小白带你了解KaLI Linux2

KaLI Linux2是专业人士所提供的渗透测试和安全审计操作系统。

下载安装

安装目录为https://www.kali.org/downloads/下载Kali Linux2的2017.1版本

需要：20G空间。 需要2G以上内存。通过镜像文件kali-linux-2017.1-i386.iso文件安装。将光盘文件写入到u盘上。通过u盘进行安装。安装和实际安装Linux类似。

在VMware虚拟机安装KaLi Linux

需要VMware Workstation或者是Virtual Box。安装工具网上比较多，这里不再描述。

安全渗透测试的常用模块

socket模块python-nmap模块scapy模块

tcp/ip将网络分成链路层、网络层、传输层、和应用层

ip tcp http 分别位于网络层，传输层和应用层。

socket(family,type[,protocal]) socket实例化

用socket编写简单的服务器和客户端

 提示一个错误：

a bytes-like object is required, not 'str' 用str.encode()进行就可以了。在python3.X以后版本。

serverPython.py的服务器代码为

# -*- coding: utf-8 -*- __author__ = 'kenydachan' import socket s1= socket.socket() s1.bind(("127.0.0.1",12345)) s1.listen(5) while 1: conn,address=s1.accept() print("a new connect from ",address) s="你好，欢迎链接大成简单服务器。" s = s.encode() conn.sendall(s) conn.close()

clientPython.py 客户端代码

# -*- coding: utf-8 -*- __author__ = 'kenydachan' import socket s2=socket.socket() s2.connect(("127.0.0.1",12345)) data=s2.recv(1024) str=data.decode() print("recved:",str) s2.close()

运行，先运行服务器的python代码运行

 的端口。

可以看出clientPython运行可以看到52318代码客户端端口，每次运行都不一样的。

安装python-nmap，检查本机是否安装了nmap工具

python-nmap是Nmap功能的Python模块文件

安装比较简单 直接用sudo pip install python-nmap进行安装

Successfully built python-nmap Installing collected packages: python-nmap Successfully installed python-nmap-0.6.1

 

用nmap编写一个ip地址1-1000的一个扫描器

建立一个会有提示

    os.getenv('PATH') nmap.nmap.PortScannerError: 'nmap program was not found in path. PATH  

根据查看阅读代码中的__init__,可以看出依赖

""" PortScanner class allows to use nmap from python """ def __init__(self, nmap_search_path=('nmap', '/usr/bin/nmap', '/usr/local/bin/nmap', '/sw/bin/nmap', '/opt/local/bin/nmap')): """ Initialize PortScanner module * detects nmap on the system and nmap version * may raise PortScannerError exception if nmap is not found in the path :param nmap_search_path: tupple of string where to search for nmap executable. Change this if you want to use a specific version of nmap. :returns: nothing """ self._nmap_path = '' # nmap path self._scan_result = {} self._nmap_version_number = 0 # nmap version number self._nmap_subversion_number = 0 # nmap subversion number self._nmap_last_output = '' # last full ascii nmap output is_nmap_found = False # true if we have found nmap self.__process = None # regex used to detect nmap (http or https) regex = re.compile( 'Nmap version [0-9]*\.[0-9]*[^ ]* \( http(|s)://.* \)' ) # launch 'nmap -V', we wait after #'Nmap version 5.0 ( http://nmap.org )' # This is for Mac OSX. When idle3 is launched from the finder, PATH is not set so nmap was not found for nmap_path in nmap_search_path: try: if sys.platform.startswith('freebsd') \ or sys.platform.startswith('linux') \ or sys.platform.startswith('darwin'): p = subprocess.Popen([nmap_path, '-V'], bufsize=10000, stdout=subprocess.PIPE, close_fds=True) else: p = subprocess.Popen([nmap_path, '-V'], bufsize=10000, stdout=subprocess.PIPE) except OSError: pass else: self._nmap_path = nmap_path # save path break else: raise PortScannerError( 'nmap program was not found in path. PATH is : {0}'.format( os.getenv('PATH') ) )

需要安装一下nmap，通过brew install nmap

# -*- coding: utf-8 -*- __author__ = 'kenydachan' import nmap nm= nmap.PortScanner() nm.scan('192.168.34.95','1-1000') for host in nm.all_hosts(): print("-----------------") print("host: %s (%s)" %(host, nm[host].hostname())) print("state: %s " % nm[host].state()) print("-----------------") for proto in nm[host].all_protocols(): print("-----------------") print("Protocol: %s" % proto) lport=nm[host][proto].keys() lport.sort() for port in lport: print("port: %s\state: %s" %(port,nm[host][proto][port]['state']))

要扫描修改一下ip地址