ããã¯ãUbuntu OnlineãFedora OnlineãWindows ãªã³ã©ã€ã³ ãšãã¥ã¬ãŒã¿ãŒãMAC OS ãªã³ã©ã€ã³ ãšãã¥ã¬ãŒã¿ãŒãªã©ãè€æ°ã®ç¡æãªã³ã©ã€ã³ ã¯ãŒã¯ã¹ããŒã·ã§ã³ã®ããããã䜿çšããŠãOnWorks ç¡æãã¹ãã£ã³ã° ãããã€ããŒã§å®è¡ã§ããã³ãã³ã cntlm ã§ãã
ããã°ã©ã ïŒ
NAME
cntlm - TCP/IP ãã³ããªã³ã°ãšã¢ã¯ã»ã©ã¬ãŒã·ã§ã³ã«ãã HTTP(S) ãããã·ã®èªèšŒ
SYNOPSIS
cntlm [ -AaBcDdFfgHILlMPprSTUuvw ] [ host1 port1 | host1:port1 ]..ã ãã¹ãN ããŒãN
DESCRIPTION
ã³ã³ãããŒã© NTLM/NTLM SR/NTLMv2 èªèšŒ HTTP ãããã·ã§ãã ããã¯ããªãã®éã«ç«ã£ãŠããŸã
ã¢ããªã±ãŒã·ã§ã³ãšäŒæ¥ãããã·ã«æ¥ç¶ããNTLM èªèšŒããªã³ã¶ãã©ã€ã§è¿œå ããŸãã ããªãã¯ã§ãã
è€æ°ã®ã芪ããããã·ãæå®ãããšãCntlm 㯠XNUMX ã€ãæ©èœãããŸã§æ¬¡ã ãšè©Šè¡ããŸãã å šãŠ
èªèšŒãããæ¥ç¶ã¯ãã£ãã·ã¥ãããŠåå©çšãããé«ãå¹çãå®çŸãããŸãã ã¢ããªããã€ã³ãããã ã
Cntlm ã§ãããã·èšå®ãè¡ããcntlm.conf (cntlm.ini) ã«èšå ¥ããã°æºåå®äºã§ãã ããã¯
Windows ã§äŸ¿å©ã§ãããMicrosoft 以å€ã® OS ã§ã¯äžå¯æ¬ ã§ãã ãããã· IP ã¢ãã¬ã¹ã¯
CLI çµç±ã§æå® (ãã¹ã1:ããŒã1 ããž ãã¹ãN:ããŒãN) ãŸãã¯æ§æãã¡ã€ã«ã
å¥ã®ãªãã·ã§ã³ã¯æã£ãŠããããšã§ã cntlm 芪ãªãã§ããŒã«ã« Web æ¥ç¶ãèªèšŒãã
ãããã·ã Squid ã ISA ãšåæ§ã«ãã¹ã¿ã³ãã¢ãã³ ã¢ãŒãã§åäœããŸãã ããã©ã«ãã§ã¯ããã¹ãŠ
ãªã¯ãšã¹ãã¯èŠªãããã·ã«è»¢éãããŸããããŠãŒã¶ãŒã¯ãNoProxyããªã¹ããèšå®ã§ããŸãã
çŽæ¥ã¢ãŒããšè»¢éã¢ãŒãã®éã§ã«ãŒãã£ã³ã°ãããã¯ã€ã«ãã«ãŒã ãã¿ãŒã³ã«äžèŽãã URLã ã³ã³ãããŒã© ã§ãã
ãŸãããã¹ãŠã®äŒæ¥ãããã·ãå©çšã§ããªããªã£ãããšãèªèããã¹ã¿ã³ãã¢ãã³ã«åãæ¿ããŸã
èªåçã«ã¢ãŒãã«æ»ããŸã (ãã®åŸãåã³å ã«æ»ããŸã)ã 以å€ã«ã WWW & PROXY èªèšŒã cntlm
ãŠãŒã¶ãŒãè·å Žãšèªå® ã®éã§ã©ãããããã移è¡ã§ããããã«ãã䟿å©ãªæ©èœãæäŸããŸã
ã¢ããªã±ãŒã·ã§ã³ã®ãããã·èšå®ãå€æŽããã« ( cntlm ãã¹ãŠã®æéïŒã ã³ã³ãããŒã©
ãŸããééç㪠TCP/IP ããŒã ãã©ã¯ãŒãã£ã³ã° (ãã³ããªã³ã°) ãçµ±åãããŠããŸãã åãã³ãã«ã¯æ°ãã
ããŒã«ã« ãã·ã³ã§ãœã±ããããªãã¹ã³ãããã¹ãŠã®æ¥ç¶ãã¿ãŒã²ãã ãã¹ãã«è»¢éããŸã
芪ãããã·ã®èåŸã ãããã® SSH ã®ãããªãã³ãã«ã®ä»£ããã«ããŠãŒã¶ãŒã¯éå®çãªãã³ãã«ãéžæããããšãã§ããŸã
SOCKS5 ã€ã³ã¿ãŒãã§ã€ã¹ã
åºæ¬ cntlm æ©èœã¯åŸæã® NTLMAPS ãšåæ§ã§ããããä»æ¥ã§ã¯ã cntlm é²åãã
ãã®ã¿ã€ãã®ä»ã®ã¢ããªã±ãŒã·ã§ã³ãæäŸã§ãããã®ãè¶ ããŠããŸãã 以äžæ©èœäžèŠ§
ããèªäœã®ããã«è©±ãã ã³ã³ãããŒã© 次ã®ãããªå€ãã®ã»ãã¥ãªãã£/ãã©ã€ãã·ãŒæ©èœããããŸã NTLMv2 ãµããŒããš
ãã¹ã¯ãŒãä¿è· - ãã¹ã¯ãŒã ããã·ã¥ã代çšããããšãå¯èœã§ã (ããã¯ååŸã§ããŸã)ã
-H) å®éã®ãã¹ã¯ãŒãã®ä»£ããã«ããŸãã¯å¯Ÿè©±çã«ãã¹ã¯ãŒããå ¥åãã (
èµ·åãŸãã¯ãåºæ¬çãªãHTTP èªèšŒå€æãä»ããŠïŒã å¹³æã®ãã¹ã¯ãŒãã䜿çšããå Žåã¯ã
èµ·åæã«èªåçã«ããã·ã¥ããããã®ãã¹ãŠã®çè·¡ãããã»ã¹ããåé€ãããŸã
ã¡ã¢ãªã
ã·ã¹ãã ãªãœãŒã¹ã®äœ¿çšãæå°éã«æããããšã«å ããŠã cntlm ã§ããé«ãã¹ã«ãŒããããå®çŸ
æå®ããããªã³ã¯ã èªèšŒãããæ¥ç¶ããã£ãã·ã¥ããããšã§ãHTTP ã¢ã¯ã»ã©ã¬ãŒã¿ãšããŠæ©èœããŸãã ãã
åæ¥ç¶ã® 5 æ¹åèªèšŒãã³ãã·ã§ã€ã¯ã¯ééçã«æé€ããã
ã»ãšãã©ã®å Žåãããã«ã¢ã¯ã»ã¹ã§ããŸãã ã³ã³ãããŒã© èŠæ±/å¿çæ¬æãã¡ã¢ãªã«ãã£ãã·ã¥ããããšã¯ãããŸããã
å®éãã¯ã©ã€ã¢ã³ããŸã§ã®èªèšŒããããŒã®äº€æãé€ããŠããã©ãã£ãã¯ã¯çæãããŸãã <->
ãµãŒããŒæ¥ç¶ã¯å®å šã«ããŽã·ãšãŒããããŸãã ããããŠåããŠãå®éã®ããŒã¿è»¢éãè¡ãããŸãã ã³ã³ãããŒã© is
æé©åããã C ã§èšè¿°ãããŠãããä»ããã XNUMX åé«éãªå¿çãç°¡åã«éæã§ããŸãã
ã®äŸ cntlm NTLMAPS ãšã®æ¯èŒ: cntlm ã®ããŒã¯ CPU 䜿çšçã§å¹³å 76 kB/ç§ãäžããŸãã
0.3% ã§ããããNTLMAPS ã§ã¯å¹³å 48 kB/s ã§ãããŒã¯ CPU 㯠98% (Pentium M 1.8 GHz) ã§ããã ã®
ãªãœãŒã¹äœ¿çšéã®æ¥µç«¯ãªéãã¯ãã©ãããããã®äœ¿çšã«é¢ããå€ãã®éèŠãªå©ç¹ã® XNUMX ã€ã§ãã
ããŒã¯ ã¡ã¢ãªæ¶è²»é (è€æ°ã®è€éãªãµã€ãã50 ã®äžŠåæ¥ç¶/ã¹ã¬ãããå€
㯠KiB ã§ã):
VSZ RSS CMD
3204 1436 ./cntlm -f -c ./cntlm.conf -P pid
411604 6264 /usr/share/ntlmaps/main.py -c /etc/ntlmaps/server.cfg
éçºã®æ¬è³ªçãªéšåã¯ããããã¡ã€ãªã³ã°ãšã¡ã¢ãªç®¡çã®ã¹ã¯ãªãŒãã³ã°ã§ãã
ãŽã¡ã«ã°ãªã³ãã ãœãŒã¹é åžã«ã¯ããšãããã¡ã€ã«ãå«ãŸããŠããŸãã ãŽã¡ã«ã°ãªã³ã.txtãããªããèŠãããšãã§ããå Žæ
ãŒããªãŒã¯ãæªå²ãåœãŠã¡ã¢ãªãžã®ã¢ã¯ã»ã¹ãªãã䜿çšãªãã確èªããã¬ããŒã
åæåãããŠããªãããŒã¿ - Valgrind ã®ä»®æ³ã§ãšãã¥ã¬ãŒããããååœä»€ãŸã§ãã¹ãŠãã¬ãŒã¹ãããŸã
ãããã·ã®äžè¬çãªéçšæéäžã® CPUã
OPTIONS
ã»ãšãã©ã®ãªãã·ã§ã³ã¯ãæ§æãã¡ã€ã«ã§äºåã«èšå®ã§ããŸãã ãªãã·ã§ã³ã®è€æ°æå®
ãšã©ãŒã§ã¯ãããŸãããã cntlm æåŸã®ãªã«ã¬ã³ã¹ãé€ããã¹ãŠã®ãªã«ã¬ã³ã¹ãç¡èŠããŸãã ããã¯åœãŠã¯ãŸããŸãã
ã®ãããªãªãã·ã§ã³ã« -Lããããããäœããã®æ©èœã®æ°ããã€ã³ã¹ã¿ã³ã¹ãäœæããŸãã ã³ã³ãããŒã© ããããšãã§ããŸã
ããŒãã³ãŒãã£ã³ã°ãããæ§æãã¡ã€ã« (äŸ: /etc/cntlm.conf) ã§æ§ç¯ãããåžžã«ããŒããããŸãã
ããå¯èœãªãã èŠã -c ãã®èšå®ã®äžéšãŸãã¯ãã¹ãŠãäžæžãããæ¹æ³ã«é¢ãããªãã·ã§ã³ã
ã -h å©çšå¯èœãªãªãã·ã§ã³ãšç°¡åãªèª¬æã衚瀺ããŸãã
-A IP/ãã¹ã¯ ïŒèš±å¯ããïŒ
ACL ã«ãŒã«ãèš±å¯ããŸãã äžç·ã« -D (åŠå®) ACL ã§èš±å¯ãããŠãã XNUMX ã€ã®ã«ãŒã«ã§ã
ããªã·ãŒã ãããæ§æãã¡ã€ã«ã«å ¥ããã®ãããäžè¬çã§ããã ã³ã³ãããŒã© 次
ã³ãã³ãã©ã€ã³ã§ãã
æ§æãã¡ã€ã«ã ã〠ã³ã³ãããŒã© æ¥ç¶èŠæ±ãåä¿¡ãããšãèš±å¯ãããã©ããã決å®ããŸã
ãŸãã¯ãããåŠå®ããŸãã ãã¹ãŠã® ACL ã«ãŒã«ã¯ãæå®ãããé åºã§ãªã¹ãã«æ ŒçŽãããŸãã
ã³ã³ãããŒã© 次ã«ãªã¹ãããã©ããæåã® IP/ãã¹ã¯ ãªã¯ãšã¹ãã«äžèŽããã«ãŒã«
ãœãŒã¹ã¢ãã¬ã¹ãé©çšãããŸãã ã® mask 0 ãã 32 ãŸã§ã®ä»»æã®æ°å€ãæå®ã§ããŸããããã§ã32 ã¯
ããã©ã«ã (ã€ãŸããæ£ç¢ºãª IP äžèŽ)ã ãã®è¡šèšæ³ã¯ CIDR ãšãåŒã°ããŸãã ãæã¿ãªãã°
ãã¹ãŠãäžèŽãããã«ã¯ã䜿çšããŸã 0/0 ãŸãã¯æå°ã ã³ãã³ãã©ã€ã³ã® ACL ã¯
æ§æãã¡ã€ã«å ã®ãã®ãããåªå ãããŸãã ãã®ãããªå Žåã次ã®æ å ±ã衚瀺ãããŸãã
ãã°ã«ãããã®ïŒæªäœ¿çšã®ãªãã·ã§ã³ã®ãªã¹ãã®äžïŒã ããã«ã¯èŠåã衚瀺ãããŸã
ããããééã£ããµããããä»æ§ã«ã€ããŠãããã IP éšåã¯ããå€ãã®ããããæã£ãŠããŸã
ããªãã¯ã«ãã£ãŠå®£èšããŸã mask (äŸ: 10.20.30.40/24 㯠10.20.30.0/24 ã«ããå¿ èŠããããŸã)ã
-a NTLMv2 | NTLM2SR | NT | NTLM | LM (èªèšŒ)
èªèšŒã¿ã€ãã NTLM(v2) ã¯ãXNUMX ã€ãŸã㯠XNUMX ã€ã®ããã·ã¥ãããå¿çãNT ããã³ LM ã§æ§æãããŸãã
ãŸãã¯ããã¹ã¯ãŒã ããã·ã¥ããèšç®ããã NTLM2SR ãŸã㯠NTv2 ãš LMv2ã å
å¿çã¯å¥ã®ããã·ã¥ ã¢ã«ãŽãªãºã ã䜿çšããŸãã æ°ããå¿çã¿ã€ããçºæãããããã
ãã匷åãªã¢ã«ãŽãªãºã ã䜿çšãããŸããã åããŠã€ã³ã¹ããŒã«ãããšã cntlmãæ匷ã®ãã®ãèŠã€ãã
ããªãã®ããã«åãïŒã§ããã°äœ¿çšãã -MïŒã äžã«ããããã¯æ匷ããé ã«ãªã¹ããããŠããŸã
æã匱ãã éåžžã«å€ããµãŒããŒãŸãã¯å°çšã® HW ãããã·ã¯åŠçã§ããªãå ŽåããããŸã
LM以å€ã®ãã®ã ãããã®ããããæ©èœããªãå Žåã¯ãäºææ§ãã©ã° ãªãã·ã§ã³ãåç §ããŠãã ãã -F ãŸãã¯æåºãã
ãµããŒã ãªã¯ãšã¹ãã
éèŠïŒ NTLMv2 ã¯åºãæ¡çšãããŠããŸããã (匷å¶ãããŠããŸãã)ããµããŒããããŠããŸãã
NT 4.0 SP4 以éã®ãã¹ãŠã® Windows ã§ã ãã㯠a éåžžã« é·ã æé! 匷ããå§ãããŸã
ãªã³ã©ã€ã³ã§è³æ Œæ å ±ãä¿è·ããããã«äœ¿çšããŸãã ãã¬ãŒã³ããã¹ãã眮ãæããå¿ èŠããããŸã
ãã¹ã¯ãŒã ããã·ã¥ä»ããªãã·ã§ã³ ãã¹[NTLMv2|NT|LM] åçåã NTLMv2 ãæãå€ãã
ãããã NTLM ãã¡ããªã®å¯äžã®å®å šãªèªèšŒã§ãã
-B (NTLMããããŒã·ãã¯)
ãã®ãªãã·ã§ã³ã¯ããNTLM-to-basicããæå¹ã«ããŸãã cntlm è€æ°ã®å Žå
ãŠãŒã¶ãŒã ãã®æ¹æ³ã§ã¯ãNTLM ã®ãã¹ãŠã®ã»ãã¥ãªãã£ã倱ãããããšã«æ³šæããŠãã ããã åºæ¬èªèšŒã¯
è³æ Œæ å ±ããé ããããã®åçŽãªãšã³ã³ãŒã ã¢ã«ãŽãªãºã ã
ããããå ããŸãã
éèŠ: HTTP ãããã³ã«ã«ã¯æããã«ãäºåã«æ¿èªãããŽã·ãšãŒãããæ段ããããŸãã
ééãããŸãããTCP/IP ã¯ééãããŸãã (ã€ãŸããéããŠããããŒãã¯éããŠããããŒãã§ã)ã 䜿çšããå Žå
NTLM-to-basic ã§ãæ§æãã¡ã€ã«ã«ãŠãŒã¶ãŒå/ãã¹ã¯ãŒããæå®ããªãã§ãã ããã
ããªãã¯ç·©ããã³ããªã³ã°æ©èœã«çžãããŠããŸãã cntlm äžäººã§ã¯ããªãã®ããšã¯ããããŸãã
è³æ Œæ å ±ã
NTLM ID ã«ã¯å°ãªããšã XNUMX ã€ã®éšå (ãŠãŒã¶ãŒåããã¹ã¯ãŒãããã¡ã€ã³) ããããã
åºæ¬èªèšŒã§ã¯ãXNUMX ã€ã®ãã£ãŒã«ã (ãŠãŒã¶ãŒåããã¹ã¯ãŒã) ã®ã¿ãæäŸãããŸãã
ãã¡ã€ã³éšåãã©ããã«å¯èŒžããå¿ èŠããããŸãã ãèšå®ã§ããŸãã ãã¡ã€ã³ æ§æ/ã³ãã³ãã©ã€ã³
ããã¯ããã¡ã€ã³ã次ã®ããã«æå®ããŠããªããã¹ãŠã®ãŠãŒã¶ãŒã«äœ¿çšãããŸãã
ãŠãŒã¶ãŒåã®äžéšã ãããå®è¡ããŠã°ããŒãã« ãã¡ã€ã³èšå®ããªãŒããŒã©ã€ãããã«ã¯ãããã䜿çšããŸãã
ãã¹ã¯ãŒããã€ã¢ãã°ã®ãã¬ãŒã³ãªãŠãŒã¶ãŒåã®ä»£ããã«ãããã¡ã€ã³\ãŠãŒã¶ãŒåãã
-c
æ§æãã¡ã€ã«ã ã³ãã³ãè¡ãªãã·ã§ã³ã䜿çšãããŠããå Žåããã®åäžã®ãªãã·ã§ã³ããªãŒããŒã©ã€ããããã
è€æ°ã®ãªãã·ã§ã³ (ãã³ãã«ã芪ãããã·ãªã©) ã®ãªã¹ãã®äžçªäžã«è¿œå ãããŸãã
ãã ããå®å šã«ãªãŒããŒã©ã€ãããã ACL ã¯äŸå€ã§ãã 䜿çšãã / dev / null ããž
æ§æãã¡ã€ã«ãç¡å¹ã«ããŸãã
-D IP/ãã¹ã¯ ïŒæåŠïŒ
ACL ã«ãŒã«ãæåŠããŸãã ãªãã·ã§ã³ãèŠã -A äžèšã
-d ïŒãã¡ã€ã³ïŒ
ãããã· ã¢ã«ãŠã³ãã®ãã¡ã€ã³ãŸãã¯ã¯ãŒã¯ã°ã«ãŒãã ãã®å€ã¯ã
ãŠãŒã¶ãŒåã®äžéš -u.
-F (ãã©ã°)
NTLM èªèšŒãã©ã°ã ãã®ãªãã·ã§ã³ã¯ããªã±ãŒããªè©äŸ¡ã§ããããå§ãããŸãã
芪ãããã·èªèšŒã§æåããªãã£ãå Žåãé€ããããã©ã«ãã®çµã¿èŸŒã¿å€ãå€æŽããŸã
ãããŠéæ³ã®èªåæ€åºãè©Šã¿ãŸããïŒ-M) ãšã èªèšŒ ãªãã·ã§ã³
(-aïŒã NT/LM ããã·ã¥ã®çµã¿åããããšã«ç°ãªããã©ã°ãå¿ èŠã«ãªãããšã«æ³šæããŠãã ããã ãã
ãªãã·ã§ã³ã¯äžçš®ã®å®å šãªãæåãªãŒããŒã©ã€ããã§ãããããã«å¯ŸåŠããå¿ èŠããããŸã
ããªãèªèº«ã
-f ãã©ã¢ã°ã©ãŠã³ã ãžã§ããšããŠã³ã³ãœãŒã«ã§å®è¡ããŸããããã¯ã°ã©ãŠã³ãã«åå²ããªãã§ãã ããã ãã®ã¢ãŒãã§ã¯ããã¹ãŠ
syslog ã¡ãã»ãŒãžã¯ã³ã³ãœãŒã«ã«ãšã³ãŒãããŸã (syslog ããµããŒããããã©ãããã©ãŒã ã§ã¯
LOG_PERROR ãªãã·ã§ã³)ã ããã© cntlm äž»ã«å€å žç㪠UNIX ããŒã¢ã³ãšããŠèšèšãããŠããŸãã
syslogd ãã®ã³ã°ã䜿çšãããšãã·ã¹ãã ããåãé¢ããã«è©³çŽ°ãªåé·ã¢ãŒããæäŸããŸãã
å¶åŸ¡ç«¯æ«; èŠã -v. ãããã«ããããã¹ãŠã®ãšã©ãŒããã³èšºæã¡ãã»ãŒãžã¯
åžžã«ã·ã¹ãã ãã¬ãŒã«éä¿¡ãããŸãã
-G (ISAã¹ãã£ããšãŒãžã§ã³ã)
trans-isa-scan ãã©ã°ã€ã³ã® User-Agent ãããã³ã° (倧æåãšå°æåãåºå¥ããªã) ( -S for
説æïŒã æ£ã®äžèŽã¯ãèŠæ± (ã¢ããªã±ãŒã·ã§ã³) ãèå¥ããŸãã
ããŠã³ããŒãã®ãµã€ãºãèæ ®ããã«ãã©ã°ã€ã³ãæå¹ã«ããå¿ èŠããããŸã ( -SïŒã åã¯
ã·ã§ã«ã®ã¯ã€ã«ãã«ãŒãæåãã€ãŸãã*ããã?ãã䜿çšã§ããŸãã ãš "[]"ã ãªãã§äœ¿çšããå Žå -S or
ISAã¹ãã£ããŒãµã€ãº max_size_in_kb ã¯å éšçã«ç¡é倧ã«èšå®ãããŠããããããã©ã°ã€ã³ã¯
ããŠã³ããŒã ãµã€ãºã«é¢ä¿ãªããéžæãããŠãŒã¶ãŒ ãšãŒãžã§ã³ãã«å¯ŸããŠã®ã¿ã¢ã¯ãã£ãã«ãªããŸãã
-g ïŒã²ãŒããŠã§ã€ïŒ
ã²ãŒããŠã§ã€ã¢ãŒãã cntlm ãã¹ãŠã®ãããã¯ãŒã¯ ã€ã³ã¿ãŒãã§ã€ã¹ã§ãªãã¹ã³ããŸãã ããã©ã«ãã¯ãã€ã³ãããã ãã§ã
ã«ãŒãããã¯ã ããããã°ãããŒã«ã«ããã»ã¹ã®ã¿ãæ¥ç¶ã§ããŸã cntlm. ã²ãŒããŠã§ã€ã¢ãŒãã§
ãããã cntlm ãã¹ãŠã®ã€ã³ã¿ãŒãã§ã€ã¹ã§ãªãã¹ã³ããäžã®ä»ã®ãã·ã³ããã¢ã¯ã»ã¹ã§ããŸãã
é信網ã ãã®ãªãã·ã§ã³ã䜿çšãããšãã³ãã³ãã©ã€ã³ã®é åºãéèŠã«ãªãããšã«æ³šæããŠãã ããã
ãããã·ãŸãã¯ãã³ãã«ã®ããŒã«ã« (ãªãã¹ã³) ããŒããæå®ããŸãã ãããããåã«äœçœ®ãããã®
ã«ãŒãããã¯ã®ã¿ããã€ã³ãããŸãã ãã以éã¯å ¬éãããŸãã
éèŠ: äžèšã¯ãã¹ãŠãããŒã«ã« ããŒãã«ã®ã¿é©çšãããŸãã
éä¿¡å ã¢ãã¬ã¹ãæå®ããŸãã ãããããªãã cntlm æå®ãããããŒãã®ã¿ããã€ã³ãããããšããŸã
æå®ãããã€ã³ã¿ãŒãã§ã€ã¹ (ãŸãã¯ããã IP ã¢ãã¬ã¹)ã
-H ãã®ãªãã·ã§ã³ã䜿çšããŠããã¹ã¯ãŒããªãã®æ§æã®ããã·ã¥ãååŸããŸãã ãã®ã¢ãŒãã§ã¯ã cntlm
çµæãåºåããŠçµäºããŸãã æ§æãã¡ã€ã«ã«çŽæ¥ã³ããŒããŠè²Œãä»ããããšãã§ããŸãã
ãã®ãªãã·ã§ã³ã¯æ瀺çã«äœ¿çšããå¿ èŠããããŸã -u & -dãããã€ãã®ããã·ã¥ãå«ãŸããŠãããã
èšç®ã«ããããŠãŒã¶ãŒåãšãã¡ã€ã³åã èŠãŸãã -a ã»ãã¥ãªãã£ã®ããã«
æšå¥šäºé
-h ãã«ã (ç°¡åãªèª¬æä»ãã®å©çšå¯èœãªãªãã·ã§ã³) ã衚瀺ããŠçµäºããŸãã
-I ã€ã³ã¿ã©ã¯ãã£ããªãã¹ã¯ãŒã ããã³ããã ã³ãã³ãã©ã€ã³ãŸãã¯æ§æããã®ãã¹ã¯ãŒãèšå®
ãã¡ã€ã«ã¯ç¡èŠããããã¹ã¯ãŒã ããã³ããã衚瀺ãããŸãã ãã®ãªãã·ã§ã³ã¯ãã·ã§ã«ããã®ã¿äœ¿çšããŠãã ããã
-L [ :] : : ïŒãã³ãã«ïŒ
ãã³ãã«ã®å®çŸ©ã æ§æã¯ãOpenSSH ã®ããŒã«ã«è»¢é (-L),
æ°ãããªãã·ã§ã³ã®æ¥é èŸã§ã æ²ãã - ãã€ã³ãããéä¿¡å IP ã¢ãã¬ã¹ ããŒã ã«ã
ã³ã³ãããŒã© ããŒã«ã«ããŒãã§çä¿¡æ¥ç¶ããªãã¹ã³ããŸã ããŒãã転é
芪ãããã·ãä»ãããã¹ãŠã®æ°ããæ¥ç¶ ãã¹ã:å ±å (èªèšŒäž
å€åºïŒã ãã®ãªãã·ã§ã³ã¯ãç¡å¶éã®æ°ã®ãã³ãã«ã«å¯ŸããŠè€æ°å䜿çšã§ããŸãã
ã®æç¡ã«ããããã æ²ãã ãªãã·ã§ã³ã èŠã -g ããŒã«ã«ããŒãã®è©³çŽ°ã«ã€ããŠ
ãã€ã³ãã£ã³ã° æ²ãã 䜿çšãããŠããŸããã
å€ãã®äŒæ¥ãããã·ã¯ãä»ã®ããŒããžã®æ¥ç¶ãèš±å¯ããŠããªãããšã«æ³šæããŠãã ããã
443 (https) ãããããã ãããã®ããŒãã§ã¿ãŒã²ãã ãµãŒãã¹ãå®è¡ããå Žåã¯ã次ã®ããã«ããå¿ èŠããããŸãã
å®å šã HTTPS ãžã®æ¥ç¶ã¯ãåžžã«ãèš±å¯ãããŸãã
https:// ãµã€ããåç §ããŸãã ãããã«ããããŸãæ¥ç¶ã確ç«ã§ãããã©ããè©ŠããŠãã ãã
ããªããããã«é Œãåã«ããã³ãã«ãéãæããŠãã ããã ãã®æ©èœã¯ããŒã«ãšåãåããããŸã
ãã㪠ã³ã«ã¯ã¹ã¯ãªã¥ãŒ(1)ããããã端æ«ãä»ããŠéä¿¡ãã代ããã«ã cntlm ãããä¿ã€
TCP / IPã
-l [ :] ïŒèãïŒ
ã®ããŒã«ã« ããŒã cntlm ãããã· ãµãŒãã¹ã ããã§éžæããçªå·ãš
å®è¡äžã®ãã·ã³ã®ãã¹ãå cntlm (ãããã localhost) ã®ãããã·èšå®ãšããŠ
ã䜿ãã®ãã©ãŠã¶ããã³/ãŸãã¯ç°å¢ã ã»ãšãã©ã®ã¢ããªã±ãŒã·ã§ã³ (ã³ã³ãœãŒã«ãå«ã) ã®ãµããŒã
ä»ã®ãã¹ãã«æ¥ç¶ããããã®ãããã·ã®æŠå¿µã POSIX ã§ã¯ã次ã®ããã«èšå®ããŸãã
䜿çšããå€æ° wgetã®(1) åé¡ãªãïŒå®éã®äœæãèšå ¥ããŠãã ãã
cntlm):
$ ãšã¯ã¹ããŒã ftp_proxy=http://localhostïŒ3128
$ãšã¯ã¹ããŒã http_proxy=$ftp_proxy
$ãšã¯ã¹ããŒã https_proxy=$ftp_proxy
è€æ°ã®ããŒãã§ãããã· ãµãŒãã¹ãå®è¡ããããšãéžæã§ããŸãã
ãã®ãªãã·ã§ã³ã¯ãå¿ èŠãªåæ°ã ã䜿çšããŠãã ããã ãã ãããã³ãã«ã®å®çŸ©ãšã¯ç°ãªãã cntlm
ãã¹ãŠã®ãããã· ãµãŒãã¹ ããŒãããã€ã³ãã§ããªãå Žåãèµ·åã«å€±æããŸãã ãããã· ãµãŒãã¹ ããŒã
éžæçã«ãã€ã³ãããããšãã§ããŸãã 䜿çšãã æ²ãã ãã€ã³ãããéä¿¡å IP ã¢ãã¬ã¹ãéžæãã
ããŒã ã«ã ããã«ãããããšãã°ãç°ãªãããŒãã§ãµãŒãã¹ãå®è¡ã§ããŸãã
ãµãããã A ãš B ãäœæãããµãããã C ã«å¯ŸããŠé衚瀺ã«ããŸãã ãåç §ããŠãã ããã -g 詳现ã¯ãã¡ã
ããŒã«ã«ããŒããã€ã³ãã£ã³ã°ã«ã€ã㊠æ²ãã 䜿çšãããŠããŸããã
-M
éæ³ã® NTLM æ¹èšæ€åºãå®è¡ããŸãã ãã®ã¢ãŒãã§ã¯ã cntlm ããã€ãã®æ¢ç¥ã®äœæ¥ãè©Šã¿ãŸã
ãããã·ã«å¯Ÿããããªã»ããã æå®ããã ãã¹ãURLããš
æã匷ãããã·ã¥ãæåã«ãªããŸãã çµäºããããæãå®å šãªèšå®
ã»ããã¢ãããå°å·ãããŸãã æ€åºã«ãããã©ããã©ã®ããã«äœ¿çšããããããããŸãã èªèšŒ,
ãã©ã° ããã³ãã¹ã¯ãŒãããã·ã¥ãªãã·ã§ã³ãå°ãªããšãè³æ Œæ å ±ãæ§æããå¿ èŠããããŸã
æåã«ãããã·ã¢ãã¬ã¹ã 䜿çšã§ããŸã -I ãã¹ã¯ãŒããã€ã³ã¿ã©ã¯ãã£ãã«å ¥åããŸãã
-N [ã (ãããã·ãªã)
ãããã®ãã¹ãåã®èŠªãããã·ã¯é¿ããŠãã ããã äžèŽãããã¹ãŠã® URL ããããã·ãããŸã
çŽæ¥ã« by cntlm ã¹ã¿ã³ãã¢ãã³ã®ãããã·ãšããŠã ã³ã³ãããŒã© ããã§WWWèªèšŒããµããŒã
ããã«ãããäŒæ¥ã® NTLM ã䜿çšããŠããŒã«ã« ã€ã³ãã©ããã ãµã€ãã«ã¢ã¯ã»ã¹ã§ããŸãã
èªèšŒã ããŸãããã°ããã®ä»®æ³åããã MSIE ã¯ããå¿ èŠãããŸããã :)
-O [ :] (SOCKS5ãããã·)
SOCKS5 ãããã·ãæå¹ã«ããŠãããŒã«ã« ããŒãã§ãªãã¹ã³ããããã«ããŸã ããŒãçªå· (ãœãŒã¹ IP ä»æ§ã¯
ãã¹ãŠã®ãªãã·ã§ã³ãšåæ§ã«å¯èœã§ã)ã ããã©ã«ãã§ã¯ãå¶éã¯ãããŸããã
æ¬ãµãŒãã¹ããå©çšããã ããæ¹ãžã SOCKS5 èªèšŒããµããŒãããŠããªãã¯ã©ã€ã¢ã³ãããããŸã
(äŸ: ã»ãšãã©ãã¹ãŠã®ãã©ãŠã¶)ã èªèšŒã匷å¶ãããå Žåã¯ã -R ãŸãã¯ãã®
åçã®ãªãã·ã§ã³ã SOCKS5ãŠãŒã¶ãŒ. ããŒã ãã³ããªã³ã°ãšåæ§ã«ã芪ãããã·æ¬¡ç¬¬ã§ãã
èŠæ±ããã host:port ãžã®æ¥ç¶ãèš±å¯ãããã©ããã ãã®æ©èœã¯ã
ã§äœ¿çš éŽäž(1) ã»ãšãã©ã® TCP/IP ã¢ããªã±ãŒã·ã§ã³ããããã·çµç±ã§ã¯ãªããããã·çµç±ã«ãªãããã«ããŸãã
çŽæ¥ïŒæããã«ãçºä¿¡æ¥ç¶ã®ã¿ãæ©èœããŸãïŒã ã¢ããªãæ©èœãããã«ã¯
DNS ãµãŒããŒããªããã°ãèªåèªèº«ã§è§£æ±ºããªãããšãéèŠã§ããã
éŽäžã ããšãã°ãFirefox ã§ã¯ãURIãabout:configããããŒåãããã®ãªãã·ã§ã³ãå©çšã§ããŸãã
network.proxy.socks_remote_dnsã«èšå®ããå¿ èŠããããŸã true. ãããã·ãèªèããªã
éŽäžåãããã¢ããªã¯ãããããé²ãããã« IP ã¢ãã¬ã¹ã䜿çšããŠæ§æããå¿ èŠããããŸãã
DNS解決ããã
-P
PID ãã¡ã€ã«ãäœæãã pidãã¡ã€ã« èµ·åæã æå®ãããã¡ã€ã«ãååšããå Žåã¯ã
åãæšãŠãããäžæžããããŸãã ãã®ãªãã·ã§ã³ã¯ã èµ·ååæ¢-
ããŒã¢ã³(8) ããã³ãã®ä»ã®ãµãŒãã¹ã¡ã«ããºã ã PID ãã¡ã€ã«ãäœæãããããšã«æ³šæããŠãã ããã
ããã»ã¹ããã®ç¹æš©ãšãã©ãŒã¯ãåé€ããåŸã ããŒã¢ã³ãæ£åžžã«çµäºãããšã
ãã¡ã€ã«ãåé€ãããŸãã
-p ïŒãã¹ã¯ãŒãã ãã¹NTã ...ïŒ
ãããã· ã¢ã«ãŠã³ãã®ãã¹ã¯ãŒãã ã³ã³ãããŒã© ã¡ã¢ãªãããã¹ã¯ãŒããåé€ããŠããã¹ã¯ãŒããäœæããŸã
ç®ã«èŠããªã / proc ãŸãã¯æ¬¡ã®ãããªæ€æ»ããŒã«ã䜿çšã㊠ps(1)ãããã奜ãŸããæ¹æ³
èšå®ãã¹ã¯ãŒãã¯æ§æãã¡ã€ã«ã§ãã ãã®ããã«ã䜿çšã§ããŸã ãã¹ã¯ãŒã
ãªãã·ã§ã³ïŒãã¬ãŒã³ããã¹ãã人éãèªãã圢åŒã®å ŽåïŒããŸãã¯çµç±ã§ãã¹ã¯ãŒãããæå·åãããŸã -H
䜿çšã㊠ãã¹NTLMv2, ãã¹NT ããã³ ãã¹LM.
-R : (SOCKS5ãŠãŒã¶ãŒ)
SOCKS5 ãããã·ãæå¹ã«ãªã£ãŠããå Žåããã®ãªãã·ã§ã³ã䜿çšãããšã次ã®ãŠãŒã¶ãŒã®ã¿ãã¢ã¯ã»ã¹ã§ããããã«ãªããŸãã
èš±å¯ãããŠããŸãã ãªã¹ãå šäœãäœæããããã«ãæ°å䜿çšã§ããŸãã
ã¢ã«ãŠã³ã (èš±å¯ããããŠãŒã¶ãŒ:ãã¹ã®çµã¿åãã)ã
-S (ISAã¹ãã£ããŒãµã€ãº)
æããã ISA AV ã¹ãã£ããŒãééçã«åŠçããããã®ãã©ã°ã€ã³ãæå¹ã«ããŸãã
代ããã«ã€ã³ã¿ã©ã¯ãã£ã㪠HTTP ããŒãž (ã¹ãã£ã³ã®é²è¡ç¶æ³ã衚瀺) ãè¿ããŸãã
ã³ã³ãã³ããã¹ãã£ã³ããããã«æãããã³ã«ãèŠæ±ãããã¡ã€ã«/ããŒã¿ã ãã
ããè¶ãªæ¯ãèãã¯ããã¹ãŠã®èªååãããããŠã³ããŒããŒãã¢ããããŒã¿ãŒãããã³åºæ¬çã«æ©èœãåæ¢ããŸãã
ããŠã³ããŒãã«äŸåãããã¹ãŠã®ã¢ããªã±ãŒã·ã§ã³ (wgetãapt-get ãªã©)ã
ãã©ã¡ãŒã¿ max_size_in_kb åžæããæ倧ããŠã³ããŒããµã€ãºãéžæã§ããŸã
ãã©ã°ã€ã³ã§åŠçããŸã (ãªããããå¿ èŠãªã®ãã¯ä»¥äžãåç §ããŠãã ãã)ã ãã¡ã€ã«ãµã€ãºã
ããããã倧ããã cntlm ã€ã³ã¿ã©ã¯ãã£ããªããŒãžã転éããå¹æçã«ç¡å¹ã«ããŸã
ãã®ããŠã³ããŒãçšã®ãã©ã°ã€ã³ã ãŒãã¯ç¡å¶éãæå³ããŸãã 䜿çšãã -G/ISAã¹ãã£ããšãŒãžã§ã³ã ããž
ã¢ããªã±ãŒã·ã§ã³ãç¹å®ãã max_size_in_kb ç¡èŠããå¿ èŠããããŸãïŒåŒ·å¶çã«
ãã©ã°ã€ã³ïŒã User-Agent ããããŒãšäžèŽããããšã§æ©èœããwget ãªã©ã«å¿ èŠã§ãã
apt-get ãš yum ã¯ãå¿çã HTTP ããŒãžã§ã¯ãªãäœããã® HTTP ããŒãžã§ããå Žåã«å€±æããŸãã
èŠæ±ãããããŒã¿ã
ä»çµã¿: ã¯ã©ã€ã¢ã³ãããã¡ã€ã«ãèŠæ±ãã cntlm ISA ã®ã§ããããªå¿çãæ€åºãã
ISA ã®ãã£ãã·ã¥ãžã®ã·ãŒã¯ã¬ãã ãªã³ã¯ãåŸ æ©ããŸãã
ããŠã³ããŒããããISA ã«ãã£ãŠã¹ãã£ã³ãããŸãã ããããŠããã§ãã cntlm ã® XNUMX çªç®ã®èŠæ±ãè¡ã
å®éã®ãã¡ã€ã«ã«å€æããæ£ããããããŒãšãšãã«ã¯ã©ã€ã¢ã³ãã«è»¢éããŸãã ã¯ã©ã€ã¢ã³ã
ãããåŸ ã£ãŠããéã«ã¿ã€ã ã¢ãŠãããŸãããb/c cntlm å®æçã«å¢åå·ãéã£ãŠããŸã
ãããŒãã¢ã©ã€ããããããŒã§ãããé²è¡ç¶æ³ããŒã衚瀺ãããªããšãŠãŒã¶ãŒã¯äžå®ã«ãªãå¯èœæ§ããããŸã
åãã ãã¡ããã§ã çŽç²ã« å¿çç㪠åé¡ãéãã¯ãããŸãã cntlm or
ãã©ãŠã¶ãã¹ãã£ã³ãããã¡ã€ã«ãèŠæ±ããŸã - ISA ããã®ä»äºãããã®ãåŸ ã€å¿ èŠããããŸãã
ããŠã³ããŒãããŸãã é²è¡ç¶æ³ã€ã³ãžã±ãŒã¿ãŒã®åããèŠãããããšãæåŸ ããã ãã§ããããã§ãã¹ãŠã§ãã
ISA ã®ããŒãžã®æ©èœ: HTML ã«ãŠã³ãããŠã³ã衚瀺ãããŸãã
äœããã®çç±ã§ãã©ã°ã€ã³ãã€ã³ã¿ã©ã¯ãã£ã ããŒãžã解æã§ããªãå Žå (äžæãª
ãã©ãŒããããªã©ïŒãçµäºããããŒãžã転éãããŸã-ã倱ããããããšã¯ãããŸããã
ããŒãã¢ã©ã€ã ããããŒã¯ ISA-Scanner ãšåŒã°ããISA ã®é²è¡ç¶æ³ã瀺ããŸãã
HTTP / 1.1 200 OK
ISA-ã¹ãã£ããŒ: 1000 ã® 10000
ISA-ã¹ãã£ããŒ: 2000 ã® 10000
...
-r " : " ïŒããããŒïŒ
ããããŒã®çœ®æã ãã¹ãŠã®ã¯ã©ã€ã¢ã³ãã®ãªã¯ãšã¹ããåŠçããããã¹ãŠã®ããããŒã
ã䜿çšããŠå®çŸ© -r ãŸãã¯æ§æãã¡ã€ã«ã«è¿œå ãããŸãã å Žåã«ã¯
ããããŒãæ¢ã«ååšããå Žåããã®å€ã¯çœ®ãæããããŸãã
-s ãããã·ã«åæã¹ã¬ããã䜿çšããªãããšã§ããã¹ãŠã®èŠæ±ãã·ãªã¢ã«åããŸã (ãã³ããªã³ã°ã¯åŒãç¶ã
䞊è¡ããŠåäœããŸãïŒã ããã¯ããã©ãŒãã³ã¹ã«ç倧ãªåœ±é¿ãäžããããã䜿çšã§ããã®ã¯
ãããã°ç®çã§ã ãšäžç·ã«äœ¿çšããå Žå -vãããã¯çŽ æŽãããé 次ãããã° ãã°ãçæããŸãã
ãªã¯ãšã¹ããé çªã«è¡ãããå Žæã
-T
ãšçµã¿åãããŠäœ¿çšââãããŸã -v ãããã°åºåããã¬ãŒã¹ ãã¡ã€ã«ã«ä¿åããŸãã ãããã¹ã
ã³ãã³ãã©ã€ã³ã®æåã®ãã©ã¡ãŒã¿ãŒãšããŠé 眮ãããŸãã ããŒã¿ã®æ倱ãé²ãããã«ã
æ¢åã®ãã¡ã€ã«ãäžæžãããããšã¯ãããŸããã äžæã®ååãéžæããããæåã§éžæããå¿ èŠããããŸã
å€ããã¡ã€ã«ãåé€ããŸãã
-U
ã«ãŒããšããŠå®è¡ãããå Žåããã®ãããªæš©éãå¿ èŠãªäœæ¥ãè¡ããŸã (æ§æã®èªã¿åãããã€ã³ã
ããŒããªã©ïŒãããã«æš©éãåé€ããŠã«å€æŽããŸã UIDã ãã®ãã©ã¡ãŒã¿
çªå·ãŸãã¯ã·ã¹ãã ãŠãŒã¶ãŒåã®ããããã§ãã uid ãš gid ã®äž¡æ¹ã®æ°å€ã䜿çšããå Žå
ããã»ã¹ã¯ãã®å€ã«èšå®ãããŸãã ãŠãŒã¶ãŒåãæå®ãããšãuid ãš gid ã
ã§å®çŸ©ãããŠããããã«ããã®ãŠãŒã¶ãŒã® uid ãšãã©ã€ã㪠gid ã«åŸã£ãŠèšå®ãããŸãã /etc/passwdã ããªã
ããããå°çšã䜿çšããŠãåŸè ã䜿çšããå¿ èŠããããŸã cntlm ã¢ã«ãŠã³ãã ä»ã®ãã®ãšåãããã«
ããŒã¢ã³ãããªã㯠匷ã å®è¡ããããšããå§ãããŸã cntlm éç¹æš©ã¢ã«ãŠã³ãã§ã
-u [@ ] ïŒãŠãŒã¶ãŒåïŒ
ãããã· ã¢ã«ãŠã³ã/ãŠãŒã¶ãŒåã ãã¡ã€ã³ãå ¥åã§ããŸãã
-v ãããã°æ å ±ãåºåããŸãã èªåçã«æå¹å (-f).
-w (ã¯ãŒã¯ã¹ããŒã·ã§ã³)
ã¯ãŒã¯ã¹ããŒã·ã§ã³ã® NetBIOS åã ããã§ã¯ãå®å šä¿®é£Ÿãã¡ã€ã³å (FQDN) ã䜿çšããªãã§ãã ããã ãã
æåã®éšåã æå®ããªãå Žåã¯ã cntlm ã·ã¹ãã ã®ãã¹ãåãååŸããããšãã
ããã¯å€±æãããcntlmãã䜿çšããŸããããã¯ãäžéšã®ãããã·ããã®ãã£ãŒã«ãã空ã«ããå¿ èŠãããããã§ãã
CONFIGURATION
æ§æãã¡ã€ã«ã¯ãããŒãšããŒã®éã«ã=ãããªãããšãé€ããŠãåºæ¬çã« INI ãã¡ã€ã«ã§ãã
å€ã 空çœã§åºåãããããŒã¯ãŒããšå€ã®ãã¢ã§æ§æãããŸãã ãããšã¯å¥ã«ã
ã»ã¯ã·ã§ã³ããããéåžžã® "[section_name]" æ§æã䜿çšããŸãã ã³ã¡ã³ãéå§
ããã·ã¥ã#ããŸãã¯ã»ãã³ãã³ã;ã ãã¡ã€ã«å ã®ä»»æã®å Žæã«é 眮ã§ããŸãã åŸã®ãã¹ãŠ
EOL ãã³ã¡ã³ãã«ãªããŸã§ããŒã¯ã¢ããããŸãã å€ã«ã¯ã空çœãå«ãä»»æã®æåãå«ããããšãã§ããŸãã
You ã§ãã ç¹æ®æåãå«ãæååãèšå®ããã«ã¯ãå€ãäºéåŒçšç¬Šã§å²ã¿ãŸã
åŒçšç¬Šã§å²ãŸããæååã§ã¯ããšã¹ã±ãŒã ã·ãŒã±ã³ã¹ã¯èš±å¯ãããŸããã
ããŒã¯ãŒãã«ã¯XNUMXçš®é¡ããã ããŒã«ã« & å šäœçãª. ããŒã«ã« ãªãã·ã§ã³ã¯èªèšŒãæå®ããŸã
ãã¡ã€ã³ (ãŸãã¯å Žæ) ããšã®è©³çŽ°ã ã°ããŒãã« ããŒã¯ãŒãã¯ããã¹ãŠã®ã»ã¯ã·ã§ã³ãšãããã·ã«é©çšãããŸãã 圌ã
ãã¹ãŠã®ã»ã¯ã·ã§ã³ã®åã«é 眮ããå¿ èŠããããŸãããå¿ é ã§ã¯ãããŸããã ãããã¯æ¬¡ã®ãšããã§ããèš±å¯ãæåŠã
ã²ãŒããŠã§ã€ããªãã¹ã³ãSOCKS5ProxyãSOCKS5UserãNTLMToBasicããã³ãã«ã
å©çšå¯èœãªãã¹ãŠã®ããŒã¯ãŒãã¯ããã«ãªã¹ããããŠããŸããå®å šãªèª¬æ㯠OPTIONS ã»ã¯ã·ã§ã³ã«ãããŸãã
次ãèš±å¯ããŸãã [/ ]
ACL èš±å¯ã«ãŒã«ã«ã€ããŠã¯ããåç §ããŠãã ããã -A.
èªèšŒ NTLMv2 | NTLM2SR | NT | NTLM | LM
XNUMX ã€ã®ãã©ã¡ãŒã¿ãŒã䜿çšããŠãNTLM ããã·ã¥ã®ä»»æã®çµã¿åãããéžæããŸãã
åŠå®ãã [/ ]
ACL æåŠã«ãŒã«ã«ã€ããŠã¯ããåç §ããŠãã ããã -A.
ãã¡ã€ã³
ãããã· ã¢ã«ãŠã³ãã®ãã¡ã€ã³/ã¯ãŒã¯ã°ã«ãŒãåã
ãã©ã°
NTLM èªèšŒãã©ã°ã èŠã -F 詳现ã«ã€ããŠã¯ã
ã²ãŒããŠã§ã€ ã¯ã|ããã
ã²ãŒããŠã§ã€ ã¢ãŒãã æ§æãã¡ã€ã«ã§ã¯ãé åºã¯éèŠã§ã¯ãããŸããã ã²ãŒããŠã§ã€ ã¢ãŒããé©çšãããŸã
ãã¹ãŠã®ãã³ãã«ã«åãã
ããã <ããããŒå: å€>
ããããŒã®çœ®æã èŠã -r 詳现ã«ã€ããŠã¯ãèŠããŠãããŠãã ãããåŒçšã¯ãããŸããã
ISAã¹ãã£ããšãŒãžã§ã³ã
ã¯ã€ã«ãã«ãŒããæå¹ãª (*ã?ã[]) 倧æåãšå°æåãåºå¥ããªã User-Agent æååã®ãããã³ã°
ãã©ã³ã¹ isa ãã©ã°ã€ã³ã å®çŸ©ããªãå Žå ISAã¹ãã£ããŒãµã€ãºãå éšçã«èšå®ãããŠããŸã
ç¡éãã€ãŸãããšãŒãžã§ã³ããäžèŽãããã®ãé€ããã¹ãŠã®ããŠã³ããŒãã«å¯ŸããŠãã©ã°ã€ã³ãç¡å¹ã«ããŸã
ãã®ã èŠã -G.
ISAã¹ãã£ããŒãµã€ãº
trans-isa-scan ãã©ã°ã€ã³ãæå¹ã«ããŸãã èŠã -S 詳现ã«ã€ããŠã¯ãã
詳现ãèŠã [ :]
ã®ããŒã«ã« ããŒãçªå· cntlmã®ãããã· ãµãŒãã¹ã èŠã -l 詳现ã«ã€ããŠã¯ãã
ãã¹ã¯ãŒã
ãããã· ã¢ã«ãŠã³ãã®ãã¹ã¯ãŒãã ä»ã®ãªãã·ã§ã³ãšåæ§ã«ãå€ (ãã¹ã¯ãŒã) ã¯æ¬¡ã®ããã«ãªããŸãã
ã¹ããŒã¹ãªã©ã®ç¹æ®æåãå«ãŸããŠããå Žåã¯ãäºéåŒçšç¬Š (") ã§å²ã¿ãŸãã
ãã³ãèšå·ãªã©
PassNTLMv2ã ãã¹NTã ãã¹LM
ãããã· ã¢ã«ãŠã³ã ãã¹ã¯ãŒãã®ããã·ã¥ (ãåç §) -H & -aïŒã ããã·ã¥ã䜿ããããšã
èšå®ã§ïŒãã¬ãŒã³ããã¹ãã®ãã¹ã¯ãŒãã§ã¯ãªãïŒããããã èªèšŒ èšå®ãå¿ èŠ
ããŸããŸãªãªãã·ã§ã³:
èšå® | å¿ èŠ
--------------+-----------------
èªèšŒ NTLMv2 | PassNTLMv2
èªèšŒ NTLM2SR | ãã¹NT
èªèšŒ NT | ãã¹NT
èªèšŒ NTLM | PassNT + PassLM
èªèšŒLM | PassLM
ãããã·
èªèšŒãå¿ èŠãšãã芪ãããã·ã ã³ãã³ãã©ã€ã³ã®ãããã·ãšåãã
è€æ°å䜿çšããŠãä»»æã®æ°ã®ãããã·ãæå®ã§ããŸãã XNUMXã€ãã¹ã
ãããã·ã®å€±æã cntlm èªåçã«æ¬¡ãžé²ã¿ãŸãã æ¥ç¶èŠæ±ã倱æãã
ãããã·ã®ãªã¹ãå šäœãã¹ãã£ã³ããã(ãªã¯ãšã¹ãããšã«) ãããã·ã§ããããšãå€æããå Žåã®ã¿
ç¡å¹ã ã³ãã³ãã©ã€ã³ã¯èšå®ãã¡ã€ã«ãããåªå ãããŸãã
ãããã·ãªã ã ã ...
ãããã®ãã¹ãåã®èŠªãããã·ã¯é¿ããŠãã ããã äžèŽãããã¹ãŠã® URL ããããã·ãããŸã
çŽæ¥ã« by cntlm ã¹ã¿ã³ãã¢ãã³ã®ãããã·ãšããŠã ã³ã³ãããŒã© ããã§WWWèªèšŒããµããŒã
ããã«ãããäŒæ¥ã® NTLM ã䜿çšããŠããŒã«ã« ã€ã³ãã©ããã ãµã€ãã«ã¢ã¯ã»ã¹ã§ããŸãã
èªèšŒã ããŸãããã°ããã®ä»®æ³åããã MSIE ã¯ããå¿ èŠãããŸããã ïŒïŒ èŠã -N
詳现ã«ã€ããŠã¯ãã
SOCKS5ãããã· [ :]
SOCKS5 ãããã·ãæå¹ã«ããŸãã èŠã -O 詳现ã«ã€ããŠã¯ãã
SOCKS5ãŠãŒã¶ãŒ :
æ°ãã SOCKS5 ãããã· ã¢ã«ãŠã³ããäœæããŸãã èŠã -R 詳现ã«ã€ããŠã¯ãã
NTLMããããŒã·ã㯠ã¯ã|ããã
NTLM-to-basic èªèšŒãæå¹/ç¡å¹ã«ããŸãã èŠã -B 詳现ã«ã€ããŠã¯ãã
ãã³ãã« [ :] : :
ãã³ãã«å®çŸ©ã èŠã -L 詳现ã«ã€ããŠã¯ãã
ãããã· ã¢ã«ãŠã³ãåããã¡ã€ã³åãå«ããããšã¯ã§ããŸãã (ãã¢ãããèšå·ã¯
æåã©ããã«è§£éãããŸãïŒã
ã¯ãŒã¯ã¹ããŒã·ã§ã³ã®ãã¹ãåã
onworks.net ãµãŒãã¹ã䜿çšããŠãªã³ã©ã€ã³ã§ cntlm ã䜿çšãã