{"id":1795,"date":"2020-06-21T23:13:13","date_gmt":"2020-06-21T15:13:13","guid":{"rendered":"https:\/\/flandre-scarlet.moe\/blog\/?p=1795"},"modified":"2022-02-23T23:23:56","modified_gmt":"2022-02-23T15:23:56","slug":"%e3%80%8a%e7%bd%91%e7%bb%9c%e6%94%bb%e9%98%b2%e6%8a%80%e6%9c%af%e4%b8%8e%e5%ae%9e%e8%b7%b5%e3%80%8b%e8%af%bb%e4%b9%a6%e7%ac%94%e8%ae%b0","status":"publish","type":"post","link":"https:\/\/flandre-scarlet.moe\/blog\/1795\/","title":{"rendered":"\u300a\u7f51\u7edc\u653b\u9632\u6280\u672f\u4e0e\u5b9e\u8df5\u300b\u8bfb\u4e66\u7b14\u8bb0"},"content":{"rendered":"<p>\u7b2c\u4e00\u7ae0 \u7f51\u7edc\u653b\u9632\u6280\u672f\u6982\u8ff0<\/p>\n<ul>\n<li>\u53d1\u5c55\u5386\u53f2\uff0c\u4e8b\u4ef6<\/li>\n<li>\u57fa\u7840\u6280\u672f\u4f53\u7cfb\u6846\u67b6\uff1aWeb \u5b89\u5168\u653b\u9632\uff08\u70ed\u70b9\uff09\n<ul>\n<li>\uff08\u4e3b\u8981\u5185\u5bb9\uff09<\/li>\n<li>\u7cfb\u7edf\u5b89\u5168\u653b\u9632\u2014\u2014\u8f6f\u4ef6\u5b89\u5168\u6f0f\u6d1e\uff08\u6280\u672f\u57fa\u7840\uff09<\/li>\n<li>\u7f51\u7edc\u534f\u8bae\u5b89\u5168\u653b\u9632\u2014\u2014\u7f51\u7edc\u534f\u8bae\u5b89\u5168\u6f0f\u6d1e\uff08\u6280\u672f\u57fa\u7840\uff09<\/li>\n<li>\u7269\u7406\u653b\u51fb\u4e0e\u793e\u4f1a\u5de5\u7a0b\u5b66\u2014\u2014\u4eba\u7684\u5fc3\u91cc\u5f31\u70b9\u3001\u7269\u7406\u8bbe\u8ba1\u7f3a\u9677\uff08\u6280\u672f\u57fa\u7840\uff09<\/li>\n<\/ul>\n<\/li>\n<li>\u7f51\u7edc\u653b\u51fb\u8def\u5f84\n<ul>\n<li>\u4fe1\u606f\u6536\u96c6\n<ol>\n<li>\u8e29\u70b9\uff1aWeb \u641c\u7d22\u4e0e\u6316\u6398\u3001DNS \u548c IP \u67e5\u8be2\u3001\u7f51\u7edc\u62d3\u6251\u4fa6\u64e6<\/li>\n<li>\u626b\u63cf\uff1aPing \u626b\u63cf\u3001\u7aef\u53e3\u626b\u63cf\u3001\u64cd\u4f5c\u7cfb\u7edf\u63a2\u6d4b\u3001\u7f51\u7edc\u670d\u52a1\u63a2\u6d4b\u3001\u5b89\u5168\u6f0f\u6d1e\u626b\u63cf<\/li>\n<li>\u67e5\u70b9\uff1a\u7f51\u7edc\u670d\u52a1\u65d7\u6807\u6293\u53d6\u3001\u7f51\u7edc\u670d\u52a1\u67e5\u70b9\u3001\u7528\u6237\u8d26\u53f7\u67e5\u70b9<\/li>\n<\/ol>\n<\/li>\n<li>\u5b9e\u65bd\u653b\u51fb\n<ol>\n<li>\u83b7\u53d6\u8bbf\u95ee\uff1a\u5bc6\u7801\u7a83\u542c\uff0c\u5171\u4eab\u6587\u4ef6\u7684\u86ee\u529b\u653b\u51fb\u3001\u652b\u53d6\u5bc6\u7801\u6587\u4ef6\u3001\u7f13\u51b2\u533a\u6ea2\u51fa<\/li>\n<li>\u7279\u6743\u63d0\u5347\uff1a\u5bc6\u7801\u7834\u89e3\uff0c\u5229\u7528\u5df2\u77e5\u6f0f\u6d1e\u6216\u8106\u5f31\u70b9<\/li>\n<li>\u62d2\u7edd\u670d\u52a1\uff1aSYN Flood\u3001ICMP \u6280\u672f\u3001\u540c\u4e00 src\/dst SYN \u8bf7\u6c42\u3001\u91cd\u53e0 fragment\/offset\u3001\u9519\u8bef\uff08bugs\u3001Out of bounds TCP\u3001options\uff08OOB\uff09\uff09\u3001DDOS<\/li>\n<\/ol>\n<\/li>\n<li>\u6210\u529f\u4e4b\u540e\n<ol>\n<li>\u5077\u76d7\u7a83\u53d6\uff1a\u8bc4\u4f30\u53ef\u4fe1\u7cfb\u7edf\u7684\u575a\u56fa\u5ea6\uff0c\u63a2\u7d22\u660e\u6587\u5bc6\u7801<\/li>\n<li>\u63a9\u8e2a\u706d\u8ff9\uff1a\u6e05\u9664\u65e5\u5fd7\u8bb0\u5f55\u3001\u63a9\u85cf\u5de5\u5177<\/li>\n<li>\u521b\u5efa\u540e\u95e8\uff1a\u521b\u5efa\u201c\u65e0\u8d56\u201d\u8d26\u53f7\uff0c\u5b89\u6392\u6279\u5904\u7406\u547d\u4ee4\u4f5c\u4e1a\u3001\u611f\u67d3\u521d\u542f\u6587\u4ef6\u3001\u690d\u5165\u8fdc\u7a0b\u63a7\u5236\u670d\u52a1\u3001\u5b89\u88c5\u76d1\u63a7\u673a\u5236\u3001\u5229\u7528\u6728\u9a6c\u66ff\u6362\u5e94\u7528<\/li>\n<\/ol>\n<\/li>\n<\/ul>\n<\/li>\n<p><!--more--><\/p>\n<li>\u6001\u5ea6\n<ul>\n<li>\u4e16\u754c\u5145\u6ee1\u4e86\u5f85\u4eba\u89e3\u51b3\u7684\u8c1c\u9898<\/li>\n<li>\u4e00\u4e2a\u95ee\u9898\u4e0d\u5e94\u8be5\u88ab\u89e3\u51b3\u4e24\u6b21<\/li>\n<li>\u65e0\u804a\u548c\u4e4f\u5473\u7684\u5de5\u4f5c\u662f\u7f6a\u6076<\/li>\n<li>\u81ea\u7531\u4e07\u5c81\uff08\u53cd\u72ec\u88c1\uff0c\u53cd\u5bf9\u5ba1\u67e5\u3001\u4fdd\u5bc6\u3001\u538b\u8feb\uff09<\/li>\n<li>\u6001\u5ea6\u4e0d\u80fd\u66ff\u4ee3\u80fd\u529b\uff08\u8981\u6709\u667a\u529b\u3001\u5b9e\u8df5\u3001\u5949\u732e\u7cbe\u795e\u548c\u8f9b\u52e4\u5de5\u4f5c\uff09<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\n\u7b2c\u4e8c\u7ae0 \u7f51\u7edc\u653b\u9632\u5b9e\u9a8c\u73af\u5883<br \/>\n<br \/>\n\u7b2c\u4e09\u7ae0 \u7f51\u7edc\u4fe1\u606f\u6536\u96c6\u6280\u672f<\/p>\n<ul>\n<li>Google Hacking\n<ul>\n<li>\u627e\u51fa\u5317\u5927\u57df\u540d\u4e2d\u7684\u7f51\u7ad9\u670d\u52a1\u5668\uff1aallinurl:-php -html -htm -asp -aspx -ppt -pdf -swf -doc -xls site:pku.edu.cn\uff0c\u6392\u9664\u6389\u5c3d\u53ef\u80fd\u591a\u7684\u975e\u9996\u9875\u7f51\u5740<\/li>\n<li>\u627e\u51fa\u5f00\u653e rdp web \u8fde\u63a5\u7684\u670d\u52a1\u5668\uff1a allinurl:tsweb\/default.html site:cn<\/li>\n<li>\u627e\u51fa\u4fe1\u7528\u5361\u548c\u8eab\u4efd\u8bc1\u4fe1\u606f\uff1afiletype:xls \u4fe1\u7528\u5361 site:edu.cn \u548c filetype:xls \u8eab\u4efd\u8bc1\u53f7 site:edu.cn<\/li>\n<li>\u81ea\u52a8\u5316\uff1aGoogle AJAX Search API\uff0cxgoogle \u7684 python \u5e93<\/li>\n<\/ul>\n<\/li>\n<li>DNS\uff0cIP\n<ul>\n<li>GeoIP City \u7684\u514d\u8d39\u7248\u672c\uff1aGeoLite<\/li>\n<li>tracert \/ traceroute<\/li>\n<\/ul>\n<\/li>\n<li>\u4e3b\u673a\u626b\u63cf\uff08Ping \u626b\u63cf\uff09\n<ul>\n<li>nmap -sP\uff1a\u96c6\u5408 ICMP \/ SYN \/ ACK \/ UDP Ping\uff0c\u9ed8\u8ba4<\/li>\n<li>nmap -PE\uff1aICMP Echo \u626b\u63cf<\/li>\n<li>nmap -PS&lt;portlist&gt;\uff1aTCP SYN \u626b\u63cf<\/li>\n<li>nmap -PA&lt;portlist&gt;\uff1aTCP ACK \u626b\u63cf<\/li>\n<li>nmap -PU&lt;portlist&gt;\uff1aUDP \u4e3b\u673a\u626b\u63cf<\/li>\n<\/ul>\n<\/li>\n<li>\u7aef\u53e3\u626b\u63cf\n<ul>\n<li>nmap -sT\uff1aTCP Connect \u626b\u63cf<\/li>\n<li>nmap -sS\uff1aTCP SYN \u626b\u63cf<\/li>\n<li>nmap -sF\uff1aFIN \u626b\u63cf<\/li>\n<li>nmap -sN\uff1aNULL \u626b\u63cf<\/li>\n<li>nmap -sA\uff1aACK \u626b\u63cf<\/li>\n<li>nmap -sX\uff1a\u5723\u8bde\u6811\u626b\u63cf<\/li>\n<li>nmap -sU\uff1aUDP \u626b\u63cf<\/li>\n<\/ul>\n<\/li>\n<li>\u7cfb\u7edf\u63a2\u6d4b\n<ul>\n<li>\u4e3b\u52a8\uff1anmap -O\u3001queso<\/li>\n<li>\u88ab\u52a8\uff1aP0f\u3001siphon<\/li>\n<li>\u7f51\u7edc\u670d\u52a1\u4e3b\u52a8\uff1anmap -sV<\/li>\n<li>\u7f51\u7edc\u670d\u52a1\u88ab\u52a8\uff1aPADS<\/li>\n<\/ul>\n<\/li>\n<li>\u6f0f\u6d1e\u626b\u63cf\n<ul>\n<li>Bugtraq\u3001NVD\uff08\u7f8e\u56fd\u56fd\u5bb6\u6f0f\u6d1e\u5e93\uff09<\/li>\n<li>\u626b\u63cf\u5668\uff1aNessus\u3001Cheops-ng<\/li>\n<\/ul>\n<\/li>\n<li>\u7f51\u7edc\u67e5\u70b9\n<ul>\n<li>\u7f51\u7edc\u670d\u52a1\u65d7\u6807\u83b7\u53d6\uff1a\u4f7f\u7528 telnet\u3001netcat \u83b7\u5f97\u670d\u52a1\u5668\u7684\u7c7b\u578b\u548c\u7248\u672c\u53f7<\/li>\n<li>STMP \u7684 VRFY \u548c EXPN \u6307\u4ee4<\/li>\n<li>nmap -sR\uff1aRPC \u67e5\u70b9<\/li>\n<li>NetBIOS \u67e5\u70b9<\/li>\n<ul>\n<li>\u57df\uff1anet view<\/li>\n<li>\u57df\u63a7\u5236\u5668\uff1aWindows Resource Kit \u7684 nltest \/dclist\uff1aDOMAIN_NAME<\/li>\n<li>NetBIOS \u540d\u5b57\u8868\uff1anbtstat<\/li>\n<\/ul>\n<li>SMB \u4f1a\u8bdd\u67e5\u70b9<\/li>\n<ul>\n<li>\u5171\u4eab\u8d44\u6e90\uff1anet view \\\\HOST\uff0cWindows Resource Kit \u7684 rmtshare\u3001srvcheck\u3001srvinfo\uff0cLegoin\u3001NetBIOS Audit Tool<\/li>\n<li>\u6ce8\u518c\u8868\u67e5\u70b9\uff1aWindows Resource Kit \u7684 regdump \u6216 DumpSec \u7684 Dump Services<\/li>\n<li>\u67e5\u70b9\u53d7\u4fe1\u4efb\u57df\uff1anltest \/server \u548c nltest \/trusted_domain<\/li>\n<li>\u7528\u6237\u67e5\u70b9\uff1aWindows Resource Kit \u7684 usrstat\u3001showgrps\u3001local\u3001global\uff0c\u6216 DumpSec<\/li>\n<\/ul>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u7b2c\u56db\u7ae0 \u7f51\u7edc\u55c5\u63a2\u4e0e\u534f\u8bae\u5206\u6790<\/p>\n<ul>\n<li>MAC \u5730\u5740\u6d2a\u6cdb\uff1a\u5411\u4ea4\u6362\u673a\u53d1\u9001\u5927\u91cf\u4f2a\u9020\u7684 MAC \u548c IP \u5730\u5740\u7684\u5305\uff0c\u4f7f\u4ea4\u6362\u673a\u7684 MAC \u5730\u5740-\u7aef\u53e3\u6620\u5c04\u8868 \u65e0\u6cd5\u5de5\u4f5c\uff0c\u4ece\u800c\u8fdb\u5165\u5e7f\u64ad\u6a21\u5f0f<\/li>\n<li>MAC \u6b3a\u9a97\uff1a\u5192\u5145\u76ee\u6807\u7684 MAC \u5730\u5740\u6b3a\u9a97\u4ea4\u6362\u673a<\/li>\n<li>ARP \u6b3a\u9a97<\/li>\n<li>BPF\u3001libpcap\u3001tcpdump\u3001wireshark<\/li>\n<li>\u55c5\u63a2\u68c0\u6d4b\uff1aAntiSniff<\/li>\n<li>\u9632\u8303\uff1a\u5b89\u5168\u7684\u7f51\u7edc\u62d3\u6251\u3001VLAN\u3001\u5408\u7406\u5206\u6bb5\u3001\u9759\u6001 ARP\u3001\u9759\u6001 MAC \u7ed1\u5b9a\u3001\u7f51\u5173\u7b49\u91cd\u70b9\u533a\u57df\u9632\u8303\u3001\u907f\u514d\u660e\u6587\u534f\u8bae<\/li>\n<\/ul>\n<p>\u7b2c\u4e94\u7ae0 TCP\/IP \u7f51\u7edc\u534f\u8bae\u653b\u51fb<\/p>\n<ul>\n<li>\u7f51\u7edc\u5b89\u5168\uff1a\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u3001\u53ef\u7528\u6027\u3001\u771f\u5b9e\u6027\u3001\u4e0d\u53ef\u62b5\u8d56\u6027<\/li>\n<li>\u4e2d\u95f4\u4eba\u653b\u51fb<\/li>\n<li>\u534f\u8bae\u7f3a\u9677\u4e0e\u653b\u51fb\u6280\u672f\n<ul>\n<li>\u7f51\u7edc\u63a5\u53e3\u5c42<\/li>\n<ul>\n<li>\u4ee5\u592a\u7f51\u534f\u8bae\uff1a\u660e\u6587\u2014\u2014\u7f51\u7edc\u55c5\u63a2\u4e0e\u534f\u8bae\u5206\u6790<\/li>\n<li>\u4ee5\u592a\u7f51\u534f\u8bae\uff1a\u7f3a\u4e4f MAC \u8eab\u4efd\u8ba4\u8bc1\u2014\u2014MAC \u6b3a\u9a97<\/li>\n<li>PPP \u534f\u8bae\uff1a\u660e\u6587\u2014\u2014\u7f51\u7edc\u55c5\u63a2\u4e0e\u534f\u8bae\u5206\u6790<\/li>\n<\/ul>\n<li>\u4e92\u8054\u5c42<\/li>\n<ul>\n<li>IPv4<\/li>\n<ul>\n<li>\u7f3a\u4e4f IP \u5730\u5740\u8eab\u4efd\u8ba4\u8bc1\u2014\u2014IP \u5730\u5740\u6b3a\u9a97<\/li>\n<li>\u5904\u7406 IP \u5206\u7247\u903b\u8f91\u7684\u9519\u8bef\u2014\u2014IP \u5206\u7247\u653b\u51fb\uff08\u53ef\u7528\u6027\uff09<\/li>\n<\/ul>\n<li>ICMP<\/li>\n<ul>\n<li>ICMP \u8def\u7531\u91cd\u5b9a\u5411\u7f3a\u4e4f\u8eab\u4efd\u8ba4\u8bc1\u2014\u2014ICMP \u8def\u7531\u91cd\u5b9a\u5411\uff08\u5b8c\u6574\u3001\u771f\u5b9e\u6027\uff09<\/li>\n<li>\u5e7f\u64ad\u5730\u5740\u5bf9 Ping \u7684\u653e\u5927\u2014\u2014Ping \u6d2a\u6cdb\u3001Smurf<\/li>\n<\/ul>\n<li>ARP\uff1a\u5e7f\u64ad\u4e14\u65e0\u8ba4\u8bc1\u2014\u2014ARP \u6b3a\u9a97<\/li>\n<li>BGP \u7b49\uff1a\u7f3a\u4e4f\u8f83\u5f3a\u8eab\u4efd\u8ba4\u8bc1\u2014\u2014\u8def\u7531\u6b3a\u9a97<\/li>\n<\/ul>\n<li>\u4f20\u8f93\u5c42<\/li>\n<ul>\n<li>TCP<\/li>\n<ul>\n<li>\u4e09\u6b21\u63e1\u624b\u961f\u5217\u74f6\u9888\u2014\u2014SYN \u6d2a\u6cdb<\/li>\n<li>\u4f1a\u8bdd\u8eab\u4efd\u8ba4\u8bc1\u4e0d\u5b89\u5168\u2014\u2014RST \u653b\u51fb<\/li>\n<li>\u4f1a\u8bdd\u8eab\u4efd\u8ba4\u8bc1\u4e0d\u5b89\u5168\u2014\u2014\u4f1a\u8bdd\u52ab\u6301<\/li>\n<\/ul>\n<li>UDP\uff1aUDP \u6d2a\u6cdb<\/li>\n<\/ul>\n<li>\u5e94\u7528\u5c42<\/li>\n<ul>\n<li>DNS\uff1a\u9a8c\u8bc1\u4e0d\u5b89\u5168\u2014\u2014DNS \u6b3a\u9a97<\/li>\n<li>SMB\uff1aNTLM\u8ba4\u8bc1\u6709\u7f3a\u9677\u2014\u2014SMB \u4e2d\u95f4\u4eba\u653b\u51fb<\/li>\n<li>HTTP\uff1aurl \u660e\u6587\uff0c\u7f16\u7801\u6ee5\u7528\u2014\u2014\u9493\u9c7c\uff1b\u5185\u5d4c\u8fde\u63a5\u6ee5\u7528\u2014\u2014\u7f51\u9875\u6728\u9a6c<\/li>\n<\/ul>\n<\/ul>\n<\/li>\n<li>\u7f51\u7edc\u5c42\u534f\u8bae\u653b\u51fb\n<ul>\n<li>IP \u6e90\u5730\u5740\u6b3a\u9a97<\/li>\n<ul>\n<li>TCP \u521d\u59cb\u5e8f\u5217\u53f7\uff08ISN\uff09\u731c\u6d4b<\/li>\n<li>nmap \u7684 -D \u9009\u9879<\/li>\n<li>Netwox \u5de5\u5177<\/li>\n<li>\u9632\u8303\uff1a\u968f\u673a\u7684 ISN\u3001IPSec\u3001\u907f\u514d\u57fa\u4e8e ip \u4fe1\u4efb\u800c\u662f\u8ba4\u8bc1\u7528\u6237\u8eab\u4efd\u3001\u9632\u706b\u5899\u5165\u7ad9\u51fa\u7ad9\u8fc7\u6ee4\u5185\u7f51\u5730\u5740<\/li>\n<\/ul>\n<li>ARP \u6b3a\u9a97<\/li>\n<ul>\n<li>DSniff \u5957\u88c5\u7684 Arpspoof\u3001arpoison\u3001Ettercap\u3001Netwox 33 \u53f7<\/li>\n<li>\u9632\u8303\uff1a\u9759\u6001\u7ed1\u5b9a ip \u548c mac\uff0c\u7ec6\u5206\u5b50\u7f51\uff0c\u52a0\u5bc6\u6570\u636e\u3001arp \u9632\u706b\u5899<\/li>\n<\/ul>\n<li>ICMP \u8def\u7531\u91cd\u5b9a\u5411\u653b\u51fb<\/li>\n<ul>\n<li>\u672c\u7528\u4e8e\u8def\u7531\u901a\u77e5\u7f51\u7edc\u62d3\u6251\u7684\u6539\u53d8<\/li>\n<li>\u9632\u8303\uff1a\u8bbe\u7f6e\u9632\u706b\u5899\u8fc7\u6ee4<\/li>\n<\/ul>\n<\/ul>\n<\/li>\n<li>\u4f20\u8f93\u5c42\u534f\u8bae\u653b\u51fb\n<ul>\n<li>TCP RST<\/li>\n<li>TCP \u4f1a\u8bdd\u52ab\u6301\uff08\u901a\u5e38\u7ed3\u5408 ARP \u6b3a\u9a97\u8fdb\u884c\uff09<\/li>\n<li>TCP SYN \u6d2a\u6cdb\u62d2\u7edd\u670d\u52a1<\/li>\n<ul>\n<li>\u9632\u8303\uff1aSYN-Cookie\u3002\u5148\u52a8\u6001\u5206\u914d\u8d44\u6e90\uff0c\u8fbe\u5230\u4e00\u5b9a\u6570\u91cf\u540e\u518d\u7528 Cookie<\/li>\n<\/ul>\n<li>UDP \u6d2a\u6cdb\u62d2\u7edd\u670d\u52a1<\/li>\n<li>TCP\/IP \u534f\u8bae\u6808\u653b\u51fb\u9632\u8303<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u7b2c\u516d\u7ae0 \u7f51\u7edc\u5b89\u5168\u9632\u8303\u6280\u672f<\/p>\n<ul>\n<li>\u9632\u706b\u5899\n<ul>\n<li>\u5305\u8fc7\u6ee4<\/li>\n<li>\u57fa\u4e8e\u72b6\u6001\u68c0\u6d4b\u7684\u5305\u8fc7\u6ee4<\/li>\n<li>\u4ee3\u7406\uff1a\u5e94\u7528\u5c42\u4ee3\u7406\u3001\u7535\u8def\u7ea7\u4ee3\u7406\u3001NAT \u4ee3\u7406<\/li>\n<\/ul>\n<\/li>\n<li>\u9632\u706b\u5899\u90e8\u7f72\n<ul>\n<li>\u5305\u8fc7\u6ee4\u8def\u7531\u5668<\/li>\n<li>\u53cc\u5bbf\u4e3b\u5821\u5792\u4e3b\u673a\uff0c\u4f46\u5bf9\u5185\u7f51\u63a7\u5236\u8fc7\u4e8e\u4e25\u683c\uff0c\u81ea\u8eab\u5b89\u5168\u7ef4\u62a4\u590d\u6742<\/li>\n<li>\u5c4f\u853d\u4e3b\u673a<\/li>\n<li>\u5c4f\u853d\u5b50\u7f51<\/li>\n<\/ul>\n<\/li>\n<li>Linux \u7684 netfilter \/ iptables\n<ul>\n<li>filter<\/li>\n<ul>\n<li>INPUT\uff1a\u53d1\u7ed9\u672c\u5730\u534f\u8bae\u6808<\/li>\n<li>OUTPUT\uff1a\u672c\u5730\u534f\u8bae\u6808\u53d1\u51fa\u7684<\/li>\n<li>FORWARD\uff1a\u8def\u7531\u8f6c\u53d1\u7684<\/li>\n<\/ul>\n<li>nat<\/li>\n<ul>\n<li>PREROUTING\uff1a\u672a\u7ecf\u8def\u7531\u9009\u62e9\u7684\u2014\u2014DNAT\u3001NAPT\u7b49<\/li>\n<li>POSTROUTING\uff1a\u5df2\u7ecf\u8def\u7531\u9009\u62e9\u7684\u2014\u2014SNAT\u7b49<\/li>\n<li>OUTPUT\uff1a\u672c\u5730\u534f\u8bae\u6808\u53d1\u51fa\u5373\u5c06\u7684\u5305\u2014\u2014\u672c\u5730\u6570\u636e\u5305DNAT\u7b49<\/li>\n<\/ul>\n<li>mangle\uff08\u7279\u6b8a\u5305\u4fee\u6539\uff09<\/li>\n<ul>\n<li>\u4ee5\u4e0a\u4e94\u4e2a\uff1a\u6240\u6709\u6570\u636e\u5305\u2014\u2014\u7279\u6b8a\u5305\u5305\u5934\u4fee\u6539<\/li>\n<\/ul>\n<li>iptables command<\/li>\n<ul>\n<li>-A: append<\/li>\n<li>-D: delete<\/li>\n<li>-P: policy\uff0c\u7f3a\u7701\u64cd\u4f5c<\/li>\n<li>-N: new chain \u521b\u5efa\u65b0\u94fe<\/li>\n<li>-F: flush \u5220\u9664\u6307\u5b9a\u94fe\u6216\u6240\u6709\u94fe\u7684\u89c4\u5219<\/li>\n<li>-L: list<\/li>\n<\/ul>\n<li>iptables match\uff0c\u591a\u4e2a\u6761\u4ef6\u65f6\u91c7\u7528 \u4e0e \u5173\u7cfb<\/li>\n<ul>\n<li>-i\/-o: \u8fdb\u5165\/\u53d1\u51fa\u7f51\u7edc\u63a5\u53e3<\/li>\n<li>-s\/-d: \u6e90\/\u76ee\u7684\u5730\u5740<\/li>\n<li>-p: \u534f\u8bae<\/li>\n<li>-m: \u7f51\u7edc\u8fde\u63a5\u72b6\u6001<\/li>\n<li>&#8211;sport\/&#8211;dport: \u7aef\u53e3<\/li>\n<\/ul>\n<li>iptables target \u64cd\u4f5c<\/li>\n<ul>\n<li>ACCEPT\uff1a-j ACCEPT<\/li>\n<li>DROP\uff1a-j DROP<\/li>\n<li>REJECT\uff1a-j REJECT  \u4e0d\u4f1a\u5728\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u4e0a\u7559\u4e0b\u6b7b\u5957\u63a5\u5b57\uff0c\u540c\u65f6\u4e5f\u4f1a\u901a\u77e5\u53d1\u9001\u7aef\uff0cdrop \u4e0d\u4f1a<\/li>\n<li>RETURN: -jump RETURN \u505c\u6b62\u904d\u5386\u4f7f\u7528\u9ed8\u8ba4 <\/li>\n<\/ul>\n<li>iptables nat<\/li>\n<ul>\n<li>IP\u4f2a\u88c5\u3001SNAT\u3001DNAT<\/li>\n<\/ul>\n<\/ul>\n<\/li>\n<li>\u7f51\u7edc\u68c0\u6d4b\u6280\u672f\u4e0e\u7cfb\u7edf\n<ul>\n<li>\u5165\u4fb5\u68c0\u6d4b\uff1aHIDS\u3001NIDS<\/li>\n<li>\u5165\u4fb5\u9632\u5fa1\u7cfb\u7edf IPS<\/li>\n<li>\u5f00\u6e90\u7f51\u7edc\u5165\u4fb5\u68c0\u6d4b\u7cfb\u7edf Snort<\/li>\n<\/ul>\n<\/li>\n<li>\u7f51\u7edc\u5b89\u5168\u4e8b\u4ef6\u54cd\u5e94\n<ul>\n<li>\u8ba1\u7b97\u673a\u53d6\u8bc1<\/li>\n<li>\u653b\u51fb\u6eaf\u6e90\u4e8e\u5f52\u56e0<\/li>\n<li>\u5907\u4efd\u6062\u590d<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u7b2c\u4e03\u7ae0 Windows \u64cd\u4f5c\u7cfb\u7edf\u5b89\u5168\u653b\u9632<\/p>\n<ul>\n<li>Windows \u7cfb\u7edf\u548c\u5b89\u5168\u4f53\u7cfb\u7ed3\u6784\u4ecb\u7ecd<\/li>\n<li>Windows \u8fdc\u7a0b\u53e3\u4ee4\u731c\u6d4b\u4e8e\u7834\u89e3\uff08\u4e5f\u6709\u7a83\u542c\uff09<\/li>\n<li>\u653b\u51fb WIndows \u7f51\u7edc\u670d\u52a1\uff0cNetBIOS\u3001SMB \u91cd\u707e\u533a\uff0c\u8fd8\u6709 RPC\u3001IIS \u7b49<\/li>\n<li>\u653b\u51fb WIndows \u5ba2\u6237\u7aef\u53ca\u7528\u6237\uff0c\u672c\u5730\u63d0\u6743\uff0c\u53e3\u4ee4\u7834\u89e3<\/li>\n<li>\u9632\u8303\uff1a\u5173\u95ed\u975e\u5fc5\u8981\u670d\u52a1\u3001\u9632\u706b\u5899\u3001\u5f3a\u53e3\u4ee4\u3001\u7981\u7528\u4e0d\u5b89\u5168\u7684\u534f\u8bae\u3001\u66f4\u65b0\u8865\u4e01<\/li>\n<li>Windows \u9500\u8e2a\u706d\u8ff9\uff1aauditpol \u5173\u95ed\u5ba1\u8ba1\u3001\u6e05\u7406\u4e8b\u4ef6\u65e5\u5fd7\u3001<\/li>\n<\/ul>\n<p>\u7b2c\u516b\u7ae0 Linux \u64cd\u4f5c\u7cfb\u7edf\u5b89\u5168\u653b\u9632<\/p>\n<ul>\n<li>\u8fdc\u7a0b\u53e3\u4ee4\u731c\u89e3\u3001\u6e17\u900f\uff08LAMP\u3001FTP\u3001samba\u3001sendmail\uff09<\/li>\n<li>\u653b\u51fb\u5ba2\u6237\u7aef\u548c\u7528\u6237\uff08\u793e\u4f1a\u5de5\u7a0b\u5b66 \/ \u8f6f\u4ef6\u5206\u53d1\u7ad9\u70b9\uff09<\/li>\n<li>\u653b\u51fb linux \u8def\u7531\u5668\u548c\u76d1\u542c\u5668<\/li>\n<\/ul>\n<ul>\n<li>\u672c\u5730\u5b89\u5168\u653b\u9632\n<ul>\n<li>su \/ sudo \u7a0b\u5e8f\u4e2d\u7684\u6f0f\u6d1e<\/li>\n<li>\u653b\u51fb\u7528\u6237\u6001 SUID \u63d0\u6743\uff1a\u7a0b\u5e8f\u6f0f\u6d1e\u3001\u7f13\u51b2\u533a\u6ea2\u51fa\u3001\u7b26\u53f7\u94fe\u63a5\u3001\u7ade\u4e89\u6761\u4ef6\u3001\u5171\u4eab\u51fd\u6570\u5e93<\/li>\n<li>\u653b\u51fb\u5185\u6838\u4ee3\u7801\u63d0\u6743<\/li>\n<li>shadow \u53e3\u4ee4\u7834\u89e3<\/li>\n<li>\u5229\u7528\u7cfb\u7edf\u914d\u7f6e\u4e0d\u5f53\uff08\u6743\u9650\uff09<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u7b2c\u4e5d\u7ae0 \u6076\u610f\u4ee3\u7801\u5b89\u5168\u653b\u9632<\/p>\n<ul>\n<li>\u75c5\u6bd2\u3001\u8815\u866b\u3001\u6076\u610f\u79fb\u52a8\u4ee3\u7801\u3001\u540e\u95e8\u3001\u6728\u9a6c\u3001\u50f5\u5c38\u7f51\u7edc\u3001\u5185\u6838\u5957\u4ef6\uff08Rootkit\uff09<\/li>\n<li>[\u6076\u610f\u4ee3\u7801\u7c7b\u578b.]\u6076\u610f\u4ee3\u7801\u5bb6\u65cf\u540d\u79f0[.\u53d8\u79cd\u53f7]<\/li>\n<li>\u9759\u6001\u5206\u6790\u6280\u672f\n<ul>\n<li>\u6740\u8f6f\u626b\u63cf<\/li>\n<li>\u6587\u4ef6\u683c\u5f0f\u8bc6\u522b<\/li>\n<li>\u6587\u4ef6\u5185\u5b57\u7b26\u4e32\u63d0\u53d6\u5206\u6790<\/li>\n<li>\u4e8c\u8fdb\u5236\u7ed3\u6784\u5206\u6790<\/li>\n<li>\u53cd\u6c47\u7f16\/\u53cd\u7f16\u8bd1<\/li>\n<li>\u4ee3\u7801\u7ed3\u6784\u4e0e\u903b\u8f91\u5206\u6790<\/li>\n<li>\u52a0\u58f3\u8bc6\u522b\u4e8e\u8131\u58f3<\/li>\n<\/ul>\n<\/li>\n<li>\u52a8\u6001\u5206\u6790\n<ul>\n<li>\u5404\u79cd\u8fdb\u7a0b\u3001\u6587\u4ef6\u3001\u6ce8\u518c\u8868\u76d1\u63a7\uff0c\u8c03\u8bd5\u5668\u6c99\u7bb1\uff0c\u7f51\u7edc\u55c5\u63a2\u5668\uff0c\u865a\u62df\u673a\u7b49<\/li>\n<li>\u57fa\u4e8e\u5feb\u7167\u6bd4\u5bf9<\/li>\n<li>\u7cfb\u7edf\u884c\u4e3a\u76d1\u63a7\uff08\u8fdb\u7a0b\u3001\u6587\u4ef6\u7b49\uff09<\/li>\n<li>\u7f51\u7edc\u76d1\u63a7<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u7b2c\u5341\u7ae0 \u8f6f\u4ef6\u5b89\u5168\u653b\u9632\u2014\u2014\u7f13\u51b2\u533a\u6ea2\u51fa\u548c Shellcode<\/p>\n<ul>\n<li>\u7f13\u51b2\u533a\u6ea2\u51fa\n<ul>\n<li>NSR\u6a21\u5f0f\u3002\u7f13\u51b2\u533a\u8f83\u5927\uff0c\u4ece\u4f4e\u5730\u5740\u5230\u9ad8\u5148\u586b\u5145 nop \u518d\u653e shellcode\uff0c\u6700\u540e\u52a0\u4e0a\u8986\u76d6 ret \u8fd4\u56de\u5730\u5740\u7684\u8df3\u8f6c<\/li>\n<li>RNS\u6a21\u5f0f\u3002\u7f13\u51b2\u533a\u5c0f\uff0c\u4f4e\u5230\u9ad8\u4f9d\u6b21\u662f ret\u3001nop\u3001shellcode<\/li>\n<li>RS\u6a21\u5f0f\u3002\u53ef\u4ee5\u7cbe\u786e\u5b9a\u4f4d\uff0c\u76f4\u63a5\u7531 ret \u8df3\u81f3 shellcode<\/li>\n<li>Windows \u6808\u5730\u5740\u5728 0x0012*** \u9644\u8fd1\uff0c\u4e0d\u50cf linux \u5728 0xc0000000 \u4e0b\uff0c\u6709\u7a7a\u5b57\u8282\u622a\u65ad\u95ee\u9898<\/li>\n<li>windows \u7cfb\u7edf dll \u4e2d\u627e jmp esp<\/li>\n<\/ul>\n<\/li>\n<li>\u5806\u6ea2\u51fa\uff0c\u4e00\u822c\u5229\u7528\u51fd\u6570\u6307\u9488\u6539\u5199\uff08\u8986\u76d6\u76f8\u90bb\u7684\u5168\u5c40\u51fd\u6570\u6307\u9488\uff09\u3001\u865a\u8868\u6539\u5199\u3001\u5806\u7ba1\u7406\u6f0f\u6d1e\uff084\u5b57\u8282\u5185\u5b58\u4efb\u610f\u5199\uff09<\/li>\n<li>\u9632\u5fa1\uff1adep\u3001gs\u3001\u4f7f\u7528\u5b89\u5168\u7684\u5185\u5b58\u51fd\u6570<\/li>\n<\/ul>\n<p>\u7b2c\u5341\u4e00\u7ae0 Web \u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u653b\u9632<\/p>\n<ul>\n<li>\u624b\u5de5\u5ba1\u67e5 Web \u5e94\u7528\u7a0b\u5e8f\u7ed3\u6784\u548c\u6e90\u7801\n<ul>\n<li>\u9759\u6001\/\u52a8\u6001\u9875\u9762<\/li>\n<li>\u76ee\u5f55\u7ed3\u6784\uff0cWhisker \u63a2\u67e5\u7279\u5b9a\u76ee\u5f55<\/li>\n<li>\u8f85\u52a9\u6027\u6587\u4ef6\uff0cCSS JS \u7b49<\/li>\n<li>\u8f93\u5165\u8868\u5355<\/li>\n<li>\u67e5\u8be2\u53c2\u6570\u5b57\u7b26\u4e32<\/li>\n<li>\u9ed1\u5ba2\u89e3\u8c1c\u7c7b\u7f51\u7ad9\uff1aNotPron\u3001Monyer\u3001sqybi \u7b49<\/li>\n<\/ul>\n<\/li>\n<li>\u81ea\u52a8\u4e0b\u8f7d\u3001\u955c\u50cf web \u7ad9\u70b9<\/li>\n<li>Google Hacking \u5ba1\u67e5\u4e0e\u63a2\u6d4b\u300aGoogle Hacking for Penetration Testers\u300b<\/li>\n<li>app \u5b89\u5168\u8bc4\u4f30\u4e0e\u6f0f\u6d1e\u63a2\u6d4b<\/li>\n<li>\u653b\u51fb Web \u670d\u52a1\u5668\u8f6f\u4ef6\n<ul>\n<li>\u6570\u636e\u9a71\u52a8\u7684\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c<\/li>\n<li>\u670d\u52a1\u5668\u529f\u80fd\u6269\u5c55\u6a21\u5757\u6f0f\u6d1e<\/li>\n<li>\u6837\u672c\u6587\u4ef6\u5b89\u5168\u6f0f\u6d1e<\/li>\n<li>\u6e90\u7801\u6cc4\u9732\u6f0f\u6d1e<\/li>\n<li>\u8d44\u6e90\u89e3\u6790\u653b\u51fb<\/li>\n<\/ul>\n<\/li>\n<li>\u653b\u51fb Web app\uff1a\u653b\u51fb\u8ba4\u8bc1\u673a\u5236\u3001\u6388\u6743\u3001\u5ba2\u6237\u7aef\u3001\u547d\u4ee4\u6267\u884c\u3001\u4fe1\u606f\u66b4\u9732<\/li>\n<li>\u653b\u51fb Web \u6570\u636e\u5185\u5bb9\uff1a\u654f\u611f\u6570\u636e\u6cc4\u6f0f\u3001\u7f51\u7ad9\u7be1\u6539\u3001\u4e0a\u4f20\u4e0d\u826f\u4fe1\u606f<\/li>\n<li>\u9632\u8303\uff1a\u5b89\u5168\u7684\u52a0\u5bc6\u534f\u8bae\u3001\u5197\u4f59\u6765\u5e94\u5bf9 ddos\u3001\u9632\u6b62 arp \u6b3a\u9a97\u7b49\u3001\u8865\u4e01\uff1b\u65e5\u5fd7\u5ba1\u8ba1\u3001\u4f7f\u7528\u7a33\u5b9a\u6210\u719f\u7684\u8f6f\u4ef6\u3001\u53ea\u5f15\u5165\u5fc5\u8981\u7684\u52a8\u6001\u9875\u9762\uff1b\u8fd0\u7ef4\u76d1\u63a7<\/li>\n<li>SQL \u6ce8\u5165<\/li>\n<li>XSS \u8de8\u7ad9\u811a\u672c\u3002\u9632\u8303\uff1a\u8f93\u5165\u9a8c\u8bc1\u3001\u8f93\u51fa\u51c0\u5316\u3001\u6d88\u9664\u5371\u9669\u7684\u8f93\u5165\u70b9<\/li>\n<\/ul>\n<p>\u7b2c\u5341\u4e8c\u7ae0 Web \u6d4f\u89c8\u5668\u5b89\u5168\u653b\u9632<\/p>\n<ul>\n<li>\u6d4f\u89c8\u5668\u7684\u53d1\u5c55\u4e0e\u5a01\u80c1<\/li>\n<li>\u7f51\u9875\u6728\u9a6c\uff1a\u9488\u5bf9\u6d4f\u89c8\u5668\u7684\u6e17\u900f\u653b\u51fb<\/li>\n<li>\u7f51\u9875\u6728\u9a6c\u673a\u5236\n<ul>\n<li>\u5185\u5d4c iframe \/ frame \u7b49 HTML \u6807\u7b7e\uff0c\u53ef\u591a\u5c42<\/li>\n<li>\u6076\u610f script \u811a\u672c<\/li>\n<li>\u5185\u5d4c\u5bf9\u8c61\u94fe\u63a5\uff0c\u56fe\u7247\u6216 flash<\/li>\n<li>arp \u6b3a\u9a97\uff0c\u4e2d\u95f4\u4eba\u6302\u9a6c<\/li>\n<li>\u6df7\u6dc6\uff08\u514d\u6740\uff09<\/li>\n<\/ul>\n<\/li>\n<li>\u68c0\u6d4b\u5206\u6790\n<ul>\n<li>\u7279\u5f81\u7801\u5339\u914d<\/li>\n<li>\u7edf\u8ba1\u4e0e\u673a\u5668\u5b66\u4e60\u7684\u9759\u6001\u5206\u6790\uff0c\u672c\u8d28\u4e5f\u662f\u7279\u5f81\u68c0\u6d4b<\/li>\n<li>\u52a8\u6001\u884c\u4e3a\u7ed3\u679c\u5224\u5b9a<\/li>\n<li>\u57fa\u4e8e\u6a21\u62df\u6d4f\u89c8\u5668\u73af\u5883\u7684\u52a8\u6001\u5206\u6790<\/li>\n<\/ul>\n<\/li>\n<li>\u7f51\u7edc\u9493\u9c7c\n<ul>\n<li>IDN \u6b3a\u9a97\u6280\u672f\uff0cunicode \u7f16\u7801\u7684 url<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u7b2c\u4e00\u7ae0 \u7f51\u7edc\u653b\u9632\u6280\u672f\u6982\u8ff0 \u53d1\u5c55\u5386\u53f2\uff0c\u4e8b\u4ef6 \u57fa\u7840\u6280\u672f\u4f53\u7cfb\u6846\u67b6\uff1aWeb \u5b89\u5168\u653b\u9632\uff08\u70ed\u70b9\uff09 \uff08\u4e3b\u8981\u5185\u5bb9\uff09 \u7cfb\u7edf\u5b89\u5168\u653b&#8230; <\/p>\n<div class=\"read-more navbutton\"><a href=\"https:\/\/flandre-scarlet.moe\/blog\/1795\/\">\u9605\u8bfb\u66f4\u591a<i class=\"fa fa-angle-double-right\"><\/i><\/a><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[174],"tags":[201],"class_list":["post-1795","post","type-post","status-publish","format-standard","hentry","category-book-notes","tag-201"],"_links":{"self":[{"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/posts\/1795","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/comments?post=1795"}],"version-history":[{"count":5,"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/posts\/1795\/revisions"}],"predecessor-version":[{"id":1800,"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/posts\/1795\/revisions\/1800"}],"wp:attachment":[{"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/media?parent=1795"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/categories?post=1795"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/flandre-scarlet.moe\/blog\/wp-json\/wp\/v2\/tags?post=1795"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}