Content Highlights:
Detecting weak passwords
Network port scanning
A weak password detection
1, Joth the Ripper, referred to as JR
A code analysis tool that supports the brute force dictionary
Through the shadow password file analysis, password strength can be detected
Official Website: http: //www.openwall.com/john/
2, installation tools JR
lean system type
John is the main program file
3, the detection weak password account
Get shadow file Linux / Unix servers
John program execution, the shadow file as a parameter
4 brute force, password files
Ready password dictionary file, the default is password.lst
John program execution, combined with --wordlist = dictionary file
a, shared use of the host to mount package john linux at / mnt in
[Root @ localhost ~] # smbclient -L // 192.168.100.3 / query a remote shared a list of target hosts
[Root @ localhost ~] # file path mount.cifs //192.168.100.3/john packages where / mnt mount
smbclient client tools can be very easy to log on to samba server, but only after downloaded to the local file to view the content
Use mount tool mounted to a local shared folder, you can directly use the contents of the shared folder through the local mount point directory, make file sharing easier
b, the package can be expanded john
c, see john-1.8.0 / src
d, install gcc gcc-c ++ compiler software
[Root @ localhost src] # yum instrall gcc gcc-c ++ -y installation package gcc
[Root @ localhost src] # make linux-x86-64 compiler
e、编译后john就成为可执行的脚本文件了,执行john脚本对/etc/passwd /etc/shawod文件进行解析——弱口令检测
[root@localhost run]# ./john /etc/passwd /etc/shadow 使用JR工具对账号文件进行弱口令分析
f、 解析成功,john是依靠字典文件解析的。字典文件收录的越多解析功能越强大。
二、网络端口扫描(远程探测)
1、NMAP
一款强大的网络扫描,安全检测工具
可从centos7.4光盘中安装nmap-6.40-7.el7.x86_64.rpm包
2、NMAP的扫描语法
nmap [扫描类型] [选项] <扫描目标...>
3、常用扫描类型
-sT:TCP 连接扫描:这是完整的 TCP 扫描方式,用来建立一个 TCP 连接,如果成 功则认为目标端口正在监听服务,否则认为目标端口并未开放。
-sU:UDP 扫描:探测目标主机提供哪些 UDP 服务,UDP 扫描的速度会比较慢。
-sP:ICMP 扫描:类似于 ping 检测,快速判断目标主机是否存活,不做其他扫描。
a、安装nmap软件
[root@localhost ~]# yum install nmap -y 安装nmap软件
b、查看本机的tcp,udp端口
[root@localhost ~]# netstat -ntap 查看本机所有tcp端口
[root@localhost ~]# netstat -nuap 查看本机所有udp端口
c、远程监测对外提供的可以被连接的tcp端口服务(127.0.0.1)
[root@localhost ~]# nmap -sT 127.0.0.1 查看对外提供的可以被连接的端口服务
d、安装httpd服务并开启,查看本机是否有80端口httpd服务
[RO OT @ localhost ~] # yum install httpd httpd installation services
[Root @ localhost ~] # systemctl start httpd.service open service
[Root @ localhost ~] # nmap -sT 127.0.01 provide external examination of whether the ports can be linked Web site port 80
e, udp port service (127.0.0.1) can be connected to provide both remote monitoring
[Root @ localhost ~] # nmap -sU 127.0.0.1 provide external view of port services may be connected
f, open probe whether the same network segment host
[Root @ localhost ~] # nmap -sP 192.168.195.0/24 detect all currently open network of 195 host
g: detecting another host (192.168.195.129) open tcp port
[Root @ localhost ~] # systemctl stop firewalld.service landed the host IP 192.168.195.128 off their firewall I
[root@localhost ~]# setenforce 0
[Root @ localhost ~] # nmap -sT 192.168.195.129 detecting another IP host for open tcp port 192.168,195,129