Iye zvino tichaedza imwe nzira yekubaya SQL. Ngationei kana dhatabhesi richiramba richidonhedza mameseji ekukanganisa. Iyi nzira inonzi "kumirira kunonoka", uye kunonoka pachako kwakanyorwa sezvinotevera: waitfor delay 00:00:01'. Ini ndinokopa izvi kubva mufaira redu uye ndinoiisa mukero bar yebrowser yangu.
Zvese izvi zvinonzi "bofu SQL jekiseni pane zvenguva pfupi". Zvatiri kuita pano ndezvekuti "mirai kunonoka kwemasekonzi gumi". Kana ukacherechedza, kumusoro kuruboshwe tine chinyorwa "kubatanidza ...", ndiko kuti, peji redu rinoitei? Inomirira chinongedzo, uye mushure memasekonzi gumi, peji chaiyo inooneka pane yako yekutarisa. Nehunyengeri uhu, tinokumbira dhatabhesi kuti itibvumire kuibvunza mimwe mibvunzo mishoma, semuenzaniso, kana mushandisi ari Joe, saka isu tinoda kumirira masekondi gumi. Zviri pachena? Kana mushandisi ari dbo, mirira masekondi gumi zvakare. Iyi ndiyo Blind SQL Injection nzira.
Ini ndinofunga kuti vanogadzira havagadzirise kusagadzikana uku pavanenge vachigadzira zvigamba. Iri ijekiseni reSQL, asi chirongwa chedu cheIDS hachichione, senge nzira dzakapfuura dzejekiseni reSQL.
Ngatiedze chimwe chinhu chinonakidza. Kopa mutsara uyu neIP kero uye unamate mubrowser. Zvakashanda! Iyo TCP bar muchirongwa chedu yakatsvuka, chirongwa chakacherekedza 2 kutyisidzira kwekuchengetedza.
Zvakanaka, ngatione zvakazoitika. Isu tine kutyisidzira kumwe kune XP shell, uye imwe kutyisidzira ndeye SQL jekiseni kuedza. Pakazara, pakanga paine maviri ekuedza kurwisa iyo webhu application.
Zvakanaka, zvino ndibatsireiwo nepfungwa. Tine dhizaini yedata umo IDS inoti yakapindura kune akasiyana XP shell tampering.
Kana tikadzika pasi, tinoona tafura yeHEX makodhi, kurudyi kune mureza une meseji xp_cmdshell + &27ping, uye zviri pachena kuti izvi zvakaipa.
Ngationei zvakaitika pano. SQL Server yakaita sei?
Sevha yeSQL yakati "unogona kuva nepassword yangu yedatabase, unogona kuwana ese marekodhi angu edhatabhesi, asi dude, ini handidi kuti uite mirairo yako pandiri zvachose, izvo hazvina kutonhorera zvachose"!
Chatinofanira kuita kuve nechokwadi chekuti kunyangwe iyo IDS ikashuma kutyisidzira kugomba reXP, kutyisidzira kunofuratirwa. Kana uri kushandisa SQL Server 2005 kana SQL Server 2008, kana SQL jekiseni kuyedza ikaonekwa, iyo inoshanda system shell ichavharwa, ichikutadzisa kuenderera mberi nebasa rako. Zvinoshungurudza zvikuru. Saka chii chatinofanira kuita? Iwe unofanirwa kuedza kubvunza server nerudo zvakanyanya. Ndotaura here sekuti, “ndapota, baba, ndingatore here makuki aya”? Ndizvo zvandinoita, zvakakomba, ndinobvunza sevha zvine ruremekedzo! Ndiri kukumbira mamwe masarudzo, ndiri kukumbira kugadziridzwa, uye ndiri kukumbira XP shell zvigadziriso zvishandurwe kuti ganda riwanikwe nekuti ndiri kuida!
Isu tinoona kuti IDS yaona izvi - munoona, kutyisidzira katatu kwatocherechedzwa pano.
Chingotarisa pano - takaputika matanda ekuchengetedza! Zvinoita semuti weKisimusi, zvinhu zvakawanda zvakaturikwa pano! Kusvika makumi maviri nenomwe kutyisidzira kwekuchengetedza! Hooray vakomana, takabata hacker uyu, tamuwana!
Hatinetseke kuti achaba data redu, asi kana achigona kuita mirairo yehurongwa mu "bhokisi" redu - izvi zvatove zvakakomba! Iwe unogona kudhirowa nzira yeTelnet, FTP, unogona kutora data rangu, izvo zvinotonhorera, asi ini handinetseki nazvo, ini handidi kuti iwe utore ganda re "bhokisi" rangu.
Ndinoda kutaura pamusoro pezvinhu zvakandiwana. Ini ndinoshandira masangano, ndave nemakore akawanda ndichivashandira, uye ndiri kukuudza izvi nekuti musikana wangu anofunga kuti handirovha. Anofunga kuti zvese zvandinoita kumira pachikuva uye kutaura, izvi hazvinganzi ibasa. Asi ini ndinoti: "kwete, mufaro wangu, ndiri mupi wezano"! Ndiwo musiyano - ndinotaura pfungwa dzangu uye ndinobhadharwa.
Rega ndizviise seizvi - isu semahacker tinoda kutsemura goko, uye kwatiri hakuna mufaro mukuru munyika kupfuura "kumedza goko." Kana vaongorori veIDS vachinyora mitemo yavo, unoona kuti vanoinyora nenzira inodzivirira kubva pakubirwa negoko. Asi kana iwe ukataura neCIO nezve dambudziko rekubvisa data, anokupa iwe kuti ufunge nezve maviri sarudzo. Ngatitii ndine application inoita zana "zvidimbu" paawa. Chii chinonyanya kukosha kwandiri - kuve nechokwadi chekuchengetedza data rese mune iyi application kana chengetedzo ye "bhokisi" shell? Uyu mubvunzo wakakomba! Chii chaunofanira kunyanya kunetseka nacho?
Nekuda kwekuti iwe une ganda re "bhokisi" rakaputsika hazvireve kuti mumwe munhu awana mukana wekushanda kwemukati kwezvikumbiro. Hongu, zvinowanzoitika, uye kana zvisati zvaitika, zvinogona munguva pfupi. Asi cherechedza kuti zvigadzirwa zvekuchengetedza zvakawanda zvakavakwa pafungidziro yekuti munhu anorwisa anofamba netiweki yako. Naizvozvo ivo vanoteerera pakuitwa kwemirairo, nekubayiwa kwemirairo, uye munofanira kucherechedza kuti ichi chinhu chakakomba. Ivo vanonongedza kusakwana kudiki, yakapusa-muchinjika-saiti scripting, iri nyore majekiseni eSQL. Ivo havana hany'a nekutyisidzira kwakaoma, havana hany'a nezve encrypted meseji, havana basa nerudzi urwu rwechinhu. Zvinogona kutaurwa kuti zvigadzirwa zvese zvekuchengetedza zviri kutsvaga ruzha, ivo vari kutsvaga "yapping", vanoda kumisa chimwe chinhu chinoruma chiuno chako. Hezvino izvo zvandakadzidza pakubata nekuchengetedza zvigadzirwa. Iwe haufanirwe kutenga zvigadzirwa zvekuchengetedza, haufanire kutyaira rori reverse. Unoda vanhu vane ruzivo, vane hunyanzvi vanonzwisisa tekinoroji. Hongu, Mwari wangu, vanhu! Hatidi kukanda mamirioni emadhora mumatambudziko aya, asi vazhinji venyu makashanda mundima iyi uye munoziva kuti mukuru wako paanongoona shambadziro, anomhanyira kuchitoro achishevedzera kuti "tinofanira kutora chinhu ichi!". Asi isu hatidi chaizvo, tinotofanira kugadzirisa tsvina iri kumashure kwedu. Ndiyo yaive misimboti yekuita uku.
Nzvimbo yakakwirira yekuchengetedza chinhu chandakapedza nguva yakawanda kuti ndinzwisise mitemo yekuti nzira dzekudzivirira dzinoshanda sei. Kana ukangonzwisisa nzira dzekudzivirira, kudarika kudzivirira hakuna kuoma. Semuenzaniso, ini ndine webhu application iyo inodzivirirwa neyayo firewall. Ini ndinoteedzera kero yepaneru yekuseta, ndinoiisa mukero bar yebrowser uye ndinoenda kune zvigadziriso uye edza kuisa cross-saiti scripting.
Nekuda kweizvozvo, ndinogamuchira meseji yefirewall nezve kutyisidzira - ndakavharwa.
Ndinofunga kuti zvakaipa, unobvuma here? Iwe wakatarisana nechigadzirwa chekuchengetedza. Asi ko kana ndikaedza chinhu chakadai: isa parameter Joe'+OR+1='1 mutambo
Sezvauri kuona, zvakashanda. Ndiruramise kana ndakanganisa, asi taona jekiseni reSQL richikunda firewall yekushandisa. Zvino ngatiite setiri kuda kutanga kambani yekuchengetedza, saka ngatipfekei ngowani yemugadziri wesoftware. Ikozvino isu tinoisa zvakaipa nekuti ingowani nhema. Ini ndiri chipangamazano, saka ndinogona kuita izvi nevagadziri vesoftware.
Tinoda kuvaka nekuisa hurongwa hutsva hwekuona intrusion, saka tichatanga mushandirapamwe wekuona tamper. Snort, seyakavhurika sosi chigadzirwa, ine mazana ezviuru emasaini ekutyisidzira kwekupinda. Isu tinofanirwa kuita zvine hutsika, saka hatizobi aya masiginecha kubva kune mamwe maapplication toaisa musystem yedu. Isu tichangogara pasi tonyora zvakare ese - hey Bob, Tim, Joe, huya kuno uye uite nekukurumidza kuburikidza neaya 100 masiginecha!
Isu tinodawo kugadzira vulnerability scanner. Iwe unoziva kuti Nessus, iyo otomatiki vulnerability inowana, ine yakanaka makumi masere ezviuru siginicha uye zvinyorwa zvinotarisa kusasimba. Tichaita zvakare zvine hutsika uye isu pachedu tichaanyora patsva ese muchirongwa chedu.
Vanhu vanondibvunza, "Joe, iwe unoita bvunzo dzese idzi neyakavhurika sosi software seMod Security, Snort nezvimwe zvakadaro, zvakafanana sei kune zvimwe zvigadzirwa zvevatengesi?" Ndinovapindura kuti: “Havana kufanana zvachose!” Nekuti vatengesi havabi zvinhu kubva kune yakavhurika sosi yekuchengetedza zvigadzirwa, vanogara pasi vonyora yese iyi mitemo ivo pachavo.
Kana iwe uchigona kugadzira yako siginecha uye kurwisa tambo kushanda pasina kushandisa yakavhurika sosi zvigadzirwa, uyu mukana wakanaka kwauri. Kana iwe usingakwanise kukwikwidza kurwisa zvigadzirwa zvekutengesa, uchifamba munzira kwayo, iwe unofanirwa kuwana iyo pfungwa ichakubatsira iwe kuzivikanwa mumunda wako.
Munhu wose anoziva kuti ndinonwa. Rega ndikuratidze kuti ndinonwa nei. Kana iwe wakamboita source code audit muhupenyu hwako, uchadhakwa, trust me, after that unozotanga kunwa.
Saka mutauro wedu watinofarira C++. Ngatitarisei chirongwa ichi - Web Knight ndeye firewall application yemawebhu maseva. Iine default kunze. Zvinonakidza - kana ndikatumira firewall iyi, haizondidzivirira kubva kuOutlook Web Access.
Zvinoshamisa! Imhaka yekuti vazhinji vatengesi vesoftware vari kudhonza mitemo kubva mune mamwe maapplication uye nekuiisa muchigadzirwa chavo pasina kuita boka rese retsvakiridzo chaiyo. Saka pandinoisa network firewall application, ndinofunga zvese nezve webmail hazvina kunaka! Nekuti inenge chero webmail inotyora chengetedzo yekusagadzikana. Une webhu kodhi iyo inoteedzera system mirairo uye kubvunza LDAP kana chero imwe mushandisi dhatabhesi chitoro pawebhu.
Ndiudze, chinhu chakadaro chinganzi chakachengeteka papasi ripi? Chimbofunga nezvazvo: unovhura Outlook Web Access, dzvanya b ctrl+K, tarisa vashandisi uye zvese izvo, iwe unotonga Active Directory zvakananga kubva pawebhu, iwe unoteedzera system mirairo paLinux kana ukashandisa "squirrel mail" kana Horde kana chero. chimwe chinhu. Iwe uri kuburitsa ese aya evals uye mamwe marudzi ekusachengetedzeka mashandiro. Naizvozvo, mafirewall mazhinji anovabvisa kubva pane rondedzero yekutyisidzira kuchengetedza, edza kubvunza mugadziri wako wesoftware nezve izvi.
Ngatidzokerei kuWeb Knight application. Yakaba mitemo yakawanda yekuchengetedza kubva ku URL scanner iyo inoongorora ese aya IP kero renji. Uye chii, ese aya kero siyana haana kubatanidzwa kubva chigadzirwa changu?
Pane mumwe wenyu anoda kuisa kero idzi panetiweki yako here? Unoda kuti network yako ishande pamakero aya? Hongu, zvinoshamisa. Zvakanaka, ngatipenengure pasi chirongwa ichi uye titarise zvimwe zvinhu izvo firewall iyi isingade kuita.
Ivo vanonzi "1999" uye vanoda kuti sevha yavo yewebhu ive munguva yakapfuura! Pane mumwe wenyu anorangarira here chipenga ichi: /zvinyorwa, /iishelp, msads? Zvichida vanhu vakati wandei vacharangarira neshungu kuti kwaive kunakidza sei kubira zvinhu zvakadaro. "Yeuka, murume, kare kare isu" takauraya" maseva, zvaive zvakanaka!".
Zvino, kana ukatarisa pane izvi kunze, uchaona kuti unogona kuita zvinhu zvese izvi - msads, printers, iisadmpwd - zvese izvi zvinhu zvisingadiwi nemunhu nhasi. Zvakadini nemirayiro yausingabvumirwi kuita?
Aya ndiwo arp, pa, cacls, chkdsk, cipher, cmd, com. Kana uchivanyora, unoremerwa nendangariro dzemazuva ekare, "dude, rangarira matorero atakaita server, rangarira mazuva iwayo"?
Asi hezvino izvo zvinonyanya kufadza - pane anoona WMIC pano kana pamwe PowerShell? Fungidzira kuti une chishandiso chitsva chinoshanda nekumhanyisa zvinyorwa pane yemuno sisitimu, uye aya manyoro emazuva ano, nekuti iwe unoda kumhanya Windows Server 2008, uye ini ndichaita basa rakakura kuidzivirira nemitemo yakagadzirirwa Windows. 2000. Kuti nguva inotevera mutengesi auya kwauri aine application yake yewebhu, umubvunze kuti, “nhai murume, watipa zvinhu zvakaita sebits admin, kana kuita mapowershell commands, watarisa zvimwe zvese, nekuti tiri kuenda. kugadzirisa uye kushandisa iyo itsva vhezheni yeDotNET"? Asi zvese izvi zvinhu zvinofanirwa kunge zviripo mune yekuchengetedza chigadzirwa nekukasira!
Chinhu chinotevera chandinoda kutaura newe nezvacho ndeye logic fallcies. Ngatiendei ku192.168.2.6. Iri rinenge rekushandisa zvakafanana neyakapfuura.
Unogona kuona chimwe chinhu chinonakidza kana iwe ukapenengura pasi peji uye tinya paBata Isu link.
Kana iwe ukatarisa iyo kodhi kodhi ye "Bata Nesu" tebhu, inova imwe yenzira dzepentesting dzandinoita nguva dzese, uchaona mutsara uyu.
Funga nezvazvo! Ndinonzwa kuti vazhinji pavakaona izvi vakati: "Wow"! Ndakamboedza kupinda mukati, toti, bhangi remabhiriyoni, uye ndakaona chimwe chinhu chakafanana ipapo. Saka, isu hatidi SQL jekiseni kana kuyambuka saiti scripting - isu tine chinhu chikuru, iyi kero bar.
Saka, pasina kuwedzeredza - bhangi rakatiudza kuti ivo vaive vese - uye netiweki nyanzvi, uye web inspector, uye havana kutaura chero chinhu. Kureva kuti, vaizviona sechinhu chakajairika kuti faira remeseji rivhurwe uye riverengerwe kuburikidza nebrowser.
Ndiko kuti, iwe unogona kungoverenga faira zvakananga kubva kufaira system. Mukuru wechikwata chavo chekuchengetedza akandiudza, "hongu, mumwe wema scanner akawana kusagadzikana uku, asi akazviona sediki." Kwandakapindura, zvakanaka, ndipe miniti. Ndakanyora filename=../../../../boot.ini mubhadha yekero uye ndakakwanisa kuverenga faira system boot file!
Kune izvi vakandiudza kuti: “kwete, aiwa, aiwa, aya haasi mafaera anotsoropodza”! Ndakapindura - asi iServer 2008, handizvo here? Vakati hongu ndiye. Ini ndinoti - asi sevha iyi ine faira yekumisikidza iri mumudziyo dhairekitori reseva, handiti? "Zvakanaka," vanopindura. "Zvakanaka," ndinoti, "ko kana munhu anorwisa akaita izvi," uye ini ndinonyora filename=web.config mubhadha rekero. Vanoti - saka chii, hapana chauri kuona pamonitor?
Ini ndinoti - ko kana ndikadzvanya-kurudyi pane chekutarisa uye sarudza iyo "Ratidza peji kodhi" sarudzo? Uye ndichawanei pano? "Hapana chakakosha"? Ini ndichaona iyo server administrator password!
Uye unoti hapana dambudziko apa?
Asi chandinofarira chikamu chinotevera. Iwe haunditendere kuti ndimhanye mirairo mubhokisi, asi ini ndinogona kuba iyo web server's admin password uye dhatabhesi, kutarisa dhatabhesi rese, kubvarura dhatabhesi uye system yekutadza zvinhu, uye kufamba nazvo zvese. Izvi ndizvo zvakaita munhu akaipa paanoti "hesi murume, nhasi izuva guru"!
Usarega zvigadzirwa zvekuchengetedza zvive chirwere chako! Usarega zvigadzirwa zvekuchengetedza zvichikurwarisa! Tsvaga mamwe maNerds, uvape iwo ese Star Trek memorabilia, ita kuti vafarire, vakurudzire kuti vagare newe, nekuti avo vanerdy stinkers vasingageze zuva nezuva ndivo vanoita kuti network yako ishande seinotevera! Ava ndivo vanhu vanozobatsira zvigadzirwa zvekuchengetedza zvishande nemazvo.
Ndiudzei, vangani venyu vanokwanisa kugara muimba imwe chete kwenguva yakareba nemunhu anogara achiti: "o, ndinoda kudhinda iyi script nokukurumidza!", Uye ndiani ari kuita izvi nguva dzose? Asi iwe unoda vanhu vanoita kuti zvigadzirwa zvako zvekuchengetedza zvishande.
Kudzokorora, zvigadzirwa zvekuchengetedza hazvina mbeveve nekuti mwenje inogara isina kunaka, inogara ichiita zvinhu zvakashata, haingope chengetedzo. Handisati ndamboona chigadzirwa chakanaka chekuchengetedza chisingade kuti mukomana ane screwdriver aiteke painofanirwa kuita kuti ishande zvakanyanya kana zvishoma. Ingori rondedzero hombe yemitemo inoti zvakaipa, uye ndizvozvo!
Saka vakomana, ndinoda kuti mutarise dzidzo, kuzvinhu zvakaita sechengetedzo, polytechnics, nekuti kune akawanda emahara epamhepo makosi ezvekuchengetedza nyaya. Dzidza Python, dzidza Gungano, dzidza webhu application test.
Hezvino izvo zvinonyatso kukubatsira kuchengetedza network yako. Smart vanhu vanodzivirira network, network zvigadzirwa hazvidzivirire! Dzokera kubasa undoudza mukuru wako kuti unoda mari yakawanda kune vanhu vakangwara, ndinoziva kuti idambudziko manje asi muudze zvakadaro tinoda mari yakawanda yekuti vanhu vadzidziswe. Kana tikatenga chigadzirwa asi tikasatenga kosi yekuti tingachishandise sei nekuti chinodhura, saka nei tichichitenga zvachose kana tisiri kuzodzidzisa vanhu mashandisiro acho?
Ndakashandira vazhinji vatengesi vezvigadzirwa zvekuchengetedza, ndapedza hunenge hupenyu hwangu hwese ndichiita zvigadzirwa izvi, uye ndiri kurwara nezvese izvi network yekuwana zvidzoreso uye zvinhu nekuti ndakaisa uye nekumhanyisa zvese izvi zvigadzirwa. Rimwe zuva ndakaenda kumutengi, ivo vaida kuita iyo 802.1x chiyero cheEAP protocol, saka vaive neMAC kero nemakero echipiri pachiteshi chega chega. Ndakasvika ndikaona kuti pakaipa, ndakacheuka ndokutanga kubaya mabhatani epa printer. Iwe unoziva, iyo printa inogona kudhinda inetiweki bvunzo peji ine ese MAC kero uye IP kero. Asi zvakazoitika kuti printer haitsigire chiyero che 802.1x, saka inofanira kubviswa.
Ipapo ndakaburitsa printa ndikachinja kero yeMAC yelaptop yangu kukero yeMAC yeprinta ndikabatanidza laptop yangu, nekudaro ndichipfuura iyi inodhura MAC mhinduro, funga nezvazvo! Saka mhinduro yeMAC iyi ingandiitirei kana munhu achingopfuudza chero mudziyo seprinta kana foni yeVoIP?
Saka kwandiri nhasi, pentesting ndeye kupedza nguva ndichiedza kunzwisisa uye kunzwisisa chigadzirwa chekuchengetedza chakatengwa nemutengi wangu. Ikozvino bhanga rega rega randinoita bvunzo yekupinda kune ese aya maHIPS, NIPS, LAUGTHS, MACS uye boka rese remamwe acronyms anongoyamwa. Asi ndiri kuedza kufunga kuti zvigadzirwa izvi zviri kuyedza kuita sei uye kuti vari kuyedza kuzviita sei. Zvino, kana ndangoona kuti ndeipi nzira uye pfungwa dzavanoshandisa kupa dziviriro, kuitenderedza hazvizove zvakaoma.
Chigadzirwa changu chandinofarira, chandichakusiya nacho, chinonzi MS 1103. Ibrowser-based exploit inopfapfaidza HIPS, Host Intrusion Prevention Signature, kana Host Intrusion Prevention Signatures. Muchokwadi, inoitirwa kunzvenga masiginecha eHIPS. Ini handidi kukuratidza kuti inoshanda sei nekuti ini handidi kutora nguva yekuiratidza, asi inoita basa rakakura rekunzvenga dziviriro iyi, uye ndinoda kuti uitore.
OK guys, ndave kuenda.
Dzimwe ads 🙂
Ndinokutendai nekugara nesu. Unoda zvinyorwa zvedu here? Unoda kuona zvimwe zvinonakidza zvemukati? Titsigire nekuisa odha kana kukurudzira kushamwari, , yakasarudzika analogue yekupinda-level maseva, iyo yakagadzirwa nesu kuti iwe: (inowanikwa neRAID1 uye RAID10, kusvika ku24 cores uye kusvika ku40GB DDR4).
Dell R730xd 2 nguva yakachipa muEquinix Tier IV data center muAmsterdam? Chete pano muNetherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - kubva pamadhora makumi mapfumbamwe nemapfumbamwe! Verenga nezve
Source: www.habr.com