题目
IP配置
网关配置 vmnet8 ens32
- 都勾选
[root@localhost gp]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:10:71:9a brd ff:ff:ff:ff:ff:ff
inet 192.168.21.129/24 brd 192.168.21.255 scope global noprefixroute dynamic ens32
valid_lft 1725sec preferred_lft 1725sec
inet6 fe80::26d7:c1bd:84db:79b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:10:71:90 brd ff:ff:ff:ff:ff:ff
4: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:10:71:a4 brd ff:ff:ff:ff:ff:ff
inet6 fe80::b0b0:4252:8c07:41cd/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@localhost gp]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
[root@localhost gp]# cat /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE=Ethernet
BOOTPROTO=dhcp
NAME=ens32
DEVICE=ens32
ONBOOT=yes
vmnet1配置 ens33
- 可以勾选第一个
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
NAME=ens33
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.1.254
NETMASK=255.255.255.0
DNS1=114.114.114.114
DNS2=8.8.8.8
vmnet2配置 ens34
- 全不勾选
[root@localhost gp]# vim /etc/sysconfig/network-scripts/ifcfg-ens34
[root@localhost gp]# cat /etc/sysconfig/network-scripts/ifcfg-ens34
TYPE=Ethernet
BOOTPROTO=static
NAME=ens34
DEVICE=ens34
ONBOOT=yes
IPADDR=172.16.1.254
NETMASK=255.255.255.0
DNS1=114.114.114.114
DNS2=8.8.8.8
[root@localhost gp]# systemctl restart network
server1 ip 配置
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
NAME=ens33
DEVICE=ens33
ONBOOT=yes
IPADDR=172.16.1.100
NETMASK=255.255.255.0
GATEWAY=172.16.1.254
DNS1=114.114.114.114
DNS2=8.8.8.8
[root@localhost ~]# systemctl restart network
client配置
syslog服务器配置
[root@localhost gp]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
[root@localhost gp]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
BOOTPROTO=static
NAME=ens33
DEVICE=ens33
ONBOOT=yes
IPADDR=172.16.1.200
NETMASK=255.255.255.0
GATEWAY=172.16.1.254
DNS1=114.114.114.114
DNS2=8.8.8.8
[root@localhost gp]#
发送端配置
[root@localhost gp]# cp /etc/rsyslog.conf /etc/rsyslog.conf.bak
[root@localhost gp]# vim /etc/rsyslog.conf
此行为修改内容authpriv.* @@172.16.1.200:514
[root@localhost gp]# systemctl restart rsyslog.service
接收端配置
:fromhost-ip,isequal,"172.16.1.100" /var/log/client_secure/172.16.1.100.log
systemctl restart rsyslog.service
[root@localhost gp]# ss -anptl | grep "514"
LISTEN 0 25 *:514 *:* users:(("rsyslogd",pid=3575,fd=3))
LISTEN 0 25 :::514 :::* users:(("rsyslogd",pid=3575,fd=4))
[root@localhost gp]#
路由转发配置
[root@localhost ~]# vim /etc/sysctl.conf
[root@localhost ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@localhost ~]# grep -v "^#" /etc/sysctl.conf
net.ipv4.ip_forward = 1
服务管理操作
[root@localhost ~]# netstat -anptl | grep "23"
[root@localhost ~]# systemctl list-unit-files | grep "telnet"
telnet@.service static
telnet.socket disabled
[root@localhost ~]# systemctl start telnet.socket
[root@localhost ~]# netstat -anptl | grep "23"
tcp6 0 0 :::23 :::* LISTEN 1/systemd
挂载光盘yum源
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo
[root@localhost yum.repos.d]# mkdir bak
[root@localhost yum.repos.d]# mv * bak
mv: cannot move ‘bak’ to a subdirectory of itself, ‘bak/bak’
[root@localhost yum.repos.d]#
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# vim localDVD.repo
[root@localhost yum.repos.d]# cat localDVD.repo
[localDVD.repo]
name=localDVD
baseurl=file:/misc/cd
gpgcheck=0
[root@localhost yum.repos.d]#
telnet远程连接
telnet IP
ssh登录及爆破
[root@localhost ~]# systemctl list-unit-files |grep "ssh"
anaconda-sshd.service static
sshd-keygen.service static
sshd.service enabled
sshd@.service static
sssd-ssh.service indirect
sshd.socket disabled
sssd-ssh.socket disabled
[root@localhost ~]# systemctl start sshd.service
[root@localhost ~]# netstat -anptl | grep "22"
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 5795/sshd
tcp6 0 0 :::22 :::* LISTEN 5795/sshd
[root@localhost ~]#
配置kali ip
──(kali💋kali)-[~]
└─$ cd /etc/network
┌──(kali💋kali)-[/etc/network]
└─$ sudo vim interfaces
[sudo] password for kali:
┌──(kali💋kali)-[/etc/network]
└─$
ssh爆破
hydra ssh://172.16.1.100 -L /home/kali/tools/wordlists/test_username.dic -P /home/kali/tools/wordlists/top_password.txt -f -vV -e nsr -t 64
题目2
钓鱼网站搭建
-
基于昨天网络拓扑结构配置IP 地址,并实现上外网(SNAT)
-
DHCP 服务配置,自动获取IP
-
DNS 服务搭建,解析www.jd.com 到server 1 上
钓鱼网站相关配置
GW配置
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
[root@localhost ~]# ifdown ens32
Device 'ens32' successfully disconnected.
[root@localhost ~]# ifup ens32
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:10:71:9a brd ff:ff:ff:ff:ff:ff
inet 10.4.7.10/24 brd 10.4.7.255 scope global noprefixroute ens32
valid_lft forever preferred_lft forever
[root@localhost ~]# iptables -t nat -I POSTROUTING -p all -s 0.0.0.0/0 -o ens32 -j SNAT --to-source 10.4.7.10
[root@localhost ~]# iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 1 packets, 70 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
13 904 SNAT all -- * ens32 0.0.0.0/0 0.0.0.0/0 to:10.4.7.10
gw-dhcp配置
[root@localhost ~]# yum install dhcp -y
[root@localhost ~]# cat /etc/dhcp/dhcpd.conf
vim中冒号后使用
:r /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example
将配置文件修改为如图状态
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf
[root@localhost ~]# systemctl list-unit-files |grep "dhcpd.service"
dhcpd.service disabled
[root@localhost ~]# systemctl start dhcpd.service
[root@localhost ~]# systemctl enable dhcpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
[root@localhost ~]# netstat -anptul | grep "dhcp"
udp 0 0 0.0.0.0:67 0.0.0.0:* 7301/dhcpd
gw-dns配置
[root@localhost ~]# yum install bind -y
服务状态并非bind,而是named
[root@localhost ~]# vim /etc/named.conf
此处修改为监听的ip并且注释掉19行
33,34行内容改为no
使用该命令重启服务
[root@localhost ~]# systemctl restart named
验证
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf
[root@localhost ~]# systemctl restart dhcpd
修改dns服务器
重新获取后,dns改变
[root@localhost ~]# vim /etc/named.conf
复制并修改为如图内容
[root@localhost ~]# cd /var/named
[root@localhost named]# cp -a named.empty jd.com.zone
随后编辑文件
[root@localhost named]# vim jd.com.zone
如图所示配置
随后重启服务
[root@localhost named]# systemctl restart named
如图服务端解析位置已经变化
sever端配置
下载httpd服务
[root@localhost ~]# yum install httpd -y
[root@localhost ~]# systemctl start httpd.service
数据库相关配置
sever1数据库配置
[root@localhost ~]# yum install mariadb-server.x86_64 -y
[root@localhost ~]# systemctl list-unit-files | grep mariadb.service
mariadb.service disabled
[root@localhost ~]# systemctl start mariadb.service
[root@localhost ~]# systemctl enable mariadb.service
[root@localhost ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 5.5.56-MariaDB MariaDB Server
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
MariaDB [(none)]> create database bbs default character set utf8;
MariaDB [(none)]> use bbs;
MariaDB [bbs]> create table user(id int(10) not null auto_increment primary key, username varchar(255) not null, password varchar(255) not null, imgpath varchar(255));
MariaDB [bbs]> create table message (id int(10) not null auto_increment primary key, uid int(10) not null, title varchar(255) not null, content varchar(255) not null);
MariaDB [bbs]> insert into user(username,password)values('ajest','123456');
insert into user(username,password)values
('root','123456'),
('admin','123456'),
('gp','123456');
MariaDB [bbs]> insert into message(uid,title,content)values(1,"Hello","My Name is AJEST"),(2,"OK?","Hi,AJEST!How are you?"),(1,"ok!","I'm fine!Thank you!"),(3,"Hello","My Name is admin!");