一、DNS資訊搜集
幾種常用的資訊搜集工具:
1.dnsenum枚舉資訊查尋所有的資訊
./dnsenum--dnsserver8.8.8.8目标(-fdns.txt)使用字典暴力破解
<a href="http://blog.51cto.com/attachment/201309/091652457.png" target="_blank"></a>
2.dnswalk區域傳送漏洞的測試
./dnswalkcisco.com.
<a href="http://blog.51cto.com/attachment/201309/091656355.png" target="_blank"></a>
<a href="http://blog.51cto.com/attachment/201309/091659187.png" target="_blank"></a>
3.dnsmap列舉目标的所有dns資訊
./dnsmapcisco.com
<a href="http://blog.51cto.com/attachment/201309/091701319.png" target="_blank"></a>
4.lbddns負載均衡
./lbd.shgoogle.com
<a href="http://blog.51cto.com/attachment/201309/091710421.png" target="_blank"></a>
5.whois查詢網站所有者的相關資訊
whoissina.com.cn
6.maltego圖形化資訊搜集工具
該工具的使用需要注冊
<a href="http://blog.51cto.com/attachment/201309/091720401.png" target="_blank"></a>
二、web資訊搜集
1.whatweb擷取目标站點的資訊
<a href="http://blog.51cto.com/attachment/201309/091728835.png" target="_blank"></a>
2.waffitwafw00f可以識别和指紋WAF網站産品保護。
<a href="http://blog.51cto.com/attachment/201309/091730337.png" target="_blank"></a>
3.curl-I目标
擷取目标的簡單的資訊
curl-T目标
curl-Tftp://user:[email protected]
上傳檔案(需要足夠的權限)
三、網絡資訊搜集
1.arping僅在區域網路可以使用
2.fping
fpingisapinglikeprogramwhichusestheInternetControlMessageProtocol(ICMP)echorequesttodetermineifahostisup.fpingisdifferentfrompinginthatyoucanspecifyanynumberofhostsonthecommandline,orspecifyafilecontainingthelistsofhoststoping.Insteadoftryingonehostuntilittimeoutsorreplies,fpingwillsendoutapingpacketandmoveontothenexthostinaround-robinfashion.Ifahostreplies,itisnotedandremovedfromthelistofhoststocheck.Ifahostdoesnotrespondwithinacertaintimelimitand/orretrylimititwillbeconsideredunreachable.Unlikeping,fpingismeanttobeusedinscriptsanditsoutputiseasytoparse
<a href="http://blog.51cto.com/attachment/201309/091730232.png" target="_blank"></a>
3.hping
hpingisacommandlineorientedTCP/IPpacketassembler/analyzer.Theinterfaceisinspiredtothepingunixcommand,buthpingisn'tonlyabletosendICMPechorequests.ItsupportsTCP,UDP,ICMPandRAW-IPprotocols,hasatraceroutemode,theabilitytosendfilesbetweenacoveredchannel,andmanyotherfeatures.
Firewalltesting
Advancedportscanning
Networktesting,usingdifferentprotocols,TOS,fragmentation
ManualpathMTUdiscovery
Advancedtraceroute,underallthesupportedprotocols
RemoteOSfingerprinting
Remoteuptimeguessing
TCP/IPstacksauditing
hpingcanalsobeusefultostudentsthatarelearningTCP/IP.
<a href="http://blog.51cto.com/attachment/201309/091735728.png" target="_blank"></a>
4.hping2
<a href="http://blog.51cto.com/attachment/201309/092949385.png" target="_blank"></a>
<a href="http://blog.51cto.com/attachment/201309/091741170.png" target="_blank"></a>
5.netifera
Netiferaisanetworkscannercapableofpassivescanning(scanofapcapfile,livenetworksniffing)aswellasactivescanning(entityportscan).Itenablestoidentifyhostsonthenetwork.
<a href="http://blog.51cto.com/attachment/201309/091743113.png" target="_blank"></a>
6.nmap
<a href="http://blog.51cto.com/attachment/201309/091754428.png" target="_blank"></a>
用nmap探測開放端口:-sSSYN半開掃描-sTTCP半開掃描-Pn不使用ping方式探
測主機-A探測服務類型
nmap–sS–Pn192.168.1.111
nmap–sS–Pn–A192.168.1.111
四、路由資訊收集
1.traceroute
<a href="http://blog.51cto.com/attachment/201309/091759388.png" target="_blank"></a>
2.tcptraceroute
tcptracerouteisatracerouteimplementationusingTCPpackets.
Themoretraditionaltraceroute(8)sendsouteitherUDPorICMPECHOpacketswithaTTLofone,andincrementstheTTLuntilthedestinationhasbeenreached.ByprintingthegatewaysthatgenerateICMPtimeexceededmessagesalongtheway,itisabletodeterminethepathpacketsaretakingtoreachthedestination.
TheproblemisthatwiththewidespreaduseoffirewallsonthemodernInternet,manyofthepacketsthattraceroute(8)sendsoutendupbeingfiltered,makingitimpossibletocompletelytracethepathtothedestination.However,inmanycases,thesefirewallswillpermitinboundTCPpacketstospecificportsthathostssittingbehindthefirewallarelisteningforconnectionson.BysendingoutTCPSYNpacketsinsteadofUDPorICMPECHOpackets,tcptracerouteisabletobypassthemostcommonfirewallfilters.
<a href="http://blog.51cto.com/attachment/201309/091802863.png" target="_blank"></a>
3.tcpdump
tcpdumpisacommonpacketanalyzerthatrunsunderthecommandline.ItallowstheusertointerceptanddisplayTCP/IPandotherpacketsbeingtransmittedorreceivedoveranetworktowhichthecomputerisattached.DistributedundertheBSDlicense,tcpdumpisfreesoftware.
<a href="http://blog.51cto.com/attachment/201309/091804649.png" target="_blank"></a>
4.scapy修改資料包
<a href="http://blog.51cto.com/attachment/201309/091806301.png" target="_blank"></a>
<a href="http://blog.51cto.com/attachment/201309/091807520.png" target="_blank"></a>
5.wireshark抓包
Wiresharkisafreeandopen-sourcepacketanalyzer.Itisusedfornetworktroubleshooting,analysis,softwareandcommunicationsprotocoldevelopment,andeducation.OriginallynamedEthereal,inMay2006theprojectwasrenamedWiresharkduetotrademarkissues.
Wiresharkiscross-platform,usingtheGTK+widgettoolkittoimplementitsuserinterface,andusingpcaptocapturepackets;itrunsonvariousUnix-likeoperatingsystemsincludingLinux,OSX,BSD,andSolaris,andonMicrosoftWindows.Thereisalsoaterminal-based(non-GUI)versioncalledTShark.Wireshark,andtheotherprogramsdistributedwithitsuchasTShark,arefreesoftware,releasedunderthetermsoftheGNUGeneralPublicLicense.
<a href="http://blog.51cto.com/attachment/201309/091817738.png" target="_blank"></a>
本文轉自Tar0 51CTO部落格,原文連結:http://blog.51cto.com/tar0cissp/1290345,如需轉載請自行聯系原作者
![HTTP 錯誤 403.9 - 禁止通路:連接配接的使用者過多 XP IIS伺服器連接配接數的修改[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)