Amathuluzi aphezulu ayi-10 okuhlola ukungena
1. Kali Linux
I-Kali ayilona ithuluzi ngalinye. Iwukusabalalisa komthombo ovulekile wesistimu yokusebenza ye-Linux eyakhelwe yona Imininingwane imisebenzi yezokuphepha efana nocwaningo lwezokuphepha, ubunjiniyela obuhlehlayo, i-computer forensics, futhi, ukuqagele, ukuhlola ukungena.
I-Kali iqukethe amathuluzi amaningana okuhlola ukungena, amanye wawo ongawabona kulolu hlu njengoba ufunda. Lawa mathuluzi angenza cishe yonke into oyifunayo uma kuziwa ekuhloleni ipeni. Ufuna ukwenza ukuhlasela komjovo we-SQL, ukhiphe umthwalo okhokhelwayo, uqhekeze iphasiwedi? Akhona amathuluzi alokho.
Yayaziwa ngokuthi i-Backtrack ngaphambi kwegama layo lamanje, i-Kali. Okwamanje igcinwa Ukuphepha Okucasulayo abakhipha izibuyekezo ku-OS kanye ngesikhathi ukuze bengeze amathuluzi amasha, bathuthukise ukuhambisana, futhi basekele izingxenyekazi zekhompuyutha eziningi.
Into eyodwa emangalisayo ngeKali uhla lwe-wIde lwamapulatifomu esebenza kuwo. Ungasebenzisa i-Kali kumadivayisi eselula, i-Docker, i-ARM, i-Amazon Web Services, i-Windows Subsystem ye-Linux, umshini obonakalayo, nensimbi engenalutho.
Umkhuba ojwayelekile wabahloli bamapeni ukulayisha ama-raspberry pis nge-Kali ngenxa yobukhulu bawo obuncane. Lokhu kwenza kube lula ukuyixhuma kunethiwekhi endaweni yangempela yalapho okuqondiwe khona. Nokho, abahloli abaningi bepeni basebenzisa i-Kali ku-VM noma i-bootable thumb drive.
Qaphela ukuthi ukuphepha okuzenzakalelayo kwe-Kali akunamandla, ngakho udinga ukukusekela ngaphambi kokwenza noma ukugcina noma yini eyimfihlo kuyo.
2. I-Metasploit
Ukweqa ukuphepha kwesistimu eqondiwe akunikezi ngaso sonke isikhathi. Abahloli bepeni bancike ekubeni sengozini ngaphakathi kwesistimu eqondiwe ukuze baxhaphaze futhi bathole ukufinyelela noma ukulawula. Njengoba ungacabanga, kutholwe izinkulungwane zobungozi ezinhlobonhlobo zezingxenyekazi phakathi neminyaka edlule. Akunakwenzeka ukwazi bonke lobu buthakathaka kanye nezenzo zabo, njengoba ziningi.
Yilapho i-Metasploit ingena khona. I-Metasploit iwuhlaka lokuvikela lomthombo ovulekile olwakhiwe yi-Rapid 7. Isetshenziselwa ukuskena amasistimu ekhompuyutha, amanethiwekhi, namaseva ukuze kutholakale ubungozi bokuwasebenzisa noma ukuwabhala phansi.
I-Metasploit iqukethe izinto ezingaphezu kwezinkulungwane ezimbili ezihlukene zamapulatifomu, njenge-Android, Cisco, Firefox, Java, JavaScript, Linux, NetWare, nodejs, macOS, PHP, Python, R, Ruby, Solaris, Unix, futhi kunjalo, IWindows.
Ngaphandle kokuskena ubungozi, ama-pentesters aphinde asebenzise i-Metasploit ukuze kuthuthukiswe inzuzo, ukulethwa komthwalo okhokhelwayo, ukuqoqwa kolwazi, kanye nokugcina ukufinyelela kusistimu esengozini.
I-Metasploit isekela ezinye zeWindows ne-Linux izinhlelo zokusebenza futhi ingenye yezinhlelo zokusebenza ezifakwe kuqala ku-Kali.
I-3. I-Wireshark
Ngaphambi kokuzama ukweqa ukuphepha kohlelo, ama-pentesters azama ukuqoqa ulwazi oluningi ngangokunokwenzeka mayelana nokuhlosiwe kwawo. Ukwenza lokhu kubavumela ukuthi banqume ngendlela efanele yokuhlola uhlelo. Elinye lamathuluzi amapentester awasebenzisayo phakathi nale nqubo iWireshark.
I-Wireshark iwukuhlaziya iphrothokholi yenethiwekhi esetshenziselwa ukwenza umqondo wokuhamba ngenethiwekhi. Ochwepheshe benethiwekhi bavamise ukuyisebenzisela ukuxazulula izinkinga zokuxhuma kwe-TCP/IP njengezinkinga zokubambezeleka, amaphakethe awehlisiwe, nomsebenzi oyingozi.
Nokho, ama-pentesters ayisebenzisela ukuhlola amanethiwekhi ngobungozi. Ngaphandle kokufunda indlela yokusebenzisa ithuluzi ngokwalo, udinga futhi ukujwayelana neminye imiqondo yenethiwekhi njengesitaki se-TCP/IP, izihloko zephakethe lokufunda nokuhumusha, ukuqonda umzila, ukudlulisela ngembobo, nomsebenzi we-DHCP ukuze ulisebenzise ngobungcweti.
Ezinye zezici zayo ezibalulekile yilezi:
- Ingakwazi ukuhlaziya umthamo omkhulu wedatha.
- Usekelo lokuhlaziya kanye nokukhishwa kwemfihlo kwamakhulu amaphrothokholi.
- Ukuhlaziywa kwesikhathi sangempela nokungaxhunyiwe ku-inthanethi kwamanethiwekhi.
- Ukuthwebula okunamandla nezihlungi zokubonisa.
I-Wireshark itholakala ku-Windows, macOS, Linux, Solaris, FreeBSD, NetBSD, nezinye izinkundla eziningi.
Okuqukethwe Okuxhasiwe:
I-4. I-Nmap
AmaPentesters asebenzisa i-Nmap ukuqoqa ulwazi kanye nokuthola ubungozi kunethiwekhi. I-Nmap, isho ukuthi i-network mapper, iyiskena sembobo esisetshenziselwa ukutholwa kwenethiwekhi. I-Nmap yakhelwe ukuskena amanethiwekhi amakhulu namakhulu ezinkulungwane zemishini, ngokushesha.
Ukuskena okunjalo kuvame ukuveza ulwazi olufana nezinhlobo zabasingathi kunethiwekhi, amasevisi(igama lohlelo lokusebenza nenguqulo) abanikezayo, igama nenguqulo ye-OS abasingathi esebenzayo, izihlungi zephakethe nama-firewall asebenzayo, nezinye izici eziningi.
Kungenxa yokuskena kwe-Nmap lapho ama-pentesters athola khona abasingathi abaxhaphazayo. I-Nmap futhi ikuvumela ukuthi ugade umsingathi kanye nesikhathi sokuphumula sesevisi kunethiwekhi.
I-Nmap isebenza ezinhlelweni zokusebenza ezinkulu ezifana ne-Linux, iMicrosoft Windows, iMac OS X, iFreeBSD, i-OpenBSD, neSolaris. Iza futhi ifakwe ngaphambilini ku-Kali njengamathuluzi okuhlola ukungena ngenhla.
I-5. I-Aircrack-ng
Amanethiwekhi e-WiFi cishe angenye yezinhlelo zokuqala ofisa ukuthi ungazigebenga. Phela, ubani ongeke afune i-WiFi “yamahhala”? Njenge-pentester, kufanele ube nethuluzi lokuhlola ukuphepha kwe-WiFi kusethi yakho yamathuluzi. Futhi yiliphi ithuluzi elingcono ongalisebenzisa kune-Aircrack-ng?
I-Aircrack-ng iyithuluzi lomthombo ovulekile elisetshenziswa abakwa-pentester ukubhekana namanethiwekhi angenawaya. Iqukethe uchungechunge lwamathuluzi asetshenziselwa ukuhlola inethiwekhi engenantambo ngobungozi.
Wonke amathuluzi e-Aircrack-ng angamathuluzi omugqa womyalo. Lokhu kwenza kube lula kuma-pentesters ukudala imibhalo yangokwezifiso ukuze isetshenziswe ngokuthuthukile. Ezinye zezici zayo ezibalulekile yilezi:
- Ukuqapha amaphakethe enethiwekhi.
- Ukuhlasela ngomjovo wephakethe.
- Ukuhlola i-WiFi namandla omshayeli.
- Ukugqekeza amanethiwekhi e-WiFi nge-WEP kanye ne-WPA PSK (WPA 1 kanye ne-2) yamaphrothokholi wokubethela.
- Ingathwebula futhi ikhiphe amaphakethe edatha ukuze ihlaziywe okwengeziwe ngamathuluzi ezinkampani zangaphandle.
I-Aircrack-ng isebenza ngokuyinhloko ku-Linux(iza ne-Kali) kodwa futhi iyatholakala ku-Windows, macOS, FreeBSD, OpenBSD, NetBSD, Solaris, kanye ne-eComStation 2.
6. Sqlmap
Uhlelo lokuphathwa kwedatha evikelekile luyi-vector pentesters yokuhlasela evame ukuyisebenzisela ukungena ohlelweni. Imininingo egciniwe iyizingxenye ezibalulekile zezinhlelo zokusebenza zesimanje, okusho ukuthi zitholakala yonke indawo. Kusho futhi ukuthi ama-pentesters angangena ezinhlelweni eziningi ngokusebenzisa ama-DBMS angavikelekile.
I-Sqlmap iyithuluzi lomjovo le-SQL elenza ngokuzenzakalelayo ukutholwa nokuxhashazwa kwamaphutha omjovo we-SQL ukuze kuthathelwe indawo egciniwe. Ngaphambi kwe-Sqlmap, ama-pentesters agijimela ukuhlaselwa komjovo we-SQL ngesandla. Lokhu kusho ukuthi ukwenza inqubo kudinga ulwazi lwangaphambili.
Manje, nabaqalayo bangasebenzisa noma yiziphi izindlela eziyisithupha zokujova ze-SQL ezisekelwa i-Sqlmap(impumputhe esekwe ku-boolean, impumputhe esekwe isikhathi, esekelwe emaphutheni, esekelwe embuzweni we-UNION, imibuzo estakiwe, kanye nokuphuma kwebhendi) ukuze uzame ukungena isizindalwazi.
I-Sqlmap ingakwazi ukuhlasela inqwaba yama-DBMS afana ne-MySQL, i-Oracle, i-PostgreSQL, i-Microsoft SQL Server, i-Microsoft Access, i-IBM DB2, ne-SQLite. Vakashela iwebhusayithi ukuze uthole uhlu olugcwele.
Ezinye zezici zayo eziphezulu zifaka:
- Isebenzisa imiyalo ku-OS yomshini oqondiwe, ngoxhumo olungaphandle kwebhendi.
- Ukufinyelela kusistimu yefayela engaphansi yomshini oqondiwe.
- Ingakwazi ukubona ngokuzenzakalelayo amafomethi we-hashi yephasiwedi, futhi iwaqhekeze isebenzisa ukuhlasela kwesichazamazwi.
- Ingakwazi ukusungula uxhumano phakathi komshini womhlaseli kanye ne-OS engaphansi yeseva yesizindalwazi, ukuyivumela ukuthi iqalise itheminali, iseshini ye-Meterpreter, noma iseshini ye-GUI nge-VNC.
- Ukusekelwa kokukhuphuka kwamalungelo abasebenzisi nge-Metasploit's Meterpreter.
I-Sqlmap yakhiwe ngePython, okusho ukuthi ingasebenza kunoma iyiphi iplatifomu efakwe umhumushi wePython.
Okuqukethwe Okuxhasiwe:
I-7. Hydra
Kuyamangaza ukuthi abuthaka kangakanani amagama ayimfihlo abantu abaningi. Ukuhlaziywa kwamaphasiwedi aziwa kakhulu asetshenziswa abasebenzisi be-LinkedIn ngo-2012 kwembula lokho abasebenzisi abangaphezu kuka-700,000 babe no-'123456' njengamaphasiwedi abo!
Amathuluzi afana ne-Hydra akwenza kube lula ukuthola amaphasiwedi abuthakathaka ezisekelweni eziku-inthanethi ngokuzama ukuwaqhekeza. I-Hydra iyi-parallelized network login password cracker (kahle, lokho kuwumlomo) esetshenziselwa ukukhipha amagama ayimfihlo ku-inthanethi.
IHydra ivamise ukusetshenziswa nabakhiqizi bamagama abavela eceleni njenge-Crunch ne-Cupp, njengoba ingakhiqizi izinhlu zamagama ngokwayo. Ukuze usebenzise i-Hydra, okudingeka ukwenze nje ukucacisa okuqondiwe ongaba ukuhlolwa kwepeni, uphumelele ohlwini lwamagama, bese ugijima.
I-Hydra isekela uhlu olude lwamaplathifomu namaphrothokholi enethiwekhi afana ne-Cisco auth, Cisco enable, FTP, HTTP(S)-(FORM-GET, FORM-POST, GET, HEAD), HTTP-Proxy, MS-SQL, MySQL, Oracle Umlaleli, i-Oracle SID, i-POP3, i-PostgreSQL, i-SMTP, i-SOCKS5, i-SSH (i-v1 ne-v2), i-Subversion, i-Telnet, i-VMware-Auth, i-VNC, ne-XMPP.
Yize i-Hydra iza ifakwe kuqala ku-Kali, “ihloliwe ukuze ihlanganiswe ngokuhlanzekile ku-Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) kanye ne-MacOS”, ngokusho konjiniyela bayo.
8. UJohn The Ripper
Igama elixakile eceleni, uJohn The Ripper uyisigebenga sephasiwedi esisheshayo, esivulekile, esingaxhunyiwe ku-inthanethi. Iqukethe ama-password crackers amaningana futhi ikuvumela ukuthi udale i-cracker yangokwezifiso.
U-John The Ripper usekela izinhlobo eziningi ze-hashi ze-password ne-cipher okwenza kube ithuluzi elisebenziseka ngezindlela eziningi. I-password cracker isekela ama-CPU, ama-GPU, kanye nama-FPGA e-Openwall, abathuthukisi be-password cracker.
Ukusebenzisa i-John The Ripper ukhetha ezindleleni ezine ezihlukene: imodi yohlu lwamagama, imodi yokuqhekeka okukodwa, imodi yokwengeza, nemodi yangaphandle. Imodi ngayinye inezindlela zokwephula amaphasiwedi ezenza ifaneleke izimo ezithile. Ukuhlaselwa kukaJohn The Ripper kwenzeka kakhulu ngokusebenzisa amandla anonya nokuhlaselwa kwesichazamazwi.
Yize uJohn The Ripper engumthombo ovulekile, asikho isakhiwo somdabu esisemthethweni esitholakalayo (mahhala). Ungakuthola lokho ngokubhalisela inguqulo ye-Pro, ehlanganisa izici eziningi ezifana nokusekelwa kwezinhlobo eziningi zama-hashi.
UJohn The Ripper utholakala ezinhlelweni zokusebenza eziyi-15 (ngesikhathi sokubhala lokhu) kufaka phakathi i-macOS, Linux, Windows, kanye ne-Android.
9. Burp Suite
Kuze kube manje, sixoxile ngamanethiwekhi okuhlola, isizindalwazi, i-WiFi, nezinhlelo zokusebenza, kodwa kuthiwani ngezinhlelo zokusebenza zewebhu? Ukukhuphuka kwe-SaaS kuholele ekutheni kuvele izinhlelo zokusebenza eziningi zewebhu eminyakeni edlule.
Ukuvikeleka kwalezi zinhlelo zokusebenza kubaluleke ngendlela efanayo, uma kungengaphezu kwezinye izinkundla esizihlolile, sicabangela izinkampani eziningi manje zakha izinhlelo zokusebenza zewebhu esikhundleni sezinhlelo zokusebenza zedeskithophu.
Uma kukhulunywa ngamathuluzi okuhlola ukungena ezinhlelo zokusebenza zewebhu, iBurp Suite cishe iyona ehamba phambili lapho. I-Burp Suite ayifani nanoma yimaphi amathuluzi akulolu hlu, nokusebenzelana kwayo okucacile nezintengo ezinkulu.
I-Burp Suite iyiskena sewebhu sokuba sengozini esakhiwe i-Portswigger Web Security ukuze kuvikelwe izinhlelo zokusebenza zewebhu ngokusiphula amaphutha kanye nokuba sengozini. Yize inohlelo lomphakathi lwamahhala, ayinayo ingxenye enkulu yezici zayo ezibalulekile.
IBurp Suite inenguqulo ye-Pro kanye nenguqulo yebhizinisi. Izici zenguqulo yochwepheshe zingahlukaniswa zibe ezintathu; Izici zokuhlola ukungena mathupha, ukuhlasela okuzenzakalelayo okuthuthukile/okuzenzakalelayo, nokuskena okuzenzakalelayo kokuba sengozini.
Inguqulo yebhizinisi ihlanganisa zonke izici ze-Pro nezinye izici ezifana nokuhlanganiswa kwe-CI, ukuhlela ukuskena, ukukala kwebhizinisi elibanzi. Ibize kakhulu futhi ngama- $ 6,995, kanti inguqulo ye-Pro ibiza ama- $ 399 kuphela.
IBurp Suite iyatholakala ku-Windows, Linux, kanye ne-macOS.
Okuqukethwe Okuxhasiwe:
10. I-MobSF
Bangaphezu kuka-80% abantu emhlabeni namuhla banama-smartphones, ngakho kuyindlela ethembekile cybercrgebengu ukuhlasela abantu. Enye yezindawo ezivame ukuhlasela ezizisebenzisayo izinhlelo zokusebenza ezinobungozi.
I-MobSF noma i-Mobile Security Framework, kahle, iwuhlaka lokuhlola ukuphepha kweselula olwakhelwe ukwenza ngokuzenzakalelayo ukuhlaziya uhlelo olungayilungele ikhompuyutha, ukuhlola ipeni, nokuhlaziya okumile nokuguquguqukayo kwezinhlelo zokusebenza zeselula.
I-MobSF ingasetshenziswa ukuhlaziya amafayela e-Android, iOS, kanye ne-Windows(iselula). Uma amafayela ohlelo lokusebenza esehlaziyiwe, i-MobSF ilungiselela umbiko ofinyeza ukusebenza kohlelo lokusebenza, kanye nemininingwane yezinkinga ezingase zivumele ukufinyelela okungagunyaziwe kulwazi ngeselula.
I-MobSF yenza izinhlobo ezimbili zokuhlaziya kuzinhlelo zokusebenza zeselula: i-static(reverse engineering) kanye ne-dynamic. Ngesikhathi sokuhlaziya okumile, iselula iqala ukuhlukaniswa. Amafayela ayo abe esekhishwa futhi ahlaziywe ukuze kutholakale ubungozi obungaba khona.
Ukuhlaziya okunamandla kwenziwa ngokuqalisa uhlelo lokusebenza kusifanisi noma kudivayisi yangempela bese sibhekela ukufinyelela kwedatha ebucayi, izicelo ezingavikelekile, nemininingwane enekhodi eqinile. I-MobSF ihlanganisa ne-Web API fuzzer enikwa amandla yi-CappFuzz.
I-MobSF isebenza ku-Ubuntu/Debian-based Linux, macOS, kanye neWindows. Iphinde ibe nesithombe se-Docker esakhiwe ngaphambilini.
Ekuphetheni…
Ukube ubuvele une-Kali Linux efakiwe ngaphambi kwamanje, ngabe uwabonile amathuluzi amaningi kulolu hlu. Okusele ungakufaka ngokwakho). Uma usuqedile ukufaka amathuluzi owadingayo, isinyathelo esilandelayo ukufunda ukuthi asetshenziswa kanjani. Amathuluzi amaningi asebenziseka kalula, futhi ngaphambi kokuthi wazi, uzobe usendleleni yokuthuthukisa ukuphepha kwamakhasimende akho ngamasethi amakhono amasha.
