·¢²¼Ê±¼ä:2020-08-28 08:30:53 ÎÄÕÂÀ´Ô´:ÓêÁÖľ·çϵͳÏÂÔØ ×÷Õß: ³ÌÐòÔ³VB½ã
ÖÐÎÄ;°´Del¼üÔËÐÐ(BIOS)ÉèÖÃ
»³ÒÉÓв¡¶¾£¬Óø÷ÖÖɱ¶¾Èí¼þ·´¸´¼ì²é¶¼Ã»Óз¢ÏÖ²¡¶¾
×îºó»á³öÏÖÒ»¸öÄã¾õµÃ×îÊʺϵÄÏÔʾÅäÖô°¿Ú£¬ÓêÁÖľ·çwin7ϵͳ32룬¹´Ñ¡“ÆôÓÃClearType”£¬ÔÙµã»÷Íê³É
×¢£ºÈç¹ûÄú¿´µ½µÄÆÁÄ»·Ö±æÂÊ´°¿ÚÊÇ»ÒÉ«µÄ£¬¶øÎÞ·¨µ÷Õû²é¿´×¢²áÉ̱ê±êʶ£ºÕýÆ·½ðÊ¿¶ÙµÄ×¢²áÉ̱ê“R”µÄÖÜΧÇå³þµÄÓ¡ÓÐÓÉ"KINGSTON"Ó¢ÎÄ×Öĸ×é³ÉµÄԲȦ£¬¶ø¼Ù»õÔòÃ÷ÏÔºúÂÒ·ÂÖƵÄÒ»¸öÔ²¿ò¶øÒÑ¡£»¹ÓÐÒ»µã£¬×Ðϸ¹Û²ì±êÇ©ÄÚ²¿µÄˮӡ£¬¼ÙÄÚ´æˮӡºÍKINGSTON×ÖÌåÏνӴ¦¶¼ÓÐÃ÷ÏԵĺۼ££¬Ö¤Ã÷ÊǺóÓ¡Ë¢µÄ£¬ÓêÁÖľ·çwin10ϵͳ°²×°½Ì³ÌuÅÌ£¬ÕâÔÚÕýÆ·½ðÊ¿¶ÙÄÚ´æÖÐÊDz»»á³öÏֵġ£
Win10¸ü¸ÄÅÌ·ûÃû³ÆÌáʾ“ÐèÒª¹ÜÀíԱȨÏÞ”Ôõô°ì£¿Õý³£Çé¿öÏ£¬ÎÒÃÇ¿ÉÒÔËæÒâÐ޸ļÆËã»úÅÌ·ûµÄÃû³Æ£¬µ«ÊÇ×î½üһλWin10Óû§ÔÚÐÞ¸ÄÅÌ·ûÃû³Æʱ£¬ÏµÍ³Ìáʾ“ÐèÒªÌṩ¹ÜÀíԱȨÏÞÀ´ÖØÃüÃû´ËÇý¶¯Æ÷”£¬Õâ¸ÃÔõô°ìÄØ£¿ºÜ¼òµ¥£¬ÎÒÃÇÖ»ÒªÉèÖÃÏÂȨÏÞ¼´¿É·½·¨Èý£¬ÓêÁÖľ·çwin10ÊÇÕý°æÂð£¬Òþ²ØÅÌ·ûºÍ½ûÖ¹²é¿´(ÊÊÓÃÓÚWindowsϵͳ)
¹¦ÄÜÌØÐÔ
ÄÚ½¨smbÈÏÖ¤·þÎñÆ÷,Ö§³ÖµÄ·¶Î§: Windows 95 µ½ Server 2012 RC, Samba ÒÔ¼° Mac OSX Lion,¸Ã¹¦ÄÜ»áĬÈϱ»ÆôÓÃ,¿ÉÒÔÓÃÀ´½Ø»ñhash À´ÓÃÓÚsmb relay¹¥»÷
ÄÚ½¨mssqlÈÏÖ¤·þÎñÆ÷.¶Ôwindows°æ±¾¸ßÓÚwindows ÖØ×°win7ϵͳ usb²»ÄÜÓà VistaµÄ»úÆ÷ʹÓÃ-rÑ¡Ïî À´Öض¨ÏòmssqlÈÏÖ¤µ½¸Ã¹¤¾ß,ÔÚWindows SQL Server 2005 & 2008 Éϳɹ¦²âÊÔ.
ÄÚ½¨httpÈÏÖ¤·þÎñÆ÷,¶Ôwindows°æ±¾¸ßÓÚwindows VistaµÄ»úÆ÷ʹÓÃ-rÑ¡ÏîÀ´Öض¨ÏòhttpÈÏÖ¤µ½¸Ã¹¤¾ß.³É¹¦ÔÚ IE 6 µ½ IE 10, Firefox, Chrome, Safari.²âÊÔ
ÄÚ½¨httpsÈÏÖ¤·þÎñÆ÷,¶Ôwindows°æ±¾¸ßÓÚwindows VistaµÄ»úÆ÷ʹÓÃ-rÑ¡Ïî À´Öض¨ÏòhttpsÈÏÖ¤µ½¸Ã¹¤¾ß certs/ Ŀ¼ÏÂÓÐÁ½¸öĬÈϵÄÖ¤Êé.
ÄÚ½¨LDAPÈÏÖ¤·þÎñÆ÷,¶Ôwindows°æ±¾¸ßÓÚwindows VistaµÄ»úÆ÷ʹÓÃ-rÑ¡Ïî À´Öض¨ÏòLDAPÈÏÖ¤µ½¸Ã¹¤¾ß
ÄÚ½¨FTP, POP3, IMAP, SMTP ·þÎñÆ÷ÓÃÓÚÊÕ¼¯Ã÷ÎĵÄƾ¾Ý.
ÄÚ½¨DNS ·þÎñÆ÷.ÓÃÀ´ÏìÓ¦ AÀàÐͲéѯ,ÅäºÏarpÆÛƹ¥»÷¾Í·Ç³£À÷º¦ÁË.
ÄÚ½¨ WPAD ´úÀí·þÎñÆ÷.¸ÃÄ£¿é»áץȡÍøÂçÖеÄÊý¾Ý°ü,È»ºóÕÒµ½¿ªÆôÁËAuto-detect settingsµÄieä¯ÀÀÆ÷,È»ºóÏòËû×¢ÈëPAC½Å±¾¾ßÌå¿ÉÒÔ¿´Responder.conf.
Browser Listener ÔÚÒþÉíģʽÏÂÕÒÖ÷Óò¿Ø
Ö¸ÎÆʶ±ðÄ£¿é ʹÓà -f ±êÇ©ÆôÓÃ,Ëû»á×Ô¶¯Ê¶±ðʹÓÃµÄ LLMNR/NBT-NS²éѯµÄÖ÷»úÖ¸ÎÆ.
IcmpÖض¨ÏòÄ£¿é python tools/Icmp-Redirect.py ÔÚWindows XP/2003ÒÔ¼°¸üÔç°æ±¾µÄÓò³ÉÔ±À´½øÐÐÖмäÈ˹¥»÷,Ò»°ãÅäºÏ DNS ·þÎñÆ÷Ä£¿éÀ´Ê¹ÓÃ.
Rogue DHCP Rogue DHCP
·ÖÎöģʽ ʹÓÃÕâÖÖģʽÄã¿ÉÒԲ鿴ûÓо¹ýÈκζ¾»¯µÄNBT-win7ϵͳµÄ¾µÏñÎļþ»Ö¸´µ½ÐÂÓ²ÅÌNS, BROWSER, LLMNR, DNSÇëÇóµÄÕæʵÐÎ̬.ͬʱ¿ÉÒÔ±»¶¯µÄÓ³ÉäÄÚÍøµÄÍØÆË,ͬʱ¿ÉÒԲ鿴ÊÇ·ñ¿ÉÒÔ½øÐÐicmpÖض¨Ïò¹¥»÷.
SMBRelayÄ£¿é Õë¶ÔÌض¨µÄÓû§Ê¹ÓÃÆäƾ¾ÝÖ´ÐÐÎÒÃǶ¨ÒåµÄÃüÁî
ÈÕÖ¾¼Ç¼
ËüËùÓÐ×¥µ½µÄhash¶¼»á±»´òÓ¡µ½±ê×¼Êä³ö½Ó¿ÚÉÏͬʱ»áÒÔÏÂÃæµÄ¸ñʽ´æ´¢.
(MODULE_NAME)-(HASH_TYPE)-(CLIENT_IP).txt
ÈÕÖ¾ÎļþλÓÚ logs/ Ŀ¼ÏÂ,ËùÓеĻ¶¼»á¼Ç¼µ½ Responder-Session.log ,·ÖÎöģʽϵÄÈÕÖ¾±£´æµ½ Analyze-Session.log, ¶¾»¯Ä£Ê½ÏµÄÈÕÖ¾±£´æµ½ Poisoners-Session.log.ͬʱËùÓÐ×¥µ½µÄhash¶¼»á´æ´¢µ½ÎÒÃÇÔÚResponder.confÖÐÅäÖõÄsqliteÊý¾Ý¿âÖÐ.
Ñ¡Ïî
--version show program's version number and exit
-h, --help show this help message and exit
-A, --analyze Analyze mode. This option allows you to see NBT-NS,
BROWSER, LLMNR requests without responding.
-I eth0, --interface=eth0
Network interface to use
-b, --basic Return a Basic HTTP authentication. Default: NTLM
-r, --wredir Enable answers for netbios wredir suffix queries.
Answering to wredir will likely break stuff on the
network. Default: False
-d, --NBTNSdomain Enable answers for netbios domain suffix queries.
Answering to domain suffixes will likely break stuff
on the network. Default: False
-f, --fingerprint This option allows you to fingerprint a host that
issued an NBT-NS or LLMNR query.
-w, --wpad Start the WPAD rogue proxy server. Default value is
False
-u UPSTREAM_PROXY, --upstream-proxy=UPSTREAM_PROXY
Upstream HTTP proxy used by the rogue WPAD Proxy for
outgoing requests (format: host:port)
-F, --ForceWpadAuth Force NTLM/Basic authentication on wpad.dat file
·ÀÆ»¹ûwin7ϵͳͨ¹ýÉÏÊöµÄ²Ù×÷²½Ö裬¾Í¿ÉÒÔ½«±Ê¼Ç±¾Á¬½ÓÎÞÏß´òÓ¡»úÀ´´òÓ¡Îļþ¡£ ·½·¨¶þ¡¢Í¨¹ýרÃŵÄÈí¼þ½«¹²ÏíÎļþ½øÐÐÌØÊâ¸ñʽת»»ºÍ±£»¤£¬´Ó¶ø´ïµ½×èÖ¹¸´Öƹ²ÏíÎļþ¡¢½ûÖ¹¿½±´¹²ÏíÎļþµÄ¹¦ÄÜ¡£
4¡¢µçÄÔÂòÁ˶à¾ÃÁË£¬ÒÔÇ°ÓÐÕâÑùµÄÇé¿öÂð¡£
±¾ÎÄÊôÓÚÔ´´ÎÄÕ£¬ÈçÈôתÔØ£¬Çë×¢Ã÷À´Ô´£ºÓêÁÖľ·çϵͳÏÂÔØ¡£ÎÒÃDZ¾ÎÄ»°Ìâ¾ÍÊÇ£ºÂå½ðuÅÌװϵͳ²½Öèͼֽ´¿¾»µÄÅÌÖÆ×÷¹¤¾ß£¬ÒÔÉϵÄÈ«²¿ÄÚÈݲ»´ú±í±¾Õ¾µãÆÀ,½ö´Ë²Î¿¼£¬ÏëÒªÁ˽â¸ü¶à£¬Çë¹Ø×¢±¾ÎÄ×÷Õß:³ÌÐòÔ³VB½ã,Ó¦Óо¡ÓС£