欢迎来到天天文库
浏览记录
ID:33072441
大小:54.01 KB
页数:12页
时间:2019-02-19
《渗透攻击实验》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、渗透攻击实验K攻防对抗环境设计环境说明:1)环境区域划分说明:红方区域为攻击方;2)蓝方网络分布说明:Gateway为蓝方的边界网关设备,具有防火墙和路由设备的功能;Server为蓝方的重要服务器,存放有重要文件;PCI、PC2为蓝方内部的办公终端,可以访问NET、Gateway和Server;3)网络区域访问控制说明:蓝方内部允许Gateway访问PCI、PC2和Server;允许PCI、PC2访问NET、Gateway;禁止蓝方的Server访问NET;4)攻防目的:红方需要渗透蓝方网络,获取蓝方服务器上的文件;红
2、方在蓝方安放后门,控制蓝方服务器。需求软件:nessus*nmap>nc.exe.dns.exe*FtpServer>framework・32exe(待定)*open3389shutdown3389.bat2.攻击路径设计攻击路径红方一渗透一〉Gatew町一渗透一〉蓝方Server服务器红方利用nessus扫描蓝方网络,发现Gateway的弱点;红方利用对弱点的攻击,获取对Gateway的控制权;红方将Gateway作为跳板,利用Gateway对蓝方Server进行探测,发现Server的弱点;红方利用Gat
3、eway对Server的弱点进行攻击,获取对Server的控制权;红方在Server±安放后门,获取服务器上的文件。3.攻击路径1实验步骤1)红方利用nessus扫描蓝方网络TenableNessusSecurityReportStartTime:WedJun0309:15:062009FinishTime:WedJun0309:21:012009172.20.54.44general/icmpSynopsis:Therennotehostleaksmemoryinnetworkpackets・Description:
4、Theremotehostisvulnerabletoan^therleak*-theremoteethernetdriverseemstoleakbitsofthecontentofthememoryoftheremoteoperatingsystem.Notethatanattackermaytakeadvantagwofthisflawonlywhenitstargetisonthesamephysicalsubnet.SeeAlso:http://www.atstake.comyresearch/aclviso
5、nes/2003/a010603■:1txtdomain(53/udp)Synopsis:TheremoteDNSserverisvulnerabletocachesnoopingattacks.Description:TheremoteDNSserverrespondstoqueriesforthird-partydomainswhichdonothavetherecursionbitset.Thismayallowaremoteattackertodeterminewhichdomainshaverecentlyb
6、eenresolvedviathisnameserver,andthereforewhichhostshavebeenrecentlyvisited・Forinstance”ifanattackerwasinterestedinwhetheryourcompanyutilizestheonlineservicesofaparticularfinancialinstitution,theywouldbeabletousethisattacktobuildastatisticalmodelregardingconipany
7、usageofthatfinancialinstitution.Ofcourse,,theattackcanalsobeusedtofindB2Bpartners,web-surfingpatterns,externmlmailservers,andmore...SeeAlso:ForamuchmoredetaileddiscussionofthepotentialrisksofallowingDNScacheinformationtobequeriedanonymously,pleasesee:http://www.
8、rootsecure.net/content/downloads/Ddfydnscachesnoopinq-Ddf2)红方分析nessus扫描报告,选择Gateway开放的DNS服务(53端口)进行弱点测试使用工具:dns.exe测试命令:dns-s目标机IPF:Personl_research(20090602)>dns-s1
此文档下载收益归作者所有