本书根据网络安全服务工程师的技能要求及网络安全管理与评估赛项规范,以网络安全服务工程师的工作情景为主线进行边写 ,内容包括搭建网络攻防环境、信息收集与漏洞扫描、 LINUX系统渗透测试与加固、 WINDOWS系统渗透测试与加固、数据库系统渗透测试与加固、信息系统应急响应、 Web系统安全性测试、无线网络安全性测试。本书内容针对性、适用性强,在同类高职院校网络安全类类教材中是一部具有先进性的"岗课赛证融通”教材。
王立进,山东科技职业学院副教授,国家级职业教育教师教学创新团队成员,曾获国家级教学成果二等奖、山东省教学成果特等奖,具有CISSP、CCNP、PMP等专业认证证书。精通WEB攻防、防火墙、入侵检测、信息安全管理与评估等技术。具有在启明星辰等知名信息安全公司超过20年的企业工作经验,期间曾被聘任为北京邮电大学计算机学院兼职副教授、硕士研究生企业导师
项目一 渗透测试环境搭建 ·······································································.1
1.1 项目情境 ······················································································.2
1.2 项目任务 ······················································································.3
任务 1-1 安装与配置 Kali Linux 操作机 ··············································.3
任务 1-2 安装与管理 Kali Linux 软件 ················································.21
任务 1-3 安装与配置 Linux 靶机 ······················································.26
任务 1-4 安装与配置 Windows 靶机 ··················································.30
1.3 项目拓展——渗透测试方法论 ··························································.45
1.4 练习题 ························································································.48
项目二 信息收集与漏洞扫描 ···································································.50
2.1 项目情境 ·····················································································.51
2.2 项目任务 ·····················································································.51
任务 2-1 通过公开网站收集信息 ·····················································.51
任务 2-2 使用 Nmap 工具收集信息 ··················································.56
任务 2-3 使用 Nmap 工具扫描漏洞 ··················································.61
任务 2-4 使用 Nessus 工具扫描漏洞 ·················································.65
任务 2-5 检查主机弱口令 ······························································.74
2.3 项目拓展——深入认识漏洞 ·····························································.78
2.4 练习题 ························································································.79
网络安全 渗透测试与防护
VI
项目三 Linux 操作系统渗透测试与加固 ·····················································.81
3.1 项目情境 ·····················································································.82
3.2 项目任务 ·····················································································.82
任务 3-1 利用 vsFTPd 后门漏洞进行渗透测试 ····································.82
任务 3-2 利用 Samba MS-RPC Shell 命令注入漏洞进行渗透测试 ·················.87
任务 3-3 利用 Samba Sysmlink 默认配置目录遍历漏洞进行渗透测试 ··········.90
任务 3-4 利用脏牛漏洞提升权限 ·····················································.94
任务 3-5 Linux 操作系统安全加固 ····················································.97
3.3 项目拓展——脏牛漏洞利用思路解析 ···············································.101
3.4 练习题 ······················································································.102
项目四 Windows 操作系统渗透测试与加固 ··············································.104
4.1 项目情境 ···················································································.105
4.2 项目任务 ···················································································.105
任务 4-1 利用 MS17_010_externalblue 漏洞进行渗透测试 ····················.105
任务 4-2 利用 CVE-2019-0708 漏洞进行渗透测试 ······························.113
任务 4-3 利用 Trusted Service Paths 漏洞提权 ····································.117
任务 4-4 社会工程学攻击测试 ······················································.123
任务 4-5 利用 CVE-2020-0796 漏洞进行渗透测试 ······························.126
任务 4-6 Windows 操作系统安全加固 ·············································.133
4.3 项目拓展——社会工程学工具包 ·····················································.144
4.4 练习题 ······················································································.145
项目五 数据库系统渗透测试与加固 ························································.147
5.1 项目情境 ···················································································.148
5.2 项目任务 ···················································································.148
任务 5-1 暴力破解 MySQL 弱口令 ·················································.148
任务 5-2 利用 UDF 对 MySQL 数据库提权 ·······································.153
任务 5-3 利用弱口令对 SQL Server 数据库进行渗透测试 ····················.159
目录
VII
任务 5-4 利用 SQL Server 数据库的 xp_cmdshell 组件提权 ···················.163
任务 5-5 数据库系统安全加固 ······················································.167
5.3 项目拓展——MySQL 数据库权限深入解析 ········································.172
5.4 练习题 ······················································································.174
项目六 无线网络渗透测试与加固 ···························································.176
6.1 项目情境 ···················································································.177
6.2 项目任务 ···················································································.177
任务 6-1 无线网络嗅探 ·······························································.177
任务 6-2 破解 WEP 加密的无线网络 ··············································.182
任务 6-3 对 WPS 渗透测试 ···························································.186
任务 6-4 伪造钓鱼热点获取密码 ···················································.189
任务 6-5 无线网络安全加固 ·························································.198
6.3 项目拓展——WiFi 加密算法 ··························································.201
6.4 练习题 ······················································································.202
项目七 渗透测试报告撰写与沟通汇报 ·····················································.205
7.1 项目情境 ···················································································.206
7.2 项目任务 ···················································································.206
任务 7-1 渗透测试报告撰写 ·························································.206
任务 7-2 项目沟通汇报 ·······························································.211
7.3 项目拓展-问题回答技巧 ·······························································.212
7.4 练习题 ······················································································.213
参考文献 ····························································································.215
严正声明 ····························································································.216
书单推荐
