backtrack ( ) sugiyama[atmark]yamanashi.ac.jp 1. Web Linux ssh firewall firewall
( 1) Linux backtrack Debian,OpenSUSE,FreeBSD PC-UNIX PC backtrack CD USB 2. backtrack Linux ( 2) CD USB VMware 3 USB Vmware OS CD USB USB CD VMware VMware backtrack3 KDE
3. backtrack 3.1 web nslookup,whois Netcraft( 3) 3.2 OS OS telnet 3.3 OS Exploit (FTP,Telnet,ssh ) web ( ) (root,administrator )Exploit ( )
3.4 log log log log log log 0(/dev/null ) log 4. 4.1 Nmap( 4) Windows OS binarybacktrack Nmap KDE Backtrack Network Mapping All Nmap nmap v sp 192.168.10.0/24 IP 192.168.10.*
192.168.10.159 nmap v A O 192.168.10.159 nmap PORT STATE SERVICE VERSION 21/tcp open tcpwrapped 22/tcp open ssh OpenSSH 5.1 (protocol 1.99) _ SSH Protocol Version 1: Server supports SSHv1 514/tcp filtered shell 3689/tcp open rendezvous Apple itunes 8.0.2 Device type: storage-misc remote management switch broadband router VoIP gateway general purpose Running (JUST GUESSING) : BlueArc embedded (90%), IBM embedded (87%), HP embedded (87%), Allied Telesyn embedded (86%), Netopia embedded (85%), Vegastream embedded (85%), SCO OpenServer 5.X (85%) Aggressive OS guesses: BlueArc Titan 2100 NAS device (90%), IBM BladeCenter management module (firmware BRET85L), IBM System Storage TS3100/TS3200 Express Model tape library, or HP StorageWorks MSL2024 tape library (87%), Allied Telesyn AT-9448Ts/XP switch (86%), Netopia 3346N or 3397GPB ADSL router (85%), Vegastream Vega 400 VoIP Gateway (85%), SCO OpenServer 5.0.7 (85%), SCO OpenServer 5.0.7 (x86) (85%) No exact OS matches for host (test conditions non-ideal). Network Distance: -73 hops TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: Incremental Service Info: OS: Mac OS X TRACEROUTE (using port 21/tcp) HOP RTT ADDRESS 1 1.26 192.168.75.2 2 3.01 seriousbarbarian.lan (192.168.10.159) IP sshd Mac OSX
4.2 Metasploit Framework OS OS Packet Storm( 5) backtarck Metasploit Framework( 6) Exploit KDE Backtrack Penetration Framework Version3 Framework3-MsfUpdate Metasploit Framework Framework3- MsfGUI Metasploit Framework ( )
Metasploit Framework Expolits(OS ),Auxiliary( ),OS ( OS OS) OSX samba OSX 10.4.X OSX 10.4.X http://support.apple.com/kb/ht1457?viewlocale=ja_jp
Expolits osx samba lsa_transnames_heap OS Forward
shell Forward IP Forward Apply
job Session shell job 4.3 Hydra Nmap OSX sshd ssh ssh ID ID KDE Backtrack Privilege Escalation PasswordAttacks PasswordOnlineAttacks Hydra GUI XHydra( 7)
XHydra IP( ),, ID
ID ID ID Start
ssh IP( ) ID ID 5. CISCO LAN WEP backtrack
PCCD USB PC PC backtrack,
web 1 http://www.itmedia.co.jp/enterprise/articles/0506/23/news007.html 2 backtrack web http://www.remote-exploit.org/backtrack.html (2009/02/28)Version4 ubuntu 3 netcraft http://news.netcraft.com/ 4 Insecure.Org - Nmap Free Security Scanner, Tools & Hacking resources http://insecure.org/ 5 [packet storm] http://packetstormsecurity.org/ 6 The Metasploit Project http://www.metasploit.com/ 7 Hydra web http://freeworld.thc.org/ O REILLY Andrew Lockhart Hacks 2 ISBN978-4-87311-327-2