8.2.1 Ettercap工具
root@kali:~# locate etter.conf
/etc/ettercap/etter.conf
/usr/share/man/man5/etter.conf.5.gz
root@kali:~# vi /etc/ettercap/etter.conf
[privs]
ec_uid = 0 # nobody is the default
ec_gid = 0 # nobody is the default
……
#---------------
# Linux
#---------------
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
root@kali:~# ettercap -G
8.2.2 使用MSFCONSOLE分析密码
root@kali:~# msfconsole
msf >
msf > use auxiliary/gather/search_email_collector
msf auxiliary(search_email_collector) >
msf auxiliary(search_email_collector) > set DOMAIN gmail.com
domain => gmail.com
msf auxiliary(search_email_collector) > set outfile /root/Desktop/fromwillie.txt
outfile => /root/Desktop/fromwillie.txt
msf auxiliary(search_email_collector) > run
[*] Harvesting emails …..
[*] Searching Google for email addresses from gmail.com
[*] Extracting emails from Google search results…
[*] Searching Bing email addresses from gmail.com
[*] Extracting emails from Bing search results…
[*] Searching Yahoo for email addresses from gmail.com
……
[*] rasvin.247@gmail.com
[*] read.jeff@gmail.com
[*] restore.adore@gmail.com
[*] rhetoricguy@gmail.com
[*] sammy@gmail.com
[*] signaturetitleservices@gmail.com
[*] smplustb@gmail.com
[*] starfyi@gmail.com
[*] taylorhansson@gmail.com
[*] thanhtam.hr@gmail.com
[*] theidleague@gmail.com
[*] tjarkse@gmail.com
[*] toni@gmail.com
[*] user@gmail.com
[*] vintageheadboards@gmail.com
[*] vlyubish270@gmail.com
[*] webuyrarebooks@gmail.com
[*] yavmamemogames@gmail.com
[*] yoyonorfcack@gmail.com
[*] Writing email address list to /root/Desktop/fromwillie.txt…
[*] Auxiliary module execution completed
8.2.3 哈希值识别工具Hash Identifier
HASH: 6bcec2ba2597f089189735afeaa300d4
Possible Hashs:
[+] MD5
[+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))
Least Possible Hashs:
[+] RAdmin v2.x
[+] NTLM
[+] MD4
[+] MD2
[+] MD5(HMAC)
[+] MD4(HMAC)