分类目录归档:网络安全

nmap探测存活主机

nmap是所有安全爱好者应该熟练掌握的扫描工具,本篇介绍其在扫描大网络空间时的用法。

为什么要扫描大网络空间呢? 有这样的情形:

  1. 内网渗透   攻击者单点突破,进入内网后,需进一步扩大成果,可以先扫描整个私有网络空间,发现哪些主机是有利用价值的,例如10.1.1.1/8, 172.16.1.1/12, 192.168.1.1/16
  2. 全网扫描

扫描一个巨大的网络空间,我们最关心的是效率问题,即时间成本。 在足够迅速的前提下,宁可牺牲掉一些准确性。

扫描的基本思路是高并发地ping:

nmap -v -sn -PE -n --min-hostgroup 1024 --min-parallelism 1024 -oX nmap_output.xml www.lijiejie.com/16

继续阅读

编译Metasploit安卓Payload时报错解决笔记

在编译Metasploit的安卓payload时,报出以下错误

[ERROR] COMPILATION ERROR :
[INFO] ————————————————————-
[ERROR] No compiler is provided in this environment. Perhaps you are running on a JRE rather than a JDK?
[INFO] 1 error

报错后,所有编译处在SKIPPED状态,如下图:

继续阅读

两款Android远控(DroidJack+SpyNote)使用记录

第一款:DroidJack

功能介绍:

1、可以生成一个APK,绑定在被控手机的任何APP上
2、可在电脑端控制手机,包括浏览、传输、删除文件等
3、可进行SMS短信收发和查看功能
4、可以控制手机的电话功能
5、联系人管理
6、麦克风监听
7、GPS定位
8、APP管理

继续阅读

修改Metasploit安卓Payload源码以实现持久化访问

Metasploit-Payload是广泛使用的安卓后门之一,然而无论是直接使用msfvenom生成的apk文件,还是通过其他手段将payload注入到已有apk中,其连接稳定性都非常差,基本在APP启动的一刹那可以建立连接,如果网络不稳定,中断后不会再次连接。本文将通过直接修改安卓payload源码已实现持久化访问。

继续阅读

Easy Metasploit Install on Windows Subsystem for Linux

Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux

1.) Enable Developer Mode
C:\> reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock” /t REG_DWORD /f /v “AllowDevelopmentWithoutDevLicense” /d “1”

2.) Enable Windows Subsystem for Linux
C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux

3.) Reboot

4.) Type “bash” at cmd line to get into Windows Subsystem for Linux and create a new password for your user.

5.) Install Metasploit
test@Desktop:/mnt/c$ curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && chmod 755 msfinstall && ./msfinstall


原文连接: dafthack

 

找到CDN背后的真实IP

方法一:查询历史DNS记录

通过查看 IP 与 域名绑定的历史记录,可能因为网站之前没有使用CDN,历史IP地址的解析记录(A记录)存在真实服务器的IP,这个是有可能的。

相关查询网站:(经过验证,只有https://x.threatbook.cn/才能查询DNS解析历史记录,而且太早期的也没有)

  • https://dnsdb.io/zh-cn/
  • https://x.threatbook.cn/
  • http://toolbar.netcraft.com/site_report?url=
  • http://viewdns.info/

弊端:如果使用了CDN,更换了真实服务器IP;或者查询不到DNS解析历史记录。则无法找到。

部分域名的早期DNS的历史记录无法查询,通过以上提到的4个途径。

继续阅读

Mirai Internet of Things IoT DDoS sets record 600+ GB/Sec and your refrigerator could have been one of the attackers!

What is the Internet of Things (IoT) ?

In today’s technological expansion everything seems to be connected to the Internet, for instance in my own home I have my refrigerator, thermostat, video cameras, tablets, cell phone, TV, xbox, DirecTV box, printer, security system, laptops, servers, workstations, Ethernet tap, a switch and a router all connected to the Internet! This is all collectively referred to as the Internet of Things, basically everything connected to the interwebs.A lot of devices that connect to the internet now are a combination of hardware and software (firmware) and are not commonly updated and patched as that requires typically flashing the firmware. New vulnerabilities are being discovered daily in these devices and being used in botnets to conduct massive Distributed Denial of Service attacks.

There is a new botnet being used to conduct IoT attacks and it is called Mirai and the source code has been leaded onto github here https://github.com/jgamblin/Mirai-Source-Code

Mirai functions by infecting IoT devices by trying to brute force their passwords.The tactic it uses to brute force passwords is entering commonly used and default passwords. Several things have been noted in Mirai.Such as the bots being written in C and the command & control being written in Go and the fact it contains a list of IPs for which to avoid activating its scans on.

 

继续阅读