|
|
|
|
|
|
|
|
|
|
|
|
|
2844, 6/143 |
|
Mastel | |||||||
level4 ¸¦ ¾ó¶³°á¿¡ ²£½À´Ï´Ù. Áö½ÄÀ» ³ª´²ÁÖ¼¼¿ä ¤Ð¤Ð | |||||||
http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_level&no=3225 [º¹»ç]
Hit : 2377 Date : 2011/07/23 11:58
|
|||||||
´¾´¾ | Èì.. ±×³É backdoor ¶ó´Â ÇÁ·Î±×·¥ ÀÚü¸¦ ½ÇÇàÇϴ°ſ¡¿ä ¿¹¸¦µé¾î¼ a.c ÀÇ ³»¿ëÀÌ ´ÙÀ½°ú °°´Ù°íÇßÀ»‹š #include <stdio.h> main() { printf("Backdoor Activated\n"); } gcc -o backdoor a.c ¸¦ ÇØÁֽøé backdoor ¶ó´Â ÇÁ·Î±×·¥ÀÌ »ý¼ºµÇÁÒ? À̶§ finger @localhost ¸¦Çغ¸½Ã¸é ÀÌÇØ °¡½Ç°Å¿¡¿ä Èì.. ¿øÇÏ½Ã´Â°Ô ÀÌ°Ô ¸Â³ª¿ä? |
2011/07/24 | |
pwn3r | [level4@ftz xinetd.d]$ cat backdoor service finger { disable = no flags = REUSE socket_type = stream wait = no user = level5 server = /home/level4/tmp/backdoor log_on_failure += USERID } [level4@ftz xinetd.d]$ cat finger # default: on # description: The finger server answers finger requests. Finger is \ # a protocol that allows remote users to see information such \ # as login name and last login time for local users. service finger { socket_type = stream wait = no user = nobody server = /usr/sbin/in.fingerd disable = yes } /etc/xinetd.d/ ¿¡ ÀÖ´Â backdoor °ú fingerÀ̶õ ÆÄÀÏÀ» ¿¾îº»°Çµ¥¿ä, º¸½Ã¸é µÎ ÆÄÀϸðµÎ finger ¼ºñ½º¸¦ Á¤ÀÇÇÏ°í Àִµ¥ ¸®´ª½º¿¡¼ ±âº»ÀûÀ¸·Î »ç¿ëÇÏ´ø finger service´Â disableµÇÀֱ⠶§¹®¿¡ , backdoor¶ó´Â ÆÄÀÏ¿¡¼ Á¤ÀÇÇÑ finger¼ºñ½º°¡ ½ÇÇàµË´Ï´Ù. finger¼ºñ½º´Â Á¢¼ÓÀ» ¹ÞÀ¸¸é level5 userÀÇ ±ÇÇÑÀ¸·Î /home/level4/tmp/backdoor¸¦ ½ÇÇàÇϱ⶧¹®¿¡ backdoor¶ó´Â ÇÁ·Î±×·¥À» ¸¸µé¾îµÎ°í finger ¼ºñ½º°¡ »ç¿ëÇÏ´Â Æ÷Æ®¿¡ Á¢¼ÓÇϸé backdoor¶ó´Â ÇÁ·Î±×·¥ÀÌ ½ÇÇàµÇ°Ô µË´Ï´Ù. |
2011/07/24 | |
Mastel | ´¾´¾/pwn3r µÎºÐ ´äº¯ °¨»çµå¸³´Ï´Ù. È®½ÅÀÌ »ý°å³×¿ä ¤¾¤¾ |
2011/07/24 | |
|
|