使用linkedin_crawl收集Linkedin上的联系人。

Linkedin_crawl是recon-ng框架上面的一个模块，能被用来从LinkedIn上收集一个公司的员工的名字。它的操作流程是通过爬行People also Viewed页面，查看可利用的用户公众页面，记录用户信息。这些信息能够用来制作一个email钓鱼列表或者进行暴力破解。

安装：

git clone https://[email protected]/LaNMaSteR53/recon-ng.git

使用：

首先你要查找一个目标公司的随便一个在LinkedIn注册的员工，这里提供一个google dork：

site:linkedin.com inurl:pub -inurl:dir "at 某某公司" "Current"

复制链接地址。

root@kali:~/recon-ng# ./recon-ng

[recon-ng][default] > use recon/companies-contacts/linkedin_crawl

[recon-ng][default][linkedin_crawl] > show options

Name Current Value Req Description

------- ------------- --- -----------

COMPANY no override the company name harvested...

URL yes public LinkedIn profile URL (seed)

[recon-ng][default][linkedin_crawl] > set URL http://www.linkedin.com/pub...

URL => http://www.linkedin.com/pub/john-doe/82/2bb/7a3?trk=pub-pbmap

[recon-ng][default][linkedin_crawl] > show options

Name Current Value Req Description

------- ------------- --- -----------

COMPANY no override the company...;

URL http://www.linkedin.com/pub... yes public linkedin profile...

[recon-ng][default][linkedin_crawl] > run

---------------

EXAMPLE COMPANY

---------------

[*] Parsing ‘http://www.linkedin.com/pub/john-doe...

[*] Added: John Doe, Software Developer at Example Company(Washington...

[*] Parsing ‘http://www.linkedin.com/pub/ali-price...

[*] Added: Ali Price, Director at Example Company

[*] Parsing ‘http://www.linkedin.com/pub/mary-kibble...

[*] Parsing ‘http://www.linkedin.com/pub/matt-james...

[*] Added: Matt James, Director of Software Services at Example Company...

[recon-ng][default] > show contacts

+---------------------..--------------------------------------------------------------+

| rowid | first_name | | last_name | email | title |

+---------------------..--------------------------------------------------------------+

| 1 | Ali | | Price | | Director at Example Company |

| 2 | John | | Doe | | Software Developer at Example Company |

| 3 | Marc | | Smith | | Computer Tech at Example Company |

| 4 | Matt | | James | | Director at Example Company |

| 6 | Robert | | Fiker | | Floor Manager at Example Company |

| 5 | Tina | | Beard | | Marketing Consultant at Example Company |

+---------------------..--------------------------------------------------------------+

[*] 6 rows returned

小歪说道：暴力破解与社会工程学在一次完整的常规渗透测试中是必不可少的，也是作为一个渗透测试人员或者作为一个黑客必备的一项技能。+1 信息收集很重要。

本文始发于微信公众号（关注安全技术）：使用linkedin_crawl收集Linkedin上的联系人。