diff --git a/content/Etudiants/zz2-f5-websec.md b/content/Etudiants/zz2-f5-websec.md new file mode 100644 index 0000000000000000000000000000000000000000..8d864a98dde7daed66124e0c9704ef0af605b267 --- /dev/null +++ b/content/Etudiants/zz2-f5-websec.md @@ -0,0 +1,139 @@ +Title: ZZ2 F5 WebSec +Date: 2017-11-20 10:55 +Category: <i class='fa fa-graduation-cap' aria-hidden='true'></i> Étudiants +Tags: cours + +[TOC] + +## Plan du cours + +* [organisation du cours](https://doc.m4z3.me/_/1337/index.htm) + +* Introduction + + * [Contexte](https://doc.m4z3.me/_/1337/contexte.htm) + * [Cadre juridique](https://doc.m4z3.me/_/1337/droit.htm) + +* Architecture + + * [HTTP](https://doc.m4z3.me/_/1337/HTTP.htm) + * [TLS/SSL](https://doc.m4z3.me/_/1337/TLS.htm) + +* Pentesting + + * [Collecter](https://doc.m4z3.me/_/1337/collecter.htm) + * [Détecter](https://doc.m4z3.me/_/1337/detecter.htm) + +* Exploit + + * [Heartbleed](https://doc.m4z3.me/_/1337/heartbleed.htm) + +* Mécanisme + + * [Authentification](https://doc.m4z3.me/_/1337/AUTH.htm) + +* Vulnérabilités communes + + * [Command execution](https://doc.m4z3.me/_/1337/CMDi.htm) + +* Exploit + + * [Shellshock](https://doc.m4z3.me/_/1337/shellshock.htm) + * [Upload](https://doc.m4z3.me/_/1337/upload.htm) + * [LFI_RFI](https://doc.m4z3.me/_/1337/LFI_RFI.htm) + * [XSS](https://doc.m4z3.me/_/1337/XSS.htm) + * [CSRF](https://doc.m4z3.me/_/1337/CSRF.htm) + * [SQLi](https://doc.m4z3.me/_/1337/SQLi.htm) + +* Exploit + + * [Drupalgeddon](https://doc.m4z3.me/_/1337/drupalgeddon.htm) + +* Se protéger + + * [Top10](https://doc.m4z3.me/_/1337/top10.htm) + * [anticiper](https://doc.m4z3.me/_/1337/anticiper.htm) + * [réagir](https://doc.m4z3.me/_/gdi/cnrs.htm#/cover) + + +## Recréer l'environnement de cours dans VirtualBox + +sous windows voudevrez peut être utiliser le path entier de vboxmanage + +``` +"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" +``` + +### Créer un réseau NAT + +``` +vboxmanage natnetwork add --netname natwebsec --network "10.0.2.0/24" --enable --dhcp off +``` + +### Télécharger les ova + +voir [https://drive.mesocentre.uca.fr/d/69e5535b0b88425396d7/](https://drive.mesocentre.uca.fr/d/69e5535b0b88425396d7/) + +``` +wget https://drive.mesocentre.uca.fr/d/69e5535b0b88425396d7/files/?p=/debian.ova +wget https://drive.mesocentre.uca.fr/d/69e5535b0b88425396d7/files/?p=/proxy.ova +wget https://drive.mesocentre.uca.fr/d/69e5535b0b88425396d7/files/?p=/kali.ova +wget https://drive.mesocentre.uca.fr/d/69e5535b0b88425396d7/files/?p=/thenetwork.ova +``` +<div class="panel panel-warning"> + <div class="panel-heading"> + <h3 class="panel-title">FYI</h3> + </div> + <div class="panel-body"> + il y a environ 7 Go d'images, n'hésitez pas à vous les faire passer via des clés USB + </div> +</div> + +### Importer les images OVA + +``` +vboxmanage import ~/Documents/debian.ova +vboxmanage import ~/Documents/proxy.ova +vboxmanage import ~/Documents/kali.ova +vboxmanage import ~/Documents/thenetwork.ova +``` + +### Mettre en place le port-forwarding + +``` +vboxmanage natnetwork modify --netname natwebsec --port-forward-4 "ssh:tcp:[127.0.0.1]:13372:[10.0.2.2]:22" +vboxmanage natnetwork modify --netname natwebsec --port-forward-4 "ssh:tcp:[]:13373:[10.0.2.3]:22" +vboxmanage natnetwork modify --netname natwebsec --port-forward-4 "ssh:tcp:[]:13374:[10.0.2.4]:22" +vboxmanage natnetwork modify --netname natwebsec --port-forward-4 "ssh:tcp:[]:13375:[10.0.2.5]:22" +``` + +### Se connecter en ssh + +``` +ssh -p 13372 student@127.0.0.1 # on debian with password student +ssh -p 13373 student@127.0.0.1 # on proxy with password student +ssh -p 13374 student@127.0.0.1 # on kali with password student +ssh -p 13375 student@127.0.0.1 # on thenetwork with password student +``` + +### /etc/hosts + +``` +10.0.2.1 us.er + +10.0.2.2 debian +10.0.2.2 mutillid.ae good.one go.od targ.et +10.0.2.2 dvwa.com dv.wa +10.0.2.2 good.one go.od targ.et d.oc dum.my +10.0.2.2 drup.al hackable-drupal.com drupal +10.0.2.2 wordpre.ss bl.og wp wordpress +10.0.2.2 spip sp.ip + +10.0.2.3 proxy +10.0.2.3 secured heart.bleed fo.ol + +10.0.2.4 kali +10.0.2.4 bad.guy hack.er 1337.net + +10.0.2.5 thenetwork +```