渗透测试的报告
- 格式:docx
- 大小:283.77 KB
- 文档页数:20
目录
0x1概述
1.1渗透范围
1.2渗透测试主要内容
0x2脆弱性分析方法
0x3渗透测试过程描述
3.1遍历目录测试
3.2弱口令测试
3.3 Sql注入测试
3.4内网渗透
3.5内网嗅探
0x4分析结果与建议0x1概述
某时段接到xx网络公司授权对该公司网络进行模拟黑客攻击渗透,在XX年xx月XX日-xx年xx月xx日.对xx网络公司的外网服务器和内网集群精心全面脆弱性黑盒测试•完成测试得到此
份网络渗透测试报告。
3.3 sql 注入测试
通过手工配合工具检测 sql 注入得到反馈结果 如下图
~ C VWIMDOWS\5¥steni32
-
>.€qniis !.cn
-inixi
W K leone to the rea1 world?
wwwscan u3.0 Euild 0&1007
http ://WWW ■算■QFS
Hesoluingr Ip of wuu.cqns .cn.... OK- MV Connectingr -80... Succeed?
Ti*ying ( Tn Giet Server Type 4 ». Succeedf Server Type £ Microsoft-I[S/& *0
Testing If There Is A Def ault Turning Page..
Not Found!
Found ; /../adninZ f f T
Found : /. ./adnijn/log'in/ ??!
Checking : /_uti_bin/. 3.2用户口令猜解 Nmap 收集到外网服务器ftp.使用默认的账号无 法连接,于是对web 和能登陆的界面进行弱口令 测试,具体如下图 Acunetix Threat Level 3 One or more high-severity type vulnerabilities have been discovered by the seanner. A malicious user can exploitthese vulnerabilities and compromise the backend database and/or deface your website. aneciea iiems /piejistaspx Details URL encoded GET input id was set to 1416; waitfor delay '0:0:4' - Request GET /picklist.aspx?id=%24%7binjecthere%7d&jiugou=75&newsort=65&parent=60 HI Host: www.cqms ・cn:80 Connection: Keep-alive Accept-Encoding: gzip r deflate Us er-Agent: Mozilla/4・0 (coinpatible; NS IE 8・0; Windows NT 6・0) Response HTTP/1・1 500 Internal Server Error Date: Fri r 25 Feb 2011 02:14:45 GKT Server: Microsoft-IIS/6 ・ 0 X-Powered-By: X-AspNet-version: 2.0.50727 Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 10273 /piejistaspx Details URL encoded GET input id was set to 141R : waitfnr dplsy '0-0-4'— Request GET /pic lis 匸.aspx?id=%24%7biniecthere%7d&newsozrt:=65&parmnt:=60 HTTP/1 ・ 1 Alerts distribution Total alerts found O High O Medium O Low O Informational 78 2 I 5cAft :tuasarr details EHnd SQL :nj^tion Application trror sttsai ASP. NET dtb^ccinc en«bl< • Locxn &«ce pairrord-ruei Fossxblt sen«:tive d:r«< Session Cookie cthout i t- Croken links Bzail found CKDB: Typical lo Threat level (7 应用程序中的服务器错误口 潼入字蒔串的搭式不疋礁= 说时:PM亍当u辭巾谓求则间■岀现求处翻埠百.L祂豆増桜舉诉inja・以丁解有关tsis盘皿代码中歸幡融岀畑屈日佰同. 界冨订细怎直占Syfiltfn F^-rnKF^MiJiCin.拥|.扎手持母的耦式不正H・ int id ■ i nt - Par£t(Rr<]ue5t a Querylgtri ng [r,i dTI ^TQStri ng()); pbreivt ■ i nft»Par^efRequest. (feueryStrl m [H D«r e«rt H J. TeStri ng<)>: nje^is-ortidl 鼻parent 曾CCXTfl-dltl d«- 呼甌50W MpX Ct I TS25 [FormatExcefiti on: SftA宇荷!|5的箱式不正・・]| System. WytilMr-,stringToNuivbw'tStrieg str, Nu«berStylt5 cp-tKxis- Nu^be^Bixfferi n站I MF NwbtrForfliatInfo iinfo, ftoolean parstDeciftal) *278221? System, Mu«lHr,iPar5eInt32C5t^in^ 5, Nywberstyles styl«i iM«iHrFor™trinfo ifffo) *11Z System.I«t32.ParseC5trino 5} +20 亠 ____ _ 亠 Ahqut_^h^«-Pjhge_L<]Jid([]bje£^ KMidAr, Ev^ntArgs e) "in g巩E"一■的血」1亡护棚二lw 45 Systerr, Web. llti 1. Cal 1 i Mel per EventArgFuntti wiCil 1 er (I ntPtr fp. Object 口. Dbjcct t. EwentArgis e) rlS Systerr. W«b. Lti 1. Cal 1 i EventHandl er Del e^atePraxy-Cal 1 back(Db ject sendier. EwentArgs e) +5J System. Web. Ul^ Contr口1-01111口曲〔它7亡毗气0呂e-)十勺9 Systerr. W-eb. Ul. £an±ro1 b LuadRecurs-ive ? SystefF. Weh-ll』-P JI#已.F「口!^匕$只亡口11已各1:胃员韦」(吕[»"1匕曰门"in匚1口日亡生1:阳芒£日亡卩五厂85>丫川七円<]"{祇.Bool can ireel udeStagitEAf^terAsyncPoT nt) +1061 康車庚£L耕心M旗iMETFy応心“JS车2.0.^0727 i3Sd\直驴HE「压斗2Q剖72丁.馆番 根据漏洞类别进行统计,如下所示: 漏洞类别高中低风险值 网站结构分析 3目录遍历探测 4 隐藏文件探测3 e-i: _-