ICMP Redirect 활성화/비활성화 테스트

Linux/모의해킹

ICMP Redirect 활성화/비활성화 테스트

GGkeeper 2022. 1. 11. 03:01

실습> ICMP Redirect 활성화/비활성화 테스트

공격자는 ICMP Redirect 공격을 시도한다.
Attacker# ./icmpRedirect.sh
HPING 192.168.108.105 (eth0 192.168.108.105): icmp mode set, 28 headers + 0 data bytes

ICMP Redirect를 비활성화 하고 Victim을 재부팅한다.
-- icmpRedirectOff.reg --
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"EnableICMPRedirect"=dword:00000000
-- icmpRedirectOff.reg --

라우팅 테이블을 확인한다.
C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c 29 0e 30 1e ...... AMD PCNET Family PCI Ethernet Adapter - 패킷 스
케줄러 미니 포트
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.108.2  192.168.108.105      10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    192.168.108.0    255.255.255.0  192.168.108.105  192.168.108.105      10
  192.168.108.105  255.255.255.255        127.0.0.1       127.0.0.1       10
  192.168.108.255  255.255.255.255  192.168.108.105  192.168.108.105      10
        224.0.0.0        240.0.0.0  192.168.108.105  192.168.108.105      10
  255.255.255.255  255.255.255.255  192.168.108.105  192.168.108.105      1
Default Gateway:     192.168.108.2
===========================================================================
Persistent Routes:
  None

ICMP Redirect를 비활성화 하고 Victim을 재부팅한다.
-- icmpRedirectOn.reg --
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"EnableICMPRedirect"=dword:00000001
-- icmpRedirectOn.reg --

C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c 29 0e 30 1e ...... AMD PCNET Family PCI Ethernet Adapter - 패킷 스
케줄러 미니 포트
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.108.2  192.168.108.105      10
          8.8.8.8  255.255.255.255  192.168.108.102  192.168.108.105      1      <--
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    192.168.108.0    255.255.255.0  192.168.108.105  192.168.108.105      10
  192.168.108.105  255.255.255.255        127.0.0.1       127.0.0.1       10
  192.168.108.255  255.255.255.255  192.168.108.105  192.168.108.105      10
        224.0.0.0        240.0.0.0  192.168.108.105  192.168.108.105      10
  255.255.255.255  255.255.255.255  192.168.108.105  192.168.108.105      1
Default Gateway:     192.168.108.2
===========================================================================
Persistent Routes:
  None

'Linux > 모의해킹' 카테고리의 다른 글

LAND Attack (0)	2022.01.11
Ping Of Death (0)	2022.01.11
ICMP Redirect 공격하기 (0)	2022.01.11
ARP 정적 변경하기 (0)	2022.01.11
Victim2 의 IP 주소와 MAC 주소의 정책을 우회하기 (0)	2022.01.08

현재글ICMP Redirect 활성화/비활성화 테스트

정보 보안 분야

physical, 물리계층, 1계층, 서버, php, Netcat, ubuntu, 가상 호스트, Linux, 반복문, 리눅스, 설치, 파이썬, Python, 도메인, iptables, for 문, http, html, Network,

Today :
Yesterday :

일	월	화	수	목	금	토
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28

정보 보안 분야