、渗透技巧及信息收集的基本流程（The basic process of information collection and penetration skills）.docVIP

下载本文档

1
0
约7.81千字
约 8页
2017-08-17 发布于河南
举报
版权申诉

、渗透技巧及信息收集的基本流程（The basic process of information collection and penetration skills）.doc

1、本文档共8页，可阅读全部内容。
2、原创力文档（book118）网站文档一经付费（服务费），不意味着购买了该文档的版权，仅供个人/单位学习、研究之用，不得用于商业用途，未经授权，严禁复制、发行、汇编、翻译或者网络传播等，侵权必究。
3、本站所有内容均由合作方或网友上传，本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺！文档内容仅供研究参考，付费前请自行鉴别。如您付费，意味着您自己接受本站规则且自行承担风险，本站不退款、不进行额外附加服务；查看《如何避免下载的几个坑》。如果您已付费下载过本站文档，您可以点击这里二次下载。
4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等，请点击“版权申诉”（推荐），也可以打举报电话：400-050-0827(电话支持时间：9:00-18:30)。

、渗透技巧及信息收集的基本流程（The basic process of information collection and penetration skills）

、渗透技巧及信息收集的基本流程（The basic process of information collection and penetration skills） The preface: The attack must be the purpose of the first set, why? How to attack? After the success of the how to do? Is that how to do? In case of how to do? So, planned to carry out attacks. The Capitol in advance: We generally in penetration time, first of all is to check out the location, and then carry out attacks (oh, nonsense who are the first check that, before the implementation of) I would first talk to the capitol. Check tool is divided into active mode and passive mode: First, the so-called active, frankly, is that you use active scanning tools on the website of the weaknesses of detecting and obtaining information on the website. Some of the information, and two is passive in normal circumstances to get the site visit. Of course, the information obtained by the passive and active is nothing. The passive case tool, wherein said gray hat in P0f (Universal passive fingerprint operating system specific tools, please see the following brief introduction). He can normally access through your website, the website to obtain information on the operating system, use the method is not within the scope of the problems. P0f - remote OS fingerprint new passive discrimination tool: P0f can capture and analyze the target host data packets sent to the operating system on the host identification, even with a good performance of the firewall on the system under the condition of no problem. P0f does not increase any direct or indirect network load, no name, no secrets, no search detection ARIN query, what is not. Some master can also use P0f to detect whether the host firewall exists, whether the NAT, if there is a load balancer! P0f is after Nmap and Xprobe2 and a remote operating system passive discrimination tool. It supports: 1, even SYN 2, even SYN+ACK 3, even RST+ 4 pieces, ACK model P0f is relatively unique, it is able to detect: A, is running behind a firewall B, is running in NAT m