¦þ¹ ¼³¾Šł
01.01.2015 Views
Share Embed Flag

¦þ¹ ¼³¾Šł

¦þ¹ ¼³¾Šł

¦þ¹ ¼³¾Šł

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
xakep.ru

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Âçëîì<br />

ÕÀÊÅÐ\¹53\Ìàé\2003<br />

ÏÀÐÎËÜ "ÐÛÁÀ-SHIT"<br />

Master-lame-master<br />

ñêðèïò, ÷òî è ïðîäåëàë íàø âçëîìùèê. Ñêðèïò íàéäåí,<br />

äåëî îñòàâàëîñü çà ìàëûì - çàïóñòèòü 7350fun<br />

è æäàòü ðåçóëüòàòà.<br />

Áóêâàëüíî ÷åðåç 20 ìèíóò ïåðåáîðà îôñåòîâ,<br />

apache ñäàëñÿ è âûäàë nobody-øåëë. Äàëüøå<br />

ñêðèïòêèäè îïðåäåëèë îïåðàöèîííóþ ñèñòåìó, ýòî<br />

îêàçàëàñü RedHat 7.0. Â áîé ïîøëè ëîêàëüíûå ýêñïëîèòû.<br />

Íà ñåðâåð áûë óñòàíîâëåí äûðÿâûé sendmail.<br />

Ñ ïîìîùüþ ñïëîèòà sxp.c (ïðî íåãî óæå ïèñàë<br />

][ â ñòàòüå "top10 exploits"), õàêåð äîñòèã rootïðàâ.<br />

Ïîñëå óñòàíîâêè ðóòêèòà åìó ïîä÷èíèëàñü<br />

âñÿ ñèñòåìà... À âñå èç-çà êàêîãî-òî php-ìîäóëÿ.<br />

ÓÃËÓÁËßÅÌÑß Â ÊÎÄÈÍÃ<br />

Ýòîìó ãåðîþ îäíîãî âçëîìà îêàçàëîñü ìàëî, è îí<br />

ñòàë ëèñòàòü èñòîðèþ êîìàíä àäìèíèñòðàòîðà.<br />

Íàéäåíû áûëè òîëüêî èñõîäÿùèå êîííåêòû ïî ssh,<br />

íî áåç âñÿêèõ ïàðîëåé. John The Ripper òàêæå îêàçàëñÿ<br />

áåñïîëåçíûì. Íî êèäèñ íå ñäàâàëñÿ, ïûòàÿñü<br />

ïðèäóìàòü ÷òî-íèáóäü åùå. È ïðèäóìàë-òàêè - íàäî<br />

ïðîïàò÷èòü ñûðöû ssh, ÷òîáû îí ëîãèðîâàë ïàðîëè.<br />

Óçíàâ âåðñèþ ssh (ssh -V), õàêåð ïîëåç åãî ñêà÷èâàòü<br />

(www.openssh.org). Ñêà÷àë, ðàñïàêîâàë. Íà-<br />

÷àë äåòàëüíîå èçó÷åíèå ñîðñîâ. Åìó íàäî áûëî<br />

íàéòè ìåñòî, ãäå ïåðåäàåòñÿ ïàðîëü. Â ôàéëàõ<br />

sshconnect1.c è sshconnect2.c îáíàðóæèëèñü<br />

Íàéòè php-ñêðèïò - ïðîùå ïðîñòîãî =)<br />

ôóíêöèè ïî çàïðîñó ïàðîëåé. Òåïåðü îñòàâàëîñü<br />

òîëüêî íåìíîãî ñìîäèôèöèðîâàòü êîä:<br />

[root@hack work]# nc -vv www.nikita.ru 80 <<br />

./get.txt |grep Server<br />

Server: Apache/1.3.19 (Unix)<br />

mod_perl/1.24_01 mod_throttle/2.11<br />

PHP/4.0.6 FrontPage/4.0.4.3 mod_ssl/2.8.3<br />

OpenSSL/0.9.6b mod_gzip/1.3.19.1a<br />

sent 17, rcvd 359<br />

[root@hack work]#<br />

Ïðîïàò÷èâ äâà ýòèõ ôàéëà, õàêåð çàíîâî ïåðåñîáðàë<br />

openssh. Çàìåíèë åäèíñòâåííûé /usr/bin/ssh,<br />

ïîñòàâèë ñòàðóþ äàòó. Ïîòîì ñîçäàë ôàéë<br />

/usr/share/locale/it/console.it ñ ïðàâàìè äîñòóïà 666,<br />

÷òîáû áèíàðíèê ìîã êîððåêòíî çàïèñûâàòü â íåãî<br />

àêêàóíòû. Ïîñëå ýòîãî ñòåð ëîãè è óäàëèëñÿ. Îñòàâàëîñü<br />

òîëüêî äîæäàòüñÿ ïîÿâëåíèÿ àäìèíà, êîòîðûé,<br />

ïî ëîãèêå âåùåé, äîëæåí áûë çàéòè íà äðóãîé<br />

ñåðâåð ôèðìû Nikita. Òàê, ñîáñòâåííî, è ïðîèçîøëî.<br />

×òî ïðèìå÷àòåëüíî, àäìèí èñïîëüçîâàë<br />

root-àêêàóíò äëÿ ïîäêëþ÷åíèÿ, ïîýòîìó, ïðî÷èòàâ<br />

console.it, âçëîìùèê óçíàë âñþ ïîëåçíóþ èíôó.<br />

Òåáÿ èíòåðåñóåò, ÷åì âñå çàêîí÷èëîñü Èç-çà òîãî,<br />

÷òî õàêåð íå èñïîëüçîâàë øåëë â êà÷åñòâå õàêïëîùàäêè,<br />

åãî íå çàìå÷àëè äîâîëüíî äîëãî. Ê òîìó<br />

æå îí ìîã ïîëó÷àòü íà õàëÿâó âñå êîììåð÷åñêèå<br />

ïðîäóêòû âçëîìàííîé ôèðìû. PHP-áàã íà ñåðâåðå<br />

òàê è îñòàëñÿ íåçàïàò÷åííûì â òå÷åíèå ïîëóãîäà.<br />

Ïîòîì, íàêîíåö, ñèñòåìà áûëà çàìåíåíà íîâîé,<br />

è ïàðîëè ñóïåðïîëüçîâàòåëÿ èçìåíèëèñü.<br />

ÑÊÀÇÊÀ ËÎÆÜ, ÄÀ Â ÍÅÉ ÍÀÌÅÊ...<br />

Äàëåêî íå âñå âçëîìû ïðîõîäÿò òàê ãëàäêî. Ïîðîé<br />

ýòî áåññîííûå íî÷è, ïîñëå êîòîðûõ õàêåð íàõîäèò<br />

òîíåíüêóþ íèòî÷êó â ñèñòåìå, çà íåå îí è öåïëÿåòñÿ.<br />

À èíîãäà íåò è åå. Âñå çàâèñèò îò ñèñòåìíûõ<br />

ðóê àäìèíèñòðàòîðîâ.<br />

Íå ñòîèò ðàñöåíèâàòü ýòîò ìàòåðèàë êàê ëæèâûé<br />

êèíîðîìàí - âñå âçëîìû, îïèñàííûå çäåñü, ðåàëüíû.<br />

Äëÿ ïðîñòîòû ïîíèìàíèÿ áûëè ëèøü îïóùåíû<br />

ïîïûòêè ñáîðà äàííûõ, íå óâåí÷àâøèåñÿ<br />

óñïåõîì, à òàêæå íåêîòîðûå ïðîìàõè õàêåðà ïî<br />

ïðè÷èíå íåîïûòíîñòè èëè ëåíè. Äëÿ íàñ âñåãäà<br />

îñòàåòñÿ ãëàâíûì èòîã - íàðóøèòåëü ïðîðûâàåòñÿ<br />

÷åðåç âñåâîçìîæíûå ñèñòåìû áåçîïàñíîñòè è îñòàåòñÿ<br />

íåçàìåòíûì äëÿ àäìèíîâ...<br />

Êîäèì äî ïîòåðè ñîçíàíèÿ<br />

Îñíîâíûå ïðèíöèïû õàêåðà<br />

×òî æå ïîìîãëî õàêåðó â åãî íåëåãêîì äåëå<br />

1. Âçëîìùèê íèêîãäà íå ïðåíåáðåãàåò ñáîðîì äàííûõ î ïðîòèâíèêå, è ëèøü ïîñëå<br />

ïîëó÷åíèÿ èñ÷åðïûâàþùåé èíôîðìàöèè ïûòàåòñÿ ëîìàòü æåðòâó ÷åðåç âîçìîæíûå<br />

óÿçâèìîñòè.<br />

2. Âçëîìùèê äëÿ ïðîäóêòèâíîé ðàáîòû äîâîëüíî ÷àñòî ïîëüçóåòñÿ íåçàìåíèìûìè<br />

ïðîãðàììàìè nmap è netcat. Ñêà÷àòü èõ ìîæíî ÷åðåç ïîèñêîâèê unix-like-ïðîãðàìì<br />

www.freshmeat.net.<br />

3. Âçëîìùèê íå çëîóïîòðåáëÿåò ðóòèííîé ðàáîòîé ïî ïàò÷èíãó ñîðöîâ ñëóæåáíûõ ïðîãðàìì.<br />

1 2 3 4<br />

58 Íüþñû Ôåððóì Inside PC_Zone Âçëîì

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!