2010年3月28日星期日
tor+proxychains+nmap+socat+nc
接上贴
1、proxychains+nmap,实现匿名扫描
root@woody-desktop:~# proxychains nmap -sV -p 80 202.118.66.5
ProxyChains-3.1 (http://proxychains.sf.net)
Starting Nmap 5.00 ( http://nmap.org ) at 2010-03-28 01:56 CST
|S-chain|-<>-192.168.1.3:9100-<><>-202.118.66.5:80-<><>-OK
Interesting ports on rose.dlut.edu.cn (202.118.66.5):
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.2.3 ((Debian) PHP/4.4.4-8+etch6)
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.13 seconds
2、socat允许双向中继转播,可通过监听在192.168.1.3上9100端口的Tor socks代理转发TCP请求,进而通过socat中继进行任意次数的刺探(比如nessus、nikto)。下面命令建立一个socat代理,监听本地的8080端口,并将所有到202.118.66.5的80端口的所有tcp请求通过192.168.1.3:9100的socks tor 代理进行转发。即
127.0.0.1:8080->192.168.1.3:9100->tor代理网络->202.118.66.5:80
root@woody-desktop:~# socat TCP4-LISTEN:8080,fork SOCKS4a:192.168.1.3:202.118.66.5:80,socksport=9100
3、nc连接到远程服务器
root@woody-desktop:~# nc 127.0.0.1 8080
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Sat, 27 Mar 2010 17:54:17 GMT
Server: Apache/2.2.3 (Debian) PHP/4.4.4-8+etch6
Last-Modified: Mon, 23 Nov 2009 03:04:10 GMT
ETag: "f7a64-b50-479011456be80"
Accept-Ranges: bytes
Content-Length: 2896
Connection: close
Content-Type: text/html
1、proxychains+nmap,实现匿名扫描
root@woody-desktop:~# proxychains nmap -sV -p 80 202.118.66.5
ProxyChains-3.1 (http://proxychains.sf.net)
Starting Nmap 5.00 ( http://nmap.org ) at 2010-03-28 01:56 CST
|S-chain|-<>-192.168.1.3:9100-<><>-202.118.66.5:80-<><>-OK
Interesting ports on rose.dlut.edu.cn (202.118.66.5):
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.2.3 ((Debian) PHP/4.4.4-8+etch6)
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.13 seconds
2、socat允许双向中继转播,可通过监听在192.168.1.3上9100端口的Tor socks代理转发TCP请求,进而通过socat中继进行任意次数的刺探(比如nessus、nikto)。下面命令建立一个socat代理,监听本地的8080端口,并将所有到202.118.66.5的80端口的所有tcp请求通过192.168.1.3:9100的socks tor 代理进行转发。即
127.0.0.1:8080->192.168.1.3:9100->tor代理网络->202.118.66.5:80
root@woody-desktop:~# socat TCP4-LISTEN:8080,fork SOCKS4a:192.168.1.3:202.118.66.5:80,socksport=9100
3、nc连接到远程服务器
root@woody-desktop:~# nc 127.0.0.1 8080
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Sat, 27 Mar 2010 17:54:17 GMT
Server: Apache/2.2.3 (Debian) PHP/4.4.4-8+etch6
Last-Modified: Mon, 23 Nov 2009 03:04:10 GMT
ETag: "f7a64-b50-479011456be80"
Accept-Ranges: bytes
Content-Length: 2896
Connection: close
Content-Type: text/html
标签: nc, nmap, proxychains, socat, Tor
// 发贴者:放牛娃的春天 @ 三月 28, 2010 
订阅 博文 [Atom]