20201202 cisco KDLinux

課堂資料

建立一個 router 和 Linux,並將它們設置 IP
R1
Linux
int e0/0
ip addr 192.168.1.1 255.255.255.0
no shut
line vty 0 4
login
password cisco
transport input telnet
ip addr add 192.168.1.2/24 brd + dev eth0
ping 192.168.1.1
telnet 192.168.1.1
Linux
eth0 自帶 IP,可以直接 Ping8.8.8.8www.google.com
時間設置
timedatectl set-timezone Asia/Taipei
更新
systemctl restart ntp.service
ntpd
apt update
apt install curl wget
useradd user
mkdir /home/user -p
chown user:user /home/user
su - user
bash
git clone https://github.com/reverse-shell/routersploit
cd routersploit/
python3 -m pip install -r requirements.txt
python3 rsf.py
use scanners/routers/router_scan
set target 12.1.1.1
run
exit

課堂練習

R1
R2
Linux
int e0/0
ip add 12.1.1.1 255.255.255.0
no shut
router rip
ver 2
no auto-summary
network 12.1.1.0
exit
ip domain-name test.com
crypto key generate rsa
ip ssh ver 2
line vty 0 4
login local
transport input ssh
username root privilege 15 password 12345
end
show running-config | inc username
int e0/0
ip add 12.1.1.2 255.255.255.0
no shut
int e0/1
ip add 192.168.1.1 255.255.255.0
no shut
router rip
ver 2
no auto-summary
network 12.1.1.0
network 192.168.1.0
end
ssh -l root 12.1.1.1
ip addr add 192.168.1.2/24 brd + dev eth0
ip route add default via 192.168.1.1
ping 192.168.1.1
ping 12.1.1.1
cd Downloads
vim test.txt
123
1234
12345
123456
111
222
hydra -l root -p test.txt ssh://12.1.1.1 -t 4
R2
vm1
int e0/2
ip addr dhcp
no shut
do sh ip int brief
exit
enable password 12345
line vty 0 4
password 12345
login
transport input telnet
ping 192.168.8.135
yum install telnet
telnet 192.168.8.135
yum install python-pip
pip install pexpect
yum install python3 python3-pip
python3
import pexpect
child=pexpect.spawn('telnet 192.168.157.143')
child=expect('Password:')
child=sendline('12345')
child=expect('R2#')
child=sendline('sh ip int brief')
child=expect('R2#')
child.before
cd /tmp
ip ro sh
./test.py