LAZY渗透框架简介
LAZY是Kali Linux的一个脚本,它是在考虑渗透测试人员的情况下构建的,LAZY集成了许多kali的渗透测试工具。该脚本可以自动执行有关Wi-Fi穿透和渗透攻击的绝大部分应用程序,同时它还集合了大量不同类型的攻击程序。
LAZY渗透框架的安装
1. 首先到github上下载lscript脚本
github地址:https://github.com/arismelachroinos/lscript
root@kali:~# cd Desktop/
root@kali:~/Desktop# mkdir LAZY
root@kali:~/Desktop# cd LAZY/
root@kali:~/Desktop/LAZY# git clone https://github.com/arismelachroinos/lscript.git
Cloning into 'lscript'...
remote: Enumerating objects: 1062, done.
remote: Total 1062 (delta 0), reused 0 (delta 0), pack-reused 1062
Receiving objects: 100% (1062/1062), 469.60 KiB | 188.00 KiB/s, done.
Resolving deltas: 100% (685/685), done.
root@kali:~/Desktop/LAZY# cd lscript/
root@kali:~/Desktop/LAZY/lscript# ls
Changelog l lh2 lh3 lh4 lh42 LICENSE.md README.md version.txt
install.sh lh1 lh21 lh31 lh41 lh43 ls uninstall.sh
root@kali:~/Desktop/LAZY/lscript# chmod +x install.sh
root@kali:~/Desktop/LAZY/lscript# ./install.sh
...
Will you use this tool only on your own network and only with your own responsibility?(YES/NO):
YES
Enter the name of your wireless interface when in managed mode(Enter=wlan0):
wlan0
Enter the name of your wireless interface when in monitor mode(Enter=wlan0mon):
wlan0mon
Enter the name of your wired interface(Enter=eth0):
eth0
...
Press any key to continue...
██╗ █████╗ ███████╗██╗ ██╗ v2.1.5
██║ ██╔══██╗╚══███╔╝╚██╗ ██╔╝
██║ ███████║ ███╔╝ ╚████╔╝ by ARIS MELACHROINOS
██║ ██╔══██║ ███╔╝ ╚██╔╝
The ███████╗██║ ██║███████╗ ██║ script
╚══════╝╚═╝ ╚═╝╚══════╝ ╚═╝
if) Ifconfig l) Local IPs & gateways | scan) Arp-scan network
1) Enable wlan0 d1) Disable wlan0 | start) Start monitor mode
2) Enable wlan0mon d2) Disable wlan0mon | stop) Stop monitor mode
3) Change MAC d3) Restore original MAC |update) Check for updates
4) Enable anonym8 d4) Disable anonym8 |errors) Fix some errors
5) Enable anonsurf d5) Disable anonsurf | ks) Keyboard shortucts
6) Anonsurf's status d6) Restart anonsurf | d) Buy me a coffee
7) View public IP | s) Go to settings menu
8) View MAC
9) TOOLS 15) Spoof EMAIL 22) Show bandwidth
10) Handshake 16) Ngrok port forward
11) Find WPS pin 17) Ask (Howdoi tool)
12) WEP menu 18) Auto-exploit browser
13) MITM 19) Geolocate an IP
14) Metasploit 20) Bruteforce login
0) Exit 21) Sqlmap automated
Choose:
出现以上界面,说明LAZY渗透框架安装成功
LAZY渗透框架的基本使用
root@kali:~# cd Desktop/LAZY/lscript/
root@kali:~/Desktop/LAZY/lscript# l
██╗ █████╗ ███████╗██╗ ██╗ v2.1.5
██║ ██╔══██╗╚══███╔╝╚██╗ ██╔╝
██║ ███████║ ███╔╝ ╚████╔╝ by ARIS MELACHROINOS
██║ ██╔══██║ ███╔╝ ╚██╔╝
The ███████╗██║ ██║███████╗ ██║ script
╚══════╝╚═╝ ╚═╝╚══════╝ ╚═╝
if) Ifconfig l) Local IPs & gateways | scan) Arp-scan network
1) Enable wlan0 d1) Disable wlan0 | start) Start monitor mode
2) Enable wlan0mon d2) Disable wlan0mon | stop) Stop monitor mode
3) Change MAC d3) Restore original MAC |update) Check for updates
4) Enable anonym8 d4) Disable anonym8 |errors) Fix some errors
5) Enable anonsurf d5) Disable anonsurf | ks) Keyboard shortucts
6) Anonsurf's status d6) Restart anonsurf | d) Buy me a coffee
7) View public IP | s) Go to settings menu
8) View MAC
9) TOOLS 15) Spoof EMAIL 22) Show bandwidth
10) Handshake 16) Ngrok port forward
11) Find WPS pin 17) Ask (Howdoi tool)
12) WEP menu 18) Auto-exploit browser
13) MITM 19) Geolocate an IP
14) Metasploit 20) Bruteforce login
0) Exit 21) Sqlmap automated
Choose:
9
------------------------------TOOLS------------------------------
1) Wifi tools
2) Remote access
3) Information gathering
4) Webside tools
5) Others
6) Install/reinstall a tool
i) Info
b) Go back
0) EXIT
Choose:
1
---------------------------WIFI TOOLS---------------------------
1) Fluxion The future of MITM WPA attacks
2) Wifite Automated wireless attack tool
3) Wifiphisher Automated phishing attacks against Wi-Fi clients
4) Zatacker MITM-NMAP-Mail Spammer..(Install it manually)
5) Morpheus Automated Ettercap TCP/IP Hijacking Tool
6) Netool-toolkit MitM pentesting opensource toolkit
7) Hakku Penetration testing tools
8) Trity Advanced pentesting framework
9) Dracnmap Many scan options
10) Fern Wifi cracker GUI
11) Netdiscover Network address discovering tool
12) KickThemOut Kick devices off your network
13) Ghost-Phisher Fake AP,MITM,Session hijacking etc...
14) The Eye Detects ARP poisoning DNS spoofing etc...
15) Xerxes The most powerful DoS tool(CAUTION)
16) Katana Framework Many penetration testing features
17) Airgeddon Audit wireless networks.
18) Websploit Advanced MITM framework
19) Openvas Vulnerability scanner LAN
20) Angry IP Scanner IP Scanner
21) Routersploit Find/exploit router vulnerabilities
22) nWatch IP scanner/OS detection
23) Eternal scanner Scans hosts for eternalblue vulnerabilities
24) Eaphammer Evil twin attacks against WPA2-Enterprise networks
25) VMR Best WPS cracker, mdk3-v6
26) Netattack2 Advanced network scan and attack script
27) Wifi-Pumpkin Framework for Rogue Wi-Fi Access Point Attack
28) Gloom Penetration Testing Framework
29) secHub Security/Hacking Kit
30) SocialFish Ultimate phishing tool with Ngrok integrated
b) Go back
00) Main menu
Choose:
可以选择响应的WIFI渗透工具进行安装,比如安装:Fluxion钓鱼框架
Choose:
1
Tool is not installed. To install it type 'install'.
install
...
它也是去github上clone下来,安装完成就可以使用了。