发现漏洞
弱点发现方法:
1、基于端口服务扫描结果版本信息,比对其是否为最新版本,若不是则去其 官网查看其补丁列表,然后去逐个尝试,但是此法弊端很大,因为各种端口应用比较多,造成耗时大。
2、搜索已公开的漏洞数据库,但数量大。 ##其中会有漏洞利用代码,如:https://www.exploit-db.com/
【kali集成】
root@kali:~# searchsploit tomcat --------------------------------------------- ---------------------------------- Exploit Title | Path | (/usr/share/exploitdb/platforms) --------------------------------------------- ---------------------------------- Apache Tomcat < 5.5.17 - Remote Directory Li | ./multiple/remote/2061.txt Apache Tomcat Connector (mod_jk) - Remote Ex | ./linux/remote/4162.c Apache Tomcat (WebDAV) - Remote File Disclos | ./multiple/remote/4530.pl Apache Tomcat (WebDAV) - Remote File Disclos | ./linux/remote/4552.pl Apache Tomcat Connector jk2-2.0.2 (mod_jk2) | ./linux/remote/5386.txt Apache Tomcat < 6.0.18 - utf8 Directory Trav | ./multiple/remote/6229.txt Apache Tomcat (Windows) - runtime.getRuntime | ./windows/local/7264.txt Apache Tomcat - Cookie Quote Handling Remote | ./multiple/remote/9994.txt Apache Tomcat - Form Authentication Username | ./multiple/remote/9995.txt Apache Tomcat 3.2.1 - 404 Error Page Cross-S | ./multiple/webapps/10292.txt Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.2 | ./multiple/remote/12343.txt Apache Tomcat < 6.0.18 - utf8 Directory Trav | ./unix/remote/14489.c Apache Tomcat Manager Application Deployer - | ./multiple/remote/16317.rb Apache Tomcat - Remote Exploit (PUT Request) | ./multiple/remote/18619.txt Apache Tomcat 3.1 - Path Revealing | ./multiple/remote/20131.txt Tomcat 3.0/3.1 Snoop Servlet - Information D | ./multiple/remote/20132.txt Apache Tomcat 3.0 - Directory Traversal | ./windows/remote/20716.txt Tomcat 3.2.1/4.0 / Weblogic Server 5.1 - URL | ./multiple/remote/20719.txt Jakarta Tomcat 3.x/4.0 - Error Message Infor | ./unix/local/21073.txt Apache Tomcat 4.0/4.1 - Servlet Full Path Di | ./unix/remote/21412.txt Apache Tomcat 3.2.3/3.2.4 - Source.jsp Malfo | ./multiple/remote/21490.txt Apache Tomcat 3.2.3/3.2.4 - Example Files We | ./multiple/remote/21491.txt Apache Tomcat 3.2.3/3.2.4 - RealPath.jsp Mal | ./multiple/remote/21492.txt Apache Tomcat 3/4 - JSP Engine Denial of Ser | ./linux/dos/21534.jsp Apache Tomcat 4.0.3 - Servlet Mapping Cross- | ./linux/remote/21604.txt Apache Tomcat 4.0.3 - Denial of Service Devi | ./windows/remote/21605.txt Apache Tomcat 4.1 - JSP Request Cross-Site S | ./unix/remote/21734.txt Apache Tomcat 3.2 - Directory Disclosure | ./unix/remote/21882.txt Apache Tomcat 3/4 - DefaultServlet File Disc | ./unix/remote/21853.txt Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - C | ./unix/dos/22068.pl Apache Tomcat 3.x - Null Byte Directory/File | ./linux/remote/22205.txt Apache Tomcat 4.0.x - Non-HTTP Request Denia | ./linux/dos/23245.pl 4D WebSTAR 5.3/5.4 Tomcat Plugin - Remote Bu | ./osx/remote/25626.c Apache Tomcat / Geronimo 1.0 - Sample Script | ./multiple/remote/27095.txt Apache Tomcat 5 - Information Disclosure | ./multiple/remote/28254.txt Apache Tomcat/JBoss EJBInvokerServlet / JMXI | ./php/remote/28713.php Apache Tomcat 5.5.25 - Cross-Site Request Fo | ./multiple/webapps/29435.txt Apache Tomcat 6.0.10 - Documentation Sample | ./multiple/remote/30052.txt Apache Tomcat 6.0.13 - JSP Example Web Appli | ./jsp/webapps/30189.txt Apache HTTP Server Tomcat 5.x/6.0.x - Direct | ./linux/remote/29739.txt Apache Tomcat 6.0.13 - Host Manager Servlet | ./multiple/remote/30495.html Apache Tomcat 6.0.13 - Cookie Handling Quote | ./multiple/remote/30496.txt Apache Tomcat 5.5.15 - cal2.jsp Cross-Site S | ./jsp/webapps/30563.txt Apache Tomcat 6.0.15 - Cookie Quote Handling | ./multiple/remote/31130.txt Apache Tomcat Manager - Application Upload A | ./multiple/remote/31433.rb Apache Tomcat 4.0.3 - Requests Containing MS | ./multiple/remote/31551.txt Apache Commons FileUpload and Apache Tomcat | ./multiple/dos/31615.rb Apache Tomcat 6.0.16 - 'RequestDispatcher' I | ./multiple/remote/32137.txt Apache Tomcat 6.0.16 - 'HttpServletResponse. | ./multiple/remote/32138.txt Apache Tomcat 6.0.18 - Form Authentication E | ./multiple/remote/33023.txt Apache Tomcat 3.2 - 404 Error Page Cross-Sit | ./multiple/remote/33379.txt Apache Tomcat 7.0.4 - 'sort' and 'orderBy' P | ./linux/remote/35011.txt AWStats 6.x - Apache Tomcat Configuration Fi | ./cgi/webapps/35035.txt --------------------------------------------- ----------------------------------进入其目录:root@kali:~# cd /usr/share/exploitdb/platforms/ root@kali:/usr/share/exploitdb/platforms# ls aix cfm java netbsd_x86 python ultrix android cgi json netware qnx unix arm freebsd jsp novell ruby unixware ashx freebsd_x86 linux openbsd sco windows asp freebsd_x86-64 linux_mips openbsd_x86 sco_x86 win_x86 atheos generator linux_ppc osx sh4 win_x86-64 beos hardware linux_sparc osx_ppc solaris xml bsd hp-ux lin_x86 palm_os solaris_sparc bsdi_x86 immunix lin_x86-64 perl solaris_x86 bsd_ppc ios minix php system_z bsd_x86 irix multiple plan9 tru64less可查看内容
sandi
一个可在线搜索的漏洞利用工具集
###apt-get install sandi
3、使用弱点扫描器实现漏洞管理
Openvas、NESSUS、NEXPOSE
#CVSS评分标准:http://www.aqniu.com/industry/7524.html
企业中漏洞管理
小白日记,未完待续…………