IntroducedThe black box penetration test means that the white hat is ignorant of the target network. Simulate hackers attacking the network and get sensitive information. Further, explore the intranet, identify vulnerabilities in the intranet, through the vulnerability to access the network of important resources.ObjectiveIn this article, we assume that the white hat does not know any information about the
This router does not support static domain name resolution services because the intranet has changed routers. So you can only set up a DNS service yourself.The DNS server software chooses bind, and directly yum installs bind on-line. The other two package bind-libs,bind-utils are updated directly:Yum-y Install bindThe installation process is not released.After loading, configuration file:/etc/named.conf (no bind-chroot, can increase security, but the
good job of network secrecy, and do a good job of relevant response to local conditions.In a number of security incidents, such as CSDN account leaks, Sony confidential data leaks, intranet leaks become an important way to reveal the current leaks. This is mainly rooted in the enterprise in the continuous improvement of firewalls, intrusion detection and external threat protection mechanism, often neglect the security of the
During the software development testing process, we often meet the need for site deployment testing or to demonstrate such requirements to customers. The usual practice is to apply for a domain name and space, put the site on the outside to show customers.
This method is really feasible, but there will be two points, the first is to increase the expenditure, the second is the problem needs now their own computer to change the bug re-upload to the outside network.
So the question comes, is th
There are two of Ali's services, one A has assigned an extranet IP, and the other B does not, how to let B with a to achieve the Internet?Handled as followsOn Server AIP tunnel Add i2o mode IPIP remote B local A---here A, B are intranet addressesIfconfig i2o 192.168.2.1 netmask 255.255.255.0On the B serverIP tunnel Add i2o mode Ipip remote a local B---here both A and B are intranet addressesIfconfig i2o 192
Recently, when discuzx2.5 was used, when the cloud platform was activated, "calling remote interfaces failed. Please check whether your server is in the intranet and the firewall of your server". The detection results are all normal,: However, when activating the service, "calling the remote interface failed. Please check whether your server is in the intranet or
Recently usedDiscuzDuring the x2.5 process,
SQL Injection by China Guodian's two companies causes getshell to be updated with patches (involving Intranet Security)
Intranet Security
http://60.13.13.239:8080/yyoa/
Http: // 60.13.13.239: 8080/yyoa/common/js/menu/test. jsp? DoType = 101 S1 = select % 20 database ()
No. @ basedir1D: \ Program Files \ UFseeyon \ OA \ mysql \ bin \..\
For more information about the shell method, see
WooYun: a bloody case
Huatu education has a vulnerability that kills 21 database servers in the intranet and involves millions of users.
Seckilling 21 database servers on the Intranet. The affected sites include but are not limited to: face-to-face, online schools, books, famous teachers, jobs, live broadcasts, libraries, etc. The affected data includes but is not limited: user Data and order data. The data includes various acco
Airline security: Getshell may affect the security of multiple hosts on the intranet due to a system vulnerability in Sichuan Airlines
The shell process is rugged.
Axis2 default password and can execute system commandsIt was discovered that it was already done by our predecessors.Http: // **. **: 8080/axis2/services/Cat/exec? Cmd = whoami
This person tried to write shell in various poses and probably did not write it.I also tried it for a lon
work often encounter, some customers do some network applications in debugging often need to break the network operation, but manufacturers provideIpmiaddress are intranet, the work of the springboard machine and do not want to give customers the use, this time can only use the public network provided by the manufacturerIPMIFeature , this feature requires the customer to provide localIP, and then on the function panel,IPMIintranet address and customer
The children in a group need to check online and help to write it out. Use for and ping to Detect Intranet hosts online. The results are as follows:
The Code is as follows:
@ Echo offEcho batch processing detection Intranet host BY: dedicated waitFor/l % a in (1, 1, 10) do (Ping 172.16.15.% a-n 1> nul echo 172.16.15.% a online | echo 172.16.15.% a offline)Pause> nul
If you want to write online and offli
Shanda's website source code leaks. Getshell goes directly to the Intranet.
Git leaks, causing source code to be downloaded to the http://minigame.sdo.com/taojin/.git/config
Here, we will not describe the specific vulnerability exploitation details too much.I looked at the source code and found that any file was uploaded.Upfile. php
After the upload is successful, the output server is on the Intranet.
#
A Baidu WebShell from SSRF to Intranet
All stories start with a simple SSRF...
1. An SSRFHttp://apistore.baidu.com/astore/toolshttpproxy
Full functionality, including get post or something.2. Intranet DetectionFirst, obtain some Intranet ip addresses from dns brute-force attacks, and then write a script for detection.Test script
# Encoding = utf-8import httplibi
Midea's sales company's bar code system (formal environment) has command execution. Getshell can roam more than 50 machines through the Intranet.
Sales Company barcode System (official environment)
Http://rdbcs.midea.com.cn: 8000/
JAVA deserialization VulnerabilityGet shellHttp://rdbcs.midea.com.cn: 8000/uddiexplorer/css. jsp
More than 50 machines in the Intranet can be detected again
Mor
Tags: Intranet address
100.64.0.0/10 Intranet reserved segment, used for carrier-level NAT (cgn). For details, see RFC April 2012 published on April 9, 6598.
The public IP address in Jiangsu is not enough. This IP address has been used for allocation to users this year.
Http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
100.64.0.0/10 is the addr
I. symptom
The Intranet router is a DHCP server by default and provides the DHCP service. There are five network segments below. Suddenly, the IP addresses obtained by the hosts in the four network segments one day are not the IP address segments allocated by the Intranet route, as a result, hosts with 4 CIDR blocks accessing the Internet through DHCP cannot automatically obtain reasonable IP addresses.
Ii.
The following shows how to map Intranet bots so that we can connect to them.
Here I already have a shell. As for the Shell Process, let's leave it alone. Let's see if it's an intranet...
IP address ......: 192.168.1.106Subnet Mask ......: 255.255.255.0Default Gateway ......: 192.168.1.254No problem. It's the Intranet. Check whether the terminal is enabled. Here I
The feature is used for the extranet client to connect to the intranet of MySQL, which installs the tool on the staging server. software version mysql-proxy-0.8.1-linux-rhel5-x86-64bit.tar.gz simple configuration process after decompression there are 5 directories bin include Lib Libexec share into the bin directory, View Mysql_proxy use Help [[email protected] bin]#./mysql-proxy--help-allusage:mysql-proxy [OPTION ...]-MySQL proxy assist Opti
But the hands of the school has a few domain name resolution of the server (but it should be with VMware to do VPs, and so on, and then the relevant domain name to be resolved to have extranet IP reverse proxy server, and then through the reverse proxy Server squid distributed to the intranet)So one day whim, through the Apache pseudo static +proxy curve to save the nation visit Git server, after a variety of attempts to finally succeedYou can move ht
Network configuration file Settings: http://www.cnblogs.com/LJ-fish/archive/2010/05/17/1737674.html
There are many places to work with Ubuntu iptables , such as: intranet Port mapping
1. System Environment
Intranet Two servers:
A 172.16.119.128
B 172.16.119.129
You want to map the 80 port of a machine to the 8013 port of the B machine.
2. Set Steps
2.1./etc/sysctl.conf Configuration file Modification
Del
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.