《渗 透测试完全初学者指南》的“6.5.1检测非标准端口”使用了nc手动发送http命令获取web的内容。依照这个例子是可以执行成功的,但按此例子的方法去apache发起请求则不能成功。如下:
nc 172.28.128.35 80
GET / HTTP/1.1
HTTP/1.1 400 Bad Request
Date: Fri, 27 Dec 2019 03:08:49 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
</body></html>
根据参考链接,需要使用下面的命令才能请求成功
printf "GET / HTTP/1.1\r\nHOST:z\r\n\r\n" | nc 172.28.128.35 80
HTTP/1.1 200 OK
Date: Fri, 27 Dec 2019 03:21:21 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Fri, 27 Dec 2019 02:59:06 GMT
ETag: "8-59aa6ad5747ae"
Accept-Ranges: bytes
Content-Length: 8
Content-Type: text/html; charset=UTF-8
dfafdas
参考链接中的文档解释了为什么需要这样的命令。
也可以通过将http命令保存在文本文件中重定向给nc,从print命令看,每一行是以\r\n结束的,因此保存的文本文档需要是windows格式的。
- 创建文件
cat b.txt GET / HTTP/1.1 Host: 172.28.128.34 Accept: */* - 转换成windows格式
unix2dos b.txt file b.txt b.txt: ASCII text, with CRLF line terminators - 执行nc
nc 172.28.128.35 80 < b.txt
HTTP/1.1 200 OK
Date: Fri, 27 Dec 2019 03:28:08 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Fri, 27 Dec 2019 02:59:06 GMT
ETag: "8-59aa6ad5747ae"
Accept-Ranges: bytes
Content-Length: 8
Content-Type: text/html; charset=UTF-8
dfafdas原文地址:https://blog.51cto.com/penguintux/2462345
时间: 2024-08-29 12:29:26