「サイバーセキュリティ (2020夏)」第7-8回「サイバー攻撃・防御とサイバー法」 / Cyber Attacks - Protections and Cyber Law

「サイバーセキュリティ (2020夏)」第7-8回「サイバー攻撃・防御とサイバー法」 / Cyber Attacks - Protections and Cyber Law

2020年7月6日、早稲田大学 大学院経営管理研究科の「サイバーセキュリティ (2020夏)」第7-8回にて使用したスライドです。

847a328633b1df6b11cc2f72430025e6?s=128

Kenji Saito

July 06, 2020
Tweet

Transcript

  1. 2020 7-8 (WBS) 2020 7-8 — 2020-07-06 – p.1/57

  2. https://speakerdeck.com/ks91 ( ) WBS ( ) 2020 7-8 — 2020-07-06

    – p.2/57
  3. 1 6 15 • 2 6 15 • 3 6

    22 • 4 6 22 • 5 6 29 I • 6 6 29 I • 7 7 6 • 8 7 6 • 9 7 13 10 7 13 11 7 20 II 12 7 20 II 13 7 27 14 7 27 2020 7-8 — 2020-07-06 – p.3/57
  4. 7 6 2013 Winny P2P P2P 2020 7-8 — 2020-07-06

    – p.4/57
  5. (1) Winny 7 (2020) Winny WIDE ( ) 2020 7-8

    — 2020-07-06 – p.5/57
  6. + I ( ) + 2020 7-8 — 2020-07-06 –

    p.6/57
  7. 2020 7-8 — 2020-07-06 – p.7/57

  8. 3. (1) (2) 2020 7 2 ( ) 23:59 JST

    ( ) Waseda Moodle 2020 7-8 — 2020-07-06 – p.8/57
  9. ( ) (1 ) 2020 7-8 — 2020-07-06 – p.9/57

  10. . . . . . . 14 13 ( )

    ( ) ^^; . . . NPC (Non Player Character) 2020 7-8 — 2020-07-06 – p.10/57
  11. S 1 1 ⇒ . . . (1): (2018) (2):

    (2019) 2020 7-8 — 2020-07-06 – p.11/57
  12. S ⇒ (CTO) ( Zoom ) CTO . . .

    2020 7-8 — 2020-07-06 – p.12/57
  13. S ⇒ Yahoo! JAPAN ( ) https://about.yahoo.co.jp/info/blog/20161108/hardening.html Yahoo! JAPAN ·

    2020 7-8 — 2020-07-06 – p.13/57
  14. S S ⇒ ( ) . . . (1 ^^;)

    2020 7-8 — 2020-07-06 – p.14/57
  15. T 5 2 3 1 5 → 1 3 ∼

    1 2 ⇒ ( ) 2020 7-8 — 2020-07-06 – p.15/57
  16. T ⇒ (NPC ^^;) 2020 7-8 — 2020-07-06 – p.16/57

  17. W (11-908) ⇒ 2020 ( ) 2020 7-8 — 2020-07-06

    – p.17/57
  18. W T / IT ⇒ II Eats 2020 7-8 —

    2020-07-06 – p.18/57
  19. I ⇒ ( ) COCOA2 ( ) Eats COCOA2 and/or

    2020 7-8 — 2020-07-06 – p.19/57
  20. T ⇒ 2020 7-8 — 2020-07-06 – p.20/57

  21. T ⇒ ( ) ^^; 2020 7-8 — 2020-07-06 –

    p.21/57
  22. K ⇒ (BCP) 2020 7-8 — 2020-07-06 – p.22/57

  23. T CTO ENG IT ⇒ ICT OK ( ) 2020

    7-8 — 2020-07-06 – p.23/57
  24. T ⇒ 2020 7-8 — 2020-07-06 – p.24/57

  25. N CTO ⇒ Eats 2020 7-8 — 2020-07-06 – p.25/57

  26. T CTO ⇒ ( ) 66 2020 7-8 — 2020-07-06

    – p.26/57
  27. T ⇒ CSIRT ( ) I Eats CTO ( CTO)

    2020 7-8 — 2020-07-06 – p.27/57
  28. K ⇒ 2020 7-8 — 2020-07-06 – p.28/57

  29. (1/2) NPC NPC . . . CTO ( ^^;) 2020

    7-8 — 2020-07-06 – p.29/57
  30. (2/2) ( ) ( ) Discord Zoom ( ) sudoers

    bitcoin ^^; ( ) CTO 2020 7-8 — 2020-07-06 – p.30/57
  31. 2020 7-8 — 2020-07-06 – p.31/57

  32. I ( . . . ) ( ) 2020 7-8

    — 2020-07-06 – p.32/57
  33. ( ) (1/5) Ubuntu 18.04 ( ) 2 (Parallels) $

    ip address IP alice ( ), bob ( ) # adduser alice . . . Enter new UNIX password: structure . . . # adduser bob . . . Enter new UNIX password: quicksand . . . 2020 7-8 — 2020-07-06 – p.33/57
  34. ( ) (2/5) alice (sudo : superuser do) # gpasswd

    -a alice sudo $ grep "sudo" /etc/group alice malissa ( ) # adduser malissa . . . Enter new UNIX password: irresistible . . . “structure quicksand irresistible . . .” ( ) 1 1 ( ) 2020 7-8 — 2020-07-06 – p.34/57
  35. ( ) (3/5) SSH (Secure Shell) ( ) ( 1)

    (apt : Advanced Packaging Tool) $ sudo apt install openssh-server SSH ( ) (Ed25519 ) $ ssh-keygen -t ed25519 . . . Enter passphrase (empty for no passphrase): . . . $ cat .ssh/id_ed25519.pub alice: “heartbeat”, bob: “okinawa”, malissa: “darkness” ( ) cat ( ) cat catenate ( ) ( ) 2020 7-8 — 2020-07-06 – p.35/57
  36. ( ) (4/5) SSH ( ) ( 2) ( )

    $ mkdir .ssh $ chmod 700 .ssh $ cd .ssh $ nano authorized_keys ( ) $ chmod 600 authorized_keys ( ) alice, bob malissa $ slogin IP $ exit 2020 7-8 — 2020-07-06 – p.36/57
  37. ( ) (5/5) $ sudo apt install git nmap john

    git nmap “Matrix Reloaded” (https://nmap.org/images/matrix/matrix-hack-screen3.png) SSH john (John the Ripper) bob 2020 7-8 — 2020-07-06 – p.37/57
  38. I . . . . . . ^^; 2020 7-8

    — 2020-07-06 – p.38/57
  39. Tor (The Onion Router) Mail2Tor → ( ) 1 Tor

    : https://www.torproject.org Mail2Tor : http://free.arinco.org/mail/mail2tor/ (Tor ) Tor ( ) 2020 7-8 — 2020-07-06 – p.39/57
  40. I malissa $ passwd ESC recovery mode root # mount

    -o remount,rw / # passwd malissa # exit malissa Ubuntu OS ( ) 2020 7-8 — 2020-07-06 – p.40/57
  41. (1) I malissa bob 22 SSH $ nmap -sV -p

    22 IP $ git clone https://github.com/danielmiessler/SecLists.git bob malissa bob “/etc/ssh/sshd_config” #PasswordAuthentication yes # ( ) no $ sudo systemctl restart ssh SSH malissa bob 2020 7-8 — 2020-07-06 – p.41/57
  42. SSH alice = malissa alice bob “authorized_keys” bob $ sudo

    -s # cd ../bob/.ssh # nano authorized_keys ( malissa ) bob alice (bob ) malissa bob 2020 7-8 — 2020-07-06 – p.42/57
  43. alice = malissa $ sudo gpasswd -a bob sudo sudo

    malissa bob 2020 7-8 — 2020-07-06 – p.43/57
  44. (2) “/etc/shadow” “/etc/passwd” alice malissa $ unshadow passwdfile.txt shadowfile.txt >

    crackfile.txt $ john --wordlist=SecLists/Passwords/Common-Credentials/10-million-password-list-top-100000.txt crackfile.txt . . . quicksand (bob) . . . 8 bob “10-million-password-list-top-100000.txt” bob bob John the Ripper 2020 7-8 — 2020-07-06 – p.44/57
  45. ( ) (1) JavaScript ( ) (2) (3) (1) (3)

    (2) (3) (A) (B) A ≡ B 2020 7-8 — 2020-07-06 – p.45/57
  46. GitHub ( ) Git - https://git-scm.com/book/ja/v2/Git- - Git https://gist.github.com/ktx2207/3167fa69531bdd6b44f1 (

    ) GitHub “The Octopus Scanner Malware: Attacking the open source supply chain” 2020 7-8 — 2020-07-06 – p.46/57
  47. & (C&C) IRC (Internet Relay Chat) IRC ( ) Bitcoin

    IRC & “Glupteba – the malware that gets secret messages from the Bitcoin blockchain” Bitcoin 2020 7-8 — 2020-07-06 – p.47/57
  48. I COCOA2 ( & ) Eats 2020 7-8 — 2020-07-06

    – p.48/57
  49. (1) : I 2020 7-8 — 2020-07-06 – p.49/57

  50. ( ) 2020 7-8 — 2020-07-06 – p.50/57

  51. (2) Q&A (2020) https://www.nisc.go.jp/security-site/law_handbook/index.html 2020 7-8 — 2020-07-06 – p.51/57

  52. ( ) 2020 7-8 — 2020-07-06 – p.52/57

  53. (2) : 2020 7-8 — 2020-07-06 – p.53/57

  54. (3) : Coinhive : https://ja.wikipedia.org/wiki/Coinhive 2020 7-8 — 2020-07-06 –

    p.54/57
  55. 2020 7-8 — 2020-07-06 – p.55/57

  56. 4. (1) (2) 2020 7 9 ( ) 23:59 JST

    ( ) Waseda Moodle 2020 7-8 — 2020-07-06 – p.56/57
  57. 2020 7-8 — 2020-07-06 – p.57/57