Kail Linux渗透测试实训手册第3章信息收集
Kail Linux渗透测试实训手册第3章信息收集
信息收集是网络攻击最重要的阶段之一。要想进行渗透攻击,就需要收集目标的各类信息。收集到的信息越多,攻击成功的概率也就越大。本章将介绍信息收集的相关工具。本文选自《Kail Linux渗透测试实训手册》
3.1 Recon-NG框架
Recon-NG是由python编写的一个开源的Web侦查(信息收集)框架。Recon-ng框架是一个强大的工具,使用它可以自动的收集信息和网络侦查。下面将介绍使用Recon-NG侦查工具。
启动Recon-NG框架,执行命令如下所示:本文选自《Kail Linux渗透测试实训手册》
- root@kali:~# recon-ng
- _/_/_/ _/_/_/_/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/_/_/
- _/ _/ _/ _/ _/ _/ _/_/ _/ _/_/ _/ _/
- _/_/_/ _/_/_/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/ _/ _/ _/ _/_/_/
- _/ _/ _/ _/ _/ _/ _/ _/_/ _/ _/_/ _/ _/
- _/ _/ _/_/_/_/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/_/_/
- +---------------------------------------------------------------------------+
- | _ ___ _ __ |
- | |_)| _ _|_ |_|.|| _ | _ |_ _ _ _ _ _|_o _ _ (_ _ _ _o_|_ |
- | |_)|(_|(_|\ | ||||_\ _|_| || (_)| |||(_| | |(_)| | __)(/_(_|_|| | | \/ |
- | / |
- | Consulting | Research | Development | Training |
- | http://www.blackhillsinfosec.com |
- +---------------------------------------------------------------------------+
- [recon-ng v4.1.4, Tim Tomes (@LaNMaSteR53)]
- [56] Recon modules
- [5] Reporting modules
- [2] Exploitation modules
- [2] Discovery modules
- [1] Import modules
- [recon-ng][default] >
首次使用Recon-NG框架之前,可以使用help命令查看所有可执行的命令。如下所示:
- [recon-ng][default] > help
- Commands (type [help|?] <topic>):
- ---------------------------------
- add Adds records to the database
- back Exits current prompt level
- del Deletes records from the database
- exit Exits current prompt level
- help Displays this menu
- keys Manages framework API keys
- load Loads specified module
- pdb Starts a Python Debugger session
- query Queries the database
- record Records commands to a resource file
- reload Reloads all modules
- resource Executes commands from a resource file
- search Searches available modules
- set Sets module options
- shell Executes shell commands
- show Shows various framework items
- spool Spools output to a file
- unset Unsets module options
- use Loads specified module
- workspaces Manages workspaces
以上输出信息显示了在Recon-NG框架中可运行的命令。该框架和Metasploit框架类似,同样也支持很多模块。此时,可以使用show modules命令查看所有有效的模块列表。执行命令如下所示:本文选自《Kail Linux渗透测试实训手册》
- [recon-ng][default] > show modules
- Discovery
- ---------
- discovery/info_disclosure/cache_snoop
- discovery/info_disclosure/interesting_files
- Exploitation
- ------------
- exploitation/injection/command_injector
- exploitation/injection/xpath_bruter
- Import
- ------
- import/csv_file
- Recon
- -----
- recon/companies-contacts/facebook
- recon/companies-contacts/jigsaw
- recon/companies-contacts/jigsaw/point_usage
- recon/companies-contacts/jigsaw/purchase_contact
- recon/companies-contacts/jigsaw/search_contacts
- recon/companies-contacts/linkedin_auth
- recon/contacts-contacts/mangle
- recon/contacts-contacts/namechk
- recon/contacts-contacts/rapportive
- recon/contacts-creds/haveibeenpwned
- ……
- recon/hosts-hosts/bing_ip
- recon/hosts-hosts/ip_neighbor
- recon/hosts-hosts/ipinfodb
- recon/hosts-hosts/resolve
- recon/hosts-hosts/reverse_resolve
- recon/locations-locations/geocode
- recon/locations-locations/reverse_geocode
- recon/locations-pushpins/flickr
- recon/locations-pushpins/picasa
- recon/locations-pushpins/shodan
- recon/locations-pushpins/twitter
- recon/locations-pushpins/youtube
- recon/netblocks-hosts/reverse_resolve
- recon/netblocks-hosts/shodan_net
- recon/netblocks-ports/census_2012
- Reporting
- ---------
- reporting/csv
- reporting/html
- reporting/list
- reporting/pushpin
- reporting/xml
- [recon-ng][default] >
从输出的信息中,可以看到显示了五部分。每部分包括的模块数,在启动Recon-NG框架后可以看到。用户可以使用不同的模块,进行各种的信息收集。本文选自《Kail Linux渗透测试实训手册》
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。