From bc8a5732f8f589ca8d56f4f59a3a31a2b82ba1ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20MARQUET?= <72651575+BreizhHardware@users.noreply.github.com> Date: Mon, 9 Feb 2026 09:56:13 +0100 Subject: [PATCH] Obisidian vault auto-backup: 09-02-2026 09:56:13 on . 2 files edited --- .obsidian/workspace.json | 7 ++- ISEN/Sécurité IOT/CIPA4/Sécurité IOT TP1.md | 67 ++++++++++++++++++++- 2 files changed, 70 insertions(+), 4 deletions(-) diff --git a/.obsidian/workspace.json b/.obsidian/workspace.json index 5b314af..eb8fec3 100644 --- a/.obsidian/workspace.json +++ b/.obsidian/workspace.json @@ -67,7 +67,8 @@ "title": "20011126_fips-197" } } - ] + ], + "currentTab": 1 } ], "direction": "vertical" @@ -240,10 +241,10 @@ "obsidian-git:Open Git source control": false } }, - "active": "e11a6a080eb83632", + "active": "37a6109c5cf4f8fa", "lastOpenFiles": [ - "ISEN/Sécurité IOT/CIPA4/IoT.Firmware.Analysis.pdf", "ISEN/Sécurité IOT/CIPA4/Sécurité IOT TP1.md", + "ISEN/Sécurité IOT/CIPA4/IoT.Firmware.Analysis.pdf", "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/20011126_fips-197.pdf", "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/Crypto Cours 2.md", "ISEN/Sécurité IOT/CIPA4/Firmware/extractions/iotdev_firmware.bin.extracted/120200/squashfs_120200.sqsh", diff --git a/ISEN/Sécurité IOT/CIPA4/Sécurité IOT TP1.md b/ISEN/Sécurité IOT/CIPA4/Sécurité IOT TP1.md index 5db39a5..f04675c 100644 --- a/ISEN/Sécurité IOT/CIPA4/Sécurité IOT TP1.md +++ b/ISEN/Sécurité IOT/CIPA4/Sécurité IOT TP1.md @@ -56,7 +56,9 @@ default:default:1001:1001:Linux User,,,:/home/default:/bin/sh 1 password hash cracked, 0 left - +felix@Debian-13:~/Firmware/_iotdev_firmware.bin.extracted/squashfs-root$ grep '^root' etc/shadow > root.shadow +felix@Debian-13:~/Firmware/_iotdev_firmware.bin.extracted/squashfs-root$ grep '^root' etc/passwd > root.passwd +felix@Debian-13:~/Firmware/_iotdev_firmware.bin.extracted/squashfs-root$ unshadow root.passwd root.shadow > root.hash felix@Debian-13:~/Firmware/_iotdev_firmware.bin.extracted/squashfs-root$ john root.hash Loaded 1 password hash (md5crypt [MD5 32/64 X2]) Will run 4 OpenMP threads @@ -147,3 +149,66 @@ emulated/mips32/rootfs.ext2 ``` +```Bash +# netstat -unta +Active Internet connections (servers and established) +Proto Recv-Q Send-Q Local Address Foreign Address State +tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN +tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN +tcp 0 0 :::22 :::* LISTEN +``` + +He want to install a backdore + +```Bash +# ./backdoor & +# ls +backdoor ss_mips +# netstat -unta +Active Internet connections (servers and established) +Proto Recv-Q Send-Q Local Address Foreign Address State +tcp 0 0 0.0.0.0:9999 0.0.0.0:* LISTEN +tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN +tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN +tcp 0 0 :::22 :::* LISTEN + +# ps aux +PID USER COMMAND + 1 root init + 2 root [kthreadd] + 3 root [kworker/0:0] + 4 root [kworker/0:0H] + 5 root [kworker/u2:0] + 6 root [mm_percpu_wq] + 7 root [ksoftirqd/0] + 8 root [rcu_sched] + 9 root [rcu_bh] + 10 root [migration/0] + 11 root [cpuhp/0] + 12 root [kdevtmpfs] + 13 root [netns] + 14 root [oom_reaper] + 15 root [writeback] + 16 root [kcompactd0] + 17 root [crypto] + 18 root [bioset] + 19 root [kblockd] + 20 root [kswapd0] + 21 root [kworker/0:1] + 22 root [bioset] + 29 root [bioset] + 30 root [bioset] + 31 root [kworker/0:1H] + 32 root [ipv6_addrconf] + 33 root [ext4-rsv-conver] + 45 root /sbin/syslogd -n + 48 root /sbin/klogd -n + 55 root [kworker/u2:1] + 81 root nginx: master process /usr/sbin/nginx + 83 www-data nginx: worker process + 86 root /usr/sbin/sshd + 103 root -sh + 114 root ./backdoor + 119 root ps aux +``` +