Kali 网络参数的配置
手工方式
Wired 有线
Woreless 无线
图形化的网络管理器(依赖的服务:NetworkManager)
┌──(root㉿kali)-[~]
└─# systemctl status NetworkManager
● NetworkManager.service - Network ManagerLoaded: loaded (/lib/systemd/system/NetworkManager.service; enabled; preset: enabled)Active: active (running) since Tue 2023-08-22 10:20:19 CST; 4h 12min agoDocs: man:NetworkManager(8)Main PID: 657 (NetworkManager)Tasks: 4 (limit: 1014)Memory: 4.9MCPU: 2.185sCGroup: /system.slice/NetworkManager.service└─657 /usr/sbin/NetworkManager --no-daemon8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.0241] dhcp4 (eth0): activation: >
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.0757] dhcp4 (eth0): state change>
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.0767] policy: set 'Wired connect>
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.0944] device (eth0): state chang>
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.1346] device (eth0): state chang>
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.1353] device (eth0): state chang>
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.1382] manager: NetworkManager st>
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.1434] device (eth0): Activation:>
8月 22 14:09:13 kali NetworkManager[657]: <info> [1692684553.1491] manager: NetworkManager st>
8月 22 14:24:13 kali NetworkManager[657]: <info> [1692685453.0681] dhcp4 (eth0): state change>
手工配置ip
┌──(root㉿kali)-[~]
└─# ifconfig eth0 down┌──(root㉿kali)-[~]
└─# ifconfig eth0 up ┌──(root㉿kali)-[~]
└─# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.195.102 netmask 255.255.255.0 broadcast 192.168.195.255inet6 fe80::c1e0:3920:f4c7:66fd prefixlen 64 scopeid 0x20<link>ether 00:0c:29:76:ad:97 txqueuelen 1000 (Ethernet)RX packets 4344 bytes 369947 (361.2 KiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 473 bytes 66629 (65.0 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0命令查看相关信息
## ip地址/掩码 ifconfig eth0 或 ip a
┌──(root㉿kali)-[~]
└─# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.56.130 netmask 255.255.255.0 broadcast 192.168.56.255inet6 fe80::20c:29ff:fe76:ad97 prefixlen 64 scopeid 0x20<link>ether 00:0c:29:76:ad:97 txqueuelen 1000 (Ethernet)RX packets 4147 bytes 353381 (345.0 KiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 435 bytes 63633 (62.1 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0## 网关(默认路由) ip route show (简写:ip r)┌──(root㉿kali)-[~]
└─# ip route show
default via 192.168.56.2 dev eth0 proto dhcp src 192.168.56.130 metric 100
192.168.56.0/24 dev eth0 proto kernel scope link src 192.168.56.130 metric 100 ┌──(root㉿kali)-[~]
└─# ip r
default via 192.168.56.2 dev eth0 proto dhcp src 192.168.56.130 metric 100
192.168.56.0/24 dev eth0 proto kernel scope link src 192.168.56.130 metric 100 ## DNS cat /etc/resolv.conf nameserver 名称服务器
┌──(root㉿kali)-[~]
└─# cat /etc/resolv.conf
domain localdomain
search localdomain
nameserver 192.168.56.2通过修改网卡的配置文件
┌──(root㉿kali)-[~]
└─# ls /etc/network/interfaces
/etc/network/interfacesNO1.把NetworkManager服务关闭并设置为开机不启动
┌──(root㉿kali)-[~] ## systemctl stop NetworkManager 关闭
└─# systemctl stop NetworkManager ┌──(root㉿kali)-[~] ## 开机不启动 systemctl disable NetworkManager
└─# systemctl disable NetworkManager
Removed "/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service".
Removed "/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service".
Removed "/etc/systemd/system/multi-user.target.wants/NetworkManager.service".┌──(root㉿kali)-[~] ## 查看状态:systemctl status NetworkManager
└─# systemctl status NetworkManager
○ NetworkManager.service - Network ManagerLoaded: loaded (/lib/systemd/system/NetworkManager.service; disabled; preset: enabled)Active: inactive (dead) since Tue 2023-08-22 14:52:11 CST; 29s agoDuration: 4h 31min 52.135sDocs: man:NetworkManager(8)Main PID: 657 (code=exited, status=0/SUCCESS)CPU: 2.428s8月 22 14:45:47 kali NetworkManager[657]: <info> [1692686747.9199] device (eth0): Activation:>
8月 22 14:45:47 kali NetworkManager[657]: <info> [1692686747.9272] manager: NetworkManager st>
8月 22 14:46:10 kali NetworkManager[657]: <info> [1692686770.8799] audit: op="connection-upda>
8月 22 14:52:11 kali NetworkManager[657]: <info> [1692687131.7085] caught SIGTERM, shutting d>
8月 22 14:52:11 kali NetworkManager[657]: <info> [1692687131.7092] manager: NetworkManager st>
8月 22 14:52:11 kali systemd[1]: Stopping NetworkManager.service - Network Manager...
8月 22 14:52:11 kali NetworkManager[657]: <info> [1692687131.7302] exiting (success)
8月 22 14:52:11 kali systemd[1]: NetworkManager.service: Deactivated successfully.
8月 22 14:52:11 kali systemd[1]: Stopped NetworkManager.service - Network Manager.
8月 22 14:52:11 kali systemd[1]: NetworkManager.service: Consumed 2.428s CPU time.NO2.通过man查看配置如何编写
auto eth0 ## 启动时激活网卡
iface eht0 inet static ## 接口为eth0,地址指派方式为静态address 192.168.195.76/24 ## ip地址gateway 192.168.195.2 ## 网关## :set mouse=v vi中支持鼠标选中复制
## :set nu vi中设置行号
## :set nonu vi中取消行号
NO3. 要使配置内容生效,需要重启网络服务
──(root㉿kali)-[~]
└─# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).source /etc/network/interfaces.d/*# The loopback network interface
auto lo
iface lo inet loopback
auto eth0
iface eht0 inet staticaddress 192.168.195.76/24gateway 192.168.195.2┌──(root㉿kali)-[~]
└─# systemctl restart networking修改DNS
通过修改 /etc/resolv.conf
┌──(root㉿kali)-[~]
└─# vi /etc/resolv.conf ┌──(root㉿kali)-[~] ## 最多可配置三个
└─# cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.56.2
nameserver 8.8.8.8
nameserver 114.114.114.114## 可通过下面方式修改 2
echo "nameserver 223.6.6.6" > /etc/resolv.conf## 可通过下面方式修改 3 sed 是非交互式文本编辑器
sed 's/old/new/'
sed 's/nameserver 223.6.6.6/nameserver 8.8.8.8' /etc/resolv.conf ## 预改动
sed -i 's/nameserver 223.6.6.6/nameserver 8.8.8.8' /etc/resolv.conf ## 对原始文件进行修改
使用dig工具获取DNS信息
黑客可以使用DNS从目标处收集信息这些信息可能包含
目标名称服务器(将目标名称转换成 IP 地址的服务器)的 IP地址(A记录)
目标邮件服务器(MX记录)
潜在的所有子域名和 IP 地址
┌──(root㉿kali)-[~]
└─# dig hackers-arise.com ns; <<>> DiG 9.18.16-1-Debian <<>> hackers-arise.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41347
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 4096
;; QUESTION SECTION:
;hackers-arise.com. IN NS;; ANSWER SECTION:
hackers-arise.com. 5 IN NS ns6.wixdns.net.
hackers-arise.com. 5 IN NS ns7.wixdns.net.;; ADDITIONAL SECTION:
ns6.wixdns.net. 5 IN A 216.239.32.100
ns7.wixdns.net. 5 IN A 216.239.34.100;; Query time: 2192 msec
;; SERVER: 192.168.56.2#53(192.168.56.2) (UDP)
;; WHEN: Wed Aug 23 10:04:22 CST 2023
;; MSG SIZE rcvd: 124┌──(root㉿kali)-[~]
└─# dig hackers-arise.com mx; <<>> DiG 9.18.16-1-Debian <<>> hackers-arise.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47404
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:
;hackers-arise.com. IN MX;; ANSWER SECTION:
hackers-arise.com. 5 IN MX 10 aspmx.l.google.com.
hackers-arise.com. 5 IN MX 20 alt1.aspmx.l.google.com.
hackers-arise.com. 5 IN MX 30 alt2.aspmx.l.google.com.
hackers-arise.com. 5 IN MX 40 alt3.aspmx.l.google.com.
hackers-arise.com. 5 IN MX 50 alt4.aspmx.l.google.com.;; Query time: 2824 msec
;; SERVER: 192.168.56.2#53(192.168.56.2) (UDP)
;; WHEN: Wed Aug 23 10:08:59 CST 2023
;; MSG SIZE rcvd: 150──(root㉿kali)-[~] ## 向指定的dns服务器查询
└─# dig qq.com any @8.8.8.8 ; <<>> DiG 9.18.16-1-Debian <<>> qq.com any @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53864
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
; EDE: 23 (Network Error): ([183.36.112.46] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.220.251] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.249.143] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([101.227.218.144] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.195.104] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([157.255.246.101] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([2402:4e00:8010:1::11c] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([117.184.232.216] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([58.144.154.100] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([112.60.1.69] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([2402:4e00:8030::111] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([59.36.132.142] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([240e:9f:c600::8] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([121.51.160.100] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([218.68.91.143] rcode=NOTIMP for qq.com/all)
; EDE: 23 (Network Error): ([203.205.195.94] rcode=NOTIMP for qq.com/all)
; EDE: 22 (No Reachable Authority): (At delegation qq.com for qq.com/all)
;; QUESTION SECTION:
;qq.com. IN ANY;; Query time: 4492 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (TCP)
;; WHEN: Wed Aug 23 10:16:15 CST 2023
;; MSG SIZE rcvd: 889类似工具 nslookup
┌──(root㉿kali)-[~]
└─# nslookup qq.com -type=any 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53Non-authoritative answer:
Name: qq.com
Address: 111.30.144.71
Name: qq.com
Address: 112.53.26.232┌──(root㉿kali)-[~]
└─# dig qq.com mx @8.8.8.8 ; <<>> DiG 9.18.16-1-Debian <<>> qq.com mx @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14321
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;qq.com. IN MX;; ANSWER SECTION:
qq.com. 30 IN MX 30 mx1.qq.com.
qq.com. 30 IN MX 20 mx2.qq.com.
qq.com. 30 IN MX 10 mx3.qq.com.;; Query time: 16 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Wed Aug 23 10:18:22 CST 2023
;; MSG SIZE rcvd: 95## +noall 没有任何输出
## +answer 只看应答输出
┌──(root㉿kali)-[~]
└─# dig +noall +answer mail.163.com any
;; Connection to 192.168.56.2#53(192.168.56.2) for mail.163.com failed: timed out.
;; Connection to 192.168.56.2#53(192.168.56.2) for mail.163.com failed: timed out.
;; Connection to 192.168.56.2#53(192.168.56.2) for mail.163.com failed: timed out.## 反向查询 -x 记录类型 PTR(指针记录)
┌──(root㉿kali)-[~]
└─# dig +noall +answer -x 220.181.14.161
161.14.181.220.in-addr.arpa. 5 IN PTR m14-161.188.com.Bash小技巧
## ESC + . (或!$)调用上一个命令的参数
## ctrl + c 中止一个命令
## ctrl + t 交换前后两个字符的位置
## ctrl + E 回到行尾
## ctrl + a 回到行首
## ctrl + w 删除左边的单词