サイバー攻撃・防御とサイバー法 / Cyber Attacks, Defense and Cyber Law

Transcript

1. 2022 7-8 (WBS) 2022 7-8 — 2022-06-27 – p.1/49

2. https://speakerdeck.com/ks91 ( ) WBS 2022 7-8 — 2022-06-27 – p.2/49

3. 1 6 6 • 2 6 6 • 3 6

   13 • 4 6 13 • 5 6 20 I ( ) • 6 6 20 I ( ) • 7 6 27 ( ) • 8 6 27 ( ) • 9 7 4 10 7 4 11 7 11 12 7 11 13 7 18 II ( ) 14 7 18 II ( ) 15 7 25 2022 7-8 — 2022-06-27 – p.3/49

4. + I ( ) + 2022 7-8 — 2022-06-27 –

   p.4/49

5. 2022 7-8 — 2022-06-27 – p.5/49

6. 3. (1) ( ) (2) 2022 6 23 ( )

   23:59 JST ( ) Waseda Moodle (Q & A ) 2022 7-8 — 2022-06-27 – p.6/49

7. ( ) (1 ) 2022 7-8 — 2022-06-27 – p.7/49

8. . . . . . . 9 9 ( )

   ( ) . . . 2022 7-8 — 2022-06-27 – p.8/49

9. U ( ) ⇒ . . . 2022 7-8 —

   2022-06-27 – p.9/49

10. U ( ) ⇒ II ↓ ^^; 2022 7-8 —

    2022-06-27 – p.10/49

11. Y SNS ⇒ (cf. ) . . . ↑ 2022

    7-8 — 2022-06-27 – p.11/49

12. Y NFT Tech ⇒ (Tech ) II . . .

    (Alec Peterson) 2022 7-8 — 2022-06-27 – p.12/49

13. T “ ” ⇒ ^^; ( ) ⇒ ( )

    Chain of command 2022 7-8 — 2022-06-27 – p.13/49

14. A ( ) ⇒ 2022 7-8 — 2022-06-27 – p.14/49

15. K ⇒ ( ) 2022 7-8 — 2022-06-27 – p.15/49

16. M ⇒ . . . ( ) ( ) (

    ) 2022 7-8 — 2022-06-27 – p.16/49

17. O CEO CEO ⇒ CEO ⇒ ( II ) 2022

    7-8 — 2022-06-27 – p.17/49

18. 2022 7-8 — 2022-06-27 – p.18/49

19. I ( . . . ) ( ) 2022 7-8

    — 2022-06-27 – p.19/49

20. Alice Alice sudo (superuser do) sudo UNIX Malissa (= Alice)

    Malissa WBSNFT 2022 7-8 — 2022-06-27 – p.20/49

21. ( ) αʔό
    ʮ8#4/'5ʯαʔϏεӡ༻؀ڥ ΫϥΠΞϯτ
    ࡏ୐؀ڥ ಉ Ұ ਓ ෺

    · ͨ ͸ ஥ ؒ ௨৴ܦ࿏ .BMJTTB
    
    ߈ܸऀ
    ޒेཛྷ͞Μʁ ᶃ
    ͦͷลͷίϯϐϡʔλͷݖݶΛୣऔ ɹ
    Φϓγϣφϧ #PC
    
    ҰൠΤϯδχΞ
    ฏԬ͞Μ "MJDF
    
    ؅ཧऀ
    ޒेཛྷ͞Μ ؅ཧऀ͔͠ॻ͖ࠐΊͳ͍ ϑΝΠϧ܈  FUDQBTTXE FUDHSPVQ    FUDTIBEPX   ؅ཧऀ͔͠ಡΈग़ͤͳ͍ ϑΝΠϧ܈ & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & . # " ެ։伴 ᶈ
    ެ։伴Λ౉͢ ᶅ
    QBTTXE
    ͱ
    TIBEPX ɹΛ౉͢ ᶆ
    αʔόͷ
    6/*9
    ύεϫʔυΛΫϥοΫͯ͠ ɹ#PC
    ͷύεϫʔυ͕ऑ͍͜ͱΛൃݟ
    ˠ
    #PC
    ஫ҙਂ͘ͳ͍ΤϯδχΞೝఆʂ ᶉ
    ؅ཧऀͱͯ͠௥ه͢Δ ᶊ
    .BMJTTB
    ͸
    #PC
    ͱͯ͠ ɹϦϞʔτϩάΠϯՄೳʜ
    ˞
    ࠓճ͸੨ࣈͷ෦෼Λ࣮ԋ͠·͢ 
    
    .BMJTTB
    ͸
    #PC
    ʹͳΓ͢·ͭͭ͠ ɹ
    
    ؅ཧऀͷΑ͏ʹৼΔ෣͑Δʜ
    ˕
    "MJDF
    ͸ୀ৬ޙ΋αʔόΛίϯτϩʔϧͰ͖Δ ɹ
    
    ͨΊͷखஈΛಘͨ ᶋ
    #PC
    Λ
    TVEPՄʹ ᶄ
    ಡΈग़͠ ᶄ
    ಡΈग़͠ 伴ϖΞ ൿີ伴 Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ ൿີ伴 伴 ެ։伴 伴ϖΞ ൿີ伴 Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ ൿີ伴 伴 ެ։伴 ᶇ
    伴ϖΞੜ੒ ʮ४උʯ ʹͯํ๏Λॻ͖·͢ ൿີ伴 ൿີ伴 伴 "MJDF
    ͷެ։伴 "MJDF
    ͷ࡞ۀ؀ڥ 44)
    4FDVSF
    4IFMM 44) 44)
    PWFS
    5PS
    5IF
    0OJPO
    3PVUFS #PC
    ͷ࡞ۀ؀ڥ #PC
    ͷެ։伴 .BMJTTB
    ͷެ։伴 2022 7-8 — 2022-06-27 – p.21/49

22. UNIX ҉߸ֶతϋογϡؔ਺ 4)" ιϧτ
    ϥϯμϜ஋ ੜ੒͞ΕͨμΠδΣετ “/etc/shadow” $ $ $

    1 MD5 5 SHA-256 6 SHA-512 base64 (64 ) 2022 7-8 — 2022-06-27 – p.22/49

23. ( ) (1/5) Ubuntu 20.04 ( ) 2 (Parallels) $

    ip address IP alice ( ), bob ( ) # adduser alice . . . Enter new UNIX password: structure . . . # adduser bob . . . Enter new UNIX password: quicksand . . . 2022 7-8 — 2022-06-27 – p.23/49

24. ( ) (2/5) alice (sudo : superuser do) # gpasswd

    -a alice sudo $ grep "sudo" /etc/group alice malissa ( ) # adduser malissa . . . Enter new UNIX password: irresistible . . . “structure quicksand irresistible . . .” ( ) 1 1 ( ) 2022 7-8 — 2022-06-27 – p.24/49

25. ( ) (3/5) SSH (Secure Shell) ( ) ( 1)

    (apt : Advanced Packaging Tool) $ sudo apt install openssh-server SSH ( ) (Ed25519 ) $ ssh-keygen -t ed25519 . . . Enter passphrase (empty for no passphrase): . . . $ cat .ssh/id_ed25519.pub alice: “heartbeat”, bob: “okinawa”, malissa: “darkness” ( ) cat ( ) cat catenate ( ) ( ) 2022 7-8 — 2022-06-27 – p.25/49

26. ( ) (4/5) SSH ( ) ( 2) ( )

    $ mkdir .ssh $ chmod 700 .ssh $ cd .ssh $ nano authorized_keys ( ) $ chmod 600 authorized_keys ( ) alice, bob malissa $ slogin IP $ exit 2022 7-8 — 2022-06-27 – p.26/49

27. ( ) (5/5) $ sudo apt install git nmap john

    git nmap “Matrix Reloaded” (https://nmap.org/images/matrix/matrix-hack-screen3.png) SSH john (John the Ripper) bob 2022 7-8 — 2022-06-27 – p.27/49

28. I . . . . . . ^^; 2022 7-8

    — 2022-06-27 – p.28/49

29. Tor (The Onion Router) → ( ) 1 Tor :

    https://www.torproject.org Tor ( ) 2022 7-8 — 2022-06-27 – p.29/49

30. I malissa $ passwd ESC recovery mode root # mount

    -o remount,rw / # passwd malissa # exit malissa Ubuntu OS ( ) 2022 7-8 — 2022-06-27 – p.30/49

31. (1) I ( ) malissa bob 22 SSH $ nmap

    -sV -p 22 IP $ git clone https://github.com/danielmiessler/SecLists.git bob malissa bob “/etc/ssh/sshd_config” #PasswordAuthentication yes # ( ) no $ sudo systemctl restart ssh SSH malissa bob 2022 7-8 — 2022-06-27 – p.31/49

32. SSH alice = malissa alice bob “authorized_keys” bob $ sudo

    -s # cd ../bob/.ssh # nano authorized_keys ( malissa ) bob alice (bob ) malissa bob 2022 7-8 — 2022-06-27 – p.32/49

33. alice = malissa $ sudo gpasswd -a bob sudo sudo

    malissa bob 2022 7-8 — 2022-06-27 – p.33/49

34. (2) “/etc/shadow” “/etc/passwd” alice malissa $ unshadow passwdfile.txt shadowfile.txt >

    crackfile.txt $ john --wordlist=SecLists/Passwords/Common-Credentials/10-million-password-list-top-100000.txt crackfile.txt . . . quicksand (bob) . . . 8 bob “10-million-password-list-top-100000.txt” bob bob John the Ripper 2022 7-8 — 2022-06-27 – p.34/49

35. . . . WBSNFT ↑ 2022 7-8 — 2022-06-27 –

    p.35/49

36. ( ) (1) JavaScript ( ) (2) (3) (1) (3)

    (2) (3) (A) (B) A ≡ B 2022 7-8 — 2022-06-27 – p.36/49

37. GitHub ( ) Git - https://git-scm.com/book/ja/v2/Git- - Git https://gist.github.com/ktx2207/3167fa69531bdd6b44f1 (

    ) GitHub “The Octopus Scanner Malware: Attacking the open source supply chain” 2022 7-8 — 2022-06-27 – p.37/49

38. & (C&C) IRC (Internet Relay Chat) IRC ( ) Bitcoin

    IRC & “Glupteba – the malware that gets secret messages from the Bitcoin blockchain” Bitcoin 2022 7-8 — 2022-06-27 – p.38/49

39. ( ) . . . 2 . . . 2022

    7-8 — 2022-06-27 – p.39/49

40. (1) : I 2022 7-8 — 2022-06-27 – p.40/49

41. ( ) 2022 7-8 — 2022-06-27 – p.41/49

42. (2) Q&A (2020) https://www.nisc.go.jp/security-site/law_handbook/index.html 2022 7-8 — 2022-06-27 – p.42/49

43. ( ) 2022 7-8 — 2022-06-27 – p.43/49

44. (2) : 2022 7-8 — 2022-06-27 – p.44/49

45. (3) : Coinhive : https://ja.wikipedia.org/wiki/Coinhive 2022 7-8 — 2022-06-27 –

    p.45/49

46. (4) : : https://www3.nhk.or.jp/news/html/20220624/k10013686711000.html 2022 7-8 — 2022-06-27 – p.46/49

47. 2022 7-8 — 2022-06-27 – p.47/49

48. 4. (1) ( ) (2) 2022 6 30 ( )

    23:59 JST ( ) Waseda Moodle (Q & A ) 2022 7-8 — 2022-06-27 – p.48/49

49. 2022 7-8 — 2022-06-27 – p.49/49