xa impendulo kwipakethi ye-SYN ifika, i-Zmap iya kuqonda kwimixholo yepakethi yeyiphi i-port evuliwe kwaye yeyiphi i-host. Ukongeza, i-Zmap ithumela kuphela ipakethi enye ye-SYN kwizibuko ngalinye eliskenwayo. Kuyenzeka ukuba usebenzise PF_RING ukuskena ngokukhawuleza uthungelwano olukhulu ukuba kunokwenzeka ukuba ube nojongano lwe-10-Gigabit kunye nekhadi lomnatha elihambelanayo elisesandleni.

Iinkonzo:

• Isantya sokuskena;
• I-Zmap yenza izakhelo ze-Ethernet zigqitha inkqubo ye-TCP/IP isitaki;
• Ukubanakho ukusebenzisa PF_RING;
• I-ZMap yenza iithagethi ngokungakhethiyo ukuze zisasaze ngokulinganayo umthwalo kwicala eliskeniweyo;
• Inokwenzeka yokudibanisa ne-ZGrab (isixhobo sokuqokelela ulwazi malunga neenkonzo kwinqanaba lesicelo se-L7).

Umgcini:

• Inokubangela ukukhanyela kwenkonzo yezixhobo zenethiwekhi, umzekelo, ukutshabalalisa ii-routers eziphakathi, nangona umthwalo osasazwayo, ekubeni zonke iipakethi ziya kudlula kwi-router enye.

UMascan

UMascan - ngokumangalisayo, ikwayi-scanner yomthombo ovulekileyo, owadalwa ngenjongo enye - ukuskena i-Intanethi ngokukhawuleza (ngaphantsi kwemizuzu emi-6 ngesantya se-~ 10 yezigidi zeepakethi / s). Ngokwenyani isebenza ngokufana ne-Zmap, ngokukhawuleza nangakumbi.

Iinkonzo:

• Isivakalisi siyafana neNmap, kwaye inkqubo ikwaxhasa ezinye iinketho ezihambelana neNmap;
• Isantya sokusebenza-enye yezona skena zikhawulezayo ze-asynchronous.
• Indlela yokuskena eguquguqukayo-ukuqalisa kwakhona ukuskena okuphazamisekileyo, ukuhambisa umthwalo kwizixhobo ezininzi (njengakwiZmap).

Umgcini:

• Kanye njengeZmap, umthwalo kuthungelwano ngokwawo uphezulu kakhulu, nto leyo enokukhokelela kwi-DoS;
• Ngokungagqibekanga, akukho ukukwazi ukuskena kuluhlu lwesicelo se-L7;

Nessus

Nessus -Iskena sokuzenzekelayo ukuskena kunye nokufumanisa ubuthathaka obaziwayo kwinkqubo. Ngelixa umthombo uvaliweyo, kukho inguqulelo yasimahla yeKhaya laseNessus elikuvumela ukuba uskene ukuya kuthi ga kwiidilesi ze-IP ezili-16 ngesantya esifanayo kunye nohlalutyo oluneenkcukacha njengenguqulelo ehlawulweyo.

Iyakwazi ukuchonga uguqulelo olusesichengeni lweenkonzo okanye iiseva, ukubona iimpazamo kubumbeko lwenkqubo, kwaye yenze i-bruteforce yamagama ayimfihlo wesichazi-magama. Ingasetyenziselwa ukumisela ukuchaneka kwesethingi yenkonzo (i-imeyile, uhlaziyo, njl.), kunye nokulungiselela uphicotho lwe-PCI DSS. Ukongeza, ungadlula iziqinisekiso zomamkeli ku-Nessus (SSH okanye i-akhawunti yesizinda kwi-Active Directory) kwaye iskena siya kuba nofikelelo kumamkeli kwaye senze iitshekhi ngqo kuyo, olu khetho lubizwa ngokuba yi-credential scan. Ilungele iinkampani eziqhuba uphicotho lothungelwano lwazo.

Iinkonzo:

• Iziganeko ezahlukeneyo zobuthathaka ngamnye, i-database ehlala ihlaziywa rhoqo;
• Isiphumo seziphumo - umbhalo ocacileyo, i-XML, i-HTML kunye neLaTeX;
• I-API Nessus - ikuvumela ukuba wenze ngokuzenzekelayo iinkqubo zokuskena kunye nokufumana iziphumo;
• Ukuskena okuCredential, ungasebenzisa iinkcazi zeWindows okanye zeLinux ukujonga uhlaziyo okanye obunye ubuthathaka;
• Ukukwazi ukubhala iimodyuli zakho zokhuseleko ezakhelwe ngaphakathi - iskena sinolwimi lwaso lokubhala NASL (Nessus Attack Scripting Language);
• Unokubeka ixesha lokuskena rhoqo kwinethiwekhi yendawo - ngenxa yale nto, iNkonzo yoKhuseleko lweNgcaciso iya kuqaphela zonke iinguqu kwi-configuration yokhuseleko, ukuvela kwemikhosi emitsha kunye nokusetyenziswa kwesichazi-magama okanye amagama ayimfihlo.

Umgcini:

• Kusenokubakho ukungasebenzi kakuhle kweenkqubo zokuskenwa - kufuneka usebenze ngononophelo kunye nokhetho lokukhangela olukhuselekileyo luvaliwe;
• Inguqulelo yorhwebo ayisimahla.

Net-Credits

Net-Credits sisixhobo kwiPython yokuqokelela amagama ayimfihlo kunye neehashi, kunye nolunye ulwazi, umzekelo, ii-URL ezityelelweyo, iifayile ezikhutshelweyo kunye nolunye ulwazi oluvela kwi-traffic, zombini ngexesha langempela ngexesha lokuhlaselwa kwe-MiTM, kunye neefayile ze-PCAP ezigcinwe ngaphambili. Ifanelekile uhlalutyo olukhawulezayo kunye noluphezulu lwemiqulu emikhulu ye-traffic, umzekelo, ngexesha lokuhlaselwa kwe-MiTM yenethiwekhi, xa ixesha lilinganiselwe, kunye nokuhlalutya ngesandla usebenzisa i-Wireshark kufuna ixesha elininzi.

Iinkonzo:

• Ukuchongwa kwenkonzo kusekelwe kuhlalutyo lwepakethe endaweni yokuchonga inkonzo ngenombolo yezibuko esetyenzisiweyo;
• Kulula ukuyisebenzisa;
• Uluhlu olubanzi lwedatha ekhutshiweyo - kubandakanywa ukungena kunye neephasiwedi ze-FTP, i-POP, i-IMAP, i-SMTP, i-NTLMv1/v2 protocol, kunye nolwazi oluvela kwizicelo ze-HTTP, ezifana neefom zokungena kunye ne-auth eyisiseko;

inethiwekhi-mgodini

inethiwekhi-mgodini - i-analogue ye-Net-Creds ngokwemigaqo yokusebenza, kodwa inomsebenzi omkhulu, umzekelo, kunokwenzeka ukukhupha iifayile ezidluliselwe ngeeprothokholi ze-SMB. Njenge-Net-Creds, ilungile xa ufuna ukuhlalutya ngokukhawuleza umthamo omkhulu wetrafikhi. Ikwanayo nomsebenzisi wojongano lwegraphical.

Iinkonzo:

• Ujongano lomzobo;
• Ukubona kunye nokuhlelwa kwedatha kumaqela kwenza uhlalutyo lwendlela lula kwaye luyenze ngokukhawuleza.

Umgcini:

• Inguqulelo yesilingo inokusebenza okulinganiselweyo.

mtm6

mtm6 - isixhobo sokwenza uhlaselo kwi-IPv6 (SLAAC-attack). IPv6 iphambili kwiWindows OS (ukuthetha ngokubanzi, nakwezinye iinkqubo zokusebenza), kwaye kuqwalaselo olungagqibekanga ujongano lwe-IPv6 luvuliwe, oku kuvumela umhlaseli ukuba afakele iseva yakhe yeDNS yexhoba esebenzisa iipakethi zeNtengiso yeNdlela, emva koko umhlaseli uyakwazi ukonakalisa iDNS yexhoba. Ilungele ukwenza uhlaselo lweRelay kunye nentlmrelayx eluncedo, ekuvumela ukuba uhlasele ngempumelelo iinethiwekhi zeWindows.

Iinkonzo:

• Isebenza kakuhle kwiinethiwekhi ezininzi ngokuchanekileyo ngenxa yoqwalaselo olusemgangathweni lweenginginya zeWindows kunye nothungelwano;

impendulo

impendulo -isixhobo sokukhohlisa iiprothokholi zokusombulula igama losasazo (LLMNR, NetBIOS, MDNS). Isixhobo esiyimfuneko kuthungelwano lwe-Active Directory. Ukongeza kwi-spoofing, inokuthintela ukuqinisekiswa kwe-NTLM; ikwaza neseti yezixhobo zokuqokelela ulwazi kunye nokuphumeza uhlaselo lwe-NTLM-Relay.

Iinkonzo:

• Ngokungagqibekanga, iphakamisa abancedisi abaninzi ngenkxaso yoqinisekiso lweNTLM: SMB, MSSQL, HTTP, HTTPS, LDAP, FTP, POP3, IMAP, SMTP;
• Ivumela i-DNS spoofing kwimeko yokuhlaselwa kwe-MITM (i-ARP spoofing, njl.);
• Ushicilelo lweminwe lweenginginya ezenze isicelo sosasazo;
• Imowudi yokuhlalutya - yokubekwa esweni kwezicelo;
• Ifomati ye-hashes ebanjiweyo yoqinisekiso lwe-NTLM iyahambelana noJohn iRipper kunye neHashcat.

Umgcini:

• Xa usebenza phantsi kweWindows, i-port 445 (SMB) idibanisa igcwele ubunzima obuthile (ifuna ukumisa iinkonzo ezihambelanayo kunye nokuqalisa kwakhona);

Evil_Foca

Ububi Foca -isixhobo sokujonga uhlaselo olwahlukeneyo lwenethiwekhi kwiinethiwekhi ze-IPv4 kunye ne-IPv6. Iskena inethiwekhi yendawo, izixhobo zokuchonga, ii-routers kunye ne-interfaces yenethiwekhi yazo, emva koko kunokwenzeka ukwenza uhlaselo olwahlukeneyo kubathathi-nxaxheba benethiwekhi.

Iinkonzo:

• Ekulungeleyo ukwenza ukuhlaselwa kwe-MITM (i-ARP spoofing, i-DHCP ACK injection, ukuhlaselwa kwe-SLAAC, i-DHCP spoofing);
• Unokwenza uhlaselo lwe-DoS - nge-ARP spoofing ye-IPv4 networks, kunye ne-SLAAC DoS kwiinethiwekhi ze-IPv6;
• Kuyenzeka ukwenza DNS ukuqweqwedisa;
• Kulula ukuyisebenzisa, ujongano lomzobo olusebenziseka lula.

Umgcini:

• Isebenza kuphela phantsi kweWindows.

Bettercap

Bettercap - isakhelo esinamandla sokuhlalutya kunye nokuhlasela amanethiwekhi, kwaye sithetha ngokuhlaselwa kwiinethiwekhi ezingenazintambo, iBLE (i-bluetooth low energy) kunye nokuhlaselwa kweMouseJack kwizixhobo ezingenazintambo ze-HID. Ukongeza, iqulethe umsebenzi wokuqokelela ulwazi kwi-traffic (efana ne-net-creds). Ngokubanzi, imela yaseSwitzerland (yonke enye). Kutshanje isenjalo umzobo wewebhu ujongano olusekwe.

Iinkonzo:

• I-Credential sniffer - ungabamba ii-URL ezityelelweyo kunye neenginginya ze-HTTPS, ukuqinisekiswa kwe-HTTP, iziqinisekiso zeeprotocol ezininzi ezahlukeneyo;
• Ininzi yokuhlaselwa kwe-MITM eyakhelweyo;
• Imodyuli ye-HTTP (S) proxy ecacileyo - ungalawula itrafikhi ngokuxhomekeke kwiimfuno zakho;
• Iseva ye-HTTP eyakhelwe-ngaphakathi;
• Inkxaso yee-caplets - iifayile ezivumela uhlaselo oluntsonkothileyo noluzenzekelayo ukuba luchazwe ngolwimi lokubhala.

Umgcini:

• Ezinye iimodyuli - umzekelo, i-ble.enum - ayixhaswanga ngokuyinxenye yi-macOS kunye neWindows, ezinye ziyilelwe kuphela i-Linux - packet.proxy.

isango_umfumani

umfumani wesango -Iskripthi sePython esinceda ekumiseleni amasango anokwenzeka kwinethiwekhi. Iluncedo kuvavanyo lokwahlulahlula okanye ukufumana iinginginya ezikwaziyo ukuya kwi-subnet efunekayo okanye i-Intanethi. Ifanelekile kwiipentest zangaphakathi xa kufuneka ukhangele ngokukhawuleza iindlela ezingagunyaziswanga okanye iindlela eziya kwamanye amanethiwekhi angaphakathi angaphakathi.

Iinkonzo:

• Kulula ukuyisebenzisa kunye nokwenza ngokwezifiso.

i-mitmproxy

i-mitmproxy - isixhobo esivulekileyo sokuhlalutya i-traffic ekhuselweyo usebenzisa i-SSL/TLS. I-mitmproxy ilungele ukunqanda kunye nokuguqula i-traffic ekhuselweyo, ngokuqinisekileyo, ngezinye ii-caveats; Isixhobo asilwenzi uhlaselo lwe-SSL/TLS decryption. Isetyenziswa xa ufuna ukunqanda kwaye urekhode utshintsho kwitrafikhi ekhuselwe yi-SSL/TLS. Iqukethe i-Mitmproxy - ye-traffic proxying, i-mitmdump - efana ne-tcpdump, kodwa ye-HTTP (S) yetrafikhi, kunye ne-mitmweb - i-web interface ye-Mitmproxy.

Iinkonzo:

• Isebenza ngeeprothokholi ezahlukeneyo, kwaye ikwaxhasa ukuguqulwa kweefomathi ezahlukeneyo, ukusuka kwi-HTML ukuya kwiProtobuf;
• I-API yePython - ikuvumela ukuba ubhale izikripthi zemisebenzi engekho-standard;
• Ingasebenza kwimowudi ye-proxy ecacileyo kunye nothintelo lwendlela.

Umgcini:

• Ifomati yokulahla ayihambelani nantoni na - kunzima ukusebenzisa i-grep, kufuneka ubhale izikripthi;

SIXHENGXE

SIXHENGXE - isixhobo sokuxhaphaza amandla eCisco Smart Install protocol. Kuyenzeka ukuba ufumane kwaye uguqule uqwalaselo, kunye nokubamba ulawulo lwesixhobo seCisco. Ukuba ukwazile ukufumana uqwalaselo lwesixhobo seCisco, ungasijonga usebenzisa I-CCAT, esi sixhobo siluncedo ekuhlalutyeni uqwalaselo lokhuseleko izixhobo Cisco.

Iinkonzo:

Ukusebenzisa iCisco Smart Faka iprotocol ikuvumela ukuba:

• Guqula idilesi yeseva ye-tftp kwisixhobo somthengi ngokuthumela ipakethe enye ye-TCP engalunganga;
• Khuphela ifayile yoqwalaselo lwesixhobo;
• Guqula ubumbeko lwesixhobo, umzekelo, ngokongeza umsebenzisi omtsha;
• Hlaziya umfanekiso we-iOS kwisixhobo;
• Yenza iseti yemiyalelo engacwangciswanga kwisixhobo. Olu luphawu olutsha olusebenza kuphela kwiinguqulelo ze-iOS 3.6.0E kunye ne-15.2(2)E;

Umgcini:

• Isebenza kunye neseti encinci yezixhobo zeCisco, ufuna kwakhona i-IP "emhlophe" ukuze ufumane impendulo kwisixhobo, okanye kufuneka ube kwinethiwekhi efanayo njengesixhobo;

yersinia

yersinia sisikhokelo sohlaselo lwe-L2 eyilelwe ukuxhaphaza iziphene zokhuseleko kwiiprothokholi ezahlukeneyo zenethiwekhi ye-L2.

Iinkonzo:

• Ikuvumela ukuba uqhube uhlaselo kwi-STP, i-CDP, i-DTP, i-DHCP, i-HSRP, i-VTP kunye nabanye.

Umgcini:

• Ayisiyiyo eyona interface yomsebenzisi enobuhlobo.

iiproxychains

iiproxychains -isixhobo esikuvumela ukuba uqondise kwakhona i-traffic yesicelo ngeproxy echaziweyo ye-SOCKS.

Iinkonzo:

• Inceda ukuqondisa ngokutsha i-traffic kwezinye izicelo ezingenakho ukusebenza nge-proxies ngokungagqibekanga;

Kweli nqaku, sijonge ngokufutshane kwiingenelo kunye nokungalunganga kwezixhobo eziphambili zepentesting yenethiwekhi yangaphakathi. Hlala ubukele, siceba ukupapasha ingqokelela enjalo kwixesha elizayo: IWebhu, i-database, izicelo zeselula - ngokuqinisekileyo siya kubhala malunga nale nto.

Yabelana ngezinto ozithandayo kumagqabantshintshi!

umthombo: www.habr.com