首页 > 其他 > 详细

Fingerprinting

时间:2019-02-10 10:03:56      阅读:157      评论:0      收藏:0      [点我收藏+]

1、 Banner grabbing with Netcat

     Netcat is multipurpose networking tool that can be used to perform multiple information gathering an d scanning tasks with kali linux ,this specific recipe will demonstrate how to use Netcat to acquire service banners in order to identify the service banners eto indetify the service association with open ports on a target system .

     To use the Netcat to grab service banners , on must establish a socket connection to the intended port on the remote system .to quickly understand the usage of the Netcat an how it can be used for thhis purpose ,one can call upon the usage output, we can use the   command  nc -h option : 
 2、the -v opton was used to provide verbose output and the the -n option was used to connnect with the the ip address without DNS resolution ,  we can see the banner returned by the remote host identifies the service as SSH ,the vendor as openSSH,besides , we can use the siminal scan on port 21 of the same the system ,we can easily acqurie service and the version information ot the running TFP service .

 技术分享图片技术分享图片

2、Banner grabbing with Python sockets

       the sockets mouule  in python can be used to connect to network services running on remote ports .     Once can interact directly with remote network service using the python interactive interpreter ,you  can begin use the python interpreter by calling it driectly m in this here ,we can import any specific modules tha you wish to use ,  the specific is as follows :

 技术分享图片

    the AF_INET arguments is used to indicate that the socket   will employed an IPV4 address and the SOCK_STREAM argument is used to indicate that TCP transport will be used ,if an attempt is made to connect to TCP port 443 on the Metasploitable2 system  ,an error will be returned indiciate taht the  connection was refused , because there is no service running on this remote system

3、 use the python script  to connect

技术分享图片

 the python script  what just i note by utilizing the socket library ,the script loops through each of the specified target port address an attempts to initialize a TCP connection with that pratical port ,if a connection is established and a banner is recived from the target service , the banner will then be printed in the output of the script ,of course ,if  a connection cannot be established with the remote port ,the script will then move to the next port address value in the loop.

4、Banner grabbing with Dmitry

       Dmitry is a simple yet streamlined tool that can be used to connect to network services running on remote ports .Dmitry can be used to run a quick TCP ports scan on 150 of the remote commonly used services , this can be done using the -p option:

技术分享图片

Dmitry is  a simple command-line tool that can perform the task of banner grabbing with minimal overhead .Dmitry can streanline the process by only attempting banner grabbing on a small selection of predefined an dcommonly used ports, banners recived from services running on those port address are then returned in the terminal output of the script

5、Banner  grabbing with Nmap NES

     nmap has an intergateed Nmap Script Engrine script that can be used to read banners from network services running on remote ports , we can use the script ,use command --script option in Nmap and then specifiying the name of the descried script , for this particular script a -sT full-connect scan shjould be used as service banners can only be collected when a full TCP conection is established , the script will be applied to the same ports that are scanned by te fellows requests:

  技术分享图片

 Nmap used the banner script to collect the service banner associated with the port , this same technical can be replied to a sequential range of the ports suing the --notation

   the example command :   nmap -sT 192.168.142.182 -p 1-100 --script=banner

6、Banner grabbing with Amap

   Amap is an application-mapping tool that can be used read banners from network services running on remote ports  , The  -B option in Amap can be used to run the application in banner mode , this will have it collect banners for the specific IP address and service ports ,Amap can be used to collect the banner from a single service by specifying the remote IP address and service number :

   技术分享图片

to remove the scan metadata ,we can   use grep the optput for a phrase that is unique to specific output entries and does not exist in the scan‘s metadata . we can use the command :   amap -B 192.168.142.182 1-65535 | grep "on"

 

 

 

  

 

Fingerprinting

原文:https://www.cnblogs.com/xinxianquan/p/10354923.html

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!