当前位置: 首页 > >

Éø͸֮ÐÅÏ¢ÊÕ¼¯×¼±¸¹¤×÷£¨ÀûÓø¨Öú¹¤¾ßÓëÍøÕ¾²éѯ£©

发布时间:

Éø͸µÄµÚÒ»²½¿Ï¶¨ÊǽøÐÐÐÅÏ¢ÊÕ¼¯£¬ÔÚÐÅÏ¢ÊÕ¼¯ÖÐ×ܽáÁË10Öг£¼ûµÄ·½Ïò£¬´ó¸Å·Ö±ðÈçÏ£º
±¾ÎÄÕÂĿ¼´ó¸ÙÈçÏ£º


1¡¢DNSÐÅÏ¢ÊÕ¼¯2¡¢Ãô¸ÐĿ¼ÊÕ¼¯3¡¢¶Ë¿ÚɨÃèÐÅÏ¢ÊÕ¼¯4¡¢ä¯ÀÀÆ÷Óï·¨5¡¢×ÓÓò̽²â6¡¢ÅÔվ̽²â7¡¢C¶Î²éѯ8¡¢Õûվʶ±ð9¡¢Waf̽²â10¡¢¹¤¾ßÍøÕ¾**

ÒÔÏÂÊǶԷþÎñÆ÷½øÐÐÉø͸µÄͼ½â·½Ïò


¡°=================================================¡±


1¡¢DNSÐÅÏ¢ÊÕ¼¯

°üÀ¨ÒÔÏ·½Ã棺
ÓòÃû¶ÔÓ¦µÄip¡¢¶þ¼¶ÓòÃû¡¢mx¡¢whois×¢²áÈ˵ÄÐÅÏ¢£¬×¢²áÈ˵ÄÓÊÏä¡¢ÊÖ»úºÅ¡¢ÁªÏµ·½Ê½¡¢ËùÔÚµØÇø¡¢whois·´²é£¬×¢²áÈ˵ÄÆäËûÓòÃûºÍÓÊÏä
³£Óù¤¾ß£º


KaliϵͳÖУº
£¨1£©Dnsmap¡¢
£¨2£©dnsenum.pl

windowsϵͳÖУº
https://www.aizhan.com/°®Õ¾Íø
http://www.robtex.com/
http://seo.chinaz.com/£¨Õ¾³¤¹¤¾ß£©¡¢https://searchdns.netcraft.com/£¨´ËÍøÕ¾·Ç³£ºÃÓã©
http://www.robtex.com/£¨DNS²éѯרÓã©
docÃüÁî½øÐвéѯ£ºÊäÈëÃüÁînslookup£¬È»ºóÊäÈëÐèÒª²éѯµÄÍøÖ·£¬´ËÖÖ·½Ê½ÍùÍù»áʧ°Ü¸æÖÕ¡£

¡°==============================================¡±


2¡¢Ãô¸ÐĿ¼

¹ÜÀíºǫ́¡¢phpmyadmin¡¢°²×°Ä¿Â¼¡¢ÉÏ´«Ä¿Â¼¡¢²éѯwebshell
ɨÃèÊý¾Ý¿âÎļþ¡¢www.root/www/.rar/zip¡¢robots.txtµÈµÈ
³£ÓõŤ¾ß£º


WindowsÖУºWWWSCAN GUI Beta6( ÌáÈ¡Â룺keog)¡¢Óù½££¨ÌáÈ¡Â룺a7lu£©¡¢**OWASP DirBuster0.12**£¨Õâ¸ö¹¤¾ß¿¿µÄÊÇ×ֵ䣬¶øÇÒʹÓÃÕâ¸ö¹¤¾ß±ØÐëÓÐjavaµÄÅäÖû·¾³£¬Ð§¹ûÊ®·ÖÃ÷ÏÔ£©
DirBusterÊÇÒ»¸ö¶àÏ̵߳ĻùÓÚJavaµÄÓ¦ÓóÌÐòÉè¼ÆÂùÁ¦Web /Ó¦Ó÷þÎñÆ÷ÉϵÄĿ¼ºÍÎļþÃû ¡£
kaliÖУº£¨1£©burpsuit¡¢£¨2£©webrobot(windowsÖÐÇëµã»÷Õâ)Õâ¸öÈí¼þµÄÍøÂçÖ©ÖëÌرðºÃÓà ¼´ÅÀÐÐÍøÕ¾ ÅÀȡĿ¼¡¢£¨3£©skipfish¡¢£¨4£©websploit
Öйú²Ëµ¶£¨²»½âÊÍ£¬ÆäЧ¹û¿Ú±®²»Óöà˵£©
×¢Ò⣺
²»ÉèÖÃɨÃèËÙ¶ÈÈÝÒ×ÈÃÍøÕ¾À¹½Ø½ûÖ¹·ÃÎÊ£¬Õâʱºò¿ÉÒÔÊÍ·Åip£¬
ÊÍ·Åip·½·¨ÈçÏ£º


1£®µã»÷¡°¿ªÊ¼¡±°´Å¥£¬È»ºóµã»÷¡°¸½¼þ¡±Ñ¡ÏîÔÙµã»÷¡°ÃüÁîÌáʾ·û¡±¡£
2£®ÔÚDOSÃüÁîÐÐģʽÊäÈëÒÔÏÂÃüÁî¡°ipconfig /release¡±È»ºó°´»Ø³µ¼ü£¬Ê¹ÓôËÃüÁî¿ÉÒÔÊÍ·ÅIPµØÖ·¡£
3£®ÔÚDOSÃüÁîÐÐģʽÊäÈëÒÔÏÂÖ¸Áî¡°ipconfig /renew¡±È»ºó°´»Ø³µ¼ü£¬Ê¹ÓÃÒÔÉÏÁ½ÌõÖ¸Áî¿ÉÒÔÖØлñµÃIPµØÖ·¡£
4£®ÔÚDOSÃüÁîÐÐģʽÊäÈëÒÔÏÂÖ¸Áî¡°ipconfig /all¡±È»ºó°´»Ø³µ¼ü£¬Í¨¹ý»ñµÃµÄIPÐÅϢȷ¶¨ÊÇ·ñÕýÈ·»ñµÃÁËIPµØÖ·¡£
¡°==============================================¡±


3¡¢¶Ë¿ÚɨÃè

¶Ë¿ÚɨÃ蹤¾ß£º
£¨1£©ScanPort¡¢
£¨2£©nmap£¨É¨Ãè¶Ë¿ÚÖ®Íõ£¬ÓÐwindows°æ±¾µ«kaliÖÐ×Ô´ø£©
³£ÓõÄɨÃèÃüÁ
https://www.cnblogs.com/twpone/p/9263063.html
È«Ãæ½ø¹¥ÐÔɨÃ裺
nmap -v -A ÍøÕ¾ÓòÃû
PingɨÃ裺
nmap -v -sn ipÆðʼµØÖ·/ip½áÊøµØÖ·
¿ìËٶ˿ÚɨÃ裺
nmap -F -v targerip
£¨3£©Ê¹ÓÃtelnetÅж϶˿ڵĿªÆôÇé¿öÔÚÃüÁîÌáʾ´°¿ÚÖУº
telnet ipµØÖ·£ºÉ¨ÃèµÄ¶Ë¿ÚºÅ
Èç¹ûûÓÐÌáʾ´íÎóÔòÒ»°ãΪÕâ¸ö¶Ë¿ÚÕý³£¿ªÆô
³£¼ûµÄɨÃè·þÎñ£º
ftp¡¢mysql¡¢mssql¡¢telent¡¢ssh¡¢rdp
񪒒
¡°==============================================¡±


4¡¢ä¯ÀÀÆ÷Ó﷨ʹÓÃ

intext:ºǫ́ µÇ¼ ¹ÜÀí
¾Í¿ÉÒÔ²éѯµ½ºÜ¶àÍøÕ¾µÄºǫ́¹ÜÀí½çÃæ
ÍòÄÜÃØÔ¿£º¡®or¡¯=¡®or¡¯£¬Óû§ÃûºÍÃÜÂ붼дÕâ¸ö
µ«ÊÇÒ»°ãÏÖÔÚµÄÍøÕ¾¶¼¶ÔÕâ¸öÓзÀ·¶£¬ËùÒÔÏÖÔÚÇ×ÉíÌå»á²»ºÃÓÃ
intitle:ºǫ́µÇ¼
filetype:pdf£¨¸úµÄÎļþ¸ñʽ£©
ËÑË÷ÎļþµÄ¸ñʽ
inurl:admin
ÀýÈçinurl:asp?id=£¨ËÑË÷ËùÓÐÓйØaspµÄÍøÕ¾£©
½«·µ»Øn¸öhttp:www.cracle.com/xxx/adminÕâÑùµÄÁ´½Ó
link:www.4ngel.net
¿ÉÒÔ·µ»ØºÍÓйØÁ´½ÓËùÓÐURL
site:ÓòÃû
½«·µ»ØËùÓÐÓëÓòÃûÓйصÄURL
ÕÒÓйؿÉÒÔ×¢ÈëµÄÍøÕ¾£º
site:jnxy.edu.cn inurl:asp?id=
¸ü¶àµÄÓï·¨ÍøÉÏÓкܶ࣬ÆäËûÈ˵IJ©¿Í£º
https://www.cnblogs.com/nuomin/p/7063290.html
¡°==============================================¡±


5¡¢ÅÔÕ¾¼ì²â

²éѯͬһ¸ö·þÎñÆ÷ÉϵÄÆäËûÍøÕ¾£¬ÈôÏë¸ãÒ»¸öÍøÕ¾¸ã²»¶¯£¬¿ÉÒÔ¸ãÔÚͬһ¸ö·þÎñÆ÷ÉϵÄÅÔÕ¾½ø¶ø¸ãÄ¿±ê
ÀûÓÃÍøÕ¾£º
Õ¾³¤¹¤¾ß
°®Õ¾Íø

½øÐÐÓòÃû·´²î²Ù×÷
¡°==============================================¡±


6¡¢×ÓÓòÃû̽²â

Ö±½ÓÒýÓÃһλÉø͸´óÀеIJ©¿Í£º
https://xz.aliyun.com/t/3478
̽²â¹¤¾ß£º
£¨1£©layer×ÓÓòÃûÍÚ¾ò»úv3.1¡¢ÔÚwindowsÉÏÍêÃÀÔËÐÐ
£¨2£©matego£¨ÕâÊÇÒ»¿îÌرðºÃµÄÈí¼þ£¬windows°æ±¾ºÍkali×Ô´ø£¬µ«ÊÇÐèҪע²á£¬ÐèҪʹÓùȸ裩
ÕâÖ»ÊÇÒ»¿îkali×Ô´øµÄ¹¤¾ß£¬»¹Óкܶ಻ÑÇÓÚ´Ë¿îÈí¼þµÄɨÃ蹤¾ß£¬²»ÔÚÒ» Ò»½éÉÜ
£¨3£©ÓùȸèÓï·¨½øÐвéÕÒsite:url
¡°==============================================¡±
ÍƼöÒ»¸öÍøÕ¾£º
www.exploit-db.com
¹«²¼Ò»ÏÂ×îеĩ¶´ÍøÕ¾,ÿÌ춼»á¸üУ¬»¹ÓÐһЩ×÷Õ߻ṫ²¼·¢²¼µÄ©¶´ÀûÓóÌÐò¡£


7¡¢C¶ÎɨÃè

ÉæÁÔ²»É÷£¬²ÅѧÊèdz£¬¼ûÁÂ
Óù½£2014bate(Õâ¸ö¹¤¾ßÏÖÔÚÒѾ­Ê§Ð§£¬µ«ÊÇÒÔÇ°¿Ú±®Í¦ºÃ)
Õ¾³¤¹¤¾ß
ÕâÀﻹÓдýºóÆÚÑо¿£¬Ìرð±ê×¢
¡°==============================================¡±


8¡¢Õûվʶ±ð

²Ù×÷ϵͳ*̨£ºwindows linux unix
ÍøÕ¾·þÎñÆ÷×é¼þ£º
IIS 6¡¢7.0¡¢8. Apache¡¢tomcat¡¢jboss
ʹÓõÄÊý¾Ý¿âÀàÐÍ£º
mysql¡¢mssql¡¢oracle¡¢db2¡¢access¡¢postgresql¡¢mangodb
½Å±¾ÀàÐÍ£ºasp¡¢jsp¡¢php¡¢aspx
ÍøÕ¾cms£º
dedecms¡¢08cms¡¢Á¼¾«¡¢aspcms¡¢phpweb¡¢phpcms¡¢µÛ¹ú¡¢dz¡¢WordPressµÈ¡£¡£¡£
Whatweb
webÓ¦ÓóÌÐòÖ¸ÎÆʶ±ð¹¤¾ß£º


³£¹æɨÃ裺
whatweb example.com


Ïêϸ»ØÏÔʾɨÃè
whatweb -v example1.com example2.org


ɨÃèÇ¿¶ÈµÈ¼¶¿ØÖÆ
whatweb -a 3 example.com


¿ìËÙ±¾µØɨÃè
whatweb --no-errors -t 255 192.168.0.0/24


ÆäËû¹¤¾ß£º
Ö¸ÎÆÌØÕ÷ʶ±ð beta2 -b0y
Óù½£WEBÖ¸ÎÆʶ±ðϵͳ
¡°===============================================¡±


9¡¢WAF̽²â

ÔÚurlÖмÓÈë¹ýÂË×Ö·ûÀýÈ磺
http://www.cracer.com/php?id=1 and 1=1
ÓÃÓù½£É¨ÃèĿ¼
¡°==============================================¡±


10¡¢»¥ÁªÍøÊÕ¼¯(²Ëµ¥)

Õâ¸öÓеã¶àÓ࣬ÏñÊÇÇ°Ãæ˵¹ýµÄ¹È¸èºÚ¿ÍºÍÕ¾³¤¹¤¾ßÒÔ¼°°®Õ¾Íø£¬ÀûÓÃÕâЩ¿ÉÒÔÀûÓõŤ¾ßÒÔ¼°ÊÖдµÄһЩ¹Ø¼ü´Ê£¬¿ÉÒÔÊÕ»ñ×Ô¼ºÒâÏë²»µ½µÄ¶«Î÷²»ÊǺܿªÐÄô
°Ù¶È»òÕ߹ȸèURLÊÕ¼¯¹¤¾ßÈ»ºó·ÅÈëµ½
Web°²È«É¨Ã蹤¾ß£º
M7lrv CMS v2.0
È»ºóÓÃÅÜmd5µÄ¹¤¾ß»òÕßÍøÕ¾ÅÜmd5½âÃÜ£¬ÅܳöÍøÕ¾¹ÜÀíÔ±µÄÕʺźÍÃÜÂ루http://www.cmd5.com£©
´ËÍøÕ¾Êý¾ÝÁ¿ÖйúµÚ1µÄMD5²éѯÍøÕ¾£¬ÆäÖÐ5%ÒÔÉÏÈ«Çò¶ÀÓУ¬ËùÓÐÓ²ÅÌÖØÁ¿³¬¹ý1¶Ö£¡ÒÑ°üº¬6λ¼°6λÒÔÏÂÊý×Ö¡¢6-7λСд×Öĸ¼ÓÊý×Ö¡¢3λ´óСд×Öĸ¼ÓÊý×ÖµÈ×éºÏ¡¢ÒÔ¼°´óÁ¿ÆäËüÊý¾Ý(×´ï9룩¡£
ʵʱ²éѯӵÓÐÈ«ÊÀ½ç×î´óµÄÊý¾Ý¿â£¬Êµ²âÆ*â³É¹¦ÂÊÔÚ5%ÒÔÉÏ£¬ÓеĿͻ§ÒѾ­³¬¹ýÁË6%¡£
ʵʱ²éѯ֧³ÖÅúÁ¿Æ*⣬ÌṩרÃųÌÐò×ÔÖúÆ*â¡£Çëµã»÷µ¼º½À¸¡°ÅúÁ¿Æ*⡱½øÈëÏÂÔØ¡£



友情链接: