手工方式

Wired 有线

Woreless 无线

图形化的网络管理器(依赖的服务:NetworkManager)

┌──(root㉿kali)-[~]
└─# systemctl status NetworkManager
● NetworkManager.service - Network Manager
     Loaded: loaded (/lib/systemd/system/NetworkManager.service; enabled; preset: enabled)
     Active: active (running) since Tue 2023-08-22 10:20:19 CST; 4h 12min ago
       Docs: man:NetworkManager(8)
   Main PID: 657 (NetworkManager)
      Tasks: 4 (limit: 1014)
     Memory: 4.9M
        CPU: 2.185s
     CGroup: /system.slice/NetworkManager.service
             └─657 /usr/sbin/NetworkManager --no-daemon

8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.0241] dhcp4 (eth0): activation: >
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.0757] dhcp4 (eth0): state change>
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.0767] policy: set 'Wired connect>
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.0944] device (eth0): state chang>
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.1346] device (eth0): state chang>
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.1353] device (eth0): state chang>
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.1382] manager: NetworkManager st>
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.1434] device (eth0): Activation:>
8月 22 14:09:13 kali NetworkManager[657]: <info>  [1692684553.1491] manager: NetworkManager st>
8月 22 14:24:13 kali NetworkManager[657]: <info>  [1692685453.0681] dhcp4 (eth0): state change>

IP地址

手工配置ip

手工配置


┌──(root㉿kali)-[~]
└─# ifconfig eth0 down
                                                                                               
┌──(root㉿kali)-[~]
└─# ifconfig eth0 up  
                                                                                               
┌──(root㉿kali)-[~]
└─# ifconfig eth0       
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.195.102  netmask 255.255.255.0  broadcast 192.168.195.255
        inet6 fe80::c1e0:3920:f4c7:66fd  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:76:ad:97  txqueuelen 1000  (Ethernet)
        RX packets 4344  bytes 369947 (361.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 473  bytes 66629 (65.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


命令查看相关信息

## ip地址/掩码 ifconfig eth0 或 ip a
┌──(root㉿kali)-[~]
└─# ifconfig eth0   
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.56.130  netmask 255.255.255.0  broadcast 192.168.56.255
        inet6 fe80::20c:29ff:fe76:ad97  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:76:ad:97  txqueuelen 1000  (Ethernet)
        RX packets 4147  bytes 353381 (345.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 435  bytes 63633 (62.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0



## 网关(默认路由) ip route show (简写:ip r)

┌──(root㉿kali)-[~]
└─# ip route show
default via 192.168.56.2 dev eth0 proto dhcp src 192.168.56.130 metric 100 
192.168.56.0/24 dev eth0 proto kernel scope link src 192.168.56.130 metric 100 
                                                                                               
┌──(root㉿kali)-[~]
└─# ip r         
default via 192.168.56.2 dev eth0 proto dhcp src 192.168.56.130 metric 100 
192.168.56.0/24 dev eth0 proto kernel scope link src 192.168.56.130 metric 100 


## DNS cat /etc/resolv.conf  nameserver 名称服务器
┌──(root㉿kali)-[~]
└─# cat /etc/resolv.conf
domain localdomain
search localdomain
nameserver 192.168.56.2

通过修改网卡的配置文件

┌──(root㉿kali)-[~]
└─# ls /etc/network/interfaces
/etc/network/interfaces

NO1.把NetworkManager服务关闭并设置为开机不启动

┌──(root㉿kali)-[~] ## systemctl stop NetworkManager  关闭
└─# systemctl stop NetworkManager  
                                                                                               
┌──(root㉿kali)-[~] ## 开机不启动 systemctl disable NetworkManager 
└─# systemctl disable NetworkManager 
Removed "/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service".
Removed "/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service".
Removed "/etc/systemd/system/multi-user.target.wants/NetworkManager.service".
                                                                                               
┌──(root㉿kali)-[~] ## 查看状态:systemctl status NetworkManager 
└─# systemctl status NetworkManager 
○ NetworkManager.service - Network Manager
     Loaded: loaded (/lib/systemd/system/NetworkManager.service; disabled; preset: enabled)
     Active: inactive (dead) since Tue 2023-08-22 14:52:11 CST; 29s ago
   Duration: 4h 31min 52.135s
       Docs: man:NetworkManager(8)
   Main PID: 657 (code=exited, status=0/SUCCESS)
        CPU: 2.428s

8月 22 14:45:47 kali NetworkManager[657]: <info>  [1692686747.9199] device (eth0): Activation:>
8月 22 14:45:47 kali NetworkManager[657]: <info>  [1692686747.9272] manager: NetworkManager st>
8月 22 14:46:10 kali NetworkManager[657]: <info>  [1692686770.8799] audit: op="connection-upda>
8月 22 14:52:11 kali NetworkManager[657]: <info>  [1692687131.7085] caught SIGTERM, shutting d>
8月 22 14:52:11 kali NetworkManager[657]: <info>  [1692687131.7092] manager: NetworkManager st>
8月 22 14:52:11 kali systemd[1]: Stopping NetworkManager.service - Network Manager...
8月 22 14:52:11 kali NetworkManager[657]: <info>  [1692687131.7302] exiting (success)
8月 22 14:52:11 kali systemd[1]: NetworkManager.service: Deactivated successfully.
8月 22 14:52:11 kali systemd[1]: Stopped NetworkManager.service - Network Manager.
8月 22 14:52:11 kali systemd[1]: NetworkManager.service: Consumed 2.428s CPU time.

NO2.通过man查看配置如何编写

auto eth0  ## 启动时激活网卡
iface eht0 inet static ## 接口为eth0,地址指派方式为静态
        address 192.168.195.76/24 ## ip地址
        gateway 192.168.195.2 ## 网关


## :set mouse=v  vi中支持鼠标选中复制
## :set nu  vi中设置行号
## :set nonu  vi中取消行号

编写

NO3. 要使配置内容生效,需要重启网络服务

──(root㉿kali)-[~]
└─# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback
auto eth0
iface eht0 inet static
        address 192.168.195.76/24
        gateway 192.168.195.2
                                                                                               
┌──(root㉿kali)-[~]
└─# systemctl restart networking

修改DNS

通过修改 /etc/resolv.conf

┌──(root㉿kali)-[~]
└─# vi /etc/resolv.conf        
                                                                                               
┌──(root㉿kali)-[~] ## 最多可配置三个
└─# cat /etc/resolv.conf       
# Generated by NetworkManager
search localdomain
nameserver 192.168.56.2
nameserver 8.8.8.8                    
nameserver 114.114.114.114

## 可通过下面方式修改 2
echo "nameserver 223.6.6.6" > /etc/resolv.conf

## 可通过下面方式修改 3 sed 是非交互式文本编辑器
sed 's/old/new/'
sed 's/nameserver 223.6.6.6/nameserver 8.8.8.8' /etc/resolv.conf ## 预改动
sed -i 's/nameserver 223.6.6.6/nameserver 8.8.8.8' /etc/resolv.conf ## 对原始文件进行修改

使用dig工具获取DNS信息

黑客可以使用DNS从目标处收集信息这些信息可能包含

目标名称服务器(将目标名称转换成 IP 地址的服务器)的 IP地址(A记录)

目标邮件服务器(MX记录)

潜在的所有子域名和 IP 地址

DNS信息

┌──(root㉿kali)-[~]
└─# dig hackers-arise.com ns

; <<>> DiG 9.18.16-1-Debian <<>> hackers-arise.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41347
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 4096
;; QUESTION SECTION:
;hackers-arise.com.             IN      NS

;; ANSWER SECTION:
hackers-arise.com.      5       IN      NS      ns6.wixdns.net.
hackers-arise.com.      5       IN      NS      ns7.wixdns.net.

;; ADDITIONAL SECTION:
ns6.wixdns.net.         5       IN      A       216.239.32.100
ns7.wixdns.net.         5       IN      A       216.239.34.100

;; Query time: 2192 msec
;; SERVER: 192.168.56.2#53(192.168.56.2) (UDP)
;; WHEN: Wed Aug 23 10:04:22 CST 2023
;; MSG SIZE  rcvd: 124


┌──(root㉿kali)-[~]
└─# dig hackers-arise.com mx

; <<>> DiG 9.18.16-1-Debian <<>> hackers-arise.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47404
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;hackers-arise.com.             IN      MX

;; ANSWER SECTION:
hackers-arise.com.      5       IN      MX      10 aspmx.l.google.com.
hackers-arise.com.      5       IN      MX      20 alt1.aspmx.l.google.com.
hackers-arise.com.      5       IN      MX      30 alt2.aspmx.l.google.com.
hackers-arise.com.      5       IN      MX      40 alt3.aspmx.l.google.com.
hackers-arise.com.      5       IN      MX      50 alt4.aspmx.l.google.com.

;; Query time: 2824 msec
;; SERVER: 192.168.56.2#53(192.168.56.2) (UDP)
;; WHEN: Wed Aug 23 10:08:59 CST 2023
;; MSG SIZE  rcvd: 150

──(root㉿kali)-[~] ## 向指定的dns服务器查询
└─# dig qq.com any @8.8.8.8 

; <<>> DiG 9.18.16-1-Debian <<>> qq.com any @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53864
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
; EDE: 23 (Network Error): ([183.36.112.46] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.220.251] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.249.143] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([101.227.218.144] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.195.104] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([157.255.246.101] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([2402:4e00:8010:1::11c] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([117.184.232.216] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([58.144.154.100] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([112.60.1.69] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([2402:4e00:8030::111] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([59.36.132.142] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([240e:9f:c600::8] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([121.51.160.100] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([218.68.91.143] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.195.94] rcode=NOTIMP for qq.com/all)
; EDE: 22 (No Reachable Authority): (At delegation qq.com for qq.com/all)
;; QUESTION SECTION:
;qq.com.                                IN      ANY

;; Query time: 4492 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (TCP)
;; WHEN: Wed Aug 23 10:16:15 CST 2023
;; MSG SIZE  rcvd: 889

类似工具 nslookup

┌──(root㉿kali)-[~]
└─# nslookup qq.com -type=any 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   qq.com
Address: 111.30.144.71
Name:   qq.com
Address: 112.53.26.232



┌──(root㉿kali)-[~]
└─# dig qq.com mx @8.8.8.8     

; <<>> DiG 9.18.16-1-Debian <<>> qq.com mx @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14321
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;qq.com.                                IN      MX

;; ANSWER SECTION:
qq.com.                 30      IN      MX      30 mx1.qq.com.
qq.com.                 30      IN      MX      20 mx2.qq.com.
qq.com.                 30      IN      MX      10 mx3.qq.com.

;; Query time: 16 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Wed Aug 23 10:18:22 CST 2023
;; MSG SIZE  rcvd: 95

## +noall 没有任何输出
## +answer 只看应答输出
┌──(root㉿kali)-[~]
└─# dig +noall +answer mail.163.com any
;; Connection to 192.168.56.2#53(192.168.56.2) for mail.163.com failed: timed out.
;; Connection to 192.168.56.2#53(192.168.56.2) for mail.163.com failed: timed out.
;; Connection to 192.168.56.2#53(192.168.56.2) for mail.163.com failed: timed out.
   

## 反向查询 -x  记录类型 PTR(指针记录)
┌──(root㉿kali)-[~]
└─# dig +noall +answer -x 220.181.14.161
161.14.181.220.in-addr.arpa. 5  IN      PTR     m14-161.188.com.
         

Bash小技巧

## ESC + . (或!$)调用上一个命令的参数
## ctrl + c 中止一个命令
## ctrl + t 交换前后两个字符的位置
## ctrl + E 回到行尾
## ctrl + a 回到行首
## ctrl + w 删除左边的单词

posted on 2023-08-23 10:52  depressiom  阅读(38)  评论(0编辑  收藏  举报