Kuwunikanso kwa zida zaulere zowunikira mawebusayiti ndi zina zambiri v2
Nthawi ina kale ndinalemba za izi, koma pang'ono pang'ono ndi chipwirikiti. Pambuyo pake, ndidaganiza zokulitsa mndandanda wa zida zomwe zikuwunikiranso, kuwonjezera kapangidwe ka nkhaniyi, ndikuganiziranso zotsutsa (zikomo kwambiri. Lefty kwa upangiri) ndikutumiza ku mpikisano wa SecLab (ndikusindikizidwa kulumikizana, koma pazifukwa zoonekeratu palibe amene adamuwona). Mpikisano watha, zotsatira zalengezedwa ndipo ndi chikumbumtima choyera ndikhoza kuzifalitsa (nkhani) pa Habré.
Zida Zaulere Zapaintaneti za Pentester
M'nkhaniyi ndilankhula za zida zodziwika kwambiri zolowera (mayeso olowera) pa intaneti pogwiritsa ntchito njira ya "black box".
Kuti tichite izi, tiwona zida zomwe zingathandize pakuyesa kwamtunduwu. Ganizirani magulu awa:
Network scanner
Ma scanner ophwanya ma script pa intaneti
Kudyera masuku pamutu
Automation ya jakisoni
Ochotsa madalaivala (onunkhiza, ma proxi apafupi, ndi zina zotero)
Zogulitsa zina zimakhala ndi "khalidwe" lachilengedwe chonse, kotero ndiziika m'gulu lomwe ali ndiоzotsatira zabwino (malingaliro omvera).
Network scanner.
Ntchito yayikulu ndikuzindikira ma network omwe alipo, kukhazikitsa mitundu yawo, kudziwa OS, ndi zina.
Nmap Nmap ("Network Mapper") ndi chida chaulere komanso chotseguka chowunikira maukonde ndikuwunika chitetezo chadongosolo. Otsutsa achiwawa a console amatha kugwiritsa ntchito Zenmap, yomwe ndi GUI ya Nmap.
Ichi sikuti ndi scanner "yanzeru", ndi chida chokulirapo (chimodzi mwa "zachilendo" ndi kukhalapo kwa script kuti muwone ngati pali nyongolotsi "Stuxnet" (wotchulidwa apa). Chitsanzo chogwiritsiridwa ntchito:
nmap -A -T4 localhost
-A pakuzindikira mtundu wa OS, kusanthula zolemba ndi kutsata
-T4 nthawi yowongolera nthawi (zambiri zimathamanga, kuyambira 0 mpaka 5)
localhost - target host
Chinachake cholimba?
nmap -sS -sU -T4 -A -v -PE -PP -PS21,22,23,25,80,113,31339 -PA80,113,443,10042 -PO --script all localhost
Izi ndi zosankha kuchokera pa mbiri ya "slow comprehensive scan" mu Zenmap. Zimatenga nthawi yayitali kuti amalize, koma pamapeto pake amapereka zambiri zatsatanetsatane zomwe zingapezeke za dongosolo lomwe mukufuna. Buku Lothandizira mu Chirasha, ngati mwaganiza zozama, ndikupangiranso kumasulira nkhaniyi Buku Loyamba la Nmap.
Nmap yalandira udindo wa "Security Product of the Year" kuchokera m'magazini ndi madera monga Linux Journal, Info World, LinuxQuestions.Org ndi Codetalker Digest. Mfundo yosangalatsa, Nmap imatha kuwoneka m'mafilimu "The Matrix Reloaded", "Die Hard 4", "The Bourne Ultimatum", "Hottabych" ndi ena.
IP-Zida IP-Zida - mtundu wa zida zosiyanasiyana zapaintaneti, zimabwera ndi GUI, "yodzipereka" kwa ogwiritsa ntchito Windows.
Chojambulira pamadoko, zinthu zogawana (zosindikiza zogawana/mafoda), WhoIs/Finger/Lookup, kasitomala wa telnet ndi zina zambiri. Chida chosavuta, chachangu, chogwira ntchito.
Palibe chifukwa choganizira zinthu zina, chifukwa pali zambiri zothandiza m'derali ndipo onse ali ndi mfundo zofanana zogwirira ntchito ndi ntchito. Komabe, nmap ikadali yomwe imagwiritsidwa ntchito kwambiri.
Wikto Wikto - Nikto ya Windows, koma ndi zina zowonjezera, monga malingaliro "osamveka" pofufuza zolakwika, pogwiritsa ntchito GHDB, kupeza maulalo ndi zikwatu zothandizira, kuyang'anira zenizeni zopempha / mayankho a HTTP. Wikto yalembedwa mu C # ndipo imafuna .NET framework.
skipfish skipfish - scanner yachitetezo chapaintaneti kuchokera Michal Zalewski (wotchedwa lcamtuf). Zolembedwa mu C, mtanda-nsanja (Win imafuna Cygwin). Mobwerezabwereza (ndipo kwa nthawi yayitali kwambiri, pafupifupi 20 ~ 40 maola, ngakhale kuti nthawi yomaliza yomwe inandigwirira ntchito inali maola 96) imakwawa malo onse ndikupeza mabowo amtundu uliwonse. Zimapanganso magalimoto ambiri (ma GB angapo omwe akubwera / otuluka). Koma njira zonse ndi zabwino, makamaka ngati muli ndi nthawi ndi chuma.
Kugwiritsa Ntchito Nthawi Zonse:
./skipfish -o /home/reports www.example.com
Mu foda ya "malipoti" padzakhala lipoti mu html, chitsanzo.
w3f w3f - Web Application Attack ndi Audit Framework, chosatsegula chotsegula pa intaneti. Ili ndi GUI, koma mutha kugwira ntchito kuchokera ku console. Ndendende, ndi chimango ndi mulu wa mapulagini.
Mutha kuyankhula za zabwino zake kwa nthawi yayitali, ndibwino kuyesa :] Ntchito yofananira nayo imatsikira posankha mbiri, kufotokozera cholinga, ndikuyiyambitsa.
Mantra Security Framework Mantrandi maloto amene anakwaniritsidwa. Kutolere kwa zida zaulere komanso zotseguka zotetezedwa zomangidwa mumsakatuli.
Zothandiza kwambiri poyesa mapulogalamu a pa intaneti pazigawo zonse.
Kugwiritsa ntchito kumafikira pakukhazikitsa ndi kuyambitsa msakatuli.
msf > use auxiliary/admin/cisco/vpn_3000_ftp_bypass
msf auxiliary(vpn_3000_ftp_bypass) > set RHOST [TARGET IP]
msf auxiliary(vpn_3000_ftp_bypass) > run
Patapita kanthawi, lipoti la jambulani lidzawonekera pa tabu ya Reports
Kuti muwone kusatetezeka kwa ntchito kuti mugwiritse ntchito, mutha kugwiritsa ntchito Metasploit Framework yofotokozedwa pamwambapa kapena kuyesa kupeza mwayi (mwachitsanzo, pa Explot-db, mvula yamkuntho, fufuzani kufufuza etc.) ndi ntchito pamanja motsutsa dongosolo lake IMHO: wochuluka kwambiri. Ndinamubweretsa ngati mmodzi wa atsogoleri kumbali iyi ya makampani opanga mapulogalamu.
Automation ya jakisoni
Ambiri mwa ma sec scanner a pa intaneti amasaka jakisoni, koma akadali masikani wamba. Ndipo pali zofunikira zomwe zimagwira ntchito posaka ndikugwiritsa ntchito jakisoni. Tikambirana za iwo tsopano.
sqlmap sqlmap - chida chotseguka posaka ndikugwiritsa ntchito jakisoni wa SQL. Imathandizira ma seva a database monga: MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, SQLite, Firebird, Sybase, SAP MaxDB.
Kugwiritsiridwa ntchito kofananira kumafika pamzerewu:
python sqlmap.py -u "http://example.com/index.php?action=news&id=1"
Pali mabuku okwanira, kuphatikiza mu Chirasha. Pulogalamuyi imathandizira kwambiri ntchito ya pentester pogwira ntchito pamalowa.
Ndiwonjezera chiwonetsero cha kanema wovomerezeka:
bsqlbf-v2 bsqlbf-v2 - perl script, brute forcer for "khungu" Sql jakisoni. Imagwira ntchito zonse ndi ma ulalo onse komanso ndi zingwe.
Database yothandizidwa:
MS-SQL
MySQL
PostgreSQL
Oracle
Mwachitsanzo:
./bsqlbf-v2-3.pl -url www.somehost.com/blah.php?u=5 -blind u -sql "select table_name from imformation_schema.tables limit 1 offset 0" -database 1 -type 1
- url www.somehost.com/blah.php?u=5 - Lumikizanani ndi magawo -khungu u - parameter ya jakisoni (mwachikhazikitso chomaliza chimatengedwa kuchokera pa adilesi) -sql "sankhani tebulo_name kuchokera ku imformation_schema.tables malire 1 kuchotsa 0" - pempho lathu losavomerezeka ku database -database 1 - seva ya database: MSSQL -mtundu 1 - mtundu wa kuukira, jekeseni "akhungu", kutengera Zoona ndi Zolakwika (mwachitsanzo, zolakwika za syntax)
Ochotsa zolakwika
Zida izi zimagwiritsidwa ntchito makamaka ndi omanga akakhala ndi vuto ndi zotsatira zakugwiritsa ntchito code yawo. Koma malangizowa ndi othandizanso pa pentesting, pamene tingathe m'malo zomwe timafuna pa ntchentche, kusanthula zomwe zimabwera poyankha magawo athu (mwachitsanzo, panthawi ya fuzzing), ndi zina zotero.
Maofesi a Burp Maofesi a Burp - mndandanda wazinthu zomwe zimathandizira pakuyesa kulowa. Zili pa intaneti ndemanga yabwino mu Russian kuchokera ku Raz0r (ngakhale 2008).
Mtundu waulere umaphatikizapo:
Burp Proxy ndi projekiti yakomweko yomwe imakulolani kuti musinthe zopempha zomwe zapangidwa kale kuchokera pa msakatuli
Burp Spider - kangaude, amasaka mafayilo omwe alipo ndi maupangiri
Kwenikweni, phukusili limathetsa pafupifupi mavuto onse okhudzana ndi dera lino.
Fiddler Fiddler - Fiddler ndi projekiti yowonongeka yomwe imasunga magalimoto onse a HTTP (S). Imakulolani kuti muwone kuchuluka kwa magalimoto awa, kukhazikitsa malo opumira ndi "kusewera" ndi data yomwe ikubwera kapena yotuluka.
sinthani: Zolemba za BurpSuite mu Chirasha kuchokera ku gulu la "Hack4Sec" (lowonjezera Anton Kuzmin)
PS Sitingathe kukhala chete za XSpider. Sichita nawo ndemanga, ngakhale ndi shareware (ndinapeza pamene ndinatumiza nkhaniyi ku SecLab, makamaka chifukwa cha izi (osati chidziwitso, ndi kusowa kwa mtundu waposachedwa wa 7.8) ndipo sindinauphatikizepo m'nkhaniyi). Ndipo mwachidziwitso, kubwereza kwa izo kunakonzedwa (ndili ndi mayesero ovuta omwe ndinakonzekera), koma sindikudziwa ngati dziko lidzawona.
PPS Zinthu zina zochokera m'nkhaniyi zidzagwiritsidwa ntchito pazolinga zake mu lipoti lomwe likubwera CodeFest 2012 mu gawo la QA, lomwe lidzakhala ndi zida zomwe sizinatchulidwe apa (zaulere, ndithudi), komanso ndondomeko, momwe mungagwiritsire ntchito zomwe, zotsatira zotani zomwe mungayembekezere, masinthidwe oti agwiritse ntchito ndi mitundu yonse ya malingaliro ndi zidule pamene kugwira ntchito (ndikuganiza za lipoti pafupifupi tsiku lililonse, ndiyesetsa kukuuzani zabwino zonse za mutuwo)
Mwa njira, panali phunziro pa nkhaniyi pa Tsegulani InfoSec Days (tag pa Habre, webusaitiyi), akhoza kulanda a Korovans yang'anani zida.