Cho cc bn, trong s 6 ca Tp Ch Security365 chng ti cp n ch Foot Printing, mt trong nhng bi hc c bn ca qu trnh tr thnh 1 Ethical Hacker.

er. Tip theo chng ta s cng tm hiu v Enumeration thuc Module 4 ca phin bn CEH v7. Trong s ny chng ta s tham kho thm cc th thut my tnh nhm nng cao s an ton v bo mt thng tin c nhn hay cc th thut my tnh cn quan tm khc. Lu : Ch Enumeration chng ti c s dng mt ti liu su tm ca bn V Thanh Vn thuc nhm IT Cowboy, do thy bi vit ca cc bn kh y v rt hay, km theo l mt s bi ging ca trng ban bin tp Tp Ch Security365 l ng Nguyn Trn Tng Vinh v cc video demo cng c CEH thuc ch Enumeration c cover li bi anh Trn Ngc Bng Web Master Security365.VN download cc s cng b ca Tp Ch Security365 cc bn hy truy cp link sau :
Hoc download trc tip t mediafire theo link sau : S 1 - http://www.mediafire.com/file/urjrq4bahu5xhoy/Tap_Chi_Security365_So_1.pdf S 2 - http://www.mediafire.com/file/b53vg3nnf5nnnpr/Tap_Chi_Security365_So_2.pdf S 3 - http://www.mediafire.com/file/0sk47esjomuqqrh/Tap_Chi_Security365_So_3.pdf S 4 - http://www.mediafire.com/file/cfce7micptsghc5/Tap_Chi_Security365_So_4.pdf S 5 - http://www.mediafire.com/file/cm1922ij21v151w/Tap_Chi_Security365_So_5.pdf

S 6 - http://www.mediafire.com/file/ppomkv279d2cs62/Tap_Chi_Security365_So_6.pdf Cc cng c thc hnh ca Module Enumeration : http://www.mediafire.com/?e86bxj3pudwxv Cc bi vit + hng dn thuc Tp Ch Security365 S 7 ! Bo Mt Gmail 2 Lp, Hack Password Cc H iu Hnh Windows, Th Thut Xem Video Security365 Local, S Dng PageSpeed, Demo Tamper Data, Tng Quan V GFI NSS, Ceh v7 ENUMERATION. Cc ti liu tham kho Kho sch nghin cu http://www.security365.vn/index.php?option=com_content&view=category&id=3&Itemi d=103 Kho tool thc hnh http://www.security365.vn/index.php?option=com_content&view=category&id=1&Itemi d=108

Trang video hng dn http://www.security365.vn/index.php?option=com_content&view=section&id=5&Itemid =54

Trang Ch Tp Ch Security365 http://www.securitu365.vn !

Bo Mt Gmail , Bt Kh Xm Phm !
Bi gi cho PCWORLD VN Bt k ai cng c s dng email, qua ri thi m khi c hi email ca bn l g c ngi cn tr li l ti qun nh V, trong s cc email m chng ta s dng c 1 email chnh, tm gi l primary mail dng khai bo cc thng tin ti khon quan trng nh ti khon ngn hng, ti khon webhosting hay email dng phc hi password cho nhng ti khon email khc V vy, a ch email chnh ny nn s dng v thit lp sao cho an ton ti a, c th gi l khng th ph v c c ch bo mt ca n. thc hin iu ny hin nay Gmail cung cp cho chng ta mt c ch bo mt 2 lp kh hu ch l ngoi mt khu ng nhp cc bn cn phi nhp vo mt m s xc nhn c gi qua in thoi di ng, v ph v c c ch bo mt ny mt hacker kh ni ting trong gii blackhat phi tht ln l kh nh ln tri, vy vic cu hnh n c kh nh vy khng ? Tht may mn l ng dng n li rt d dng. Cc bn hy xem hnh minh ha khi ti ng nhp vo hp th ca mnh sau khi nhp vo password s xut hin 1 mn hnh nhp m xc nhn, m s ny s c gi ngay tc th sau khi chng ta vt qua lp bo mt u tin

Hy nhp m v chn xc minh cc bn s c chuyn n hp th hay ti khon google ca mnh, vy lm sao c th cu hnh bo mt 2 lp cho gmail hay cc ti khon google khc? Trc tin hy ng k mt ti khon gmail min ph dng lm email chnh, sau cc bn hy tham kho hng dn chi tit ti y . http://www.youtube.com/watch?v=ysjvir7seC0 Trong trng hp khng mun s dng c ch bo mt 2 lp cc bn ch cn chn Turn off 2-step verification

Chc cc bn cu hnh thnh cng.

Reset Password Tt C H Thng Windows

Trong nhiu tnh hung bn qun mt mt khu ng nhp my tnh ca mnh, vy phi lm sao c th ly li quyn qun tr m khng phi ci t li my tnh cng cc ng dng khc. Hy s dng cng c reset password mnh m nht hin nay l Active Change Password bn c th reset password cho ti khon qun tr ca tt c cc h iu hnh Windows t Windows 2000, XP, Vista cho n Windows 7, Windows Server 2003 /2008.

Bc 1 - u tin, cc bn hy download cng c Active Change Password ti y : http://www.mediafire.com/?egcwhbf44howbs7 Bc 2 - Burn ng dng ra a CD Reset Password, c th s dng chng trnh ghi a min ph nh gn Active ISO Burn ti y : http://www.hoctructuyen.org/taichuongtrinh/iso-burner.zip Bc 3 Khi ng my tnh t CD Reset Password

Bc 4 Chn ti khon cn reset password v nhn Next

Bc 5 Khi ng li my tnh v ng nhp ti khon c reset password trng. Qu trnh ng nhp hon tt.

Chc cc bn thnh cng! Lu : Phng php ny c th b cc attacker tn dng t nhp tri php vo my tnh ca cc bn, do nn t password CMOS hn ch vic khi ng my tnh t CD ROM hay USB. Video hng dn chi tit ti : http://www.youtube.com/watch?v=jI4TFFxoWQE Nguyn Tng Minh http://www.hoctructuyen.org

CHNG 6: Enumeration
T/G V Thanh Vn
Enumeration (Lit k) l bc tip theo trong qu trnh tm kim thng tin ca t chc, xy ra sau khi scanning v l qu trnh tp hp v phn tch tn ngi dng, tn my,ti nguyn chia s v cc dch v. N cng ch ng truy vn hoc kt ni ti mc tiu c c nhng thng tin hp l hn.

Enumeration L G?
Enumeration (lit k) c th c nh ngha l qu trinh trch xut nhng thng tin c c trong phn scan ra thnh mt h thng c trt t. Nhng thng tin c trch xut bao gm nhng th c lin quan n mc tiu cn tn cng, nh tn ngi dng (user name), tn my tnh (host name), dch v (service), ti nguyn chia s (share). Nhng k thut lit k c iu khin t mi trng bn trong. Enumeration bao gm c cng on kt ni n h thng v trc tip rt trch ra cc thng tin. Mc ch ca k thut lit k l xc nh ti khon ngi dng v ti khon h thng c kh nng s dng vo vic hack mt mc tiu. Khng cn thit phi tm mt ti khon qun tr v chng ta c th tng ti khon ny ln n mc c c quyn nht cho php truy cp vo nhiu ti khon hn cp trc y. Cc k thut c s dng trong lit k c th k ra nh: K thut Win2k Enumeration : dng trch xut thng tin ti khon ngi dng (user name). K thut SNMP (Simple Network Management Protocol) lit k thng tin ngi dng. K thut Active Directory Enumeration dng trong lit k h thng Active Directory. S dng Email IDs tm kim thng tin. Tt c nhng k thut ny chng ta s ln lt i vo tho lun trong nhng phn sau.

Null Session
Null Session l g?
Khi ng nhp vo h iu hnh, qu trnh chng thc xy ra, n yu cu ngi dung cung cp username v password tin hnh chng thc. Sau qu trnh chng thc, mt danh sch truy cp ACL c ti v xc nh quyn hn ca user ng nhp. N mt cch khc, qu trnh to cho user mt phin lm vic r rng. Tuy nhin, c nhng dch trong h iu hnh c kch hot t chy, vi mt user n danh no , chng hn nh SYSTEM USER. Loi user ny khng cn c password, v n c dng khi chy cc dch v. N khng c dng ng nhp, nhng c dng s dng mt s dch v. Khi bn dng loi user ny ng nhp, bn b ri vo trng thi Null Session.

Null Session, hay c gi l IPC$ trn my ch nn tng Windows, l mt dng kt ni nc danh ti mt mng chia s cho php ngi dng trong mng truy cp t do. Tn cng Null Session xut hin k t khi Windows 2000 c s dng rng ri. Tuy nhin, hnh thc tn cng ny khng c cc qun tr vin h thng ch khi p dng cc bin php bo mt mng. iu ny c th dn n kt cc khn lng v tin tc c th s dng hnh thc tn cng ny ly mi thng tin hu dng cn thit ginh quyn truy cp t xa vo h thng. Mc d khng cn mi m, nhng tn cng Null Session vn ph bin v nguy him nh nhng nm trc y. Xt v mt kha cnh no , mc d kh nng bo mt ca cc h thng hin i khng phi qu yu nhng khi thc hin cc cuc th nghim xm nhp trn my tnh Windows th kt qu cho thy Null Session vn l mt trong nhng hnh thc cn lu .

Phng thc hot ng ca Null Session

Mt phin truy cp t xa c to lp khi ngi dng ng nhp t xa vo mt my tnh s dng mt tn ngi dng v mt khu c quyn truy cp vo ti nguyn h thng. Tin trnh ng nhp ny c thc hin qua giao thc SMB (Server Message Block) v dch v Windows Server. Nhng kt ni ny hon ton hp php khi nhng thng tin ng nhp chnh xc c s dng. Mt Null Session xy ra khi ngi dng thc hin kt ni ti mt h thng Windows m khng s dng tn ngi dng hay mt khu. Hnh thc kt ni ny khng th thc hin trn bt k hnh thc chia s Windows thng thng no, tuy nhin li c th thc hin trn chia s qun tr IPC (Interprocess Communication). Chia s IPC c cc tin trnh ca Windows s dng (vi tn ngi dng l SYSTEM) giao tip vi cc tin trnh khc qua mng ny. Chia s IPC ch c giao thc SMB s dng. Chia s khng yu cu thng tin ng nhp IPC thng c s dng cho nhng chng trnh giao tip vi mt chng trnh khc, tuy nhin khng c g m bo rng ngi dng khng th kt ni ti mt my tnh bng kt ni IPC ny. Kt ni IPC khng ch cho php truy cp khng gii hn vo my tnh, m cn trao quyn truy cp vo tt c cc my tnh trn mng, v y l nhng g m tin tc cn xm nhp h thng. Phng thc tn cng s dng Null Session Gi y chng ta bit cch thc hot ng ca Null Session, tuy nhin liu tin tc c th s dng hnh thc tn cng ny d dng hay khng? Cu tr li l kh d dng. Kt ni Null Session c th c thit lp trc tip t mt lnh Windows m khng cn s dng cng c b sung, chnh l lnh NET. Lnh NET c th thc hin nhiu chc nng qun tr, khi s dng lnh ny chng ta c th to mt kt ni ti mt chia s tiu chun trn my ch ch, tuy nhin kt ni ny s tht bi do nhng thng tin ng nhp khng chnh xc.

Hnh : Kt ni tht bi vo mt mng chia s s dng lnh NET. Khi s dng lnh NET, chng ta c th thay i tn chia s kt ni ti chia s qun tr IPC$. Khi kt qu s kh quan hn.

Hnh : Kt ni Null Session thnh cng vi lnh NET. Lc ny, chng ta thit lp mt kt ni Null Session ti my tnh nn nhn. Tuy nhin, chng ta vn cha c quyn truy cp qun tr trn my tnh ny do cha th bt u duyt tm cng hay ly mt khu. Cn nh rng, chia s IPC c s dng giao tip gia cc tin trnh, do quyn truy cp ca chng ta s b gii hn xung quyn truy cp ca tn ngi dng SYSTEM. Chng ta c th s dng lnh NET ly nhiu thng tin hn t my tnh mc tiu, tuy nhin c nhiu cng c t ng ha s thc hin cc cng vic rc ri ny.

Hacking Tool
Null Session c th d dng tn cng vi cng c c sn trong windows nh Net, Netview. Tuy nhin, nh trnh by trn, chng ta cn mt qu trnh phc tp hn lm c nhiu vic, nh lit k th mc, userCng c Nbtstat v Enum s gip chng ta thc hin hng lot cc cng vic phc tp, cui cng chng ta xp nhp c vo h thng. Dumpsec v Superscan l hai cng c ha h tr thc hin cc cng vic ny.

Chng tn cng bng Null Session

Khi ngh n tin tc v cc cuc tn cng, c l cu hi u tin thng c ngh n l liu h thng ca chng ta c im yu hay khng? Cu tr li ph thuc vo h iu hnh trn mi trng mng. Nu ang s dng h iu hnh Windows XP, Windows Server 2003 hay Windows 2000, th mt mc no cu tr li l c. Hnh thc tn cng ny kh c th thc hin khi ngi dng s dng cc phin bn h iu hnh

cao hn, tuy nhin Windows XP v Windows Server 2003 vn l nhng h iu hnh c a chung nht. C mt s phng php khc m chng ta c th thc hin chn Null Session.

Chn Null Session trong Registry

Kh nng tng thch ca nhng phn mm hp php cng vi thc t rng hu ht doanh nhip phi gn b vi cc h iu hnh c tht cht ngn sch l hai l do chnh khin my trm v my ch Windows 2000 vn tn ti. Nu vn s dng Windows 2000, chng ta ch cn thc hin mt thay i nh trong Registry l c th chn kh nng ly thng tin s dng Null Session. Khi truy cp vo Regedit v duyt tm ti key HKLM/System/CurrentControlSet/Control/LSA/RestrictAnonymous, chng ta c th cu hnh 3 ty chn bao gm: 0 Ci t mc nh. Truy cp Null Session khng gii hn. 1 Khng nhng loi b Null Session m cn chn hin th tn ngi dng v cc chia s. 2 Loi b mi gi tr ti Null Session bng cch chn mi truy cp. Nh chng ta thy, Null Session khng th b loi b hon ton, tuy nhin, kh nng truy cp ca n s b gii hn nu la chn ty chn ci t l 2. Cn thn trng khi cu hnh ty chn ny trn my ch Windows 2000 v c th lm hng Clustering. rn Windows XP v Windows Server 2003, chng ta c th thc hin tc v tng t trong ba Registry Key: HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM HKLM\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous Kha cc port truy cp Nu khng th thc hin cc thay i trong cc Registry Key c nhc n trn, th chng ta c th chn mi truy cp vi Windows Firewall hay Network Firewall. Tin trnh ny c th c thc hin bng cch chn truy cp ti cc cng lin quan ti NetBIOS v SMB thng qua TCP/IP. Nhng cng ny bao gm: Cng TCP 135. Cng UDP 137. Cng UDP 138. Cng UDP 139. Cng TCP v UDP 445. Nhng cng ny c s dng cho mi chc nng kt ni mng ca Windows, bao gm chia s File, in n qua mng, Clustering, v qun tr t xa. Lu : Tin trnh chn truy cp ti cng cn c cn nhc k trc khi thc hin trn nhiu cng.

Xc nh Null Session vi IDS

Nu nhng thay i trong Registry hay Firewall loi b chc nng ca cc ng dng mng th chng ta phi s dng mt phng php khc. Thay v chn thng k qua Null

Session, mt trong nhng bin php hu hiu nht l pht hin ra tn cng Null Session mt cch sm nht c th trin khai nhng bin php khc phc kp thi nh khi thc hin mt s kin bo mt mng thng thng. Nu ang s dng Snort, mt IDS/IPS (H thng pht hin v chn xm nhp mng) ph bin nht hin nay trong mi trng sn xut, th rule sau y s pht hin thng k Null Session: alert tcp $EXTERNAL_NET any -> $HOME_NET 139 (msg:NETBIOS NT NULL session; flow:to_server.establshed; content: |00 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 20 00 31 00 33 00 38 00 31|; classtype:attempted-recon;) Rule ny s khng ngn chn cc kt ni Null Session, tuy nhin n s thng bo khi Null Session xy ra. Nng cp h iu hnh Gii php cui cng nh cp trn l nng cp h iu hnh. Null Session ch d dng thc hin vi h iu hnh i c trc nm 2000. Cn sau nh Windows XP, Windows 2003 th vic ny c Microsoft tch hp trong sn phm. Do , nng cp h iu hnh lm chng ta yn tm hn.

K thut lit k SNMP (Simple Network Management Protocol)

Tm hiu v SNMP
SNMP l giao thc qun l mng n gin, dch t cm t Simple Network Management Protocol. Th no l giao thc qun l mng n gin ? Giao thc l mt tp hp cc th tc m cc bn tham gia cn tun theo c th giao tip c vi nhau. Trong lnh vc thng tin, mt giao thc quy nh cu trc, nh dng (format) ca dng d liu trao i vi nhau v quy nh trnh t, th tc trao i dng d liu . Nu mt bn tham gia gi d liu khng ng nh dng hoc khng theo trnh t th cc bn khc s khng hiu hoc t chi trao i thng tin. SNMP l mt giao thc, do n c nhng quy nh ring m cc thnh phn trong mng phi tun theo. Mt thit b hiu c v hot ng tun theo giao thc SNMP c gi l c h tr SNMP (SNMP supported) hoc tng thch SNMP (SNMP compartible). SNMP dng qun l, ngha l c th theo di, c th ly thng tin, c th c thng bo, v c th tc ng h thng hot ng nh mun. VD mt s kh nng ca phn mm SNMP: Theo di tc ng truyn ca mt router, bit c tng s byte truyn/nhn. Ly thng tin my ch ang c bao nhiu cng, mi cng cn trng bao nhiu. T ng nhn cnh bo khi switch c mt port b down. iu khin tt (shutdown) cc port trn switch. Cc thnh phn trong SNMP Theo RFC 1157, kin trc ca SNMP bao gm 2 thnh phn : cc trm qun l mng (network management station) v cc thnh t mng (network element). Network management station thng l mt my tnh chy phn mm qun l SNMP (SNMP management application), dng gim st v iu khin tp trung cc network element.

Network element l cc thit b, my tnh, hoc phn mm tng thch SNMP v c qun l bi network management station. Nh vy element bao gm device, host v application.

Hnh : M hnh minh ha cc thnh phn ca SNMP Mt management station c th qun l nhiu element, mt element cng c th c qun l bi nhiu management sation. Vy nu mt element c qun l bi 2 station th iu g s xy ra ? Nu station ly thng tin t element th c 2 station s c thng tin ging nhau. Nu 2 station tc ng n cng mt element th element s p ng c 2 tc ng theo th t ci no n trc. Ngoi ra cn c khi nim SNMP agent. SNMP agent l mt tin trnh (process) chy trn network element, c nhim v cung cp thng tin ca element cho station, nh station c th qun l c element. Chnh xc hn l application chy trn station v agent chy trn element mi l 2 tin trnh SNMP trc tip lin h vi nhau. Cc v d minh ha sau y s lm r hn cc khi nim ny: dng mt my ch (station) qun l cc my con (element) chy HH Windows thng qua SNMP th bn phi : ci t mt phn mm qun l SNMP (application) trn my ch, bt SNMP service (agent) trn my con. dng mt my ch (station) gim st lu lng ca mt router (element) th bn phi : ci phn mm qun l SNMP (application) trn my ch, bt tnh nng SNMP (agent) trn router. Object ID Mt thit b h tr SNMP c th cung cp nhiu thng tin khc nhau, mi thng tin gi l mt object. (V d: My tnh c th cung cp cc thng tin : tng s cng, tng s port ni mng, tng s byte truyn/nhn, tn my tnh, tn cc process ang chy, .) Mi object c mt tn gi v mt m s nhn dng object , m s gi l Object ID (OID) (V d: Tn thit b c gi l sysName, OID l 1.3.6.1.2.1.1.5) Object access Mi object c quyn truy cp l READ_ONLY hoc READ_WRITE. Mi object u c th c c nhng ch nhng object c quyn READ_WRITE mi c th thay i c gi tr. VD : Tn ca mt thit b (sysName) l READ_WRITE, ta c th thay i tn ca thit b thng qua giao thc SNMP. Tng s port ca thit b (ifNumber) l READ_ONLY, d nhin ta khng th thay i s port ca n. Management Information Base MIB (c s thng tin qun l) l mt cu trc d liu gm cc i tng c qun l (managed object), c dng cho vic qun l cc thit b chy trn nn TCP/IP. MIB l

kin trc chung m cc giao thc qun l trn TCP/IP nn tun theo, trong c SNMP. MIB c th hin thnh 1 file (MIB file), v c th biu din thnh 1 cy (MIB tree). MIB c th c chun ha hoc t to. Mt manager c th qun l c mt device ch khi ng dng SNMP manager v ng dng SNMP agent ng h tr mt MIB. Cc ng dng ny cng c th h tr cng lc nhiu MIB. Cc phng thc ca SNMP Giao thc SNMP c 5 phng thc hot ng, tng ng vi 5 loi bn tin nh sau:

SNMP Enumeration ?
K thut SNMP Enumeration l qu trnh s dng SNMP lit k cc ti khon ngi dng trn mt h thng mc tiu. Hu ht tt c cc thit b h tng mng, nh router,switch v bao gm c h thng Windows, cha ng mt SNMP agent qun l h thng hoc thit b. Cc trm qun l SNMP gi yu cu ti cc agent v agent tr li li.Cc yu cu v cc s tr li c gi n cc bin truy cp cu hnh bi phn mm agent. Cc trm qun l c th lun gi cc yu cu thit lp gi tr cho cc bin nht nh. Cc trm qun l nhn gi Trap t agent bit mt vi iu quan trng va xy ra trn phn mm agent nh c s khi ng li hay mt li giao din. SNMP c hai password s dng truy cp v cu hnh SNMP agent t trm qun l. Ci u tin c gi l read community string, password ny cho php bn xem cu hnh ca thit b hoc h thng. Ci th hai c gi l read/write community string, n c dng thay i hay chnh sc cu hnh trn thit b. Ni chung, mc nh read community string l public, cn read/write community string l private. Mt l hng bo mt ph bin xy ra khi cc community string khng thay i so vi cc thit lp mc nh. Mt hacker c th s dng nhng password mc nh xem hoc thay i cu hnh trn thit b. Nu bn c bt k cu hi v vic lm cch no xc nh password mc nh ca cc thit b ,truy cp vo www.defaultpassword.com. Hacking tool SNMPUtil v Network Browser l cc cng c lit k SNMP. SNMPUtil tp trung thng tin v ti khon ngi dng qua SNMP trong cc h thng Windows. Mt vi thng tin nh cc bng v cc cng vic hng ngy,cc bng ARP,a ch IP,a ch MAC, cc cng m TCP v UDP, ti khon ngi dng v cc phn chia s c th b c t mt h thng Windows ni SNMP cho php s dng cng c SNMPUtil. IPNetworkBrowser t cc cng c SolarWinds cng s dng SNMP thu thp thm thng tin v mt thit b c mt SNMP agent.

i ph vi k thut lit k SNMP

Cch n gin nht ngn chn k thut lit k SNMP l g b ht cc SNMP agent hoc tt dch v SNMP. Nu khng c chn tt SNMP, hy thay i tn mc nh read v read/write community. Thc thi bo mt trong Group Policy thm iu kin ngn nga kt ni ngi dng nc danh. Active Directory Enumeration Active Directory (AD) l g ? Active Directory l mt c s d liu ca cc ti nguyn trn mng (cn gi l i tng) cng nh cc thng tin lin quan n cc i tng . Tuy vy, Active Directory khng phi l mt khi nim mi bi Novell s dng dch v th mc (directory service) trong nhiu nm ri. Mc d Windows NT 4.0 l mt h iu hnh mng kh tt, nhng h iu hnh ny li khng thch hp trong cc h thng mng tm c x nghip. i vi cc h thng mng nh, cng c Network Neighborhood kh tin dng, nhng khi dng trong h thng mng ln, vic duyt v tm kim trn mng s l mt c mng (v cng t hn nu bn khng bit chnh xc tn ca my in hoc Server l g). Hn na, c th qun l c h thng mng ln nh vy, bn thng phi phn chia thnh nhiu domain v thit lp cc mi quan h u quyn thch hp. Active Directory gii quyt c cc vn nh vy v cung cp mt mc ng dng mi cho mi trng x nghip. Lc ny, dch v th mc trong mi domain c th lu tr hn mi triu i tng, phc v mi triu ngi dng trong mi domain.

Chc nng ca Active Directory

Lu gi mt danh sch tp trung cc tn ti khon ngi dng, mt khu tng ng v cc ti khon my tnh. Cung cp mt Server ng vai tr chng thc (authentication server) hoc Server qun l ng nhp (logon Server), Server ny cn gi l domain controller (my iu khin vng). Duy tr mt bng hng dn hoc mt bng ch mc (index) gip cc my tnh trong mng c th d tm nhanh mt ti nguyn no trn cc my tnh khc trong vng. Cho php chng ta to ra nhng ti khon ngi dng vi nhng mc quyn (rights) khc nhau nh: ton quyn trn h thng mng, ch c quyn backup d liu hay shutdown Server t xa Cho php chng ta chia nh min ca mnh ra thnh cc min con (subdomain) hay cc n v t chc OU (Organizational Unit). Sau chng ta c th y quyn cho cc qun tr vin b phn qun l tng b phn nh.

Active Directory Enumeration

Lit k trong AD c ngha l truy vn tm kim nhng thng tin c lin quan n AD v cc server trong Windows ng dng qua AD. Nhng k thut di y chng ta s tm hiu cc k thut lit k NTP, WEB, DNS, LDAP User Account Enumeration C ngha l lit k nhng thng tin c lin quan n user, nh username, phone, mail, first name, addressNhng thng tin c lin quan khi bn thc hin mt hnh thc tn

cng khc. V d nh bn mun d tm mt khu ca user th hy nh mt quy tc, user thng t mt khu l nhng g c lin quan n mnh nh ngy sinh, s in thoi, s nh, s xe Hacking Tool Sid2user v User2sid l hai cng c dng dng lnh gip bn lit k cc thng tin c lin n user. GetAcct l chng trnh dng ha, cho php bn tm kim thng tin user trn h iu hnh Win NT v 2000 LDAP Enumeration LDAP (Lightweight Directory Access Protocol) l giao thc truy cp danh sch th mc ca AD hoc nhng dch v directory khc. Th mc c cu trc, cp , nh dng c th. Di y l vi cng c dng lit k da vo giao thc LDAP. Hacking Tool Jxplorer: Ngoi chc nng lit k th mc, cng c ny cn h tr chng thc qua SSL, thm ch l vic thm, xa, sa thng tin th mc. Softerra LDAPP Browser, LDAPMiner l hai cng c khc c chc nng tng t. NTP Enumeration NTP (Network Time Protocol) l giao thc c thit k ng b ha thi gian gia cc server. Giao thc hot ng port 123, UDP truyn ti d liu. lit k thng tin c lin quan n NTP Server, bn c th dng cc lnh nh ntpdata, ntptracer, ntpdc, ntpq SMTP Enumeration SMTP (Simple Mail Transport Protocol) l giao thc hot ng port 25TCP gi mail ln POP3 hoc IMAP server nhng server nhn mail. lit k thng tin SMTP server bn c th dng lnh telnet n server. Hacking Tool SMTPscan l cng c cho php chng ta tm kim nhng thng tin c lin quan n SMTP Server. Chng trnh hot ng bng cch gi mt gi tin gi n server v c tin nhn tr v bit nhng thng tin ca server. WEB Enumeration HTTP l giao thc web m ai cng bit. N hot ng port 80, v port 443 cho HTTPS. Ngi dng gi yu cu ni dung ln web server. Ti trnh duyt, chng ta g a ch, tt nhin s phi c DNS server thc hin qu trnh truy vn tm ra ip. tm kim nhng tin c lin quan n web server, bn c th bt gi tin tr v v xem thng tin server phn header ca d liu. Hacking Tool Asnumber l mt tin ch nh ci vo trnh duyt, hin th thng tin ca server. System Using Default Password S dng mt khu mt nh v nhng thng tin default khc ca phn cng qu tht khng nn. Tuy nhin, nu bn mun tn cng h thng, hy th tm kim coi c thit b no ang xi password mt nh hay khng. Truy cp www.phenoelit.de/dpl/dpl.html bit cc password mc nh ca thit b. Tng kt Sau khi kt thc chng ny bn cn nm r cc vn sau: Hiu r v lit k thng tin user account: Bng cch to ra kt ni n h thng ch bng nhng giao thc nh SMB/ CIFS hoc NetBIOS truy vn thng tin h thng.

Trnh by c nhng thng no c th lit k t h thng. Nhng thng bao gm ti nguyn mng chia s, user, group v nhng ng dng. L gii Null Session l g? V nhng k tn cng da trn null session. Kt ni n h thng bng password trng l Null Session. Hacker kt ni n h thng ch thc thi nhng ng dng. Cc cng c hack dng lit k. C th chia hai loi. Loi dng NetBios, loi dng SNMP nh SNMP Until, Enum. Li ca Security365 : Trong bi vit ny cc bn cn ch n cc cng nh hng bi Null Session, v cch ng cng cng nh cc nh hng ca vic ng cng ny. thun tin cho vic ng v m cng chng ti c vit 2 script l Block NullSession v Enable Null Session m cc bn c th download t chuyn mc Tool ca trang ch tp ch www.security365.vn Cc cng c khc ca Module ny cc bn hy download v t kho lu tr qua link mediafire c cung cp trong phn gii thiu, sau y l mt s video hng dn cch s dng cc cng c ny.

Lu : Security365 khng th tch hp tt c cc video Module 4 vo tp ch v s lm dung lng qua ln, v vy cc bn c th tham kho y cc video demo thuc ch ny ca Ceh v7 ti mc Video CEH v7 ti http://www.security365.vn/index.php?option=com_content&view=section&id=8&Itemid=112 Tip theo l cc hng dn v ly tin t ng, tng quan v GFI NSS, funny hack game bng tamper data

(Security365) Hng Dn c Tin T ng RSS

Hin nay Security365 cung cp hn 500 demo / hng dn ca CEH v7, Security+, Web v trn 1000 u sch + tool hay thuc cc ch qun tr h thng, bo mt thng tin, an ton my tnh. Danh sch ny s thng xuyn cp nht hng ngy, hng tun c bit l cc video hng dn v vy cc bn c th s dng chng trnh c RSS nh FeedReader, hay cc trnh duyt Firefox / Opera cp nht thng xuyn cc bi mi. Khi truy cp, cc bn ch s thy trn gc phi c biu tng RSS, hy click vo y ly link truy cp v add vo trinh duyt hay chng trnh c tin ca mnh. V d RSS VIDEO, RSS EBOH, RSS TOOL. (Download FeedReader)