--- Main Menu --- rcvpkt 0, free/alloc 63/64 ------ l/w/r) list/watch/reset connections u) host up tests a) arp/simple hijack (avoids ack storm if arp used) s) simple hijack d) daemons rst/arp/sniff/mac o) options x) exit * >
在整个例子中,我将从GNSS登录到linux.test.net中进行测试。
GNSS 3% telnet 192.168.0.2 Trying 192.168.0.2... Connected to 192.168.0.2. Escape character is '^]'.
Caldera OpenLinux(TM) Version 1.3 Copyright 1996-1998 Caldera Systems, Inc.
login: [hapless@linux hapless]$ finger root Login: root Name: root Directory: /root Shell: /bin/bash On since Thu May 20 21:57 (PDT) on tty1 1 minute idle On since Thu May 20 22:02 (PDT) on tty2 7 minutes 19 seconds idle On since Thu May 20 21:59 (PDT) on tty3 15 seconds idle No mail. No Plan. [hapless@linux hapless]$ last root root tty2 Thu May 20 22:02 still logged in root tty3 Thu May 20 21:59 still logged in root tty1 Thu May 20 21:57 still logged in root tty2 Thu May 20 19:46 - down (00:26) root tty1 Thu May 20 19:44 - 20:12 (00:27) root tty3 Thu May 20 19:44 - down (00:28) root tty3 Thu May 20 19:42 - 19:44 (00:01) root tty1 Thu May 20 19:41 - 19:42 (00:00) root tty3Thu May 20 19:28 - 19:41 (00:12) root tty2 Thu May 20 19:11 - 19:42 (00:31) root tty1 Thu May 20 19:07 - 19:40 (00:32) root tty1 Thu May 20 18:57 - 19:07 (00:09) root tty1 Mon May 17 22:32 - down (00:29)
最后检查了/etc/passwd,在整个过程中都运行有hunt进行嗅探:
--- Main Menu --- rcvpkt 0, free/alloc 63/64 ------ l/w/r) list/watch/reset connections u) host up tests a) arp/simple hijack (avoids ack storm if arp used) s) simple hijack d) daemons rst/arp/sniff/mac o) options x) exit *> w 0) 192.168.0.1 [1049] --> 192.168.0.2 [23]
精品推荐