7/30/2019 HACK C BN - PHN 2

1/7

PC 3

1. Nhng bc e hack mot trang WebTheo liet ke cua sach Hack Exposed 3

th e hack mot trang web thong thngphai qua cac bc sau:

- FootPrinting(in dau chan): ay lacach cac hacker thc hien khi muon laythong tin ve may chu/doanh nghiep/ngidung. No bao gom a ch IP, Whois, DNS

tat ca thong tin chi tiet co lien quan entrang web o. Ban cung co the s dungcac cong cu tm kiem tren mang e tmnhng thong tin o.

- Scanning (quet tham do): Khi a cothong tin, ban can anh gia, nh danhnhng dch vu a thu thap. Viec nay baogom quet cong, xac nh he ieu hanh, caccong cu c s dung, bao gom Nmap, WSPingPro, Siphon, sfcam va nhieu cong khacnh Super scanner

- Enumaration (liet ke tm lo hong):

Bc nay tm kiem nhng tai nguyen cbao ve kem hoac tai khoan ngi dung cothe dung e xam nhap, no bao gom cacmat khau mac nh, rat nhieu ngi quantr mang khong biet en hoac khong saoi lai cac gia tr nay.

- Gainning Access (tm cach xam nhap):Bay gi ke xam nhap se tm cach truy cap

vao mang bang cac thong tin co c ba bc tren, phng phap c s dung ay la co the la tan cong vao loi tranbo em, lay va giai ma file Password, cac

cong cu thng c s dung ay la NAT,Podium hoac L0phtCrack (LC).

- Escalating Priviliges (leo thang acquyen):V du trong trng hp hackerxam nhap c vao vi tai khoan Guest

va se tm cach kiem soa t toan bo hethong. Luc nay, hacker se tm cach

crack password Admin hoac s dung lohong e leo thang ac quyen. Mot trongnhng chng trnh crack passwork hay

va s du ng pho bien hie n nay o la Johnthe Ripper.

- Pilfering(dung cac file cha passwordb s h): Them mot lan na cac maytnh tm kiem lai c s dung e tmphng phap truy cap vao mang, nhngfile text cha pass hoac cac c che khongan toan khac co the la ni e hackerquan tam.

- Convering Track (xoa dau vet):Saukhi a thu thap cac thong tin can thiet,hacker tm cach xoa dau vet, xoa cac filelog cua he ieu hanh e ngi quan lykhong nhan ra he thong a b xam nhaphoac co biet cung khong tm ra ke xamnhap la ai.

- Creating Back Doors (tao ca sau

chuan b cho lan xam nhap tiep theo cde dang hn): Hacker e lai BackDoortc la c che cho phep hacker truy captr lai bang con ng b mat vi vieccai at Trojan hoac tao User mi. oi vito chc co nhieu User, cong cu s dungla Trojan Keylogger.

- Denial of Service (DoS) - Tan congt choi dch vu:Neu khong thanh congtrong viec xam nhap, th DoS la cac cuoicung e tan cong he thong. Neu he thongkhong c cau hnh ung cach, no se b

pha v va cho phep hacker truy cap hoactrng hp khac, no co the lam cho hethong khong hoat ong c. Cac congcu s dung e tan cong DoS la Trin00,Pong of Death, TearDrop, cac loai Nuker,flooder. ay la mot trong nhng cong cuc s dung pho bien nhat hien nay.

NHNG KIEN THC CHUAN BCHNG 1

7/30/2019 HACK C BN - PHN 2

2/7

4 PC

- Tuy theo kinh nghiem cung nh kienthc cua mnh ma hacker co the bo quabc nao, khong nhat thiet phai tuan theotrnh t cac bc.

2. Tan cong t choi dch vu

2.1. Gii thieuDistributed Denial Of Service (DDOS):Kieu tan cong c goi la DDOS khinhieu may tnh c s dung e tancong t choi dch vu.

Nam 1998 chng trnh TrinooDistributed Denial of Service (DDoS)c viet bi Phifli.

Thang 5-1999 trang chu cua FBI b ngnghoat ong v cuoc tan cong bang (DDOS).

Thang 6-1999 mang Trinoo a ccai at va kiem tra tren 2000 he thong.

Cuoi thang 8 au thang 9 nam 1999Tribal Flood Network au tien ra i,chng trnh c Mixter phat trien.

Cuoi thang 9 nam 1999 cong cuStacheldraht a bat au xuat hientren nhng he thong cua Chau Au vaHoa Ky.

Ngay 21-10-1999 David Dittrich thuoctrng ai hoc Washington a lam nhngphan tch ve cong cu tan cong t choi dch vu.Ngay 21-9-1999 Mixter phat trien TribeFlood Network 2000 (TFN2K)

10:30 ngay 7-2-2000 yahoo (mot trungtam noi tieng a b tan cong t choi dch

vu), ngng tre hoa t ong trong vong 3 giong ho, website mail yahoo va Geocitiesa b tan cong t 50 a ch IP khac nhau

vi nhng yeu cau chuyen van len en1Gigabit/s.

Ngay 8-2 nhieu website ln nh: Buy.com, Amazon.com, eBay, Datek, MSN,CNN.com b tan cong t choi dch vu.

Luc 19 gi ngay 9-2-2000 websiteExcit.com la cai ch cua mot cuoc tancong t choi dch vu, d lieu c luanchuyen ti tap trong vong 1 gi cho enkhi ket thuc, cuoi cung goi d lieu o bh hong nang ne.

06-01-2000 Yahoo Portal b shutdowntrong 3 tieng, buy.com b crash mot ngay

sau o. Mot ngay sau eBay, Amazon.com,CNN cung chung so phan.

B tan cong t choi dch vu t hangtram may tnh tren Internet gi en hangtrieu goi d lieu yeu cau dch vu.

Qua o, chung ta thay c rang nhng

cuoc tan cong t choi dch vu (Denial ofService Attack) va nhng cuoc tan cong gicac goi d lieu ti may chu (Flood Data ofService Attack) that s la moi lo ngai va trthanh noi kinh hoang cho nhieu mang maytnh ln va nho hien nay.

Khi mot mang may tnh b hacker tancong, no se chiem dung lng tai nguyentren server nh: a cng, bo nh, CPUbang thong lng tai nguyen nay tuythuoc vao kha nang tan cong cua moihacker. Khi server khong the ap nghet yeu cau cac client cua ngi dung thserver se nhanh chong ngng hoat ong,crash hay reboot.

Tan cong t choi dch vu co rat nhieudang nh: Ping of Death, Teardrop,

Aland Attack, Winnuke, Smurf Attack,UDP/ICMP Flooding, TCP/SYN Flooding,

Attack DNS.

2.2. Cac kieu tan cong t choi dch vu* Ping of Death

Mot so may tnh se b ngng hoat ong,

crash, reboot khi b nhan nhng goi d lieuping co kch thc ln.V du:

Ping a ch IP n 10000

Trong o: a ch IP la a ch ban muontan cong.

-n: La v tr va 10000 la so lan gi goid lieu.

*TCP/SYN Flooding

Trnh t cac bc tan cong theo hnhthc nay:

1 Khach hang gi mot TCP SYN packeten cong dch vu cua may chu.Khach hang=>SYN Packet=>May chu

2 May chu se phan hoi lai khach hang bangmot SYN/ACK Packet en cong dch vucua may chu.May chu=>SYN/ACK Packet=>khach hang.

7/30/2019 HACK C BN - PHN 2

3/7

PC 5

3 Khach hang phan hoi lai may chubang mot ACK packet va hoan tat

viec ket no i. Luc nay , khach hang vamay chu tien hanh trao oi d lieu

vi nhau.Khach hang =>ACK Packet =>May chu

Trong trng hp hacker thc hien viec SYNFlooding bang cach gi ti tap hang loatSYN Packet en cong dch vu cua may chuth se lam cho may chu b qua tai va khongcon kha nang ap ng c na.

* UDP/ICMP FloodingHacker thc hien bang cach gi mot

so lng ln cac goi tin UDP/ICMP cokch thc ln en he thong mang. Khihe thong chu s tan cong nay th se bqua tai va chiem het bang thong ng

truyen hoac toc o cua mang gay nennhng kho khan cho nhng khach hangtruy cap.

*Winnuke

DoS Attack ch co the ap dung cho cacmay tnh chay Win9x. Vi kieu tan congnay, hacker se gi cac goi d lieu Out ofBand en cong 139 cua may ch (port139 chnh la port NetBIOS, cong nay chchap nhan cac goi tin co c Out of Bandc bat). Khi may tnh cua nan nhan

(victim) nhan c, mot man hnh xanhbao loi se xuat hien th luc o he ieuhanh Windows cung nhan c cac goi tinnay, no khong biet phan ng vi cac dlieu Out of Band nh the nao, da n en hethong se b crash.

* Teardrop

Tat ca d lieu tren mang chuyen itrong he thong nguon en he thong cheu phai trai qua hai qua trnh: d lieu seb chia thanh cac manh nho he thongnguon, moi manh eu phai co mot gia tr

offset nhat nh. e xac nh v tr cuamanh o trong goi d lieu c chuyeni, cac manh nay khi en he thong ch,he thong nay se da vao gia tr offset esap xep cac manh lai vi nhau theo ungth t ban au. Li dung s h o, banch can gi en he thong ch hang loat

goi packet, vi gia tr offset chong cheolen nhau th he thong ch se khong thenao sap xep lai cac packet nay, ongthi no khong the ieu khien c vaco the b crash, reboot hoac ngng hoatong v gia tr goi packet va a ch offset

chong cheo len nhau qua nhieu.

* Land Attack

Land Attack cung gan giong nh SYNAttack, thay v dung a ch IP khong cothc, hacker se dung chnh a ch IP cuahe thong victim, ieu nay se tao nen mot

vong lap vo tan trong chnh he thong victim,gia mot ben can nhan thong tin phan hoi

va mot ben th chang bao gi gi thong tinphan hoi o i ca.

* Smurf Attack

Kieu tan cong nay co ba thanh phan: hacker(ngi ra lenh), mang khuech ai (se thchien lenh) va he thong victim.

au tien hacker se gi cac goi tin ICMPen a ch broadcast cua mang khuech ai,ac biet cac goi tin ICMP packet nay co a chIP nguon chnh la a ch IP cua victim. Khicac packet o en c a ch broadcast cuamang khuech ai, cac may tnh trong mangkhuyech ai tng rang goi tin ICMP packetnay c gi t may nan nhan va chung se

ong loat gi tra lai he thong may victim cacgoi tin phan hoi ICMP packet. Ket qua, hethong may cua victim se tran ngap khoi lnggoi tin khong lo va he thong nhanh chong bngng hoat ong, crash hoac reboot. Nh vaych can gi mot khoi lng nho ICMP packet,he thong se khuech ai lng ICMP nay lengap boi. T le khuech ai phu thuoc vao solng may tnh co trong mang, nhiem vu cuahacker la cochiem c cang nhieu he thongmang hoac router, cho phep chuyen trc tiepcac goi tin en a ch broadcast ma khong

qua bo loc a ch nguon cac au ra cua goitin. Khi a co c he thong nay, hacker sede dang Smurf Attack tren cac he thong cantan cong.

* Distributed DoS Attacks (DDos)

Kieu tan cong DDoS yeu cau phai conhieu hacker tham gia. au tien cac hacker

7/30/2019 HACK C BN - PHN 2

4/7

6 PC

xam nhap vao he thong server cua mayvictim, sau o cai len he thong chngtrnh DDOS server. Trong khoang thi giana nh, cac hacker se hen nhau t DDOSclient ket noi en cac DDOS server, sau ocung ra lenh cho DDOS server thc hien

tan cong DDOS en he thong victim.

* DRDoS (The Distributed Reflection

Denial of Service Attack)

ay c xem la cuoc tan cong hieu quanhat va lam boot may tnh cua victim nhanhnhat. Cach lam nay tng t nh DDOS,nhng thay v tan cong t nhieu may tnh,ngi tan cong ch can dung mot may tancong thong qua cac server ln tren the gi i.

Van vi phng phap gia mao a ch IP cuavictim, ke tan cong se gi goi tin en server

manh nhat, nhanh nhat va co ng truyenrong nhat nh Yahoo, luc nay cac serverse phan hoi goi tin o en a ch IP cua

victim. Trong cung mot khoang thi gian,cac may nan nhan se nhan c rat nhieugoi tin thong qua cac server ln, ieu naydan en nghen mach ng truyen va lamcrash, reboot may o. Kieu tan cong nayrat hieu qua, ch can dung mot may co ketnoi Internet n gian cung co the anh batc he thong co ng truyen manh nhatthe gii neu nh chung ta khong ngan chan.

Chu y:

Nhng ieu kien u e co cuoc tancong DoS hieu qua: Cac hacker phai lachon cho mnh nhng ng truyen codung lng ln, cung nh toc o cua maydung lam cong cu tan cong. Neu khonghoi tu u nhng ieu kien tren th cuoc tancong se khong mang lai ket qua kha quan.

3. Quet cong

3.1. Khai niem socket va port

Socket la mot thiet b truyen thong 2chieu tng t nh tap tin (co the oc, ghi).Tuy nhien, moi socket la thanh phan trongmot ket noi nao o gia cac may tren mang

va cac thao tac oc/ghi. ay cung chnh las trao oi d lieu gia cac ng dung trennhieu may khac nhau.

Trong giao thc truyen thong TCP, sket noi gia 2 may tnh c xac nh bi 1port, moi port tng ng vi mot so nguyendng (t 0 en 64.000).

3.2. Giao thc TCP

Giao thc truyen thong TCP/IP cungcap ca 2 c che bat cap (point to point)va broadcast.

Giao thc nay cung cap nhieu giao thcng dung khac nhau bao gom 2 loai: Giaothc chuan va khong chuan. Trong o, giaothc ng dung chuan c dung cho cac phanmem e khai thac cung nh cung cap cac dch

vu thong dung nh FTP, SMTP...Giao thc khong chuan la do ngi

lap trnh t at ra va ch co y ngha cucbo vi ng dung t xay dng.

Giao thc ng dung chuan s dung cacport c nh ngha trc di dang cachang so t 0 en 999, trong khi giao thcng dung khong chuan c s dung cacport tuy y t 1000 en 64000.

3.3. Quet cong e lam g?Khi ban muon xam nhap vao mot may

tnh nao o tren mang, ban phai tien hanhduyet cong. Muc ch kiem tra cong nao angc m luc o e co the tien hanh xam nhapc. Neu may tnh cua victim khong m th

can phai tien hanh m cong e xam nhap.Vay quet cong la cong viec do tm cong angm e tien hanh xam nhap.

3.4. Mien a cha ch IP bat au: Thng la a ch IP

tren may cua ban hoac bat ky a ch naoma ngi dung muon gan cho no.

a ch IP cuoi: La a ch cuoi cua motlp IP nao o hay bat ky mot a ch IPnao. a ch IP au >= a ch IP cuoi.

Mien a ch la mien c xac nh bingi dung, mien nay thng c s dung

trong cac cong cu Scan Port.Mien a ch xac nh so host can Scan.

V du:May tnh co a ch IP la 192.168.0.1va muon Scan en a ch IP cuoi cung cualp C, ban nhap a ch IP la 192.168.0.255.Nh vay, tong so may scan c la 255-1 =254 may cua IP lp C.

7/30/2019 HACK C BN - PHN 2

5/7

PC 7

GII THIEU CONG CUQUET CONG

CHNG 2

1. Cong cu xSharez Scannera. Gii thieu

Vi xSharez Scanner,ban co the scanc tat ca a ch IP co tren mang trong

mot khoang thi gian ch nh nao o ongthi no se liet ke danh sach cac tai nguyenchia se cua IP o.

Chng trnh nay tng thch vi moiWindows, ban thc hien ca i a t tngt nh nhng phan mem khac, a chdownload tai www.freewebtown.com/

vudinhcuong/xsharezscanner.rar hoa c

www.dvpub.com.vn.

Sau khi cai at, giao dien cua xSharez

Scannernh sau (xem hnh 2.1).

Hnh 2.1: Giao dien cua xSharez Scanner

b. Chc nang va cach s dung

Thc hien cac bc sau:1 Nhap chonthe Scanner, nhap a chIP bat au 192.168.0.1, a ch IP cuoi la192.168.0.10 (xem hnh 2.2).

2 Sau khi a nhap a ch IP, nhap Scane tien hanh quet. Ket qua sau khi quetthu c nh hnh 2.3.

Hnh 2.2: Nhap a ch IP e tien hanh scan

Hnh 2.3: Hoan tat qua trnh scan

3 Luc nay, tren giao dien cua chngtrnh xuat hien danh sach cac tainguyen chia se a ch IP ang online,

ban nhap vao mot a ch, sau onhap Browse e xem noi dung cactai nguyen chia se, hoac nhap nutMap Drive e tien hanh anh xa tainguyen chia se en mot ng danmi, e tien cho viec truy cap va thao

tac hn.

7/30/2019 HACK C BN - PHN 2

6/7

8 PC

2. Cong cu Super Scan 4.0a. Gii thieu

Super Scan 4.0 tng thch vi moiWindows, ban khong can phai cai at ma chcan chay file SuperScan4. a ch download

www. fre ewebtown .c om/vudinhcuong/

superscan4.rar hoac www.dvpub.com.vn

Giao dien cua Super Scan 4.0 nh sau

(xem hnh 2.4).

Hnh 2.4: Giao dien cua Super Scan 4.0

b. Cach s dung1 Nhap a ch IP bat au 192.168.0.1

vao muc Start IP, a ch IP ket thuc192.168.0.10 vao muc End IP.

Giai thch:

a ch IP bat au: La a ch ma chngtrnh bat au quet, ban co the nhap a ch

IP lp A,B,C tuy y.a ch IP ket thuc: La a ch cuoi cungtrong danh sach ban chon, v du tren, ta ch 192.168.0.1 en 192.168.0.10 co tatca 10 a ch IP can quet.2 Nhap vao bieu tng -> e a danh sach

cac IP can quet vao hang i, sau o nhap

Starte tien hanh quet (xem hnh 2.5).

Hnh 2.5: Tien hanh quet cong

3 Sau khi quet xong, chng trnh sethong ke danh sach cac cong angm cua IP va quet (xem hnh 2.6).Trong qua trnh quet neu ban khong muon

tiep tuc, co the nhap vao nut Stop e ngng

hoac Pause e tam ngng cong viec quet.

Hnh 2.6: Liet ke a ch IP sau khi quet

4 Nhap vao nut View HTML Results exem thong ke di dang HTML (xem

hnh 2.7).

Hnh 2.7: Bang thong ke ket qua dang html

3. Legion Version 2.1a. Gii thieu

ay la mot trong nhng cong cu scanhieu qua va khong the thieu oi vi mothacker. au tien, chng trnh se thc

hien quet tat ca a ch IP trong mien doban xac nh, sau o se liet ke cac IP naoco share tai nguyen. e s dung cac tainguyen chia se nay, ban phai thc hien

vie c Map Drive (ta o o a anh xa) enmot o a c nh ngha bi chngtrnh. a ch download chng trnh

7/30/2019 HACK C BN - PHN 2

7/7

PC 9

www. fre ewebtown .c om/vudinhcuong/Legion21.rar hoac www.dvpub.com.vn

Giao dien cua chng trnh nh sau (xemhnh 2.8).

Hnh 2.8: Giao dien cua Legion sau khi a scantrong mien IP

b. Cach thc hienThc hien nh sau:1 Vao Start > Run go cmd. Xuat hien

man hnh DOS, tai dau nhac lenh,nhapipconfige xem a ch IP tren may.Gia s a ch IP la 192.168.1.1.

2 Sau khi a co a ch IP, ban nhap ach nay vao muc Enter Start IP.

3 Nhap so254 vao o cuoi cung cua mucEnter End IP, v t o th nhat en o th3, Legion se t ong them vao.

Khi ban nhap so a ch IP nh vay tcla ban a thc hien quet tat ca la 254 -1 =253 may trong mang.

Thong thng th so cac host trong mangkhong ln. V vay, ban co the nhap mot sonho hn e quet cho nhanh.

Ket qua sau khi quet hien th nh trenhnh 2.8.

e s dung cac tai nguyen share t motmay khac, ban nhap vao o a ma Legion quetc, sau o nhap nut Map Drive hoac nhapup len o a tm c, khi o Legion se tong Map drive (xem hnh 2.9).

Hnh 2.9: Qua trnh Map Drive

Sau khi a Map Drive, ban co the sdung no nh mot o a cng thong thngtren may cua ban (xem hnh 2.10).

Hnh 2.10: S dung o a a Map Drive

4. Blues PortScannera. Gii thieu

Trong phan nay toi xin gii thieu en banmot cong cu scan Port khac. ay la cong

cu tng oi manh, no co the scan tat caPort trong mien a ch IP a c ch nh.

a ch download www.freewebtown.com/vudinhcuong/BluesPortScan.rar hoac

www.dvpub.com.vn

V du:

Ban co the scan Port t 1 -> 10000trong mien a ch t 192.168.1.0->192.168.1.253.Trc tien, ban tien hanh cai at chngtrnh tng t nhng phan mem khac.

Giao dien chng trnh nh sau (xemhnh 2.11).

Hnh 2.11: Scan Port vi Blues PortScanner