¦þ¹ ¼³¾Šł
01.01.2015 Views
Share Embed Flag

¦þ¹ ¼³¾Šł

¦þ¹ ¼³¾Šł

¦þ¹ ¼³¾Šł

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
xakep.ru

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Âçëîì<br />

ÏÀÐÀËËÅËÜÍÛÉ ÌÈÐ<br />

kas1e<br />

Ññûëêè<br />

ÕÀÊÅÐ\¹53\Ìàé\2003<br />

http://x25.net.ru/x25.ps.gz - ñïåöèôèêàöèÿ x25-<br />

ïðîòîêîëà.<br />

http://x25.net.ru/x3-x28.rar - ÏÀÄ<br />

Russian Undeground Club ezines<br />

[ ... âûðåçàíî èç ëîãà ... ]<br />

Òàáëèöà 1<br />

Ëîãè ðàáîòû<br />

ÑÏÎÑÎÁÛ ÂÇËÎÌÀ<br />

×òî ó íàñ èìååòñÿ íà ýòó òåìó 2 ñïîñîáà è èõ<br />

êîìáèíèðîâàíèå. ß èõ ìîãó ðàçäåëèòü íà "ñòàðûé"<br />

è "íîâûé", íî ìîæíî íàçâàòü ýòî êàê óãîäíî<br />

:). ×òî ìû îòíåñåì ê ñòàðîìó ñïîñîáó Ýòî ñêàíèðîâàíèå,<br />

ïîäáîð àêêàóíòîâ, îøèáêè "íà äóðàêà",<br />

îøèáêè êîíôèãóðàöèè (÷åëîâå÷åñêèé ôàêòîð) è<br />

ñîöèàëüíàÿ èíæåíåðèÿ. Êàê ïðèìåð ðàññìîòðèì<br />

òàêóþ ñòðóêòóðó:<br />

1. Ñêàíèðóåì â ïîèñêàõ äîñòóïíûõ áåç-nui'åâûõ<br />

õîñòîâ.<br />

2. Ñêàíèðóåì êàæäûé íàéäåííûé õîñò íà ðàñïðîñòðàíåííûå<br />

ëîãèíû/ïàðîëè (÷òî äî ñèõ ïîð, êàê<br />

ýòî íè ñòðàííî, ðàáîòàåò). Âñå òîò æå íåáîëüøîé<br />

ñïèñî÷åê êîìáèíàöèé:<br />

guest/<br />

guest/<br />

anonymous/<br />

anonymouse/<br />

visitor/<br />

new/<br />

admin/<br />

system/<br />

temp/<br />

test/<br />

Õîñòû áûâàþò ñàìûìè ðàçíîîáðàçíûìè. Îò unixáîêñîâ/ppp-ñåññèé,<br />

äî rex/dionis-ñèñòåì. Ó êàæäîé<br />

èç íèõ åñòü ñâîè ãëþêè, êîòîðûå õàêåðû èñïîëüçóþò<br />

â ñâîèõ öåëÿõ. Â ðàìêàõ îäíîé ñòàòè âñå ýòè<br />

îøèáêè ìû, åñòåñòâåííî, ðàññìîòðåòü íå ñìîæåì.<br />

Âòîðîé ñïîñîá (òàê ñêàçàòü, "íîâûé") - ïîèñê óÿçâèìîñòåé<br />

ïðîòîêîëà, âîçìîæíîñòè ñíèôèíãà, ñïóôèíãà<br />

è ðàçëè÷íûå íîâîìîäíûå ïðèåìû. Îäèí èç<br />

íèõ çàêëþ÷àåòñÿ â òîì, ÷òî â ïàêåòå íà çàïðîñ ñîåäèíåíèÿ<br />

ìîæíî âîîáùå íå ïèñàòü îáðàòíûé àäðåñ<br />

(ñîåäèíåíèå óñòàíàâëèâàåòñÿ íå ïî àäðåñàì â<br />

ïàêåòå, à ïî ëîãè÷åñêèì íîìåðàì êàíàëîâ). ×òî<br />

ýòî äàåò, ÿ äóìàþ ïîíÿòíî ñðàçó. Âî-ïåðâûõ, ýòî<br />

âîçìîæíîñòü ïîäñòàâëÿòü ëþáûå àäðåñà (ò.å. ïðè<br />

æåëàíèè ìîãóò ïðèéòè ñîâñåì â äðóãîå ìåñòî).<br />

Âî-âòîðûõ, åñëè ìû íå ïîäñòàâèì àäðåñà âîîáùå,<br />

òî íèêòî íè÷åãî è íèêîãäà íå óçíàåò. Ïëþñû<br />

î÷åâèäíû. Âòîðàÿ âîçìîæíîñòü - ñòàðûé äîáðûé<br />

ñðà÷. Ò.å. DoS. Ñ òåðìèíàëüíîé ëèíèè (ìîäåìà)<br />

DoS, êîíå÷íî, íå ãðîçèò, íî ñ ëþáîãî áîêñà, èìåþùåãî<br />

âûõîä â x25-ñåòü, ìû ìîæåì ýòî óñòðîèòü,<br />

ïîñûëàÿ ïîñòîÿííûå çàïðîñû íà æåðòâó. Î÷åâèäíî,<br />

÷åì áîëüøå áîêñîâ, òåì ëó÷øå. Åùå îäèí âàðèàíò<br />

- ýòî äàâíî èçâåñòíûé ïî Ëèðèêîâñêîé ñèòå<br />

"ñíèôèíã-ïîäñòàâà". ×òî ìû äåëàåì â ýòîì ñëó-<br />

÷àå. Ìû íàõîäèì àäðåñ íóæíîãî íàì ïàäà è ïîñòîÿííî<br />

øëåì ïàêåòû ñ çàïðîñîì êîííåêòà íà àäðåñ<br />

ýòîãî ïàäà, êîòîðûì ìû ÿêîáû áóäåì. Â ðåçóëüòàòå<br />

âîçíèêíîâåíèÿ íåêîòîðûõ êîëëèçèé è íåïðîâåðêè<br />

ñîîòâåòñòâèÿ àäðåñîâ, õîñò-æåðòâó ñîåäèíÿþò<br />

ñ ïîñûëüùèêîì òàêèõ ïàêåòîâ (äîãàäàéòåñü,<br />

êòî ýòî :)), êîòîðûé óæå ìîæåò ïðèêèíóòüñÿ<br />

ïàäîì, âûäàòü ïàäîâîå ñîîáùåíèå è çàèìåòü âñå<br />

äàííûå ïîëüçîâàòåëÿ, âêëþ÷àÿ nui, ëîãèíû, ïàðîëè<br />

è òîìó ïîäîáíîå. Âîò êàê ýòî âûãëÿäåëî â sita<br />

network (ëîã êèáåð-ëèðèêà): (òàáëèöà 1)<br />

 ðîñíåòå ýòî äåéñòâóåò àíàëîãè÷íûì ñïîñîáîì, ÷òî<br />

ìîæíî óâèäåòü íà ñëåäóþùåì ïðèìåðå (ëîã graf'a):<br />

(òàáëèöà 1)<br />

Âîò ýòî è åñòü ïðîñòûå "íîâîìîäíûå" ñïîñîáû.<br />

Äàëåå ïðåäëàãàþ øòóäèðîâàòü ëèòåðàòóðó è èñêàòü<br />

ñâîè ñïîñîáû.<br />

ÇÀÊËÞ×ÅÍÈÅ<br />

Èòàê, òåïåðü òû ìîæåøü ïîëüçîâàòüñÿ ýòèìè ïðèåìàìè<br />

äëÿ äîñòèæåíèÿ êàêèõ-òî ñâîèõ öåëåé. Íî<br />

ÿ íàäåþñü, ÷òî ñòàòüÿ íàïðàâèò òåáÿ â íóæíîå<br />

ðóñëî, è êîíå÷íî, î÷åíü íåæåëàòåëüíî, ÷òîáû ïî-<br />

÷åðïíóòûå çíàíèÿ èñïîëüçîâàëèñü ïðîòèâîçàêîííî.<br />

Õî÷åòñÿ âåðèòü, ÷òî ýòà ñòàòüÿ ïîêàæåò ìíîãèì,<br />

÷òî êðîìå TCP/IP ñòåêà åñòü ìíîæåñòâî íå<br />

ìåíåå èíòåðåñíûõ ïðîòîêîëîâ (x25, êîíå÷íî æå,<br />

íå åäèíñòâåííûé ïðåäñòàâèòåëü). Òàê<br />

÷òî óäà÷íîãî òåáå îñâîåíèÿ x25-ñåòåé!<br />

XXXX XXX<br />

SITA NETWORK: call cleared - destination not<br />

responding<br />

// êàæåòñÿ, PAD ñâîáîäåí<br />

XXXX XXX<br />

SITA NETWORK: call connected to XXXX XXX<br />

(001) (n, nui 19730001 charging, packet size:<br />

128)<br />

...<br />

NUI 12345678<br />

ASDF1H<br />

SITA NETWORK: call cleared - remote directive<br />

// ìîæåò áûòü, êîëëèçèÿ â îäíî è òî æå âðåìÿ<br />

// æåðòâà è õàêåð êîííåêòÿòñÿ íà PAD<br />

XXXX XXX<br />

SITA NETWORK: call cleared - destination busy<br />

// îïñ ... æåðòâà óæå ðàáîòàåò<br />

[ ... âûðåçàíî èç ëîãà ... ]<br />

*60001010009<br />

ACP:clr not obtainable - remote directive<br />

241 device not ready<br />

*60001010009<br />

ACP:clr not obtainable - remote directive<br />

241 device not ready<br />

*60001010009<br />

ACP:clr not obtainable - remote directive<br />

241 device not ready<br />

*60001010009<br />

ACP:fac: r,p(128,128),w(2,2),d(9600,9600)<br />

com<br />

Enter ADDRESS[*userdata], n-ADDRESS for NUI<br />

access or HELP<br />

WELCOME TO ROSNET!<br />

// âîò ìû ïîäêëþ÷èëèñü ê ìîäåìíîìó ïóëó,<br />

çäåñü íå õâàòàåò òîëüêî "*" //<br />

*

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!