School number 201 721 460 012
Chinese People's Public Security University
Chinese people’ public security university
Network Warfare Technology
experimental report
| experiment one |
| Network Reconnaissance and network scanning |
| student name |
Ding Shuo Pan |
| grade |
2017 |
| District Team |
Region VI team |
| mentor |
Takami teacher |
Institute of Technology and Information Network Security
2017 Nian 7 Yue 7 Ri
Master experimental task
2017-2018 school year, Di Yi semester
First, the purpose of the experiment
1. Deepen and digest this course lectures, review what they have learned through the Internet search techniques, methods and techniques;
2. Understand and are familiar with popular search engines, scan tools, social networking sites and other Internet resources, given the task of searching, correlation, analysis;
3. The purpose of the consolidation of curriculum knowledge and practical application.
Second, the experimental requirements
1. Carefully read the contents of each experiment, we need to capture the title, to be clear screenshots and annotate screenshots and descriptions.
2. Documentation Requirements clear structure, graphic expression accurate labeling specifications. Reasoning was objective, reasonable and logical.
3. Software tools can be used office2003 or 2007, Nmap, and so on.
4. After the experiment, to retain electronic documents.
Third, the experimental procedures
1. ready
Experimental preparation well in advance, should learn more about the purpose of the experiment, test requirements and test content before the experiment, familiar with the software tools and ready with a good experiment, in accordance with the requirements of experimental content and experimental content ready ahead of time.
2. lab environment
Describes the hardware and software environment used in the experiment (including a variety of software tools);
Office2003 boot and start the software or 2007, browsers, scanning software.
3. experiment procedure
1) Start the system and start-up tool environment.
2) realization of experimental content using software tools.
4. experimental report
Write lab reports in accordance with the standard requirements of the test report format. The document prepared in accordance with the format template embedded test report document, the document written in accordance with the provisions of the written format, the form must be said that the graphics have a table Illustrated.
Experimental task (a)
Network Reconnaissance refers to the hackers in order to more effectively carry out attacks and all exploration activities on the target host before the attack or attack the course. Network Reconnaissance sometimes referred to as "check out the location." Usually "Capitol" include the following: the domain name of the target host, IP address, operating system type, open ports, and which ports are running behind these kind of applications, these applications have no loopholes. So how do you collect this information? You can use technology-independent "social engineering", the search engine as well as a scan tool.
Question one:
With Baidu or google search www.ppsuc.edu.cn all pages that contain "network security". (Screenshot attached)
A: alltitle: Network Security www.ppsuc.edu.cn
Question two:
With Baidu or google search for all "Network security" pdf document (attached screenshot)
A: alltle: Network Security filetype: pdf
Question three:
Mary is a professional undergraduate pharmacy, pharmacy has been engaged in professional work, now she would like to obtain a certificate, but the registration conditions required to work for three years. So, what Mary wanted to obtain the certificate. (Please answer and attach screenshots to prove.)
A: licensed pharmacist qualification certificate
Question 4:
June 28 is the birthday of Wang, he was in 2008 enrolled undergraduate Chinese People's Public Security University. In a senior this year to celebrate his birthday, he and his friends watched a birthday that day just released domestically fantasy movie together. In this movie, playing "master of alchemy" role of actor monk who, may I ask what his Buddhist name was that? (Screenshot attached)
answer:
Question 5:
210.31.48.31, IP address belongs to which the unit (A screenshot)
A: The Chinese People's Public Security University
Question six:
In one case, the suspect gained a MAC address: 40-16-9F-4E-7F-B4, please check the MAC address of the manufacturer is (attached screenshot)
A: ps:: analysis using the MAC address //mac.51240.com/
Question seven:
In one case, the suspect gained LAC is 41064, CID is 16811, this person may be in any place? (Screenshot attached)
Question eight:
Getting www.zzz.gov.cn domain name registration, the registrant's email is (attached screenshot)
A: ** [email protected]
Nine on:
By a person's QQ number, from the Internet to expand clues. The network nickname, MSN number and other information.
You can also choose a virtual network identity (QQ, Mail, Tel), virtual identity through the acquisition of other Internet search relevant information. (Please explain the reasoning process, with a search screenshot)
For example: nickname -> Mailbox -> QQ number -> telephone number, name -> Micro channel -> physical address ...................
A: 1, know the premise virtual identity of a phone number, add it into the address book
2, using the Sina microblogging add a friend function, enter the virtual identity from the contacts in the Friends Home
3, at a friend's home page to find the name, constellation, units, registration time, location, etc.
4, in the micro-blog content can be found in recent developments
Question 10:
Please check the IP address and subnet mask of this machine, and scan all surviving host on the segment (with search screenshot) in the LAN
Question 11:
Select a survival IP addresses, scanning open ports (respectively ping scans, syn scan attempt), and query the corresponding common port services and operating system information.
Familiar nmap related commands (search attached screenshot)
Problem 12:
Internet in the laboratory building LAN, scan it, which opens the ftp service machine, which machines opened the Remote Desktop Connection service, along with screenshots to prove.
Problems thirteen:
For full port scan, the port scan program used
参考:
include "stdafx.h"
#include "stdafx.h"
#include "stdio.h"
#include <string.h>
#include <Winsock2.h>
#pragma comment(lib, "ws2_32.lib")
#define DEST_IP "127.0.0.1"
#define DEST_PORT 135
int main()
{
//初始化WinSock
WORD wVersionRequested = MAKEWORD(2,2);
WSADATA wsaData;
if(WSAStartup(wVersionRequested,&wsaData) != 0)
{
printf("初始化WinSock失败!\n") ;
return 0 ;
}
int sockfd,n;
struct sockaddr_in dest_addr;
sockfd = socket(AF_INET, SOCK_STREAM, 0);
dest_addr.sin_family = AF_INET;
dest_addr.sin_port = htons(DEST_PORT);
dest_addr.sin_addr.s_addr = inet_addr(DEST_IP);
//bzero(&(dest_addr.sin_zero));
n=connect(sockfd, (struct sockaddr *)&dest_addr, sizeof(struct sockaddr));
if(n==-1){
printf ( "port is not open");
} the else {
printf ( "open port");
}
}
program:
#include "stdio.h"
#include <string.h>
#include <Winsock2.h>
#pragma comment(lib, "ws2_32.lib")
#define DEST_IP "192.168.31.167"
int main ()
{
// initialize WinSock
WORD wVersionRequested = MAKEWORD(2,2);
WSAData wsaData;
if(WSAStartup(wVersionRequested,&wsaData) != 0)
{
printf ( "Failed to initialize WinSock \ n!");
return 0 ;
}
int sockfd,n;
struct sockaddr_in dest_addr;
sockfd = socket (AF_INET, SOCK_STREAM, 0);
dest_addr.sin_family = AF_INET;
for (int DEST_PORT = 0; DEST_PORT <6335; DEST_PORT ++)
{
dest_addr.sin_port = HTO (DEST_PORT);
dest_addr.sin_addr.s_addr = inet_addr(DEST_IP);
n=connect(sockfd, (struct sockaddr *)&dest_addr, sizeof(struct sockaddr));
if(n==-1){
printf ( "% d is not turned port number \ n", DEST_PORT);}
else
{Printf ( "open port");
} return 0; }
Disclaimer: Any legal disputes that where the violation caused the browser, I will not be responsible!