|  |
| |
| ´¾´¾ |
Èì.. ±×³É backdoor ¶ó´Â ÇÁ·Î±×·¥ ÀÚü¸¦ ½ÇÇàÇϴ°ſ¡¿ä
¿¹¸¦µé¾î¼
a.c ÀÇ ³»¿ëÀÌ ´ÙÀ½°ú °°´Ù°íÇßÀ»‹š
#include <stdio.h>
main()
{
printf("Backdoor Activated\n");
}
gcc -o backdoor a.c ¸¦ ÇØÁֽøé
backdoor ¶ó´Â ÇÁ·Î±×·¥ÀÌ »ý¼ºµÇÁÒ?
À̶§ finger @localhost
¸¦Çغ¸½Ã¸é ÀÌÇØ °¡½Ç°Å¿¡¿ä
Èì.. ¿øÇÏ½Ã´Â°Ô ÀÌ°Ô ¸Â³ª¿ä? |
2011/07/24 |
|
pwn3r |
[level4@ftz xinetd.d]$ cat backdoor
service finger
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = level5
server = /home/level4/tmp/backdoor
log_on_failure += USERID
}
[level4@ftz xinetd.d]$ cat finger
# default: on
# description: The finger server answers finger requests. Finger is \
# a protocol that allows remote users to see information such \
# as login name and last login time for local users.
service finger
{
socket_type = stream
wait = no
user = nobody
server = /usr/sbin/in.fingerd
disable = yes
}
/etc/xinetd.d/ ¿¡ ÀÖ´Â backdoor °ú fingerÀ̶õ ÆÄÀÏÀ» ¿¾îº»°Çµ¥¿ä,
º¸½Ã¸é µÎ ÆÄÀϸðµÎ finger ¼ºñ½º¸¦ Á¤ÀÇÇϰí Àִµ¥ ¸®´ª½º¿¡¼ ±âº»ÀûÀ¸·Î »ç¿ëÇÏ´ø finger service´Â disableµÇÀֱ⠶§¹®¿¡ , backdoor¶ó´Â ÆÄÀÏ¿¡¼ Á¤ÀÇÇÑ finger¼ºñ½º°¡ ½ÇÇàµË´Ï´Ù.
finger¼ºñ½º´Â Á¢¼ÓÀ» ¹ÞÀ¸¸é level5 userÀÇ ±ÇÇÑÀ¸·Î /home/level4/tmp/backdoor¸¦ ½ÇÇàÇϱ⶧¹®¿¡ backdoor¶ó´Â ÇÁ·Î±×·¥À» ¸¸µé¾îµÎ°í finger ¼ºñ½º°¡ »ç¿ëÇÏ´Â Æ÷Æ®¿¡ Á¢¼ÓÇϸé backdoor¶ó´Â ÇÁ·Î±×·¥ÀÌ ½ÇÇàµÇ°Ô µË´Ï´Ù. |
2011/07/24 |
|
| Mastel |
´¾´¾/pwn3r
µÎºÐ ´äº¯ °¨»çµå¸³´Ï´Ù. È®½ÅÀÌ »ý°å³×¿ä ¤¾¤¾ |
2011/07/24 |
|