|
http://www.hackerschool.org/HS_Boards/zboard.php?AllArticle=true&no=2999 [º¹»ç]
Á¦°¡ Àß ÀÌÇØÇѰÇÁö´Â ¸ð¸£°Ú´Âµ¥
setreuid¿´³ª(¸®´ª½º¿¡ ´ÉÅëÇÏÁö¸øÇÔ)À» exploit¿¡ Ãß°¡½ÃÄѼ
¹öÆÛ¿À¹öÇÃ·Î¿ì¸¦ÇØ¼ ½©À» ½ÇÇà½Ã۱⵵ÇÏ´õ¶ó±¸¿ä..
±×À̾߱â´Â
1. ¹öÆÛ¿À¹öÇ÷ο찡 °¡´ÉÇÑ ÇÁ·Î±×·¥(¹®ÀÚ¿ÀÇ ±æÀ̸¦ üũÇÏÁö ¾Ê°ÙÁÒ?)ÀÌ
2. ¹öÆÛÀÇ Å©±â°¡ ½©°ªÀ» ½ÇÇàÇÏ´Â °ø°Ý¹®À» ³Ö±â¿¡ ÃæºÐÇÑ ÇÁ·Î±×·¥À̶ó¸é
±×ÇÁ·Î±×·¥¿¡ ´ëÇÑ ½ÇÇà±ÇÇѸ¸ À־ ·çÆ®¸¦µþ¼öÀִ°ÍÀΰ¡¿ä??
±×·¸´Ù¸é
¾²±â±ÇÇÑÀÌÀÖ´Â »ç¿ëÀÚ´Â ¸¶À½´ë·Î setreuid¸¦ »ç¿ëÇØ¼ ·çÆ®±ÇÇÑÀ»µþ¼öÀÖ³ª¿ä??
|
Hit : 3932 Date : 2011/05/14 08:53
|