サイバー攻撃・防御とサイバー法 / Cyber Attacks, Defense, and Cyber Law

Transcript

1. Generated by Stable Image Core 2026 7-8 (WBS) 2026 7-8

   — 2022-06-29 – p.1/51

2. https://speakerdeck.com/ks91/collections/cyber-security-2026-summer 2026 7-8 — 2022-06-29 – p.2/51

3. ( ) 1 6 8 (1) • 2 6 8

   (2) • 3 6 15 (1) • 4 6 15 (2) • 5 6 22 I (1) ( ) • 6 6 22 I (2) ( ) • 7 6 29 (1) ( ) • 8 6 29 (2) ( ) • 9 7 6 (1) 10 7 6 (2) 11 7 13 (1) 12 7 13 (2) 13 7 20 II (1) ( ) 14 7 20 II (2) ( ) W-IOI / ( ) 9-10 11-12 2026 7-8 — 2022-06-29 – p.3/51

4. ( 20 ) 1 • 2 • 3 • 4

   (TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • / / OK / 2026 7-8 — 2022-06-29 – p.4/51

5. ( ) I 2026 7-8 — 2022-06-29 – p.5/51

6. + I ( ) + 2026 7-8 — 2022-06-29 –

   p.6/51

7. 2026 7-8 — 2022-06-29 – p.7/51

8. 3. (1) ( ) (2) 2024 6 25 ( )

   23:59 JST Waseda Moodle (Q & A ) 2026 7-8 — 2022-06-29 – p.8/51

9. . . . . . . 28 27 (6/27( )

   ) ( ) . . . 2026 7-8 — 2022-06-29 – p.9/51

10. I NPC / agent NPC / ⇒ : F1 (

    ) 2026 7-8 — 2022-06-29 – p.10/51

11. M PC 1 ⇒ . . . 2026 7-8 —

    2022-06-29 – p.11/51

12. S CEO [ ] IR [ ] ⇒ CEO (

    ) ( ) and/or 2026 7-8 — 2022-06-29 – p.12/51

13. T CSIRT AI ⇒ NPC ( NPC ) CEO NPC

    instructions 2026 7-8 — 2022-06-29 – p.13/51

14. M ⇒ = 1 ( 2 ) 2026 7-8 —

    2022-06-29 – p.14/51

15. O ⇒ HLO 2026 7-8 — 2022-06-29 – p.15/51

16. A https://www.lac.co.jp/education/training/case/ AI ⇒ ?! 2026 7-8 — 2022-06-29 –

    p.16/51

17. N ⇒ . . . 2026 7-8 — 2022-06-29 –

    p.17/51

18. (1) : ( CTO, ) : CEO AI / AI

    / AI AI — : AI AI AI ( ) : : API : HLO ( CTO ) 2026 7-8 — 2022-06-29 – p.18/51

19. (1) — 1 AI (fire and forget) ( ) (

    ) HLO ( ) AI ( )( ) API HTTPS ( )( ) HLO 2 note URL note : {"node": "worker-03", "status": "ok", "note": " "} (= ) 3 ( ) 1 kill 2 egress 3 2026 7-8 — 2022-06-29 – p.19/51

20. (2) 1 : ( ) HLO 2 : HLO /

    : x / 3 : — 4 : : + + + 2026 7-8 — 2022-06-29 – p.20/51

21. / = CTO / AI vs. AI AI AI /

    / / 2026 7-8 — 2022-06-29 – p.21/51

22. I ∼ 0∼6( ) / 0 6 2026 7-8 —

    2022-06-29 – p.22/51

23. I ( . . . ) ( ) 2026 7-8

    — 2022-06-29 – p.23/51

24. Alice Alice sudo (superuser do/substitute user do) sudo UNIX Malissa

    (= Alice) Malissa ( : ) HLO 2026 7-8 — 2022-06-29 – p.24/51

25. ( ) αʔό
    ʮ)-0ʯαʔϏεӡ༻؀ڥ ΫϥΠΞϯτ
    ࡏ୐؀ڥ ಉ Ұ ਓ ෺

    · ͨ ͸ ஥ ؒ ௨৴ܦ࿏ .BMJTTB
    
    ߈ܸऀ
    ۋ৫͞Μʁ ᶃ
    ͦͷลͷίϯϐϡʔλͷݖݶΛୣऔ ɹ
    Φϓγϣφϧ #PC
    
    Ұൠ ΤϯδχΞ
    Ӭݟ͞Μ "MJDF
    
    ؅ཧऀ
    ۋ৫͞Μ ؅ཧऀ͔͠ॻ͖ࠐΊͳ͍ ϑΝΠϧ܈  FUDQBTTXE FUDHSPVQ    FUDTIBEPX   ؅ཧऀ͔͠ಡΈग़ͤͳ͍ ϑΝΠϧ܈ & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & . # " ެ։伴 ᶈ
    ެ։伴Λ౉͢ ᶅ
    QBTTXE
    ͱ
    TIBEPX ɹΛ౉͢ ᶆ
    αʔόͷ
    6/*9
    ύεϫʔυΛΫϥοΫͯ͠ ɹ#PC
    ͷύεϫʔυ͕ऑ͍͜ͱΛൃݟ
    ˠ
    #PC
    ஫ҙਂ͘ͳ͍ΤϯδχΞೝఆʂ ᶉ
    ؅ཧऀͱͯ͠௥ه͢Δ ᶊ
    .BMJTTB
    ͸
    #PC
    ͱͯ͠ ɹϦϞʔτϩάΠϯՄೳʜ
    ˞
    ࠓճ͸੨ࣈͷ෦෼Λ࣮ԋ͠·͢ 
    
    .BMJTTB
    ͸
    #PC
    ʹͳΓ͢·ͭͭ͠ ɹ
    
    ؅ཧऀͷΑ͏ʹৼΔ෣͑Δʜ
    ˕
    "MJDF
    ͸ୀ৬ޙ΋αʔόΛίϯτϩʔϧͰ͖Δ ɹ
    
    ͨΊͷखஈΛಘͨ ᶋ
    #PC
    Λ
    TVEPՄʹ ᶄ
    ಡΈग़͠ ᶄ
    ಡΈग़͠ 伴ϖΞ ൿີ伴 Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ ൿີ伴 伴 ެ։伴 伴ϖΞ ൿີ伴 Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ Ξ ൿີ伴 伴 ެ։伴 ᶇ
    伴ϖΞੜ੒ ʮ४උʯ ʹͯํ๏Λॻ͖·͢ ൿີ伴 ൿີ伴 伴 "MJDF
    ͷެ։伴 "MJDF
    ͷ࡞ۀ؀ڥ 44)
    4FDVSF
    4IFMM 44) 44)
    PWFS
    5PS
    5IF
    0OJPO
    3PVUFS #PC
    ͷ࡞ۀ؀ڥ #PC
    ͷެ։伴 .BMJTTB
    ͷެ։伴 2026 7-8 — 2022-06-29 – p.25/51

26. UNIX ҉߸ֶతϋογϡؔ਺ 4)" ιϧτ
    ϥϯμϜ஋ ੜ੒͞ΕͨμΠδΣετ “/etc/shadow” $ $ $

    1 MD5 5 SHA-256 6 SHA-512 y yescrypt base64 (64 ) 2026 7-8 — 2022-06-29 – p.26/51

27. ( ) (1/5) Ubuntu 24.04 ( ) 2 (Parallels) $

    ip address IP alice ( ), bob ( ; ( )) (BAD PASSWORD ^^;) # adduser alice . . . Enter new UNIX password: structure . . . # adduser bob . . . Enter new UNIX password: quicksand . . . 2026 7-8 — 2022-06-29 – p.27/51

28. ( ) (2/5) alice bob (sudo : superuser do/substitute user

    do) # usermod -aG sudo alice $ grep "sudo" /etc/group alice malissa ( ) # adduser malissa . . . Enter new UNIX password: irresistible . . . “structure quicksand irresistible . . .” ( ) 1 1 ( ) 2026 7-8 — 2022-06-29 – p.28/51

29. ( ) (3/5) SSH (Secure Shell) ( ) ( 1)

    (apt : Advanced Packaging Tool)( ) $ sudo apt install openssh-server SSH ( ) (Ed25519 ) $ ssh-keygen -t ed25519 . . . Enter passphrase (empty for no passphrase): . . . $ cat .ssh/id_ed25519.pub alice: “heartbeat”, bob: “okinawa”, malissa: “darkness” ( ) cat ( ) cat catenate ( ) ( ) 2026 7-8 — 2022-06-29 – p.29/51

30. ( ) (4/5) SSH ( ) ( 2) ( )

    $ mkdir .ssh $ chmod 700 .ssh $ cd .ssh $ nano authorized_keys ( ) $ chmod 600 authorized_keys ( ) alice, bob malissa $ slogin IP $ exit 2026 7-8 — 2022-06-29 – p.30/51

31. ( ) (5/5) $ sudo apt install git nmap $

    sudo snap install john-the-ripper git nmap “Matrix Reloaded” (https://nmap.org/images/matrix/matrix-hack-screen3.png) SSH john (John the Ripper) bob GPU 2026 7-8 — 2022-06-29 – p.31/51

32. I . . . . . . 2026 7-8 —

    2022-06-29 – p.32/51

33. Tor (The Onion Router) → ( ) 1 Tor :

    https://www.torproject.org Tor ( ) 2026 7-8 — 2022-06-29 – p.33/51

34. I malissa $ passwd ESC (GRUB normal + ESC) recovery

    mode root # mount -o remount,rw / # passwd malissa # exit malissa Ubuntu OS ( ) ( ) 2026 7-8 — 2022-06-29 – p.34/51

35. (1) I ( ) malissa bob 22 SSH $ nmap

    -sV -p 22 IP $ git clone https://github.com/danielmiessler/SecLists.git bob (↑ ) malissa bob “/etc/ssh/sshd_config” #PasswordAuthentication yes # ( ) no $ sudo systemctl restart ssh SSH malissa bob 2026 7-8 — 2022-06-29 – p.35/51

36. SSH alice = malissa alice bob “authorized_keys” bob $ sudo

    -s # cd ../bob/.ssh # nano authorized_keys ( malissa ) bob alice (bob ) malissa bob 2026 7-8 — 2022-06-29 – p.36/51

37. (bob ) alice = malissa $ sudo usermod -aG sudo

    bob sudo malissa bob 2026 7-8 — 2022-06-29 – p.37/51

38. (2) “/etc/shadow” “/etc/passwd” alice malissa $ unshadow passwdfile.txt shadowfile.txt >

    crackfile.txt $ john --wordlist=SecLists/Passwords/Common-Credentials/Pwdb_top-100000.txt crackfile.txt . . . quicksand (bob) . . . 16 alice 21 bob bob “Pwdb_top-100000.txt” bob bob John the Ripper 2026 7-8 — 2022-06-29 – p.38/51

39. ( ) (1) JavaScript ( ) (2) (3) (1) (3)

    (2) (3) (A) (B) A ≡ B 2026 7-8 — 2022-06-29 – p.39/51

40. ( ) ( ) https://speakerdeck.com/ks91/attacks-and-defenses-against-prompts HLO 2026 7-8 — 2022-06-29

    – p.40/51

41. GitHub ( ) Git - https://git-scm.com/book/ja/v2/Git- - Git https://gist.github.com/ktx2207/3167fa69531bdd6b44f1 (

    ) GitHub “The Octopus Scanner Malware: Attacking the open source supply chain” 2026 7-8 — 2022-06-29 – p.41/51

42. ( ) 2026 7-8 — 2022-06-29 – p.42/51

43. (1) : I 2026 7-8 — 2022-06-29 – p.43/51

44. ( ) 2026 7-8 — 2022-06-29 – p.44/51

45. Q&A Ver2.0 (2023) https://security-portal.cyber.go.jp/guidance/law_handbook.html 2026 7-8 — 2022-06-29 – p.45/51

46. ( ) 2026 7-8 — 2022-06-29 – p.46/51

47. (2) : 2026 7-8 — 2022-06-29 – p.47/51

48. (3) : Coinhive : https://ja.wikipedia.org/wiki/Coinhive 2026 7-8 — 2022-06-29 –

    p.48/51

49. 2026 7-8 — 2022-06-29 – p.49/51

50. 4. (1) ( ) (2) 2026 7 2 ( )

    23:59 JST Waseda Moodle (Q & A ) 2026 7-8 — 2022-06-29 – p.50/51

51. 2026 7-8 — 2022-06-29 – p.51/51