Tải bản đầy đủ (.pdf) (54 trang)
  1. Trang chủ
    2. >>
  2. Công nghệ thông tin
    3. >>
  3. Bảo mật

Slide kiểm thử xâm nhập chương 2 imformation garthering

Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (2.41 MB, 54 trang )

.c
om

cu

u

du
o

ng

th

an

co

ng

Information Gathering

CuuDuongThanCong.com

/>

.c
om

Contents


co

 Passive information gathering

ng

 What is information gathering

cu

u

du
o

ng

th

an

 Active information gathering

CuuDuongThanCong.com

/>

.c
om


cu

u

du
o

ng

th

an

co

ng

1. What is information gathering

CuuDuongThanCong.com

/>

.c
om

1. What is information gathering
 Information gathering is the first step in conducting a penetration test and is

co


ng

arguably the most important.

an

 Information gathering is the process of collecting the information from

ng

th

different places about individual company, organization, Server, IP address or

cu

u

du
o

person.

CuuDuongThanCong.com

/>

.c
om


Information Gathering
 Types of information gathering

co
an

cu

u

du
o

ng

th

 Active information gathering

ng

 Passive information gathering

CuuDuongThanCong.com

/>

.c
om


cu

u

du
o

ng

th

an

co

ng

2. Passive Information Gathering

CuuDuongThanCong.com

/>

.c
om

2. Passive Information Gathering
 Passive information gathering focuses on collecting information archived


co

ng

on systems not located in our client’s network.

th

an

 We try to gather as much information about our target network and

cu

u

du
o

ng

systems without connecting to them directly.

CuuDuongThanCong.com

/>

.c
om


Information Searches
 Locate the target Web presence

co

ng

 Gather search engine results regarding the target

an

 Look for Web groups containing employee and/or company comments

th

 Examine the personal Web sites of employees

du
o

ng

 Search archival sites for additional information

u

 Look for job postings submitted by the target

cu


 Query the domain registrar
 Domain name system (DNS) information

CuuDuongThanCong.com

/>

.c
om

Results
• The penetration tester will have a wealth of information regarding the

co

ng

target without ever visiting the target’s network.

th

an

• All passive information is gathered from third-party sources that have

du
o
u
cu


this data.

ng

collected information about our target, or have legal requirements to retain

CuuDuongThanCong.com

/>

.c
om

Tools

cu

u

du
o

ng

th

an

co


ng

 Netcraft ()

CuuDuongThanCong.com

/>

.c
om

Tools

cu

u

du
o

ng

th

an

co

ng


 Whois Lookups (root@kali:~# whois bulbsecurity.com)

CuuDuongThanCong.com

/>

.c
om

Tools
 DNS Reconnaissance: Domain Name System(DNS) DNS is used to

co

ng

translate domain names into IP addresses and vice versa.

th

an

 Record in DNS:

ng

 A: Address

du
o


 CNAME: Canonical Name

cu

u

 MX: Mail Exchange

CuuDuongThanCong.com

/>

.c
om

CNAME cấu hình bí danh, nghĩa là 1 ip có thể gắn vào nhiều tên.

ng

1 IP có thể gắn nhiều CNAME

th

Ánh xạ tên miền vào địa chỉ IP.

ng

A


an

co

server.movie.edu. IN CNAME terminator.movie.edu.

u

Dùng để chuyển mail trên internet

cu

MX

du
o

Vd: terminator.movie.edu. IN A 192.168.11.100

t3h.com IN MX 0 mail.t3h.com.
CuuDuongThanCong.com

/>

.c
om
ng
co
an
th

ng
du
o
u
cu
CuuDuongThanCong.com

/>

cu

u

du
o

ng

th

an

co

ng

.c
om

DNS Reconnaissance


#nslookup –type=ns example.com 8.8.8.8

CuuDuongThanCong.com

/>

.c
om

DNS Reconnaissance

ng

#!/bin/sh

co

for HOSTNAME in `cat DomainNames.txt`

th

an

do

du
o

ng


echo "Getting name servers for [$HOSTNAME]"

done

cu

u

nslookup -type=ns $HOSTNAME 8.8.8.8

CuuDuongThanCong.com

/>

.c
om

DNS Reconnaissance
 Domain Information Groper (Dig)

cu

u

du
o

ng


th

an

co

ng

#dig example.com

CuuDuongThanCong.com

/>

.c
om

Dig

cu

u

du
o

ng

th


an

co

ng

 # dig +qr www.example.com any

CuuDuongThanCong.com

/>

.c
om

Dig

ng

Shortening the output

IN A 192.168.1.10

u

du
o

ng


th

an

44481

cu

example.com.

co

#dig +nocmd +noall +answer example.com

CuuDuongThanCong.com

/>

.c
om

Tool
Maltego: Paterva’s Maltego is a data-mining tool designed to visualize open

co

ng

source intelligence gathering.


cu

u

du
o

ng

th

an

 #maltego

CuuDuongThanCong.com

/>

.c
om
ng
co
an
th
ng
du
o
u
cu

CuuDuongThanCong.com

/>

.c
om
ng
co
an
th
ng
du
o
u
cu
CuuDuongThanCong.com

/>

.c
om
ng
co
an
th
ng
du
o
u
cu

CuuDuongThanCong.com

/>

.c
om

Tools

cu

u

du
o

ng

th

an

co

ng

 Searching for Email Addresses

CuuDuongThanCong.com


/>

.c
om

Tool

ng



cu

u

du
o

ng

th

an

co

 />
CuuDuongThanCong.com

/>


Tài liệu liên quan

Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Tải bản đầy đủ ngay
×