1. 环境搭建
一 信息探索
#通过arp找到同网段的目标ip $ sudo arp-scan -I eth0 -l [sudo] password for kali: Interface: eth0, type: EN10MB, MAC: 08:00:27:1d:b7:3b, IPv4: 192.168.56.102 Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan) 192.168.56.1 0a:00:27:00:00:13 (Unknown: locally administered) 192.168.56.100 08:00:27:a2:99:d8 PCS Systemtechnik GmbH 192.168.56.101 08:00:27:25:22:a9 PCS Systemtechnik GmbH 4 packets received by filter, 0 packets dropped by kernel Ending arp-scan 1.9.7: 256 hosts scanned in 2.020 seconds (126.73 hosts/sec). 3 responded
#发现目标ip的端口 ┌──(kali㉿kali)-[~] └─$ sudo nmap -p- 192.168.56.101 Starting Nmap 7.92 ( https://nmap.org ) at 2022-05-01 10:44 EDT Nmap scan report for 192.168.56.101 Host is up (0.00012s latency). Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 80/tcp open http MAC Address: 08:00:27:25:22:A9 (Oracle VirtualBox virtual NIC)