Upgrade to Pro — share decks privately, control downloads, hide ads and more …

サイバー攻撃・防御とサイバー法 / Cyber Attacks, Defense and Cyber Law

サイバー攻撃・防御とサイバー法 / Cyber Attacks, Defense and Cyber Law

2022年6月27日(月)、早稲田大学 大学院経営管理研究科「サイバーセキュリティ」にて使用したスライドです。

847a328633b1df6b11cc2f72430025e6?s=128

Kenji Saito
PRO

June 27, 2022
Tweet

More Decks by Kenji Saito

Other Decks in Technology

Transcript

  1. 2022 7-8 (WBS) 2022 7-8 — 2022-06-27 – p.1/49

  2. https://speakerdeck.com/ks91 ( ) WBS 2022 7-8 — 2022-06-27 – p.2/49

  3. 1 6 6 • 2 6 6 • 3 6

    13 • 4 6 13 • 5 6 20 I ( ) • 6 6 20 I ( ) • 7 6 27 ( ) • 8 6 27 ( ) • 9 7 4 10 7 4 11 7 11 12 7 11 13 7 18 II ( ) 14 7 18 II ( ) 15 7 25 2022 7-8 — 2022-06-27 – p.3/49
  4. + I ( ) + 2022 7-8 — 2022-06-27 –

    p.4/49
  5. 2022 7-8 — 2022-06-27 – p.5/49

  6. 3. (1) ( ) (2) 2022 6 23 ( )

    23:59 JST ( ) Waseda Moodle (Q & A ) 2022 7-8 — 2022-06-27 – p.6/49
  7. ( ) (1 ) 2022 7-8 — 2022-06-27 – p.7/49

  8. . . . . . . 9 9 ( )

    ( ) . . . 2022 7-8 — 2022-06-27 – p.8/49
  9. U ( ) ⇒ . . . 2022 7-8 —

    2022-06-27 – p.9/49
  10. U ( ) ⇒ II ↓ ^^; 2022 7-8 —

    2022-06-27 – p.10/49
  11. Y SNS ⇒ (cf. ) . . . ↑ 2022

    7-8 — 2022-06-27 – p.11/49
  12. Y NFT Tech ⇒ (Tech ) II . . .

    (Alec Peterson) 2022 7-8 — 2022-06-27 – p.12/49
  13. T “ ” ⇒ ^^; ( ) ⇒ ( )

    Chain of command 2022 7-8 — 2022-06-27 – p.13/49
  14. A ( ) ⇒ 2022 7-8 — 2022-06-27 – p.14/49

  15. K ⇒ ( ) 2022 7-8 — 2022-06-27 – p.15/49

  16. M ⇒ . . . ( ) ( ) (

    ) 2022 7-8 — 2022-06-27 – p.16/49
  17. O CEO CEO ⇒ CEO ⇒ ( II ) 2022

    7-8 — 2022-06-27 – p.17/49
  18. 2022 7-8 — 2022-06-27 – p.18/49

  19. I ( . . . ) ( ) 2022 7-8

    — 2022-06-27 – p.19/49
  20. Alice Alice sudo (superuser do) sudo UNIX Malissa (= Alice)

    Malissa WBSNFT 2022 7-8 — 2022-06-27 – p.20/49
  21. ( ) αʔό ʮ8#4/'5ʯαʔϏεӡ༻؀ڥ ΫϥΠΞϯτ ࡏ୐؀ڥ ಉ Ұ ਓ ෺

    · ͨ ͸ ஥ ؒ ௨৴ܦ࿏ .BMJTTB߈ܸऀ ޒेཛྷ͞Μʁ ᶃͦͷลͷίϯϐϡʔλͷݖݶΛୣऔ ɹ Φϓγϣφϧ #PCҰൠΤϯδχΞ ฏԬ͞Μ "MJDF؅ཧऀ ޒेཛྷ͞Μ ؅ཧऀ͔͠ॻ͖ࠐΊͳ͍ ϑΝΠϧ܈  FUDQBTTXE FUDHSPVQ    FUDTIBEPX   ؅ཧऀ͔͠ಡΈग़ͤͳ͍ ϑΝΠϧ܈ & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & . # " ެ։伴 ᶈެ։伴Λ౉͢ ᶅQBTTXEͱTIBEPX ɹΛ౉͢ ᶆαʔόͷ6/*9ύεϫʔυΛΫϥοΫͯ͠ ɹ#PCͷύεϫʔυ͕ऑ͍͜ͱΛൃݟˠ#PC஫ҙਂ͘ͳ͍ΤϯδχΞೝఆʂ ᶉ؅ཧऀͱͯ͠௥ه͢Δ ᶊ.BMJTTB͸#PCͱͯ͠ ɹϦϞʔτϩάΠϯՄೳʜ ˞ࠓճ͸੨ࣈͷ෦෼Λ࣮ԋ͠·͢ .BMJTTB͸#PCʹͳΓ͢·ͭͭ͠ ɹ؅ཧऀͷΑ͏ʹৼΔ෣͑Δʜ ˕"MJDF͸ୀ৬ޙ΋αʔόΛίϯτϩʔϧͰ͖Δ ɹͨΊͷखஈΛಘͨ ᶋ#PCΛTVEPՄʹ ᶄಡΈग़͠ ᶄಡΈग़͠ 伴ϖΞ ൿີ伴 Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ ൿີ伴 伴 ެ։伴 伴ϖΞ ൿີ伴 Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ ൿີ伴 伴 ެ։伴 ᶇ伴ϖΞੜ੒ ʮ४උʯ ʹͯํ๏Λॻ͖·͢ ൿີ伴 ൿີ伴 伴 "MJDFͷެ։伴 "MJDFͷ࡞ۀ؀ڥ 44) 4FDVSF4IFMM 44) 44)PWFS5PS 5IF0OJPO3PVUFS #PCͷ࡞ۀ؀ڥ #PCͷެ։伴 .BMJTTBͷެ։伴 2022 7-8 — 2022-06-27 – p.21/49
  22. UNIX ҉߸ֶతϋογϡؔ਺ 4)" ιϧτ ϥϯμϜ஋ ੜ੒͞ΕͨμΠδΣετ “/etc/shadow” $ $ $

    1 MD5 5 SHA-256 6 SHA-512 base64 (64 ) 2022 7-8 — 2022-06-27 – p.22/49
  23. ( ) (1/5) Ubuntu 20.04 ( ) 2 (Parallels) $

    ip address IP alice ( ), bob ( ) # adduser alice . . . Enter new UNIX password: structure . . . # adduser bob . . . Enter new UNIX password: quicksand . . . 2022 7-8 — 2022-06-27 – p.23/49
  24. ( ) (2/5) alice (sudo : superuser do) # gpasswd

    -a alice sudo $ grep "sudo" /etc/group alice malissa ( ) # adduser malissa . . . Enter new UNIX password: irresistible . . . “structure quicksand irresistible . . .” ( ) 1 1 ( ) 2022 7-8 — 2022-06-27 – p.24/49
  25. ( ) (3/5) SSH (Secure Shell) ( ) ( 1)

    (apt : Advanced Packaging Tool) $ sudo apt install openssh-server SSH ( ) (Ed25519 ) $ ssh-keygen -t ed25519 . . . Enter passphrase (empty for no passphrase): . . . $ cat .ssh/id_ed25519.pub alice: “heartbeat”, bob: “okinawa”, malissa: “darkness” ( ) cat ( ) cat catenate ( ) ( ) 2022 7-8 — 2022-06-27 – p.25/49
  26. ( ) (4/5) SSH ( ) ( 2) ( )

    $ mkdir .ssh $ chmod 700 .ssh $ cd .ssh $ nano authorized_keys ( ) $ chmod 600 authorized_keys ( ) alice, bob malissa $ slogin IP $ exit 2022 7-8 — 2022-06-27 – p.26/49
  27. ( ) (5/5) $ sudo apt install git nmap john

    git nmap “Matrix Reloaded” (https://nmap.org/images/matrix/matrix-hack-screen3.png) SSH john (John the Ripper) bob 2022 7-8 — 2022-06-27 – p.27/49
  28. I . . . . . . ^^; 2022 7-8

    — 2022-06-27 – p.28/49
  29. Tor (The Onion Router) → ( ) 1 Tor :

    https://www.torproject.org Tor ( ) 2022 7-8 — 2022-06-27 – p.29/49
  30. I malissa $ passwd ESC recovery mode root # mount

    -o remount,rw / # passwd malissa # exit malissa Ubuntu OS ( ) 2022 7-8 — 2022-06-27 – p.30/49
  31. (1) I ( ) malissa bob 22 SSH $ nmap

    -sV -p 22 IP $ git clone https://github.com/danielmiessler/SecLists.git bob malissa bob “/etc/ssh/sshd_config” #PasswordAuthentication yes # ( ) no $ sudo systemctl restart ssh SSH malissa bob 2022 7-8 — 2022-06-27 – p.31/49
  32. SSH alice = malissa alice bob “authorized_keys” bob $ sudo

    -s # cd ../bob/.ssh # nano authorized_keys ( malissa ) bob alice (bob ) malissa bob 2022 7-8 — 2022-06-27 – p.32/49
  33. alice = malissa $ sudo gpasswd -a bob sudo sudo

    malissa bob 2022 7-8 — 2022-06-27 – p.33/49
  34. (2) “/etc/shadow” “/etc/passwd” alice malissa $ unshadow passwdfile.txt shadowfile.txt >

    crackfile.txt $ john --wordlist=SecLists/Passwords/Common-Credentials/10-million-password-list-top-100000.txt crackfile.txt . . . quicksand (bob) . . . 8 bob “10-million-password-list-top-100000.txt” bob bob John the Ripper 2022 7-8 — 2022-06-27 – p.34/49
  35. . . . WBSNFT ↑ 2022 7-8 — 2022-06-27 –

    p.35/49
  36. ( ) (1) JavaScript ( ) (2) (3) (1) (3)

    (2) (3) (A) (B) A ≡ B 2022 7-8 — 2022-06-27 – p.36/49
  37. GitHub ( ) Git - https://git-scm.com/book/ja/v2/Git- - Git https://gist.github.com/ktx2207/3167fa69531bdd6b44f1 (

    ) GitHub “The Octopus Scanner Malware: Attacking the open source supply chain” 2022 7-8 — 2022-06-27 – p.37/49
  38. & (C&C) IRC (Internet Relay Chat) IRC ( ) Bitcoin

    IRC & “Glupteba – the malware that gets secret messages from the Bitcoin blockchain” Bitcoin 2022 7-8 — 2022-06-27 – p.38/49
  39. ( ) . . . 2 . . . 2022

    7-8 — 2022-06-27 – p.39/49
  40. (1) : I 2022 7-8 — 2022-06-27 – p.40/49

  41. ( ) 2022 7-8 — 2022-06-27 – p.41/49

  42. (2) Q&A (2020) https://www.nisc.go.jp/security-site/law_handbook/index.html 2022 7-8 — 2022-06-27 – p.42/49

  43. ( ) 2022 7-8 — 2022-06-27 – p.43/49

  44. (2) : 2022 7-8 — 2022-06-27 – p.44/49

  45. (3) : Coinhive : https://ja.wikipedia.org/wiki/Coinhive 2022 7-8 — 2022-06-27 –

    p.45/49
  46. (4) : : https://www3.nhk.or.jp/news/html/20220624/k10013686711000.html 2022 7-8 — 2022-06-27 – p.46/49

  47. 2022 7-8 — 2022-06-27 – p.47/49

  48. 4. (1) ( ) (2) 2022 6 30 ( )

    23:59 JST ( ) Waseda Moodle (Q & A ) 2022 7-8 — 2022-06-27 – p.48/49
  49. 2022 7-8 — 2022-06-27 – p.49/49