์ƒˆ์†Œ์‹

์ธ๊ธฐ ๊ฒ€์ƒ‰์–ด

๐Ÿ“  Secure

JtR(John the Ripper) ๊ธฐ์ดˆ

  • -
๋ฐ˜์‘ํ˜•
# ์‚ฌ์šฉํ•˜์ง€ ์•Š์œผ๋ฉด ์ค‘๋ณต๋œ ๊ฐ’์ด ๋œฐ ๋•Œ ์˜ค๋ฅ˜๊ฐ€ ์ƒ๊ธด๋‹ค
cat /root/.john/john.pot	 
rm /root/.john/john.pot
# md5๋กœ ์•”ํ˜ธํ™”๋œ ๊ฒƒ ํ™•์ธ
cat /etc/shadow | grep root

$6$ : ํ•ด์‹œํ•จ์ˆ˜๋กœ ์•”ํ˜ธํ™” // 18605 : ๋น„๋ฐ€๋ฒˆํ˜ธ ์ƒ์„ฑ ์‹œ๊ธฐ ํ‘œ๊ธฐ // 0 : ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ๋ณ€๊ฒฝํ•œ ์ ์ด ์—†๋‹ค ( ๋น„๋ฐ€๋ฒˆํ˜ธ ๋ณ€๊ฒฝํ•œ ํ›„ ํ๋ฅธ ์‹œ๊ธฐ ) // 99999 : 99999์ผ ๋™์•ˆ ๋น„๋ฐ€๋ฒˆํ˜ธ ์‚ฌ์šฉ ๊ฐ€๋Šฅ // 7 : ๋น„๋ฐ€๋ฒˆํ˜ธ ๋งŒ๋ฃŒ ๋˜๊ธฐ 7์ผ์ „์— ์•Œ๋ ค์ค€๋‹ค
john the ripper์˜ ์ •๋ณด ํ™•์ธ


# passwdํŒŒ์ผ๊ณผ shadow ํŒŒ์ผ์„ ํ•ฉ์ณ์„œ /tmp/password.txt.๋กœ ์ €์žฅ
unshadow /etc/passwd /etc/shadow > /tmp/password.txt


# crype : ์œ ๋‹‰์Šค/๋ฆฌ๋ˆ…์Šค์—์„œ ์‚ฌ์šฉ ๊ฐ€๋Šฅ // wordlist : ๋ ˆ์ธ๋ณด์šฐ ํ…Œ์ด๋ธ” ๊ฐœ๋… 
# python์ด๋ผ๋Š” ๊ณ„์ •์˜ ๋น„๋ฐ€๋ฒˆํ˜ธ 1234 ๋ณต์› // root๋ผ๋Š” ๊ณ„์ •์˜ ๋น„๋ฐ€๋ฒˆํ˜ธ 1234 ๋ณต์›
john --format=crypt --wordlist=/usr/share/john/password.lst /tmp/password.txt

๋ฆฌ๋ˆ…์Šค์—์„œ ์‚ฌ์šฉ๊ฐ€๋Šฅํ•œ ๋ช…๋ น์–ด // ์˜ต์…˜์„ ๋ช…์‹œํ•œ๊ฒƒ๋ณด๋‹ค ์‹œ๊ฐ„์ด ๋Š๋ฆฌ๋‹ค


# ํ•ด์‹œ๊ฐ’์„ ํ’€์–ด์„œ ์›๋ณธ์˜ ์ƒํƒœ๋กœ ๋ณต์›ํ•ด์„œ ํ™•์ธ ๊ฐ€๋Šฅ
john --show /tmp/password.txt


# root์— ํ•ด๋‹นํ•˜๋Š”๊ฒƒ๋งŒ ๋ณต์› ์‹œ๋„ํ•œ๋‹ค
john --users=root /tmp/password.txt

cat > malware.c 
include <stdio.h> 
 
int main() { 
printf("Hello, world!\n"); 
return 0; 
} 

apt-get install gcc-mingw-w64
gcc -g -o malware malware.c 
i686-w64-mingw32-gcc -o malware.exe malware.c 
chmod 777 malware.exe

malware : ๋ฆฌ๋ˆ…์Šค์—์„œ ์“ธ ์•…์„ฑ์ฝ”๋“œ // malware.exe : ์œˆ๋„์šฐ์—์„œ ์“ธ ์•…์„ฑ์ฝ”๋“œ ์ œ์ž‘

๋ฐ˜์‘ํ˜•
Contents

ํฌ์ŠคํŒ… ์ฃผ์†Œ๋ฅผ ๋ณต์‚ฌํ–ˆ์Šต๋‹ˆ๋‹ค

์ด ๊ธ€์ด ๋„์›€์ด ๋˜์—ˆ๋‹ค๋ฉด ๊ณต๊ฐ ๋ถ€ํƒ๋“œ๋ฆฝ๋‹ˆ๋‹ค.