Vulnerability scanning and reverse osmosis of Internet anti artifact

The Internet is a battlefield without gunpowder , A while ago, I went to the customer's site and found that the springboard machine of the customer was intruded , Then 20 Super simple password servers have been reduced to mining machines . The normal program cannot run and the business is disturbed ！

So today I'd like to talk about leakage and reverse osmosis ！！

In general, the bottom layer of the leakage products on the market is with the help of masscan and nmap To achieve ,masscan comparison nmap It's a lot faster ,masscan Asynchronous transmission mode is adopted , Stateless scanning mode .nmap Need record tcp/ip The state of ,os Can handle TCP/IP The maximum number of connections is 1500 about .

BOGO used it before nmap I wrote a missing script , Can generate execl A script that records a weak password and sends it to a specific mailbox . Wait until you have time ！ Enrich it into a small full stack project and give you an analysis of the underlying principles of implementation .

Then before you can build weapons , I can't take a copy under the fire stick ！ I'll give you a present today AK47 Use it first ！

Start with login and configure ：

Many of them choose default . We only configure this part

The server IP Address segment , If more than one paragraph can be filled in the next line . Support B Segment scan ！

Then we go back to the home page ：

Simple 、 Clean and tidy 、 Dark color magic weapon standard match ~

You can enter the protocol in the search box 、 port 、 service 、IP Wait a series of things for you to find the information you want . I won't list the question mark beside if it helps me ！~

server:ssh It means finding all the open ssh Port server

give the result as follows （ My test environment is two virtual machines ）：

Then we check all the result sets , Then add tasks ：

Then choose... In turn

Then save the execution , There's a task

Then wait a moment , Wait for the little hole to become solid . We click on the task name and we will find that your weak password is exploded directly ！

What about? ？ God is not magical ？ Li is not fierce ？ Then there are more cows X Of ！

In the same way we type server:mysql, And then choose mysql Weak password

According to the performance of your machine , Maybe the accountant will calculate some time and then be knocked away root password .

So what vulnerabilities can it scan ？

Thanks to his plug-in , Some plug-ins are listed above , At present, the total is 71 Modules for penetration testing , And can customize the module and test script cattle X Well ！

In addition to the above scanning method, you can also directly click the name of the plug-in to scan .

After the test, there are various statistical reports ！

Can collect information at one time , It can also be scanned regularly ！

So smart students will ask , On what basis did he break the code ？

ha-ha , That's it ！

you 're right ！ Weak password dictionary ！ But the initial value is only a few dozen ！ How could Bogor just shoot people without bullets ？ Bogor's ready for you 1 Ten thousand weak password dictionaries ！ Just copy and paste in , Then click Update ！