longas 发表于 2007-12-25 15:18

[原创]无线渗透--从外网到内网系列之在线密码破解

<p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;">[原创]无线渗透--从外网到内网<font color="#ff0000">系列1---</font>在线密码破解</span></strong></p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font size="3"><p><font size="3"><span><font face="宋体">文</font></span><span lang="EN-US" style="FONT-FAMILY: Arial;">/</span><span><font face="宋体">图作者:</font></span></font><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-SIZE: 13.5pt; COLOR: rgb(51,102,255); FONT-FAMILY: Arial;">ChristopherYang</span></strong><strong><span lang="EN-US" style="FONT-SIZE: 13.5pt; COLOR: rgb(60,114,196); FONT-FAMILY: Arial;">
                                                </span></strong><strong><span lang="EN-US" style="FONT-SIZE: 13.5pt; FONT-FAMILY: Arial;">[</span></strong><strong><span lang="EN-US" style="FONT-SIZE: 15pt; COLOR: rgb(51,102,255); FONT-FAMILY: Arial;">ZerOne</span></strong><strong><span lang="EN-US" style="FONT-SIZE: 13.5pt; FONT-FAMILY: Arial;">]</span></strong><span lang="EN-US" style="FONT-FAMILY: Arial;"><br/><br/><br/>
                                                <p></p></span></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p><span style="FONT-SIZE: 13.5pt; COLOR: rgb(56,9,247); FONT-FAMILY: 宋体;">---转载请注明作者及出处,谢谢</span></p></font></span></strong><p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font size="3">写在前面的话:</font></span></strong></p><p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font size="3">    我这个人有些习惯,就是在有些事情没有结果之前,不喜欢说得太多。好比在今年《黑客防线》第11期和第12期上连续刊登的<font face="Arial">WEP破解以及WPA</font>破解文章,那都是8、9月投的稿件,在等待了很长时间后终被刊登,所以之前在坛子里我什么也没说,何况当时甚至还不是版主。<font color="#1a94e6">这里再次感谢Tange的支持和邀请。</font></font></span></strong></p><p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font size="3">    其实很多文章很早就写好了,从<font face="Arial">WPA2破解、预共享密钥破解、WPA线速破解、攻击RADIUS服务器、跨网渗透、无线D.O.S等等,因为想出本既专业又易懂的无线黑客书籍,所以并没有在论坛里贴出,虽然论坛里有些人已经看过了一些未发表的。请大家原谅,并请期待这本已经完成的书出版。</font></font></span></strong></p><p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font face="Arial" size="3">最近看到坛子里其实充斥着一股并不稳定的气氛,觉得有些许遗憾:似乎主要技术都反复围绕着WEP和WPA破解,难道就没有人研究得或者可以交流得更深一点么?对BackTrack2就只是局限于无线破解么?.....多少令人庆幸的是,等待了大半年,终于有人提及了tables,呵呵,期待更多。</font></span></strong></p><p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font color="#ff0000" size="3">所以,从今天起,我将以一周一帖的方式从简入深地发布这些技术,扩展大家的思维,希望给更多人带来无线安全意识。<font color="#000000">本帖将不设置为回复可看帖,没意思。若你觉得学到东西了,就请支持顶一下鼓励。若有不同意见,也请回帖提出。下面这篇是给新手的。</font></font></span></strong></p><p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font size="4">无线渗透--在线密码破解</font></span></strong></p><p><strong><span style="FONT-SIZE: 18pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"></span></strong><font size="3"><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">一旦黑客获取到</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">WEP</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">或者</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">WPA</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">加密密码,就可以配置自己的网卡来连接目标无线接入点,换句话说,也就渗透到目标内网,从而可以进行进行多种多样的深入攻击。而作为受害者,很难发现攻击的来源,甚至无法察觉攻击的出现。</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">
                                        <p></p></span></strong></font></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p><font size="3"><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">这里我们先来看看在连接到对方内网后,黑客们是如何对</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Windows</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">系统的帐户密码进行在线破解的步骤。我们以之前提及的</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">BackTrack2</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">为环境进行。</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">
                                        <p></p></span></strong></font></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><pre><font size="3"><strong><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">Hydra</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">,由著名黑客组织</span></strong><span lang="EN-US" style="FONT-FAMILY: Verdana;">THC</span><font face="宋体">出品的一款</font><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">可以根据需要对</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">SMB</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">、</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">SSH</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">、</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">SMTP</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">、</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Telnet</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">、</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">SQL</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">、</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">FTP</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">等各</span></strong></font><font size="3"><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">类主流服务进行在线密码尝试攻击的工具,有</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">windows</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">和</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Linux</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">两个版本。在其官方主页上只有一句评价:</span></strong></font><font size="3"><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">“</span></strong><span lang="EN-US" style="FONT-FAMILY: Verdana;">A very fast network logon cracker which support many different services</span><font face="宋体">”。</font></font></pre><p><font size="3"><strong><span style="FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">步骤</span></strong><strong><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">1</span></strong><strong><span style="FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">:</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">进入到</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">BackTrack2<span style="mso-spacerun: yes;">
                                        </span>Linux</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">的图形界面,从菜单里依次打开</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">backtrack—Privilege Escalation— PasswordAttacks — PasswordOnlineAttacks</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">,选择</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Hydra</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">的图形版本</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">HydraGTK</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">,在下图</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Single Target</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">中输入攻击内网目标</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">IP</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">。若想同步查看攻击效果,需要点选下方的</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Show Attempts</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">。</span></strong></font></p><p><font size="3"><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;"><br/></span></strong></font><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;"><font size="3"><b style="mso-bidi-font-weight: normal;"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体"></font></span></b></font></span></strong></p><p><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;"><font size="3"><b style="mso-bidi-font-weight: normal;"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">步骤</font></span></b><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">2</span></b><font face="宋体"><b style="mso-bidi-font-weight: normal;"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">:</span></b><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">打开</span></font><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">Passwords</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">栏,在</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">Username</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">里填写预攻击目标帐户,这里<strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">以</span></strong></font></span><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">administrator</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">即管理员帐户为例,</span></strong><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">输入</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">administrator</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">。若不确定目标管理员用户名,也可以编辑用户帐户名文本文件,直接导入即可。</font></span></font></span></strong></p><p><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;"><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体"></font></span></font><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">
                                        <p></p><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">接下来,点选</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">Password List</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">选项,在弹出的浏览窗里选择密码字典文档。</font></span></font></p><p><font face="宋体" size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></font></p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></font><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p></span></span></span></strong></p><p></p><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">接下来,点选</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">Password List</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">选项,在弹出的浏览窗里选择密码字典文档。</font></span></font></p><p><font face="宋体" size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></font></p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></font><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p><p><font size="3"><b style="mso-bidi-font-weight: normal;"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">步骤</font></span></b><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">3</span></b><font face="宋体"><b style="mso-bidi-font-weight: normal;"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">:</span></b><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">打开</span></font><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">Start</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">栏,点击左下角的</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">Start</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">即可开始破解,可以看到在工具观察窗口里会立即显示详细的破解过程。</font></span></font></p><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体"></font></span></font></p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></font><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p><p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体" size="3">根据目标计算机的帐户密码强度不同及字典的设置,破解时间会差距很大。下图为破解成功的界面,黑体字中给出了目标帐户的密码。</font></span></p><p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体" size="3"></font></span></p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">作为功能强大的</font></span><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Hydra</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">,其图形版本</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">HydraGTK</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">继承了全部功能,但个人认为</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Shell</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">下的版本工作更稳定些。</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">
                                                                <p></p></span></strong></font></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p><font size="3"><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">下图为</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Hydra</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">支持的密码攻击服务或协议,甚至包含了一些出名的特定程序。</span></strong></font><br/><br/><br/></p></span></span></span><p></p><p></p><p><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><br/>
                                </span></span></span></p>
[此贴子已经被作者于2007-12-26 16:57:50编辑过]

wlxzy 发表于 2007-12-25 15:58

<p>我是楼主的FANS,顶了再学。</p><p>我从未放弃过深入破解的渴望和学习,只是限于水平,只能跟风而已。我的职业是医生,计算机在我这个专业里只用于门诊叫号,开方开单,开医嘱,还有在内网和外网查一些医疗专业的文献。平时有故障不用我动手(其实管理权限早锁了),技术人员自会来处理。我更没有系统学习过计算机知识,只是感兴趣自己瞎玩玩琢磨的。</p><p>最近工作很忙,来坛子也少了些,记得有个回贴好像说跟着的比喻。</p><p>我更觉得坛子里的高手应该起到革命旗手的作用,但不能指望所有的坛友都个个是旗手,只要能跟上能战斗就可以了。</p><p>革命除了要有旗手冲锋外,还要有更多的普通士兵,这样才能形成潮流,才能取得胜利。</p><p>本回贴是灌水,和技术无关,各位老大觉得不妥的话,删了吧,我不会有意见。</p><p>最后祝各位坛友新年快乐,让我们一起迎接新一年中黑客入侵时代的到来!</p>

longas 发表于 2007-12-25 15:19

<p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">在实际测试中,对于破解目标计算机系统帐户登录密码,</font></span><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Hydra</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">有时候会出现假死的情况,这往往是因为目标计算机采用了安全设置的缘故,比如</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Windows XP</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">的审核策略。所以,黑客们也会使用其它工具来反复尝试,这里我们还是以</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">BackTrack2</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">环境为例。</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">
                                        <p></p></span></strong></font></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p><font size="3"><strong><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">SMB Bruteforcer</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">是一款通过</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">SMB</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">下暴力破解的工具。其攻击效率较之</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">Hydra</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">的</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">SMB</span></strong><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">破解方面更高,并且不会轻易中断,支持破解结果以文本方式输出。</span></strong><strong><span lang="EN-US" style="FONT-WEIGHT: normal; FONT-FAMILY: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;">
                                        <p></p></span></strong></font></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;"><font size="3">下为其参数界面:</font></span></strong></p><p><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;"><font size="3"></font></span></strong> </p><strong><span style="FONT-WEIGHT: normal; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial; mso-bidi-font-weight: bold;"><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">具体攻击命令:</span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">
                                                <p></p></span></font></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><font size="3">smbbf<span style="mso-spacerun: yes;">
                                                        </span>–v<span style="mso-spacerun: yes;">
                                                        </span>–i 192.168.75.35<span style="mso-spacerun: yes;">
                                                        </span>–p wordlist.txt <span style="mso-spacerun: yes;">
                                                        </span>–u user.txt –r out.txt <p></p></font></span></b></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;">参数解释:</span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">
                                                <p></p></span></font></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt;"><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">-v </span></b><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;"><span style="mso-tab-count: 1;">
                                        </span></span><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">设置为过程可见</span><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;"><br/><br/><p></p></span></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt;"><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">-I<span style="mso-spacerun: yes;">
                                                </span>IP<span style="mso-spacerun: yes;">
                                                </span></span></b><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">指定目标</span><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">IP<span style="mso-spacerun: yes;">
                                        </span><br/><br/><p></p></span></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt;"><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">-p<span style="mso-spacerun: yes;">
                                                </span></span></b><b style="mso-bidi-font-weight: normal;"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">文件</span></b><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;"><span style="mso-tab-count: 1;">
                                        </span></span><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">导入预先制作好的密码字典文档</span><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;"><br/><br/><p></p></span></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt;"><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">-u<span style="mso-spacerun: yes;">
                                                </span></span></b><b style="mso-bidi-font-weight: normal;"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">文件</span></b><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;"><span style="mso-tab-count: 1;">
                                        </span></span><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">导入包含用户名的文件</span><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">
                                        <p></p></span></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt;"><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">-r<span style="mso-spacerun: yes;">
                                                </span></span></b><b style="mso-bidi-font-weight: normal;"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">文件</span></b><span lang="EN-US" style="FONT-SIZE: 12pt; FONT-FAMILY: Verdana;">
                                        <span style="mso-tab-count: 1;"></span></span><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';">将破解结果输出至某个文件</span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt;"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';"></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt;"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 宋体; mso-ascii-font-family: Verdana; mso-hansi-font-family: 'Times New Roman';"></span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font size="3">下图为破解中</font></span></p><p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">如下图,经过近</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">2</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">分钟的尝试,成功得到目标主机</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">administrator</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">的登录密码,破解速度为</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">650</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">个</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">/</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">秒。</font></span></font></p><p><font face="宋体" size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></font>   </p><font face="宋体" size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"></span></font><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p><p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font face="宋体" size="3">破解结果也可以保存到文件中,方便直观查看:</font></span></p><p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"><font face="宋体" size="3"></font></span>       </p><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Arial; mso-bidi-font-family: Arial;"></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;"><p></p><p><font size="3"><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">此类破解工具很多,甚至可以针对无线接入点</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">/</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">路由器的登录密码进行在线破解。但由于此处讲述为在破解了</font></span><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">WEP</span><span style="mso-ascii-font-family: Verdana; mso-hansi-font-family: Verdana; mso-bidi-font-family: Arial;"><font face="宋体">加密后的渗透行为之一,这里就不再深入举例。呵呵,本文旨在抛砖引玉,望各位举一反三,必会有所得。</font></span></font></p></span></span></span></span></strong><p><span lang="EN-US" style="FONT-FAMILY: Verdana; mso-bidi-font-family: Arial;">最后: 我是<strong><font size="5"><font color="#000000" size="4">ZerOne安全小组组长 </font><font color="#0066ff">ChristopherYang</font></font></strong>,希望此文可加深大家体会无线安全领域发展形势,如文中有不明或表述有误的地方,恭请指正。<p><strong><font size="4">Wish You Enjoy it !!</font></strong></p></span></p><p><strong><font size="4">Wish You Enjoy it !!</font></strong></p>
[此贴子已经被作者于2007-12-25 20:58:27编辑过]

longas 发表于 2007-12-25 15:20

<p>占位编辑</p><p>晕,上不了图,怎么回事?请大家稍等。</p>
[此贴子已经被作者于2007-12-25 15:38:57编辑过]

roopeman 发表于 2007-12-25 15:27

强!回家去试试!

wlxzy 发表于 2007-12-25 16:13

<p>破解了目标计算机系统帐户登录密码,是否就意味着可以打开其本地硬盘的资料吗?</p><p>如果是的,那不是太可怕了吗?</p><p>BT等黑客系统能否破解网内的管理员权限密码?打个比方说:我单位的局域网,在2000下构建的内网,一般用户权限少得可怜,管理员密码不得而知,我连修改屏幕保护,调整一下桌面都不行,好不容易调出注册表修改了后没几天就被网管发现,远程控制给改了回去,还在桌面上留下一个打开的文档警告我,当时把我气得想直接找上门去和他们干上一架。有没有隐藏好了脱离其远程控制又不影响自己工作的办法?<br/></p>

rickpb1 发表于 2007-12-25 17:06

<p>还是longas强啊,努力学习啊!</p>

liyg 发表于 2007-12-25 17:38

<p>longas老大又一枚重磅炸弹,学习!</p><p></p>

wfhwfh 发表于 2007-12-25 19:04

<p>支持,暴力破解密码原来是这样的</p>

longas 发表于 2007-12-25 20:00

<font face="Verdana" color="#61b713"><b>wlxzy,</b></font>感谢你一直以来的支持。其实是不是专业没有关系,很多时候我们的生活就是因为一个爱好才变得精彩,不是么?我的职业是网络安全顾问,因为我喜欢这个领域,但这并不影响我们大家之间的交流。何况经验告诉我,很多领域其实是相通的,总会有相互借鉴沟通的地方。<br/><br/>比如医院,按照现在的趋势,医院之间联网程度会在短短几年内迅速扩大,无线的普及也会深入到医院的各个角落。而据我所知,真正采取了完善网络防护措施的医院为数极少,经验告诉我们,网络越发达,可利用的地方也就越多。只是由于社会基本道德的约束,国内的黑客们才没有攻击医疗系统,哈,谁也不希望自己在看病的时候刷不了卡,做手术停电吧?<br/><br/>呵呵,最后,对于你所说的环境,若单纯想建立系统级帐户的话,其实有很多方法的,比如建立隐藏的克隆帐户。

上海凯灵电子 发表于 2007-12-25 20:01

<p>longas你真是厉害,我是菜鸟但是我非常爱好无线,我已经在论谈上学习好多让我知道的东西,希望论谈有更加能的人加入请我们菜鸟学习到更加多的知识,谢谢<br/></p>

david98 发表于 2007-12-25 20:10

<p>首先非常感谢LZ的PO文,LZ所PO之文都很经典哦呵呵。而且大部分都是很技术的帖子。论坛因为有了LZ这样的人才才更精彩。</p><p>LZ的文章说了在获得了WEP或WAP后进入内网,并在内网内通过已知的IP地址用BT中的软件暴力破解系统管理员密码。这种方式的成功率取决于字典,一个好的字典取决于你对对方的了解程度。</p><p>赞同5楼的看法,很多旗手都是从普通的士兵慢慢成长的,今天的士兵或许就是明天的旗手。</p><p>回答6楼:获得对方的系统密码之后要注意保护,首先创建隐藏的具有admin权限的隐藏帐号,其次每次登录后记得清理日志文件。再次选择比较好的远程登录方式(现在有很多后门程序可以插入到系统进程里)。</p><p>个人看法,欢迎拍砖</p>
页: [1] 2 3 4 5 6 7 8 9 10
查看完整版本: [原创]无线渗透--从外网到内网系列之在线密码破解