8/3/2019 de cuong2

1/32

CNG

Table of ContentsI. TNG QUAN ............................................................................................ 2

1.1 nh ngha ................................................................................................ 2

1.2 Mc tiu ca bo mt ................................................................................ 2

1.3 Phn loi ................................................................................................... 2

1.4 Cc hnh thc tn cng mng ph bin .................................................... 3

II. CC RI RO ............................................................................................. 7III. CC PHNG PHP BO MT MNG .............................................. 8

IV. TM HIU V TN CNG MAN-IN-THE-MIDDLEGi mo ARP

Cache 15

4.1. Ni dung ................................................................................................15

4.2. DEMO ....................................................................................................24

Cain & Abel - Phn Mm D Password ...................................................24

8/3/2019 de cuong2

2/32

I. TNG QUAN1.1 nh ngha

C nhiu nh ngha vsecurity, sau y l mt vi nh ngha in hnh:

L khnng ca h thng bo v thng tin v cc ti nguyn khc ca

h thng, m bo tnh ton vn (integrity) v ring t (privacy).

L ton b cng ngh, qui trnh, cn thit bo v my tnh hoc h

thng my tnh chng li cc truy cp tri php, cc cuc tn cng, L m bo tnh ton vn ca d liu, qun l cc truy cp v m bo

tnh ring t.

1.2 Mc tiu ca bo mt

1.3 Phn loi

Application security: m bo an ninh cho ng dng t thit k, pht trin,

phn phi, Information security: Bo v thng tin, h thng thng tin (HW, SW &

Comm.) khi cc truy cp tri php : Digital certificate, cryptography,

biometric technique,

Network security (Internet security): Bo v, pht hin v p tr cc cuc

tn cng (Antivirus, Firewal, IDS, IPS)

8/3/2019 de cuong2

3/32

Disaster recovery: Qui trnh, chnh sch lin quan ti khi phc sau thmha

User education: Nng cao hiu bit cho ngi s dng.

1.4 Cc hnh thc tn cng mng ph bin(slide anninhmang + CEH v6)

Tn cng thm d.

L qu trnh thu thp thng tin ca attacker nhm nm c cc thng

tin v mng nh cc a ch IP, hiu hnh, kin trc h thng, cc dch v

chy trn mi my tnh (mail, HTTP,). y l bc rt quan trng trc

khi tn cng.

Phn loi (3 loi): qut mng, qut cng, qut l hng Qut mng: l kiu tn cng nhm kim tra nhng my tnh, nhng h

thng ang hin din trong mng, thng s dng ICMP (checking

for live systems) qut .

Mt s cng cnh Ping Sweep, Angry IP Scanner,

Qut cng: mt cng c mng ngha vi vic mt chng trnhang hot ng trn cng

Mt s k thut qut TCP connect/full open scan, stealthscan.

Mt stool dng qut cng: Nmap, Portscan plus,

Advanced Port Scaner, PortSweep,

Qut l hngTn cng truy nhp

Relay attack: hacker nghe ln trong mng mt khu, thng tin chngthc c hacker ghi li hacker thay i thng tin xc thc v truyn lic gng ng gingi dng

V d: ngi dng gi lnh chuyn tin qua web, hacker bt c

URL , c gng gi li khin ngi dng b mt ht tin.

8/3/2019 de cuong2

4/32

Man-in-the-middle: hacker ng gia lung d liu gia 2 my tnh,thu thp s liu/mt khu, sau thng tin li c a tr v my nn

nhn.

K thutman in the middlec thc hn bao gm: Netword packet

sniffers, Giao thc routiyng v transport.

Tn cngman in the middlenhm mc ch:

o nh cp d liu

o Ginh ly mt phin giao dch

o Phn tch traffic trong mng

o DoS

o Ph hng d liu c truyn

Mt v d ca man in the middle attack l: mt ngi lm vic choISP v c gng access n tt c cc gi d liu vn chuyn gia ISP v btk mt mng no khc.Ta c th ngn chn hnh thc tn cng ny bngk thut m ho: m ho traffic trong mt ng hm IPSec, hacker s chnhn thy nhng thng tin khng c gi tr.

Social engineering:l phng thc tn cng n gin da trn yu tcon ngi thm nhp vo h thng. Hnh thc ca social engineering

c chia thnh 2 loi: Human-based: tc l da trn kh nng giao tip ca hacker v

victim. V d nh hacker c th ng gi 1 ngi ch ti khon vgi in n ngn hng v yu cu nhn vin ngn hng cung cpthng tin v ti khon m hacker c nh chim ot.

Computer-based: Tc l s dng phng tin l my tnh c thngtin m hacker mong i. N khc vi hnh thc trn l: Hnh thcHuman-based c th hacker i thoi trc tip vi victim hoc cchelp desk c c thng tin mnh cn (ph thuc vo ngh thut

giao tip). Cn hnh thc computer-based l s dng email, scampage la victim. V d hacker c th to mt email c ng linkdn n scam page v bankaccount chng hn, v khi victim c thc th dn n nhng scam page v cung cp nhng thng tin quantrng cho hacker. Hnh thc ny cn c tn gi khc l Phishing.

Khai thc im yu ca giao thc, cng ngh: im yu ca cc giaothc, li ca cc ng dng (SQL injection,).

8/3/2019 de cuong2

5/32

Tn cng tchi dch v

Cc tn cng ny li dng mt s li trong phn mm hay cc l hng

bo mt trn h thng, hacker s ra lnh cho my tnh ca chng a

nhng yu cu khng u vo u n cc my tnh, thng l cc server

trn mng. Cc yu cu ny c gi n lin tc lm cho h thng nghn

mch v mt s dch v skhng p ng c cho khch hng.

i khi, nhng yu cu c trong tn cng t chi dch v l hp l. Vd mt thng ip c hnh vi tn cng, n hon ton hp l v mt kthut. Nhng thng ip hp l ny s gi cng mt lc. V trong mt thiim m server nhn qu nhiu yu cu nn dn n tnh trng khng tipnhn thm cc yu cu. l biu hin ca t chi dch v.

Khi tn cng xy ra ngi dng c cm gic khi truy cp vo

dch v nh b tt mng (Disable Network), t chc khng hot

ng (Disable Organization), ti chnh b mt (Financial Loss)

Tn cng t chi dch v c 2 loi l DoS v DDoS

Denial of service (DoS) : tn cng t mt my n l lm mctiu b phong to dch v. Cc dng tn cng gm:

a. Tn cng SmurfL th phm sinh ra cc nhiu giao tip ICMP (ping) ti a ch

Broadcast ca nhiu mng vi a ch ngun l mc tiu cn tn cng.

Cn lu l: Khi ping ti mt a ch l qu trnh hai chiu Khi my A

ping ti my B my B reply li hon tt qu trnh. Khi ping ti a ch

Broadcast ca mng no th ton b cc my tnh trong mng s

Reply li. Nhng gi nuthay i a ch ngun, thay a chngun l my

C vping ti a ch Broadcast ca mt mng no , th ton b cc mytnh trong mng s reply li vo my C v l tn cng Smurf.

Kt qu ch tn cng s phi chu nhn mt t Reply gi ICMP cc

ln v lm cho mng b dt hoc b chm li khng c kh nng p ng

cc dch v khc.Qu trnh ny c khuych i khi c lung ping reply

t mt mng c kt ni vi nhau (mng BOT).

8/3/2019 de cuong2

6/32

b. Tn cng Buffer overflow.

Buffer Overflow xy ra ti bt k thi im no c chng trnh ghi

lng thng tin ln hn dung lngca b nh m trong b nh.K tn

cng c th ghi ln d liu v iu khin chy cc chng trnh v nh

cp quyn iu khin ca mt s chng trnh nhm thc thi cc on m

nguy him. Qu trnh gi mt bc th in t m file nh km di qu 256

k t c th s xy ra qu trnh trn b nh m.

c. Tn cng Ping of Death

K tn cng gi nhng gi tin IP ln hn s lng bytes cho phpca tin IP l 65.536 bytes.Qu trnh chia nh gi tin IP thnh nhng phnnh c thc hin layer II.Qu trnh chia nh c th thc hin vi gi

IP ln hn 65.536 bytes. Nhng h iu hnh khng th nhn bit c ln ca gi tin ny v s b khi ng li, hay n gin l s b gin ongiao tip.d. Tn cng Teardrop

K tn cng s dng s dng gi IP vi cc thng s rt kh hiu chia ra cc phn nh (fragment).Nu h iu hnh nhn c cc gi tin c chia nh v khng hiu c, h thng c gng build li gi tin viu chim mt phn ti nguyn h thng, nu qu trnh lin tc xyra h thng khng cn ti nguyn cho cc ng dng khc, phc v cc userkhc.

e. Tn cng SYN

K tn cng gi cc yu cu (request o) TCP SYN ti my ch btn cng. x l lng gi tin SYN ny h thng cn tn mt lng bnh cho kt ni.Khi c rt nhiu gi SYN o ti my ch v chim ht ccyu cu x l ca my ch. Mt ngi dng bnh thng kt ni ti mych ban u thc hin Request TCP SYN v lc ny my ch khng cnkh nng p li - kt ni khng c thc hin.

y l kiu tn cng m k tn cng li dng qu trnh giao tip caTCP theoThree-way. Cc on m nguy him c kh nng sinh ra mt slng cc ln cc gi TCP SYN ti my ch b tn cng, a chIP ngunca gi tin b thay i v chnh l tn cng DoS.

Qu trnh TCP Three-way handshake c thc hin: Khi my Amun giao tip vi my B. (1) my A bn ra mt gi TCP SYN ti my B

(2) my B khi nhn c gi SYN t A s gi li my A gi ACK ng kt ni (3) my A gi li my B gi ACK v bt u cc giao tip d

8/3/2019 de cuong2

7/32

liu.My A v my B s d kt ni t nht l 75 giy, sau li thc hinmt qu trnh TCP Three-way handshake ln na thc hin phin kt nitip theo trao i d liu.

Tht khng may k tn cng li dng k h ny thc hin hnhvi tn cng nhm s dng ht ti nguyn ca h thng bng cch gim thigian yu cu Three-way handshake xung rt nh v khng gi li giACK, c bn gi SYN ra lintc trong mt thi gian nht nh v khng

bao gi tr li li gi SYN&ACK t my b tn cng.Vi nguyn tc chchp nhn gi SYN t mt my ti h thng sau mi 75 giy nu a ch IPno vi phm s chuyn vo Rule deny access s ngn cn tn cng ny.

Cc cng c tn cng DoSrt a dng: Jolt2, Bubonic.2, Land andLaTierra, Targa, Blast20, Nemesy, Panther2, Crazy Pinger, Some Trouble,UDP Flood, FSMax

Distributed Denial of Service (DDoS): tn cng tnhiu my, c sdng tn cng cc mc tiu cng cngII. CC RI RO

Mt s ri ro mt an ton thng tin :

B Virus xm nhp: hng d liu, ngng h thng, BTrojan, Spyware: n cp thng tin, ci t cng hu, Bnh cp mt khu: dn n b gi mo truy nhp thng tin B Hacker (Tin tc) xm nhp qua mng: ph hoi h thng, ly

cp hay sa i thng tin, Bnghe trm (sniffer) thng tin khi

truyn qua mng: l b mt kinh doanh (gi b thu, gi mua

hng), b sa sai lch thng tin,

B thng tin gi mo gi n, dn n nhng quyt nh sai gy thithi nghim trng (vi phm tnh chng t chi): PHISHING,

B sa i trang Web, gy mt uy tn vi khch hng, bn hng,

Bngi dng bn trong lm lthng tin cho i th, (informationleakage)

Bngi dng bn trong ph hoi, B l hng, back-door (v tnh hay c ) trong cc ng dng thu

cng ty bn ngoi pht trin

8/3/2019 de cuong2

8/32

B tn cng t chi dch v: gy ngng tr h thng (mt tnh snsng)

III. CC PHNG PHP BO MT MNG1. Bc tng la (firewall) l mt hng ro gia hai mng my

tnh, n bo v mng ny trnh khi s xm nhp t mng khc.

1.1 Cc chc nng c bn ca Firewall Chc nng chnh ca Firewall l kim sot lung thng tin gia

mng cn bo v (Trusted Network) v Internet thng qua cc chnh

sch truy nhp c thit lp. Cho php hoc cm cc dch v truy nhp t trong ra ngoiv t ngoi vo trong.

Kim sot a ch truy nhp, v dch v s dng. Kim sot khnng truy cp ngi s dng gia 2 mng. Kim sot ni dung thng tin truyn ti gia 2 mng.Ngn nga khnng tn cng t cc mng ngoi.

1.2 Cc th htng la Tng la lc gi tin : cng nghtng la th hu tin

phn tch lu lng mng tng vn chuyn (transport protocol layer).

Tng la mc giao vn (circuit level firewall): cng nghtng la th h th2 cho php xc nh mt gi tin c th l mt yu

cu kt ni, mt gi d liu thuc mt kt ni hoc lmt mch o

(virtual circuit) tng giao vn gia 2 my.

Tng la mc ng dng : cng nghtng la th h th 3,n kim tra tnh ng n d liu thuc tng ng dng trong cc gi tin

trc khi cho php kt ni. Ngoi ra, n cn kim tra tnh hp l

ca cc thng s bo mt khc ch c tng ng dng nh l mt khu

ngi dng v cc yu cu dch v.

8/3/2019 de cuong2

9/32

Tng la lc gi tin ng : cng nghtng la th h tht.N rt hu ch i vi giao thc UDP.

So snh gia tc v hiu qu bo mt :

Cc tng la lc gi tin ni chung c tc nhanh nht, sau l tng la mc giao vn, tng la lc gi tin ng v tng la

mc ng dng

Mc kim tra bo mt ni chung li theo hng ngc li,gi tin cng qua nhiu tng th n cng phi c kim tra chi tit hn.

1.3 Phn loi Firewall

Thng thng Firewall c chia lm 2 loi: Firewall phn cng

v Firewall phn mm. Ngoi ra cn mt s h thng firewall khc.

Firewall phn cng l mt thit b phn cng c tch hp bnh tuyn, cc quy tc cho vic lc gi tin c thit lp ngay trn bnh tuyn .

Firewall phn mm loi firewall ny l mt chng trnh ngdng nguyn tc hot ng da trn trn ng dng proxy - l mt phn

mm cho php chuyn cc gi tin m my ch nhn c n nhng

a im nht nh theo yu cu. Cc quy tc lc gi tin c ngi s

dng t thit lp.

u v nhc im ca firewallFirewall phn cng :

Thng c s dng m bo an ninh cho cc mng ln. C th chy mt cch hon ton c lp khng b ph thuc vohiu hnh nh firewall phn mm.

Ch c th lc thng tin trong phn header ca gi tin. Khng thngn chn c cc loi Virus. t hn Firewall phn mm.Firewall phn mm :

Thng c s dng m bo an ninh cho cc my tnh cnhn hoc mt mng nh.

im yu ca firewall phn mm l vi mi firewall phnmm c chy trn tng hiu hnh nht nh.

8/3/2019 de cuong2

10/32

Mt s h thng Firewall khc:

Packet-Filtering Router (B trung chuyn c lc gi). Screened Host Firewall. Demilitarized Zone (DMZ - khu vc phi qun s) hay

Screened-subnet Firewall.

2. Phng chng virusVirus trn my tnh l mt chng trnh nhlm thay i hot ng

ca my tnh ngoi s kim sot ca ngi s dng.

2.1 Cc loi Virus

Virus trn files : Cc Virus loi file thng ly vo cc tpchng trnh nh cc tp .com v .exe.

Virus trn Boot sector : Virus c th ly nhim vo cc Bootsector ca a cng hoc a mm ni cha cc chng trnh khi

ng.

Virus trn Master Boot Record : Vc bn dng virus ny cngnh Virus trn Boostector nhng ni ly nhim l master boot record.

Macro virus : y l loi virus ly trn cc tp d liu. Ccon m code ca Virus trn cc m Visual Basic trong cc tp Exel,

MS word, MS Access, MS Poiwer pointc th gy ly nhim Virusti cc tp d liu hoc tp chng trnh khc do vic xy dng mt

on chng trnh macro.

Virus hoax : L cc th in t (E-mail) c cha cc onchng trnh khi mcc th ny cc virus s ly vo my tnh ca

ngi s dng v s thc hin cc chc nng khng kim sot c

nh ly trm a ch, gi cc th c cc files thng tin trn my tnh

ca ngi s dng thm ch xo cc cc thng tin trn a ca my

tnh Virus Con nga thnh T-roa : y l loi virus kh nguyhim lm thay i s liu, ly cp cc thng tin trn my tnh N

thng c dng mt file c gi km theo e-mail.

8/3/2019 de cuong2

11/32

Virus hn hp : loi virus c tt ccc tnh nng ly nhim vph hoi trn c cc tp, hay boot record. y l loi virus trn cc kh

dit do hot ng ng thi trn nhiu loi mi trng.

2.2Cc ng thm nhp virus vo h thng my tnha. Theo cch cin

Cch c in nht ca s ly nhim, bnh trng ca cc loaivirus my tnh l thng qua cc thit b lu tr di ng: Trc y amm v a CD cha chng trnh thng l phng tin b li dngnhiu nht pht tn. Ngy nay khi a mm rt t c s dng th

phng thc ly nhim ny chuyn qua cc USB, cc a cng ding hoc cc thit b gii tr k thut s.

b. Qua th in tKhi ly nhim vo my nn nhn, virus c th t tm ra danh

sch cc a ch th in tsn c trong my v n t ng gi i hnglot (mass mail) cho nhng a ch tm thy. Nu cc ch nhn ca ccmy nhn c th b nhim virus m khng b pht hin, tip tc ly nhim vo my, virus li tip tc tm n cc a ch v gi tiptheo. Chnh v vy s lng pht tn c th tng theo cp s nhnkhin cho trong mt thi gian ngn hng hng triumy tnhb ly

nhim, c th lm t lit nhiu c quan trn ton th gii trong mtthi gian rt ngn.Khi m cc phnmm qun l th in t kt hp vi cc phn

mm dit virus c th khc phc hnh ng t gi nhn bn hng lot pht tn n cc a ch khc trong danh b ca my nn nhn thch nhn pht tn virus chuyn qua hnh thc t gi th pht tn virus

bng ngun a ch su tp c trc .

Phng thc ly nhim qua th in t bao gm:

Ly nhim vo cc file nh kmtheo th in t (attachedmail). Khi ngi dng s khng b nhim virus cho ti khi file nh

km b nhim virus c kch hot (do c dim ny cc virus thng

c "tr hnh" bi cc tiu hp dn nh sex, th thao hay qung

co bn phn mm vi gi v cng r)

http://vi.wikipedia.org/wiki/Th%C6%B0_%C4%91i%E1%BB%87n_t%E1%BB%ADhttp://vi.wikipedia.org/wiki/Th%C6%B0_%C4%91i%E1%BB%87n_t%E1%BB%ADhttp://vi.wikipedia.org/wiki/Th%C6%B0_%C4%91i%E1%BB%87n_t%E1%BB%ADhttp://vi.wikipedia.org/wiki/Th%C6%B0_%C4%91i%E1%BB%87n_t%E1%BB%ADhttp://vi.wikipedia.org/wiki/M%C3%A1y_t%C3%ADnhhttp://vi.wikipedia.org/wiki/M%C3%A1y_t%C3%ADnhhttp://vi.wikipedia.org/wiki/M%C3%A1y_t%C3%ADnhhttp://vi.wikipedia.org/wiki/Th%C6%B0_%C4%91i%E1%BB%87n_t%E1%BB%AD

8/3/2019 de cuong2

12/32

Ly nhim do mmt lin kt trong th in t: Cc lin kttrong th in t c th dn n mt trang web c ci sn virus,

cch ny thng khai thc cc l hng ca trnh duyt v hiu hnh.

Mt cch khc, lin kt dn ti vic thc thi mt on m, v my tnh

b c th b ly nhim virus.

Ly nhim ngay khi mxem th in t: Cch ny v cngnguy him bi cha cn kch hot cc file hoc mcc lin kt, my

tnh c th b ly nhim virus. Cch ny cng thng khai thc cc

li ca hiu hnh.

c. Qua mng InternetTheo s pht trin rng ri ca Internet trn th gii m hin nay

cc hnh thc ly nhim virus qua Internet tr thnh cc phng thcchnh ca virus ngy nay.

Cc hnh thc ly nhim qua Internet:

Ly nhim thng qua cc file ti liu, phn mm: L cch lynhim cin, nhng thay th cc hnh thc truyn file theo cch cin (a mm, a USB...) bng cch ti tInternet, trao i, thngqua cc phn mm... Ly nhim khi ang truy cp cc trang web c ci t virus

(theo cch v tnh hoc c ): Cc trang web c th c cha cc mhim c gy ly nhim virus v phn mm c hi vo my tnh cangi s dng khi truy cp vo cc trang web . Ly nhim virus hoc chim quyn iu khin my tnh thng

qua cc li bo mt hiu hnh, ng dng sn c trn hiu hnh.iu ny c thkh tin i vi mt sngi s dng, tuy nhin tin tcc th li dng cc li bo mt ca hiu hnh, phn mm sn c trnhiu hnh (v d Windows Media Player) hoc li bo mt ca ccphn mm ca hng th ba (v dAcrobat Reader) ly nhim virus

hoc chim quyn kim sot my tnh nn nhn khi mcc file lin ktvi cc phn mm ny.

2.3 Anti VirusH thng phng chng Virus s tin hnh theo m hnh hai lp:

Chng Virus v phng Virus.

8/3/2019 de cuong2

13/32

Phng virus: ngn chn s thm nhp ca Virus qua cc ng

ly nhim nu trn nh qua lin kt Internet, mail.

Chng virus : Cp nht v ci t cc phn mm chng Virus

mi nht.

Cc quy trnh bo v my tnh ng k : My tnh c ng k sc nhm chng Virusmy tnh a vo danh sch qun l.

Ci t phn mm chng virus. Phng chng Virus my tnh nh k. Dit Virus my tnh trong cc trng hp bt thng. Chng Virus my tnh thm nhp qua cng Internet : cho mych dit Virus my tnh ti cng Internet. Chng Virus my tnh thm nhp qua th in t : cho my chdit Virus my tnh ti cc mail server

3. M ho dlium hal phng php bin thng tin (phim nh,vn bn,hnh

nh...) tnh dng bnh thng sang dng thng tin khng th hiu

c nu khng c phng tin gii m.

Cc phng php m ha:

M ha i xng: dng cng mt key cho m ha v gii m.M ha pulic key :

Message Authentication Code :

Chk in t (Digital signature) :

4. Bo v vt l5. H thng pht hin xm nhp(IDS)

IDS (Intrusion Detection System- h thng pht hin xm nhp)

l mt h thng gim st lu thng mng, cc hot ng kh nghi v

cnh bo cho h thng, nh qun tr. IDS cng c th phn bit gia

nhng tn cng bn trong t bn trong (t nhng ngi trong cng ty)

hay tn cng t bn ngoi (t cc hacker). IDS pht hin da trn cc

du hiu c bit vcc nguy c bit (ging nh cch cc phn

mm dit virus da vo cc du hiu c bit pht hin v dit

http://vi.wikipedia.org/wiki/Phim_%E1%BA%A3nhhttp://vi.wikipedia.org/wiki/Phim_%E1%BA%A3nhhttp://vi.wikipedia.org/wiki/Phim_%E1%BA%A3nhhttp://vi.wikipedia.org/wiki/Phim_%E1%BA%A3nhhttp://vi.wikipedia.org/wiki/Phim_%E1%BA%A3nhhttp://vi.wikipedia.org/wiki/V%C4%83n_b%E1%BA%A3nhttp://vi.wikipedia.org/wiki/V%C4%83n_b%E1%BA%A3nhttp://vi.wikipedia.org/wiki/V%C4%83n_b%E1%BA%A3nhttp://vi.wikipedia.org/wiki/V%C4%83n_b%E1%BA%A3nhttp://vi.wikipedia.org/w/index.php?title=H%C3%ACnh_%E1%BA%A3nh&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=H%C3%ACnh_%E1%BA%A3nh&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=H%C3%ACnh_%E1%BA%A3nh&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=H%C3%ACnh_%E1%BA%A3nh&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=H%C3%ACnh_%E1%BA%A3nh&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=H%C3%ACnh_%E1%BA%A3nh&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=H%C3%ACnh_%E1%BA%A3nh&action=edit&redlink=1http://vi.wikipedia.org/wiki/V%C4%83n_b%E1%BA%A3nhttp://vi.wikipedia.org/wiki/Phim_%E1%BA%A3nh

8/3/2019 de cuong2

14/32

virus) hay da trn so snh lu thng mng hin ti vi baseline

(thng so c chun ca h thng) tm ra cc du hiu khc

thng.

5.1.Tnh nngca h thngH thng pht hin xm nhp tri php l nhng ng dng phnmm chuyn dng pht hin xm nhp vo h thng mngcn bo v. IDS c thit k khng phi vi mc ch thayth cc phng php bo mt truyn thng, m hon thinn. Mt h thng pht hin xm nhp tri php c cc tnh nng:

Tnh chnh xc (Accuracy): IDS khng c coi nhng hnh ngthng thngtrong mi t rng h thng l nhng hnh ng

bt thng hay lm dng (hnh ng thng thng b coi l btthng c gi l false positive).

Hiu nng (Performance): Hiunng ca IDS phi pht hinxm nhp triphp trong thi gian thc (thi gian thc ngha lhnh ng xm nhp tri phpphi c pht h in t rc khixy ra tn thng nghim t rng t i h - theo [Ranum,2000] l di 1 pht).

Tnh trn vn (Completeness): IDS khng c b quamt xm nhp tri php no (xm nhp khng b pht hinc gi l false negative). y l mt iu kin kh c ththa mn c v gn nh khng th c tt c thng tin v

cc tn cng t qu kh, hin ti v tng lai. Chu li (Fault Tolerance): bn thn IDS phi c kh nng chng li

tn cng. Kh nng m rng (Scalability): IDS phi c kh nng x l trong

trng thi xunht l khng b st thng tin. Yu cu ny c linquan n h thng m cc skin tng quan n t nhiungun ti nguyn vi s lng host nh. Vi s pht trinnhanh v mnh ca mng my tnh, h thng c th b quti bi stng trng ca slng s kin.

5.2. Chc nng ca IDS

Bo v tnh ton vn (integrity) ca d liu, bo m s nht

qun ca d liu trong h thng. Cc bin php a ra ngn chn c

vic thay i bt hp php hoc ph hoi d liu.

Bo v tnh b mt, gi cho thng tin khng b l ra ngoi. Bo

8/3/2019 de cuong2

15/32

v tnh kh dng, tc l h thng lun sn sng thc hin yu cu truy

nhp thng tin ca ngi dng hp php.

Bo vtnh ring t, tc l m bo cho ngi s dng khai

thc ti nguyn ca h thng theo ng chc nng, nhim v c

phn cp, ngn chn c s truy nhp thng tin bt hp php.

Cung cp thng tin v s xm nhp, a ra nhng chnh sch

i ph, khi phc, sa cha

5.3. Phn loiC hai phng php khc nhau trong vic phn tch cc s kin

pht hin cc v tncng: pht hin da trn cc du hiu v phthin s bt thng. Cc sn phm IDS cth s dng mt trong haicch hoc s dng kt hp c hai. Pht hin da trn du hiu: Phng php ny nhndng cc s kin hoc tph p c c s ki n ph hp v i mtmu cc s k in c nh ngha l tn cng. Pht hin s bt thng: cng c ny thit lp mt hin trngcc hot ng bnhthng v sau duy tr mt hin trng hin hnhcho mt h thng. Khi hai yut ny xut hin s khc bit, ngha l c s xm nhp.

6. Mng ring o (virtual private network-VPN)3 TM HIU V TN CNG MAN-IN-THE-MIDDLEGi mo ARP

Cache

4.1. Ni dungMt trong nhng tn cng mng thng thy nht c s dng chng

li nhng c nhn v cc t chc ln chnh l cc tn cng MITM (Man in

the Middle). C th hiu nm na v kiu tn cng ny th n nh mt k

nghe trm. MITM hot ng bng cch thit lp cc kt ni n my tnh

nn nhn v relay cc message gia chng. Trong trng hp b tn cng,nn nhn ctin tng l hang truyn thng mt cch trc tip vi nn

nhn kia, trong khi s thc th cc lung truyn thng li b thng qua

host ca k tn cng. V kt qu l cc host ny khng ch c th thng

dch d liu nhy cm m n cn c th gi xen vo cng nh thay i

lung d liu kim sot su hn nhng nn nhn ca n.

8/3/2019 de cuong2

16/32

Trong lot bi ny, chng ti s gii thch mt s hnh thc tn cng MITM

hay c s dng nht, chng hn nh tn cng gi mo ARP Cache, DNS

Spoofing, chim quyn iu khin (hijacking) HTTP session,.. Nh nhng

g bn thy trong th gii thc, hu ht cc my tnh nn nhn u l cc

my tnh Windows. Vi l do , lot bi ny chng ti s tp trung ton

b vo nhng khai thc MITM trn cc my tnh ang chy hiu hnh

Windows. C th tn cng sc thc hin t cc my tnh Windows.

Tuy nhin trong mt strng hp, khi khng c cng c no cho cc tn

cng hin din, chng ti s s dng Backtrack Linux 4, c th download

di dng mt live-CD hoc mt my o ti y.

Gi mo ARP Cache (ARP Cache Poisoning)

Trong phn u tin ca lot bi ny, chng ti s gii thiu cho cc bn vvic gi mo ARP cache. y l mt hnh thc tn cng MITM hin i c

xut slu i nht (i khi cn c bit n vi ci tn ARP Poison

Routing), tn cng ny cho php k tn cng (nm trn cng mt subnet

vi cc nn nhn ca n) c th nghe trm tt ccc lu lng mng gia

cc my tnh nn nhn. Chng ti chn y l tn cng u tin cn gii

thiu v n l mt trong nhng hnh thc tn cng n gin nht nhng li

l mt hnh thc hiu qu nht khi c thc hin bi k tn cng.

Truyn thng ARP thng thngGiao thc ARP c thit k phc v cho nhu cu thng dch cc a ch

gia cc lp th hai v th ba trong m hnh OSI. Lp th hai (lp data-

link) s dng a chMAC cc thit b phn cng c th truyn thng

vi nhau mt cch trc tip. Lp th ba (lp mng), s dng a chIP

to cc mng c khnng mrng trn ton cu. Lp data-link x l trc

tip vi cc thit bc kt ni vi nhau, cn lp mng x l cc thit b

c kt ni trc tip v khng trc tip. Mi lp c c chphn nh a

ch ring, v chng phi lm vic vi nhau to nn mt mng truyn

thng. Vi l do , ARP c to vi RFC 826, mt giao thc phn nh

a ch Ethernet - Ethernet Address Resolution Protocol.

8/3/2019 de cuong2

17/32

Hnh 1: Qu trnh truyn thng ARP

Thc cht trong vn hot ng ca ARP c tp trung vo hai gi,

mt gi ARP request v mt gi ARP reply. Mc ch ca request v

reply l tm ra a ch MAC phn cng c lin quan ti a chIP cho

lu lng c thn c ch ca n trong mng. Gi request c

gi n cc thit btrong on mng, trong khi gi n ni rng (y ch

l nhn cch ha gii thch theo hng d hiu nht) Hey, a ch IPca ti l XX.XX.XX.XX, a ch MAC ca ti l

XX:XX:XX:XX:XX:XX. Ti cn gi mt vi thn mt ngi c a

chXX.XX.XX.XX, nhng ti khng bit a ch phn cng ny nm

u trong on mng ca mnh. Nu ai c a chIP ny, xin hy p

tr li km vi a ch MAC ca mnh! p tr sc gi i trong gi

8/3/2019 de cuong2

18/32

ARP reply v cung cp cu tr li, Hey thit bpht. Ti l ngi m

bn ang tm kim vi a chIP l XX.XX.XX.XX. a ch MAC ca

ti l XX:XX:XX:XX:XX:XX. Khi qu trnh ny hon tt, thit b pht

s cp nht bng ARP cache ca n v hai thit b ny c th truyn

thng vi nhau.

Vic gi mo Cache

Vic gi mo bng ARP chnh l li dng bn tnh khng an ton ca

giao thc ARP. Khng ging nh cc giao thc khc, chng hn nh

DNS (c thc cu hnh ch chp nhn cc nng cp ng kh an

ton), cc thit b s dng giao thc phn gii a ch (ARP) s chp

nhn nng cp bt clc no. iu ny c ngha rng bt c thit b no

c th gi gi ARP reply n mt my tnh khc v my tnh ny s cpnht vo bng ARP cache ca n ngay gi tr mi ny. Vic gi mt gi

ARP reply khi khng c request no c to ra c gi l vic gi

ARP vu v. Khi cc ARP reply vu v ny n c cc my tnh

gi request, my tnh request ny sngh rng chnhl i tng

mnh ang tm kim truyn thng, tuy nhin thc cht h li ang

truyn thng vi mt k tn cng.

8/3/2019 de cuong2

19/32

Hnh 2: Chn truyn thng bng cc gi mo ARP Cache

Sdng Cain & Abel

Hy chng ti a ra mt kch bn v xem xt n tgc l thuyt

n thc t. C mt vi cng c c th thc hin cc bc cn thit

gi mo ARP cache ca cc my tnh nn nhn.

Chng ti s s dng cng c bo mt kh ph bin mang tn Cain &

Abel ca Oxid.it. Cain & Abel thc hin kh nhiu th ngoi vn gi

mo ARP cache, n l mt cng c rt hu dng cn c trong kho v kh

ca bn. Vic ci t cng cny kh n gin.

Trc khi bt u, bn cn la chn mt sthng tin bsung. C

thnh giao din mng mun sdng cho tn cng, hai a chIP ca

my tnh nn nhn.

8/3/2019 de cuong2

20/32

Khi ln u mCain & Abel, bn sthy mt lot cc tab pha trn

ca s. Vi mc ch ca bi, chng ti slm vic trong tab Sniffer.

Khi kch vo tab ny, bn sthy mt bng trng. in vo bng ny

bn cn kch hot bsniffer i km ca chng trnh v qut cc my

tnh trong mng ca bn.

Hnh 3: Tab Sniffer ca Cain & Abel

Kch vo biu tng th hai trn thanh cng c, ging nh mt cardmng. Thi gian u thc hin, bn s b yu cu chn giao din m

mnh mun sniff (nh hi). Giao din cn phi c kt ni vi mng

m bn s thc hin gi mo ARP cache ca mnh trn . Khi chn

xong giao din, kch OK kch hot bsniffer i km ca Cain & Abel.

Ti y, biu tng thanh cng c ging nh card mng s b nhn

xung. Nu khng, bn hy thc hin iu . xy dng mt danh

sch cc my tnh hin c trong mng ca bn, hy kch biu tngging nh k hiu (+) trn thanh cng c chnh v kch OK.

8/3/2019 de cuong2

21/32

Hnh 4: Qut cc thit b trong mng

Nhng khung li trng rng lc ny sc in y bi mt danh

sch tt c cc thit b trong mng ca bn, cng vi l a ch MAC,

IP cng nh cc thng tin nhn dng ca chng. y l danh sch bn slm vic khi thit lp gi mo ARP cache.

pha di ca schng trnh, bn s thy mt lot cc tab a bn

n cc ca skhc bn di tiu Sniffer. Lc ny bn xy dng

c danh sch cc thit b ca mnh, nhim v tip theo ca bn l lm

vic vi tab APR. Chuyn sang ca s APR bng cch kch tab.

Khi trong ca s APR, bn s thy hai bng trng rng: mt bn pha

trn v mt pha di. Khi thit lp chng, bng pha trn s hin th cc

thit b c lin quan trong gi mo ARP cache v bng bn di s hinth tt c truyn thng gia cc my tnh b gi mo.

Tip tc thit lp s gi mo ARP bng cch kch vo biu tng ging

nh du (+) trn thanh cng c chun ca chng trnh. Ca s xut hin

c hai ct t cnh nhau. Pha bn tri, bn s thy mt danh sch tt c

8/3/2019 de cuong2

22/32

cc thit b c sn trong mng. Kch a ch IP ca mt trong nhng nn

nhn, bn s thy cc kt qu hin ra trong ca s bn phi l danh sch

tt c cc host trong mng, bqua a ch IP va chn. Trong ca s bn

phi, kch vo a ch IP ca nn nhn khc v kch OK.

Hnh 5: Chn thit b nn nhn ca vic gi mo

Cc a ch IP ca c hai thit b lc ny sc lit k trong bng pha

trn ca ca sng dng chnh. hon tt qu trnh, kch vo k hiu

bc x(vng en) trn thanh cng c chun. iu s kch hot cc

tnh nng gi mo ARP cache ca Cain & Abel v cho php h thng

phn tch ca bn trthnh ngi nghe ln tt c cc cut truyn thng

gia hai nn nhn. Nu bn mun thy nhng g ang din ra sau phng

ny, hy ci t Wireshark v lng nghe t giao din khi bn kch hot

gi mo. Bn s thy lu lng ARP n hai thit b v ngay lp tc thy

s truyn thng gia chng.

Hnh 6: Chn lu lng ARP

8/3/2019 de cuong2

23/32

Khi kt thc, hy kch vo k hiu bc x(vng en) ln na ngng

hnh ng gi mo ARP cache.

Trang 3: Bin php phng chng

Bin php phng chng

Nghin cu qu trnh gi mo ARP cache tquan im ca ngi phng

chng, chng ta c mt cht bt li. Qu trnh ARP xy ra trong ch

background nn c rt t khnng c thiu khin trc tip c

chng. Khng c mt gii php c th no, tuy nhin chng ta vn cn

nhng lp trng i tin phong v phn ng trli nu bn lo lng n

vn gi mo ARP cache trong mng ca mnh.

Bo mt LAN

Gi mo ARP Cache ch l mt k thut tn cng m n ch sng st khic gng chn lu lng gia hai thit b trn cng mt LAN. Ch c mt

l do khin cho bn lo sv vn ny l liu thit b ni b trn mng

ca bn c b tha hip, ngi dng tin cy c nh him c hay

khng hoc liu c ai c th cm mt thit b khng tin cy vo mng.

Mc d chng ta thng tp trung ton b nhng c gng bo mt ca

mnh ln phm vi mng nhng vic phng chng li nhng mi e da

ngay t bn trong v vic c mt thi bo mt bn trong tt c th

gip bn loi trc s shi trong tn cng c cp y.M ha ARP CacheMt cch c th bo v chng li vn khng an ton vn c trong cc

ARP request v ARP reply l thc hin mt qu trnh km ng hn.

y l mt ty chn v cc my tnh Windows cho php bn c th b

sung cc entry tnh vo ARP cache. Bn c th xem ARP cache ca my

tnh Windows bng cch mnhc lnh v nh vo lnh arpa.

8/3/2019 de cuong2

24/32

Hnh 7: Xem ARP Cache

C th thm cc entry vo danh sch ny bng cch s dng lnh arps

.

Trong cc trng hp, ni cu hnh mng ca bn khng my khi thayi, bn hon ton c th to mt danh sch cc entry ARP tnh v s

dng chng cho cc client thng qua mt kch bn tng. iu ny s

bo m c cc thit b s lun da vo ARP cache ni b ca chng

thay v cc ARP request v ARP reply.

Kim tra lu lng ARP vi chng trnh ca hng thba

Ty chn cui cng cho vic phng chng li hin tng gi mo ARP

cache l phng php phn ng c lin quan n vic kim tra lu lng

mng ca cc thit b. Bn c th thc hin iu ny vi mt vi hthng pht hin xm phm (chng hn nh Snort) hoc thng qua cc

tin ch c thit kc bit cho mc ch ny (nh xARP). iu ny

c th kh thi khi bn chquan tm n mt thit bno , tuy nhin n

vn kh cng knh v vng mc trong vic gii quyt vi ton bon

mng.

4.2. DEMO

Cain & Abel - Phn Mm D Password

http://mygameworld.forumotion.net/t20-cain-abel-phn-mm-do-password#20http://mygameworld.forumotion.net/t20-cain-abel-phn-mm-do-password#20http://mygameworld.forumotion.net/t20-cain-abel-phn-mm-do-password#20http://mygameworld.forumotion.net/t20-cain-abel-phn-mm-do-password#20

8/3/2019 de cuong2

25/32

Xem Ln Ni Dung Chat :

1. Cain & Abel: ly http://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.html2. Yahoo Messenger Monitor Sniffer: ly http://www.immonitor.com/download/yahoomonitor.exeOK. Nh l ci t y v my nh (ng c hi tui l ci lm sao, ciny bn phi t bit). Let's go.Hnh trn l ARP cache ( xem dng lnh apr-a) ca my A trc khi btn cng. Internet Address chnh l a ch IP, cn Physical Address chnhl a ch MAC. ach 192.168.1.1 l a ch IP ca modem ADSL (ngvai tr my B), c a ch MAC l 00-01-38-56-fc-eb, cn a ch192.168.1.3 l a ch IP ca my Attacker (my tui n), c MAC l 00-16-

d3-fd-99-a2. a ch IP ca my A l 192.168.1.2 ( dng Interface ).

OK. Nu my bn ch c 1 card mng th khng cn lm bc bn di. Vmy ti c nhiu card mng nn cn phi ch nh card mng s dng. Bmvo menu Configure m ca s Configuration v chn card mng (chnci no c IP trng vi IP mnh ang c). Bm OK.

Tip theo, chn tab Sniffer trn, sau chn tip tab Hosts di. Bmtip vo biu tng th 2 t bn tri qua, ngay bn di ci logo Cain (bns thy n lm vo). Bm tip vo du cng (+) mu xanh. Ca s MACAddress Scanner hin ra. mc nh v bm OK. Bc ny ta s qut ttc cc a ch IP v a ch MAC ca tt c cc my trong cng mng LAN.

D Password Mt

T giao din tng tc ca chng trnh, bn hy chn th Decoders, nhpchut ln mc Protected Storage thucvng Cached Passwords ri nhpchut ln chic nt c biu tng l du + mu xanh dng nm trn thanhcng c. Ngay lp tc, bn s bit c mt khu m mnh b qun (xem

ct Password), tn ng nhp tng ng (Username), loi ti khon (Type),v.v...

Hy thc hin cc bc tng t nh trn nu mun tm kim mt khuca cc loi ti khon khc, chng hn nh ti khon kt ni Internet khngdy (Wireless Passwords), mt khu ti khon Webmail (c lu tr trongtrnh duyt Web) (IE7 Passwords), mt khu ti khon th in t (c

http://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.htmlhttp://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.htmlhttp://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.htmlhttp://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.htmlhttp://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.htmlhttp://www.immonitor.com/download/yahoomonitor.exehttp://www.immonitor.com/download/yahoomonitor.exehttp://www.immonitor.com/download/yahoomonitor.exehttp://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.htmlhttp://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.htmlhttp://www.tech24.vn/security/download/5725-Cain--Abel-4936---Cong-cu-chuyen-bat-goi-tin-va-crack-cac-password-da-ma-hoa.html

8/3/2019 de cuong2

26/32

lu tr trong trnh e-mail Outlook Express) (Windows Mail Passwords),mt khu ti khon kt ni Internet kiu quay s (Dialup Passwords) vhin th mt khu c che giu bng du * trong cc hp thoi (EditBoxes).

Hack Password Mng Lan:

Lm th no s dng Cain & Abel hack mng LAN:S dng chng trnh ny l xa hn n gin v d s dng wireshark,nhng nu bn mun c mt gi i theo li ra v ca tt c cc mc ckhuyn khch bn s dng chng trnh wiresharkCain bn m chng trnhBm vo cc cu hnhTrong mc "Sniffer" chn th Ethernet, bn s s dng

Trong mc "HTTP trng", bn phi thm mt tn ngi dng v mt khulnh vc khi cc lnh vc m bn mun khng c trong danh sch.V d, ti s cho bn bit rng ti mun hack mt khu Friendster bn cn

phi thm tn ngi dng trong cc trng v cc lnh vc passworsd ttn, cc bn c th tm thy n bng cch nhn cc bm chut phi voxem m ngun v bn nn tm mt bin u vo t cc trang web ngnhp v mt khu. L mc nh c trong rasanyan y , bn c thn cp thng qua mt trong cc klubmentari m khng c bt k gia tng.Sau khi c p dng v nhp vo settingannya okTrong trnh n chnh cn c 8 th tab, m s c tho lun v ch c 1tab l tab "Sniffer" v n c chn tab v khng pindah2 ca cc th tabca ring bn trnh nhm lnChuyn sang Sniffer vi sniffer bm vo nt trn u trang tab2, vic tmkim cc bi vit m kho "Bt u / Dng Sniffer"Khi bn c mng li cc trung tm ti thi im ny bn bit cmt khu c th c nhp vo vi mt click vo tab (Cc th tab trn dicng khng phi l gia, l khng c nhp chut nhp vo mt ln na)"Mt khu"Bn chn mt khu m t kt ni bn mun xem s c c ng k c

Nu bn c xut hin trn mng li chuyn i, iu ny i hi phi utranh nhiu hn, bn phi kch hot APR tombolonya c quyn Sniffer (Viu ny khng m bo thnh cng v qun l ca cc chuyn i l mc an ton y t cc trung tm &)Trc khi chuyn vo mt th tab sniffer chn di cng ca APR2 phn s c thy l khng c sn phm no trong danh sch, bm vo

pha trn cng ca danh sch l trng rng, v sau bm vo "+" (chng

8/3/2019 de cuong2

27/32

hn nh biu mu) c ngha l trong phm vi chnh sniffer APR vvS c 2 lnh vc tri cy c cha tt c cc my trn mng bnKt ni gia cc nn nhn ip a ch ip a ch v cng my ch (cho cccng ra my phc v a ch nhp vo cc my tnh bn bt u chy v lachn loi hnh cmd g ipconfig du nhc lnh)Sau kch hot tnh nng mi APR, v tt c cc d liu t my ch btn cng vo my tnh, bn c th xem cng mt cch.

Bn c th chy c hai chng trnh trn cng mt (cho APR Cain vwireshark cho gi sniffing) nu bn mun ti a ha cc kt qu.

Mt khu m bn c th n cp mt khu m l mt trong HTTP my ch(server khng c m ha), nu d liu c m ha trn my ch m bn

phi mendekripsi d liu trc khi nhn c mt khu (v s i hi phi

c thm rt nhiu BC 2 di ng t hack ny )

Hack Pass Wifi :Bc 1: Sau khi install xong Cain v khi ng Cain th ta cn phi cuhnh Network Adapter cho ng.Trn menu ca Cain chn Configure > la chn Network Adapter phhpClick Start SnifferBc 2: La chn Tab Sniffer > Scan MAC Addresses, y s ra danhsch cc a ch IP m chng trnh Scan cBc 3: Tab bn di ca Tab Sniffer la chn phn APR. Tai khung APRta c th thm a ch IP m cn sniff. La chn IP ch , IP ngunBc 4: V click Start APR, v ngi ch password v lng

Cc bn c th xem video clip sau bit r hnTrong on video clip mnh s sniff password gi t my c IP:192.168.1.7.a ch IP my mnh l 192.168.1.6 c s dng chng trnh Cain ang chdzt bt k password no m my 192.168.1.7 trnh

1, download ban BT4 beta ve ghi ra dia....2, ban download them chuong trinh Network Stumbler hoc Cain ve de doMAC va kenh cua wifi can crack(Vi khi vao BT4 toi go lenh aimo-ngwlan0 thi ko chay dc->ko do dc MAC va Kenh)3,ban khoi dong lai may....cho dia BT4 beta vao va an F12...bam Enter thi

8/3/2019 de cuong2

28/32

phai......cho cho no chay xong ... go lenh startx vaoluc nay no se hien len cua so chinh cua BT4 co giao dien nhu ban xemvideo huong dan luon...cung kha giong giao dien cua win do....4, ban go lenh airmon-ng roi bam enterde bit dc cac wifi minh duong...thuong la wlan0 ,neu ban dung 1 cac wifi5, ban go tiep lenh airodump-ng -w wep -c (kenh) --bssid (Mac) wlan0 bamenterVidu: airodump-ng -w wep -c 11 --bssid 00:1a:2b:2b:45:10 wlan0luc nay cac thong so bat dau chay nhung co the con cham...nhat la data cothe tang rat cham6, Ban go tiep lenh aireplay-ng -10 -a (Mac) wlan0vi du: aireplay-ng -10 -a 00:1a:2b:2b:45:10 wlan07, ban go tiep lenh aireplay-ng -3 -b (mac) wlan0

luc naycac goi packets bat dau gui di...luong data bat dau tangnhanh....nhung cung co the ban phai cho khoang 10 den 15 phut thi khi dodata tang moi nhanh..toi da phai thu di thu lai rat nhieu lan8.Ban cho cho luong data len khoang tren 30 000 hoac 40 000 hoac lon hon(luc nay data co the dat den con so nay thi no phai chay cung nhanhroi...chu ko tang cham nhu luc dau nua)Tiep theo ban go lenh dir thi no se hien ra ten five ma minh da luu cac dulieu gui va nhan packets co dang wep-01.cap hoac wep-02.cap....9 ban go tiep lenh aircrack-ng -wep-01.cap (tuy theo ten thu duoc ma lenhtren ban go)luc nay la ket qua.. key fond se hien ra...va do la pass ma minh can tim....

Chu y: 1. ban phai go dung lenh tung khoang trong, dau cach"-" ,neu ko thino se ko chay ....luc dau toi cung da go sai nhieu lan....2. Toi dung lap top HP...cac mang wifi cua toi la loai boocam thi phai....vacung da dung usb Wifi dlink534 cung co ho tro de crack...ngoai ra toi dathu dung voi 2may khac la loai asus cua 2 thang ban thi nhu hinh ko ho trothi phai...go lenh vao ma no ko chay cac thong so....

Tren la mot so buoc toi da lam va da thanh cong...pha duoc 3 cai passroi...Toi o kitucxa..pha dc mot cai pas ma chua qua 3 ngay ca kituc deubit...pass...nguoi ta ma tra ra thi het duong chay toi...co the thay rang nhu cau dung wifi chua rat lon...hihi:d

8/3/2019 de cuong2

29/32

Trc khi c tip phn pha di, ti xin lu l bi vit ny ch hng

dn cch c ni dung chat Yahoo ca ngi khc (tt nhin l khng

phi ni dung ngi chat vi mnh ri) ch khng hng dn cch ly

password Yahoo nh.

Tht ra th cch d nht c chat ca ngi khc l...ln ng sau lng

ngi ta m nhn , nhng m ti s khng chu trch nhim nu bn b

ngi pht hin, hu qu bn t gnh chu ly nh . Thi, ni lan man

vy ri, let's go.

Phn 1: L thuyt

Gi s ti c m hnh mng nh bn di:

y, ti ng vai 1 Attacker v mun "nghe ln" cuc "ni chuyn"

gia 2 my A v B. Nu bn no c bit qua v mng my tnh th s bit

1 my tnh c 1 a ch IP v 1 a ch MAC (n tng t nh s nh bn

y m), cc a ch ny dng nhn din 1 my tnh trn mng. Gi s

A mun ni chuyn vi B nhng n ch bit a ch IP ca B m khng

bit a ch MAC ca B, A lp tc gi 1 gi tin ARP Request ra ton

mng v hi rng: ", ku no c a ch IP l x.y.z.t ni tao bit a ch

MAC ca my l nhiu?". Khi , c my B ln my Attacker u nhn

c gi tin ny, nhng ch c B hi p li cho A bng 1 gi tin ARPReply, bo cho A bit a ch MAC ca mnh. Khi c thng tin v

a ch IP v MAC ca my B, A bt u trao i d liu vi B. a ch

MAC ca B s c A lu li trong Cache ln sau nu c trao i d

liu vi B th khng cn phi hi a ch MAC na. Tuy nhin, vn

nm ch giao thc ARP hot ng tng 2, trong khi a ch IP li nm

8/3/2019 de cuong2

30/32

tng 3 (trong m hnh 7 tng OSI) nn A s khng th kim chng

c thng tin c ng l my B vi a IP x.y.z.t c a ch MAC nh

vy khng. By gi, Attacker ch cn gi 1 gi tin ARP Reply cho A v

bo rng: ", tao B n. Gi a ch MAC ca tao l a-b-c-d ch khng

ging hi ny na nha". V khng th kim chng c thng tin ny nn

A cng nhm mt a chn ghi thng tin ny vo Cache, ln thng tin

chnh xc v B ghi nhn bc trc. He he, nh vy, by gi mi

ln thay v A gi d liu cho B th n li gi n my Attacker. Nhng

mt vn khc li xy ra: nu thng tin khng n c my B th my

B u c bit m tr li my A, vy sao gi l "nghe ln" A v B "ni

chuyn" c? Cch n gin l Attacker nh la lun c B B tng

my Attacker l my A, khi d liu t A gi n B (nhng thc ra l nAttacker), Attacker s gi li 1 bn v chuyn tip n cho B. Khi B tr

lili cho A (cng li n Attacker), Attacker cng s gi li 1 bn v

chuyn tip n cho A. n y th chc cc bn cng hnh dung ra cch

m Attacker nghe ln A v B ni chuyn ri h. Attacker trong trng

hp ny c gi l "Man-in-the-middle".

Phn2: Thc hnh

c xong phn l thuyt trn, c bn s thc mc: "a, sao ng ni ng

ch tui cch c chat Yahoo ca ngi khc m sao t ny gi ton ni g

m my A, my B, ri my Attacker tm lum ht trn, ch thy ni ti

Yahoo u ht". "Bnh tnh no bn, tui gi nh: d cho bn c chat vi

ai i na, th ni dung chat ca bn cng phi i t my bn n ci

modem ADSL ra internet ch phi khng no?". ", hnh nh tui c

v hiu hiu ri . C phi l ci my mnh mun c ni dung chat s

ng vai tr my A, cn modem ADSL s ng vai tr my B trong m

hnh trn khng?". "Hoan h, ng ri . Tui bit bn thng minh lm

m. Nhng m ch l l thuyt thi, chng ta khng th tay khng m

bt gic c. Bn cn chun b cho ti my th ngh sau:

1. Cain & Abel: ly www.oxid.it

http://www.oxid.it/http://www.oxid.it/http://www.oxid.it/http://www.oxid.it/

8/3/2019 de cuong2

31/32

2. Yahoo Messenger Monitor Sniffer: ly

http://www.immonitor.com/download/yahoomonitor.exe

OK. Nh l ci t y v my nh (ng c hi tui l ci lm sao, ci

ny bn phi t bit). Let's go.

Mt vi hnh nh trc khi bt u tn cng:

Hnh trn l ARP cache ( xem dng lnh apr-a) ca my A trc khi

b tn cng. Internet Address chnh l a ch IP, cn Physical Address

chnh l a ch MAC. a ch 192.168.1.1 l a ch IP ca modemADSL (ng vai tr my B), c a ch MAC l 00-01-38-56-fc-eb, cn

a ch 192.168.1.3 l a ch IP ca my Attacker (my tui n), c MAC

l 00-16-d3-fd-99-a2. a ch IP ca my A l 192.168.1.2 ( dng

Interface ).

By gi chy Cain & Abel. Giao din thng Cain n:

OK. Nu my bn ch c 1 card mng th khng cn lm bc bn di.

V my ti c nhiu card mng nn cn phi ch nh card mng s dng.

Bm vo menu Configure m ca s Configuration v chn card

mng (chn ci no c IP trng vi IP mnh ang c). Bm OK.

Tip theo, chn tab Sniffer trn, sau chn tip tab Hosts di.

Bm tip vo biu tng th 2 t bn tri qua, ngay bn di ci logo

Cain (bn s thy n lm vo). Bm tip vo du cng (+) mu xanh. Ca

s MAC Address Scanner hin ra. mc nh v bm OK. Bc ny ta

http://www.oxid.it/http://www.immonitor.com/download/yahoomonitor.exehttp://www.immonitor.com/download/yahoomonitor.exehttp://www.immonitor.com/download/yahoomonitor.exe

8/3/2019 de cuong2

32/32

s qut tt c cc a ch IP v a ch MAC ca tt c cc my trong

cng mng LAN.