Kutha kutsitsa zida zakutali kutengera RouterOS (Mikrotik) kumayika mazana masauzande a zida zama netiweki pachiwopsezo. Chiwopsezocho chimalumikizidwa ndi poyizoni wa poyizoni wa DNS wa Winbox protocol ndikukulolani kuti mutsegule zachikale (ndi kukonzanso mawu achinsinsi) kapena firmware yosinthidwa pa chipangizocho.
Zachiwopsezo
The RouterOS terminal imathandizira kutsimikiza kwa DNS kuyang'ana.
Pempholi limayendetsedwa ndi binary yotchedwa solver. Resolver ndi imodzi mwazinthu zambiri zomwe zimalumikizana ndi protocol ya Winbox ya RouterOS. Pamlingo wapamwamba, "mauthenga" otumizidwa ku doko la Winbox amatha kutumizidwa kumabinari osiyanasiyana mu RouterOS kutengera dongosolo la manambala osiyanasiyana.
Mwachikhazikitso, RouterOS ili ndi mawonekedwe a seva ya DNS yoyimitsidwa.
Komabe, ngakhale ntchito ya seva ikayimitsidwa, rauta imasunga cache yake ya DNS.
Tikapanga pempho pogwiritsa ntchito winbox_dns_request mwachitsanzo.com, rauta idzasunga zotsatira zake.
Popeza titha kufotokozera seva ya DNS yomwe pempho liyenera kupita, kulowetsa ma adilesi olakwika sikovuta. Mwachitsanzo, mutha kukhazikitsa seva ya DNS kuchokera kuyankha nthawi zonse ndi mbiri A yokhala ndi adilesi ya IP 192.168.88.250.
def dns_response(data):
request = DNSRecord.parse(data)
reply = DNSRecord(DNSHeader(
id=request.header.id, qr=1, aa=1, ra=1), q=request.q)
qname = request.q.qname
qn = str(qname)
reply.add_answer(RR(qn,ttl=30,rdata=A("192.168.88.250")))
print("---- Reply:n", reply)
return reply.pack()Tsopano ngati musaka mwachitsanzo.com pogwiritsa ntchito Winbox, mutha kuwona kuti cache ya DNS ya rauta ili ndi poizoni.
Zachidziwikire, poisoning example.com sizothandiza chifukwa rauta sangayigwiritse ntchito. Komabe, rauta iyenera kupeza upgrade.mikrotik.com, cloud.mikrotik.com, cloud2.mikrotik.com ndi download.mikrotik.com. Ndipo chifukwa cha kulakwitsa kwina, ndizotheka kuwapha onse nthawi imodzi.
def dns_response(data):
request = DNSRecord.parse(data)
reply = DNSRecord(DNSHeader(
id=request.header.id, qr=1, aa=1, ra=1), q=request.q)
qname = request.q.qname
qn = str(qname)
reply.add_answer(RR(qn,ttl=30,rdata=A("192.168.88.250")))
reply.add_answer(RR("upgrade.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
reply.add_answer(RR("cloud.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
reply.add_answer(RR("cloud2.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
reply.add_answer(RR("download.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
print("---- Reply:n", reply)
return reply.pack()Router imapempha chilolezo chimodzi, ndipo timabwezera asanu. Router sasunga mayankho onse molondola.
Mwachiwonekere, kuukira kumeneku kulinso kothandiza ngati rauta ikugwira ntchito ngati seva ya DNS, chifukwa imalola makasitomala a rauta kuwukiridwa.
Kuwukiraku kumakupatsaninso mwayi wopezerapo mwayi pachiwopsezo chachikulu: kutsitsa kapena kubweza mtundu wa RouterOS. Wowukirayo amakonzanso malingaliro a seva yosinthira, kuphatikiza chosinthira, ndikukakamiza RouterOS kuzindikira mtundu wakale (wosatetezeka) ngati wapano. Choopsa apa chagona pa mfundo yakuti pamene mtunduwo "wasinthidwa", mawu achinsinsi otsogolera amasinthidwa kukhala mtengo wosasintha - wowukira akhoza kulowa mu dongosolo ndi mawu achinsinsi opanda kanthu!
Kuukira kumagwira ntchito, ngakhale zili choncho imagwiritsa ntchito ma vector ena angapo, kuphatikiza omwe amagwirizana nawo , koma iyi ndi njira yosagwiritsiridwa ntchito kale ndipo kugwiritsidwa ntchito kwake pazinthu zopanda pake sikuloledwa.
Chitetezo
Kungoletsa Winbox kumakupatsani mwayi wodziteteza ku izi. Ngakhale kuli kosavuta kuwongolera kudzera pa Winbox, ndikwabwino kugwiritsa ntchito protocol ya SSH.
Source: www.habr.com