hacktricks/network-services-pentesting/pentesting-ntp.md

6.5 KiB

123/udp - Pentesting NTP

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %} {% endhint %}

Join HackenProof Discord server to communicate with experienced hackers and bug bounty hunters!

Hacking Insights
Engage with content that delves into the thrill and challenges of hacking

Real-Time Hack News
Keep up-to-date with fast-paced hacking world through real-time news and insights

Latest Announcements
Stay informed with the newest bug bounties launching and crucial platform updates

Join us on Discord and start collaborating with top hackers today!

Basic Information

Network Time Protocol (NTP) inahakikisha kompyuta na vifaa vya mtandao katika mitandao yenye latensi tofauti zinafanya usawazishaji wa saa zao kwa usahihi. Ni muhimu kwa kudumisha usahihi wa wakati katika operesheni za IT, usalama, na uandishi wa kumbukumbu. Usahihi wa NTP ni muhimu, lakini pia unatoa hatari za usalama ikiwa haujasimamiwa vizuri.

Summary & Security Tips:

  • Purpose: Inasawazisha saa za vifaa kupitia mitandao.
  • Importance: Muhimu kwa usalama, uandishi wa kumbukumbu, na operesheni.
  • Security Measures:
  • Tumia vyanzo vya NTP vilivyoaminika na uthibitisho.
  • Punguza ufikiaji wa mtandao wa seva za NTP.
  • Fuata usawazishaji kwa ishara za kuingilia kati.

Default port: 123/udp

PORT    STATE SERVICE REASON
123/udp open  ntp     udp-response

Uhesabuzi

ntpq -c readlist <IP_ADDRESS>
ntpq -c readvar <IP_ADDRESS>
ntpq -c peers <IP_ADDRESS>
ntpq -c associations <IP_ADDRESS>
ntpdc -c monlist <IP_ADDRESS>
ntpdc -c listpeers <IP_ADDRESS>
ntpdc -c sysinfo <IP_ADDRESS>
nmap -sU -sV --script "ntp* and (discovery or vuln) and not (dos or brute)" -p 123 <IP>

Examine configuration files

  • ntp.conf

NTP Amplification Attack

How NTP DDoS Attack Works

Protokali ya NTP, inayotumia UDP, inaruhusu kufanya kazi bila haja ya taratibu za handshake, tofauti na TCP. Sifa hii inatumika katika NTP DDoS amplification attacks. Hapa, washambuliaji wanaunda pakiti zenye IP ya chanzo bandia, na kufanya ionekane kama maombi ya shambulio yanatoka kwa mwathirika. Pakiti hizi, mwanzoni zikiwa ndogo, zinamfanya seva ya NTP kujibu kwa kiasi kikubwa cha data, na kuongeza nguvu ya shambulio.

Amri ya MONLIST, licha ya matumizi yake kuwa nadra, inaweza kuripoti wateja 600 wa mwisho waliounganishwa na huduma ya NTP. Ingawa amri yenyewe ni rahisi, matumizi yake mabaya katika mashambulizi kama haya yanaonyesha udhaifu mkubwa wa usalama.

ntpdc -n -c monlist <IP>

Shodan

  • ntp

HackTricks Amri za Otomatiki

Protocol_Name: NTP    #Protocol Abbreviation if there is one.
Port_Number:  123     #Comma separated if there is more than one.
Protocol_Description: Network Time Protocol         #Protocol Abbreviation Spelled out

Entry_1:
Name: Notes
Description: Notes for NTP
Note: |
The Network Time Protocol (NTP) ensures computers and network devices across variable-latency networks sync their clocks accurately. It's vital for maintaining precise timekeeping in IT operations, security, and logging. NTP's accuracy is essential, but it also poses security risks if not properly managed.

https://book.hacktricks.xyz/pentesting/pentesting-ntp

Entry_2:
Name: Nmap
Description: Enumerate NTP
Command: nmap -sU -sV --script "ntp* and (discovery or vuln) and not (dos or brute)" -p 123 {IP}

Jiunge na HackenProof Discord server ili kuwasiliana na hackers wenye uzoefu na wawindaji wa makosa!

Uelewa wa Udukuzi
Shiriki na maudhui yanayoangazia msisimko na changamoto za udukuzi

Habari za Udukuzi kwa Wakati Halisi
Endelea kuwa na habari kuhusu ulimwengu wa udukuzi kwa kupitia habari na uelewa wa wakati halisi

Matangazo Mapya
Baki na habari kuhusu makosa mapya yanayoanzishwa na masasisho muhimu ya jukwaa

Jiunge nasi kwenye Discord na uanze kushirikiana na hackers bora leo! {% hint style="success" %} Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %} {% endhint %}