Upgrade to Pro — share decks privately, control downloads, hide ads and more …

「サイバーセキュリティ (2020夏)」第7-8回「サイバー攻撃・防御とサイバー法」 / Cy...

「サイバーセキュリティ (2020夏)」第7-8回「サイバー攻撃・防御とサイバー法」 / Cyber Attacks - Protections and Cyber Law

2020年7月6日、早稲田大学 大学院経営管理研究科の「サイバーセキュリティ (2020夏)」第7-8回にて使用したスライドです。

Kenji Saito

July 06, 2020
Tweet

More Decks by Kenji Saito

Other Decks in Technology

Transcript

  1. 1 6 15 • 2 6 15 • 3 6

    22 • 4 6 22 • 5 6 29 I • 6 6 29 I • 7 7 6 • 8 7 6 • 9 7 13 10 7 13 11 7 20 II 12 7 20 II 13 7 27 14 7 27 2020 7-8 — 2020-07-06 – p.3/57
  2. (1) Winny 7 (2020) Winny WIDE ( ) 2020 7-8

    — 2020-07-06 – p.5/57
  3. 3. (1) (2) 2020 7 2 ( ) 23:59 JST

    ( ) Waseda Moodle 2020 7-8 — 2020-07-06 – p.8/57
  4. . . . . . . 14 13 ( )

    ( ) ^^; . . . NPC (Non Player Character) 2020 7-8 — 2020-07-06 – p.10/57
  5. S 1 1 ⇒ . . . (1): (2018) (2):

    (2019) 2020 7-8 — 2020-07-06 – p.11/57
  6. S ⇒ (CTO) ( Zoom ) CTO . . .

    2020 7-8 — 2020-07-06 – p.12/57
  7. S S ⇒ ( ) . . . (1 ^^;)

    2020 7-8 — 2020-07-06 – p.14/57
  8. T 5 2 3 1 5 → 1 3 ∼

    1 2 ⇒ ( ) 2020 7-8 — 2020-07-06 – p.15/57
  9. W T / IT ⇒ II Eats 2020 7-8 —

    2020-07-06 – p.18/57
  10. I ⇒ ( ) COCOA2 ( ) Eats COCOA2 and/or

    2020 7-8 — 2020-07-06 – p.19/57
  11. T CTO ENG IT ⇒ ICT OK ( ) 2020

    7-8 — 2020-07-06 – p.23/57
  12. T ⇒ CSIRT ( ) I Eats CTO ( CTO)

    2020 7-8 — 2020-07-06 – p.27/57
  13. (1/2) NPC NPC . . . CTO ( ^^;) 2020

    7-8 — 2020-07-06 – p.29/57
  14. (2/2) ( ) ( ) Discord Zoom ( ) sudoers

    bitcoin ^^; ( ) CTO 2020 7-8 — 2020-07-06 – p.30/57
  15. I ( . . . ) ( ) 2020 7-8

    — 2020-07-06 – p.32/57
  16. ( ) (1/5) Ubuntu 18.04 ( ) 2 (Parallels) $

    ip address IP alice ( ), bob ( ) # adduser alice . . . Enter new UNIX password: structure . . . # adduser bob . . . Enter new UNIX password: quicksand . . . 2020 7-8 — 2020-07-06 – p.33/57
  17. ( ) (2/5) alice (sudo : superuser do) # gpasswd

    -a alice sudo $ grep "sudo" /etc/group alice malissa ( ) # adduser malissa . . . Enter new UNIX password: irresistible . . . “structure quicksand irresistible . . .” ( ) 1 1 ( ) 2020 7-8 — 2020-07-06 – p.34/57
  18. ( ) (3/5) SSH (Secure Shell) ( ) ( 1)

    (apt : Advanced Packaging Tool) $ sudo apt install openssh-server SSH ( ) (Ed25519 ) $ ssh-keygen -t ed25519 . . . Enter passphrase (empty for no passphrase): . . . $ cat .ssh/id_ed25519.pub alice: “heartbeat”, bob: “okinawa”, malissa: “darkness” ( ) cat ( ) cat catenate ( ) ( ) 2020 7-8 — 2020-07-06 – p.35/57
  19. ( ) (4/5) SSH ( ) ( 2) ( )

    $ mkdir .ssh $ chmod 700 .ssh $ cd .ssh $ nano authorized_keys ( ) $ chmod 600 authorized_keys ( ) alice, bob malissa $ slogin IP $ exit 2020 7-8 — 2020-07-06 – p.36/57
  20. ( ) (5/5) $ sudo apt install git nmap john

    git nmap “Matrix Reloaded” (https://nmap.org/images/matrix/matrix-hack-screen3.png) SSH john (John the Ripper) bob 2020 7-8 — 2020-07-06 – p.37/57
  21. I . . . . . . ^^; 2020 7-8

    — 2020-07-06 – p.38/57
  22. Tor (The Onion Router) Mail2Tor → ( ) 1 Tor

    : https://www.torproject.org Mail2Tor : http://free.arinco.org/mail/mail2tor/ (Tor ) Tor ( ) 2020 7-8 — 2020-07-06 – p.39/57
  23. I malissa $ passwd ESC recovery mode root # mount

    -o remount,rw / # passwd malissa # exit malissa Ubuntu OS ( ) 2020 7-8 — 2020-07-06 – p.40/57
  24. (1) I malissa bob 22 SSH $ nmap -sV -p

    22 IP $ git clone https://github.com/danielmiessler/SecLists.git bob malissa bob “/etc/ssh/sshd_config” #PasswordAuthentication yes # ( ) no $ sudo systemctl restart ssh SSH malissa bob 2020 7-8 — 2020-07-06 – p.41/57
  25. SSH alice = malissa alice bob “authorized_keys” bob $ sudo

    -s # cd ../bob/.ssh # nano authorized_keys ( malissa ) bob alice (bob ) malissa bob 2020 7-8 — 2020-07-06 – p.42/57
  26. alice = malissa $ sudo gpasswd -a bob sudo sudo

    malissa bob 2020 7-8 — 2020-07-06 – p.43/57
  27. (2) “/etc/shadow” “/etc/passwd” alice malissa $ unshadow passwdfile.txt shadowfile.txt >

    crackfile.txt $ john --wordlist=SecLists/Passwords/Common-Credentials/10-million-password-list-top-100000.txt crackfile.txt . . . quicksand (bob) . . . 8 bob “10-million-password-list-top-100000.txt” bob bob John the Ripper 2020 7-8 — 2020-07-06 – p.44/57
  28. ( ) (1) JavaScript ( ) (2) (3) (1) (3)

    (2) (3) (A) (B) A ≡ B 2020 7-8 — 2020-07-06 – p.45/57
  29. GitHub ( ) Git - https://git-scm.com/book/ja/v2/Git- - Git https://gist.github.com/ktx2207/3167fa69531bdd6b44f1 (

    ) GitHub “The Octopus Scanner Malware: Attacking the open source supply chain” 2020 7-8 — 2020-07-06 – p.46/57
  30. & (C&C) IRC (Internet Relay Chat) IRC ( ) Bitcoin

    IRC & “Glupteba – the malware that gets secret messages from the Bitcoin blockchain” Bitcoin 2020 7-8 — 2020-07-06 – p.47/57
  31. 4. (1) (2) 2020 7 9 ( ) 23:59 JST

    ( ) Waseda Moodle 2020 7-8 — 2020-07-06 – p.56/57