内网渗透主要是基于前期外围打点getshell的webserver,通过收集webserver上的信息,然后对其他内网主机进行口令上的攻击,当然也有一些基于漏洞的攻击。
账户
应用窗口
浏览器书签
文件和目录
密码策略
远程系统(xshell,xftp等)
系统网络连接
系统所有者/用户
软件
外围设备
systeminfo 得到win系统信息
unmae -a 得到系统信息
网络服务扫描
网络共享
网络嗅探
netsh advfirewall show allprofiles
查看防火墙状态
21,22,23,25,80,81,82,83,84,85,86,88,110,111,389,443,445,465,500,800,801,902,1080,1099,1212,1433,1434,1443,1494,1521,1723,2000,2049,2181,2222,3128,3306,3307,3333,3388,3389,3690,4022,4063,4430,4433,4440,4443,4444,5222,5353,5432,5443,5550,5554,5900,5901,6379,6443,7001,7002,7003,7005,7007,7014,7070,7071,7077,7080,7100,7443,8000,8001,8002,8002,8003,8004,8005,8006,8007,8008,8009,8010,8080,8081,8082,8083,8084,8085,8086,8087,8088,8089,8090,8091,8092,8093,8094,8095,8096,8097,8098,8099,8161,8181,8182,819