{"id":475817,"date":"2023-08-09T07:23:51","date_gmt":"2023-08-09T07:23:51","guid":{"rendered":""},"modified":"2023-09-05T11:11:17","modified_gmt":"2023-09-05T11:11:17","slug":"advanced-penetration-testing","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/cn\/wiki\/advanced-penetration-testing\/","title":{"rendered":"\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5"},"content":{"rendered":"

\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u662f\u7f51\u7edc\u5b89\u5168\u4e2d\u4f7f\u7528\u7684\u4e00\u79cd\u65b9\u6cd5\uff0c\u901a\u8fc7\u5b89\u5168\u5229\u7528\u6f0f\u6d1e\u6765\u8bc4\u4f30 IT \u57fa\u7840\u8bbe\u65bd\u7684\u5b89\u5168\u6027\u3002\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u80fd\u5b58\u5728\u4e8e\u64cd\u4f5c\u7cfb\u7edf\u3001\u670d\u52a1\u548c\u5e94\u7528\u7a0b\u5e8f\u7f3a\u9677\u3001\u4e0d\u5f53\u914d\u7f6e\u6216\u6700\u7ec8\u7528\u6237\u884c\u4e3a\u4e2d\u3002\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u4f7f\u7ec4\u7ec7\u80fd\u591f\u4e86\u89e3\u4ed6\u4eec\u9762\u4e34\u7684\u98ce\u9669\u7ea7\u522b\uff0c\u5e76\u91c7\u53d6\u5fc5\u8981\u63aa\u65bd\u6765\u52a0\u5f3a\u5176\u7cfb\u7edf\u4ee5\u62b5\u5fa1\u6f5c\u5728\u653b\u51fb\u3002<\/p>\n

\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u7684\u8d77\u6e90\u548c\u5386\u53f2<\/h2>\n

\u6e17\u900f\u6d4b\u8bd5\u7684\u5386\u53f2\u53ef\u4ee5\u8ffd\u6eaf\u5230 20 \u4e16\u7eaa 60 \u5e74\u4ee3\uff0c\u5373\u4fe1\u606f\u65f6\u4ee3\u521a\u521a\u5f00\u59cb\u4e4b\u65f6\u3002\u6700\u521d\uff0c\u8fd9\u662f\u4e00\u4e2a\u7531\u4e13\u5bb6\u6267\u884c\u7684\u624b\u52a8\u8fc7\u7a0b\uff0c\u65e8\u5728\u8bc6\u522b\u7cfb\u7edf\u5b89\u5168\u6846\u67b6\u4e2d\u7684\u6f5c\u5728\u6f0f\u6d1e\u3002\u76f4\u5230 20 \u4e16\u7eaa 80 \u5e74\u4ee3\u672b\uff0c\u968f\u7740\u4e92\u8054\u7f51\u7684\u53d1\u5c55\uff0c\u201c\u6e17\u900f\u6d4b\u8bd5\u201d\u4e00\u8bcd\u624d\u5f00\u59cb\u53d8\u5f97\u666e\u904d\u3002\u5b83\u4f5c\u4e3a\u4e00\u79cd\u4fdd\u62a4\u65b0\u5174\u6570\u5b57\u8d44\u6e90\u514d\u53d7\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u548c\u6f5c\u5728\u6ee5\u7528\u7684\u65b9\u5f0f\u51fa\u73b0\u3002<\/p>\n

\u4ece\u57fa\u7840\u6e17\u900f\u6d4b\u8bd5\u5230\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u7684\u53d1\u5c55\u5f88\u5927\u7a0b\u5ea6\u4e0a\u662f\u7531\u7f51\u7edc\u5a01\u80c1\u65e5\u76ca\u590d\u6742\u5316\u6240\u63a8\u52a8\u7684\u3002\u9ad8\u7ea7\u6301\u7eed\u6027\u5a01\u80c1 (APT)\u3001\u591a\u6001\u6027\u6076\u610f\u8f6f\u4ef6\u548c\u96f6\u65e5\u6f0f\u6d1e\u7b49\u90fd\u9700\u8981\u540c\u6837\u590d\u6742\u7684\u54cd\u5e94\u3002\u56e0\u6b64\uff0c\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u5df2\u53d1\u5c55\u5230\u6d89\u53ca\u5168\u9762\u7684\u7cfb\u7edf\u68c0\u67e5\u3001\u81ea\u52a8\u5316\u8f6f\u4ef6\u548c\u4eba\u7c7b\u667a\u6167\u6765\u6a21\u62df\u653b\u51fb\u5e76\u8bc6\u522b\u6f0f\u6d1e\u3002<\/p>\n

\u63a2\u7d22\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5<\/h2>\n

\u672c\u8d28\u4e0a\uff0c\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u6d89\u53ca\u5bf9\u8ba1\u7b97\u673a\u7cfb\u7edf\u3001\u7f51\u7edc\u6216 Web \u5e94\u7528\u7a0b\u5e8f\u8fdb\u884c\u4e00\u7cfb\u5217\u53d7\u63a7\u7684\u6a21\u62df\u653b\u51fb\uff0c\u4ee5\u8bc6\u522b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u7684\u6f0f\u6d1e\u3002\u8fd9\u4e9b\u6a21\u62df\u653b\u51fb\u662f\u5728\u53d7\u63a7\u6761\u4ef6\u4e0b\u8fdb\u884c\u7684\uff0c\u5f97\u5230\u4e86\u7cfb\u7edf\u6240\u6709\u8005\u7684\u660e\u786e\u540c\u610f\uff0c\u65e8\u5728\u6a21\u4eff\u73b0\u5b9e\u4e16\u754c\u5bf9\u624b\u7684\u6218\u672f\u3001\u6280\u672f\u548c\u7a0b\u5e8f (TTP)\u3002<\/p>\n

\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u8d85\u8d8a\u4e86\u4f20\u7edf\u7684\u6e17\u900f\u6d4b\u8bd5\uff0c\u91c7\u7528\u4e86\u5148\u8fdb\u7684\u5de5\u5177\u548c\u6280\u672f\uff0c\u5305\u62ec\u4f7f\u7528\u673a\u5668\u5b66\u4e60\u7b97\u6cd5\u6765\u9884\u6d4b\u6f5c\u5728\u7684\u653b\u51fb\u6a21\u5f0f\u3001\u4f7f\u7528\u793e\u4f1a\u5de5\u7a0b\u6765\u6a21\u62df\u5185\u90e8\u5a01\u80c1\u4ee5\u53ca\u4f7f\u7528\u6a21\u7cca\u6d4b\u8bd5\u6280\u672f\u6765\u8bc6\u522b\u672a\u77e5\u6f0f\u6d1e\u3002<\/p>\n

\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u7684\u5de5\u4f5c\u7ed3\u6784<\/h2>\n

\u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u9075\u5faa\u7ed3\u6784\u5316\u6d41\u7a0b\uff1a<\/p>\n

    \n
  1. \n

    \u89c4\u5212\u548c\u4fa6\u5bdf\uff1a<\/strong> \u6b64\u6b65\u9aa4\u6d89\u53ca\u5b9a\u4e49\u6d4b\u8bd5\u7684\u8303\u56f4\u548c\u76ee\u6807\u3001\u6536\u96c6\u76ee\u6807\u7cfb\u7edf\u7684\u60c5\u62a5\u4ee5\u53ca\u786e\u5b9a\u6f5c\u5728\u7684\u5207\u5165\u70b9\u3002<\/p>\n<\/li>\n

  2. \n

    \u626b\u63cf\uff1a<\/strong> \u6b64\u6b65\u9aa4\u6d89\u53ca\u4f7f\u7528\u81ea\u52a8\u5316\u5de5\u5177\u5206\u6790\u76ee\u6807\u7cfb\u7edf\u4e2d\u7684\u5df2\u77e5\u6f0f\u6d1e\u3002\u8fd9\u53ef\u4ee5\u662f\u9759\u6001\u5206\u6790\uff08\u68c0\u67e5\u5e94\u7528\u7a0b\u5e8f\u7684\u4ee3\u7801\uff09\uff0c\u4e5f\u53ef\u4ee5\u662f\u52a8\u6001\u5206\u6790\uff08\u5728\u8fd0\u884c\u65f6\u68c0\u67e5\u5e94\u7528\u7a0b\u5e8f\uff09\u3002<\/p>\n<\/li>\n

  3. \n

    \u83b7\u53d6\u8bbf\u95ee\u6743\u9650\uff1a<\/strong> \u6b64\u6b65\u9aa4\u6d89\u53ca\u5229\u7528\u626b\u63cf\u9636\u6bb5\u53d1\u73b0\u7684\u6f0f\u6d1e\uff0c\u901a\u5e38\u901a\u8fc7\u793e\u4f1a\u5de5\u7a0b\u3001SQL \u6ce8\u5165\u3001\u8de8\u7ad9\u70b9\u811a\u672c\u6216\u6743\u9650\u63d0\u5347\u3002<\/p>\n<\/li>\n

  4. \n

    \u7ef4\u62a4\u8bbf\u95ee\uff1a<\/strong> \u6b64\u6b65\u9aa4\u6d4b\u8bd5\u662f\u5426\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5728\u88ab\u5229\u7528\u7684\u7cfb\u7edf\u4e2d\u5b9e\u73b0\u6301\u7eed\u5b58\u5728\u2014\u2014\u6a21\u4eff\u9ad8\u7ea7\u6301\u7eed\u6027\u5a01\u80c1\u3002<\/p>\n<\/li>\n

  5. \n

    \u5206\u6790\u548c\u62a5\u544a\uff1a<\/strong> \u6700\u540e\u4e00\u6b65\u662f\u7f16\u5236\u4e00\u4efd\u62a5\u544a\uff0c\u8be6\u7ec6\u8bf4\u660e\u53d1\u73b0\u7684\u6f0f\u6d1e\u3001\u8bbf\u95ee\u7684\u6570\u636e\u4ee5\u53ca\u5982\u4f55\u4fee\u590d\u8fd9\u4e9b\u6f0f\u6d1e\u3002<\/p>\n<\/li>\n<\/ol>\n

    \u9ad8\u7ea7\u6e17\u900f\u6d4b\u8bd5\u7684\u4e3b\u8981\u7279\u70b9<\/h2>\n