20199316 2019-2020-2 "Network Attack and Defense Practice" Week 8 Assignment

Others 2020-04-20 15:53:04 views: null

20199316 2019-2020-2 "Network Attack and Defense Practice" Week 8 Assignment

1. Practice content

Summarize the learning content of this week and introduce the practical content, do not copy and paste

2. Practice process

Practice one

  • lab environment
Machine ip
time 192.168.200.2
metasploitable linux 192.168.200.125

1: Open msfconsole, then found some usermap this loophole, the following chart

2: Select 18 Load Module

3: Set attack aircraft and drones ip ip

4: attack

5: Enter whoamia look at what capacity we are now seeing is the root, explain We got root permissions.

Practice two


This experiment uses Distcc. Distcc is used for distributed compilation of a large amount of code on the network server, but if the configuration is not strict, it is easy to be abused to execute commands. The vulnerability is XCode1.5 version and other versions of distcc2.x version configuration for the server Port access is not restricted.
Start the experiment below.

  • Attacker
    1: First search this vulnerability

    2: Set the target IP

    3: Start the attack (Note: Open wireshark before this step to get the data packet for analysis)

    4: The attack is successful, enter whoami to see who you are, It was found to be daemon.

    5: Then look at the file that saved the user, look at the information of the daemon, not root, need to be elevated
  • Defender
    1: Open wireshark and start capturing packets. From the figure below, you can see the source IP, destination IP, port, and other information

    2: From the packet type, you can see that except for the three distcc packets, the rest are tcp packets.

    3: Let's take a look at what information is in these three distcc packages. Open these three packages, you can see the plaintext shell, this should be shellcode.



    4: Find a continuous tcp packet trace in the back and found all the commands I have entered

3. Problems encountered in learning and solutions

  • Question 1: The attacker and the target cannot ping each other

  • Problem 1 solution: add a network adapter 2 and restart

4. Practice summary

xxx xxx

References

Guess you like

Origin www.cnblogs.com/destiny-love/p/12737880.html
Recommended
Ranking
Reason Codes enhanced accounting documents
The first test case appium
Force command and dispatch emergency communication plan
Interview - What is concurrent programming
21 classic Python interview questions [recommended collection]
[Dahua Data Structure-Introduction to Data Structure ①]
Spring @ConfigurationProperties
Why do we want to broadcast live on WeChat public account? What are the advantages?
How to bring up the toolbar under the desktop of Apple laptop
Dialog: Manually enter information
Daily
More
2024-05-21(35)
2024-05-20(5)
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)

Code World

© 2018 codetd.com