ÌáÉý¹ÜÀíԱȨÏÞ£¬Serv-UȨÏÞÌáÉýÔÙÌáÉý--¼ÇÒ»´ÎÐéÄâÖ÷»úÈëÇÖ

Serv-UȨÏÞÌáÉýÔÙÌáÉý--¼ÇÒ»´ÎÐéÄâÖ÷»úÈëÇÖ - ÍøÂ簲ȫ - µçÄԽ̳ÌÍø

Serv-UȨÏÞÌáÉýÔÙÌáÉý--¼ÇÒ»´ÎÐéÄâÖ÷»úÈëÇÖ

ÈÕÆÚ£º2007-01-03   ¼ö£º
×÷Õߣºintruder
À´Ô´£ºÐ°¶ñ°Ë½øÖÆÖйú
×Ô´ÓServ-U±¾µØȨÏÞÌáÉý©¶´³öÀ´ÒԺ󣬴ó¼ÒÊÖÎÕSu.exeÕâ°ÑÍø¶µ·ê¼¦¾ÍÕÖ£¬Ò»Ê±¼äµÄÈ⼦Ã÷ÏÔÔö¶à¡¢ÖÊÁ¿Ö±ÏßÉÏÉý°¡¡£Ìرð¡¶Win2000ÐéÄâÖ÷»úÈëÇִ󷨡·Öеķ½·¨Á÷´«¹ã·ºÖ®ºó£¬´ó¼ÒÊÖÀ↑ʼÓÐÁËЩ×öÐéÄâÖ÷»úµÄ¸ß´ø¿í¡¢´óÄڴ棬ÉõÖÁÓÐN¸öCPUµÄ¼«Æ·È⼦£¬¹§Ï²¹§Ï²°¡^_^£¨Ì¨Ï¹ÛÖÚ£ºÍ¬Ï²Í¬Ï²£©¡£¿ÉÊÇÒ²Óö¼ûÁËÓÃN¶àÐÞ²¹ÁËÕâ¸öServ-U±¾µØȨÏÞÌáÉý©¶´¡¢ÔõôҲÌáÉý²»ÁËȨÏÞµÄÀϲñ¼¦£¬½ñÌìÎÒ¾ÍÒÔÎÒµÄÒ»´ÎÕæʵÈëÇֺʹó¼ÒÀ´Ì½ÌÖÒ»ÏÂÔõôÔÙ×¥ÕâЩÈ⼦¡£
¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡ Ò»£®Ò»¸öÍøÂç°ì¹«ÏµÍ³
Ò»¸öÔ¸߷çºÚµÄÈç±ùº®Ò¹£¬ÎÒÓÖÒ»´Î´ò¿ªÁË°³ÃǸßÖеÄѧУÍøÕ¾£¬ÔÚÖ÷Ò³ÉÏËûÃÇ°ÑѧУµÄÍøÂ罨Éè´µµÄ¶àô¶àôµÄºÃ£¬ÎÒÊÇÔ½¿´Ô½ÓôÃÆ£¬ÎÒÔÚѧУ3Ä꾹ȻÁ¬»ú·¿¶¼Ã»ÈÃÎÒ½øÈ¥¹ý£¬ÉõÖÁ¶¼¼Ç²»µÃÓлú·¿¡£ÐÄÏ룬ÎÒÔõôҲµÃ¸øËûÃÇÌá¸öÐÑŶ£¬°¦£¬ÕâÖÖµ±Í·Ò»°ô¡¢Õü¾ÈÊÀÈ˵ÄÔðÈÎÎÒ¿¸ÁË£¬Ë­½ÐÎÒ˧ÄØ^_^£¨Ì¨Ï¹ÛÖڵijô¼¦µ°³´Î÷ºìÊÁ¿ªÊ¼×¼±¸ÁË£©¡£
ÎÒÂíÉÏÄóöX-SCAN¹´Ñ¡È«²¿Ñ¡ÏîÀ´Á˸ö´óɨÃ裬·þÎñÆ÷ÊÇWindows2000¸ß¼¶·þÎñÆ÷°æ£¬·þÎñÆ÷Ö»¿ªÁË80¡¢21¡¢25¡¢3389¶Ë¿Ú£¬·þÎñÆ÷Ó¦¸ÃÓÐ_blank">·À»ðǽ£¬»òÕß¿ªÁËTCP/IP¹ýÂËÁË£¬Â©¶´É¨ÃèÊÇÒ»¸öҲûÓУ¬Ó¦¸ÃÊÇSP4+×îв¹¶¡¡£ÕâÑùµÄ·þÎñÆ÷Ó¦¸Ã²»ÊÇÎÒÃǸßÖеÄÄÇЩÍø¹ÜÅäÖõijöÀ´µÄ£¬ÕâÑù˵Óе㿴²»ÆðÈË£¬µ«ÕâÒ²Ó¦¸ÃÊÇÊÂʵ¡£²éÁ˲éIP£¬ÊDZ±¾©ÁªÍ¨µÄ£¬¿´À´ÓõÄÊÇÐéÄâÖ÷»úÁË¡£
ÂíÉÏ´ò¿ª¶¯»­°ÉÃ÷С×ÓдµÄ¡¶ÅÔ×¢ÈëÇÖרÓù¤¾ß¡·£¨Í¼Ò»£©¡£Õâ¸ö¹¤¾ß¹¦Äܷdz£Ç¿´ó£¬ÏÈÊÇͨ¹ýwhois.webhosting.info²éѯij¸öIP°ó¶¨µÄËùÓÐÓòÃû£¬È»ºóµ¼ÈëÈí¼þ×Ô¶¯²éѯ¿ÉÒÔÉÏ´«µÄÒ³Ãæ»òÕßÂÛ̳¡¢ÎÄÕÂϵͳµÄÊý¾Ý¿â£¬±ÈÈçDvBbs 7.0µÄÉÏ´«Ò³ÃæºÍ¶¯Òס¢Çà´´ÎÄÕÂϵͳµÄ©¶´Ò³Ãæ¡¢¶¯ÍøÊý¾Ý¿âµÈµÈ¡£²éµ½Â©¶´Ò³Ãæ¾Í¿ÉÒÔͨ¹ýÈí¼þ×Ô´øµÄ©¶´ÀûÓóÌÐòÖ±½ÓÉÏ´«ASPľÂí¡£É¨Ãè½á¹û·Ç³£ÁîÎÒʧÍû£¬Õâ¸ö·þÎñÆ÷¿ÉÄÜÊÇпªµÄ£¬ÉÏÃæÖ»ÓкÜÉÙÊ®¼¸¸öÍøÕ¾£¬Ã»ÓÐÓÐÉÏ´«Â©¶´µÄ¡£
screen.width-300)this.width=screen.width-300' border='0' alt='Click to Open in New Window'>

ͼһ
ÓôÃÆÖдò¿ªÖ÷Ò³Ïй䣬Ö÷Ò³ÊÇ´¿HtmlдµÄ£¬Ö»ÓÐÒ»¸öͬѧ¼ÊÇaspµÄ£¬ÓõÄÊÇ¡¶·çÔÂͬѧ¼¡·×îаæµÄ£¬ÊÔÁËÊÔÈõÃÜÂ룬´íÎó¡£´òÉÏĬÈϵġ¶·çÔÂͬѧ¼¡·µÄÊý¾Ý¿âµØÖ·£¬Êý¾Ý¿âµØÖ·µ¹ÊÇû¸Ä£¬¿ÉÊÇ×öÁË·ÀÏÂÔØ´¦Àí¡£
ÎÞÁÄÖкúÂҵ㿪ÁËËûµÄËùνµÄ¡°ÆóÒµÍøÂç°ì¹«ÏµÍ³¡±£¬Èõ¿ÚÁîû½øÈ¥£¬ºöÈ»¿´¼ûÒ»¸ö¡°Èç¹ûÄãÍü¼ÇÃÜÂëµÄ»°£¬Çë´ÓÕâÀïÕÒ»ØÄãµÄÃÜÂ룡¡±£¬µãÁËÏ£¬Ãû×ÖÊäÈëadmin¡£ÃÜÂëÌáʾÎÊÌâÊÇ¡°0000¡±£¬ÎÒÒ²ËæÊÖÊäÁË¡°0000¡±£¬¹þ¹þ£¬ÕýÈ·£¬½øÈë¹ÜÀíÒ³Ã棨ͼ¶þ£©¡£½øÈ¥ºó¸Ð¾õºÍ¡¶Xµµ°¸¡·Ôø¾­½éÉܹýµÄ¡¶A4ÍøÂç½Ìѧϵͳ¡·ÓеãÏñ£¬ÊÔÊÔÄܲ»ÄÜÉÏ´«ÈÎÒâ¾ÍÊÔÁËÊÔÉÏ´«Ò³Ã棬¿´µ½¡°ÐÐÕþ¹ÜÀí¡±ÀïÓиö¡°Éϱ¨Îļþ¡±ÕÒÁ˸öº£Ñ󶥶ËASPľÂí2005£¬ÉÏ´«³É¹¦ÁË£¬¿ñÓôÃƵÄÊÇÔõôҲÕÒ²»µ½´«µ½Ê²Ã´µØ·½ÁË£¨Í¼Èý£©¡£ÓÖÕÒÁËÕÒ·¢ÏÖÁËÓиö¡°¸öÈËÐÅÏ䡱£¬¸ø×Ô¼ºÐ´·âÐÅ£¬¸½¼þÀïÖ±½Ó¸½ÉϺ£Ñ󶥶Ë2005£¬´ò¿ªÊÕ¼þÏ䣬¹þ¹þ£¬ASP¸½¼þ¾¹È»¿ÉÒÔÖ±½Ó´ò¿ª£¬µÃµ½Webshell£¨Í¼ËÄ£©¡£
ºóÀ´²âÊÔ·¢ÏÖÍøÉϵÄÕâ¸ö°ì¹«ÏµÍ³N¶à£¬ÔÚBaiduÀïÊäÈë¡°ÆóÒµÍøÂç°ì¹«ÏµÍ³¡±¾ÍOK£¬ÓøղŵÄĬÈÏÃÜÂëÌáʾÎÊÌâºÍÌáʾ´ð°¸¾ø´ó²¿·Ö¶¼¿ÉÒÔ½øÈ¥£¬ºÜ¿ìµÃµ½Webshell¡£´ó¼Ò¿ÉÒÔÊÔÊÔ¡£
screen.width-300)this.width=screen.width-300' border='0' alt='Click to Open in New Window'>

[1] [2] [3]  


screen.width-300)this.width=screen.width-300' border='0' alt='Click to Open in New Window'>

screen.width-300)this.width=screen.width-300' border='0' alt='Click to Open in New Window'>

¶þ£®¾øÍûµÄȨÏÞÌáÉý
ÓÐÁËWebshell£¬Õâ¾Í¿ÉÒÔÐÞ¸ÄÍøÕ¾µÄÖ÷Ò³À´ÌáÐÑÌáÐÑѧУ¹ÜÀíÔ±ÁË£¬µ«ÔÚʹÓùý³ÌÖз¢ÏÖÕâ¸öÖ÷»úµÄËٶȳ¬¿ì°¡£¬ºÇºÇ£¬×÷³ÉÈ⼦һ¶¨ºÜˬ£¬¿ÉÔÚÉÏÃæ×öÏÂÔØ£¬É¨È⼦£¬¹þ¹þ£¬»¹¿ÉÒÔ¹ÒQQµÈ¼¶£¬Ð˷ܵÄÏë¿ñЦ¡£
×Ô´ÓÎÒÏë°ÑËû¸ã³ÉÈ⼦£¬ÎҵĿàÄѾͿªÊ¼ÁË¡£ÎÒ¿ªÊ¼Á˾øÍûµÄȨÏÞÌáÉýÖ®Âá£
ÔÚWebshellÀïÊäÈënet user£¬¶¥¶ËASPľÂíÌáʾ¡°Îļþ´ò¿ªÊ§°Ü¡±¡°Ã»ÓÐȨÏÞ¡±¡£¿´À´ÏÞÖÆÁËGuest¶ÔCMD.EXEµÄ·ÃÎÊÁË£¬ÄÇÎÒÃÇ×Ô¼º´«Ò»¸öÉÏÈ¥CMD.EXE¹ýÈ¥¡£ÉÏ´«³É¹¦¡£È»ºóÔÚº£Ñ󶥶ËASPľÂíÀï×Ô¶¨ÒåCMD.EXE·¾¶£¬¿ÉÊÇ»¹ÊDz»ÄÜÖ´ÐÐCMDÃüÁî¡£ÄÇÔÙ¿´¿´C:\winnt\system32\inetsrv\dataÕâ¸öĿ¼ÓÐûÓÐдȨÏÞWindows2000µÄÕâ¸öĿ¼ĬÈÏÊÇEveryoneÍêÈ«¿ØÖƵģ¨¿É²Î¼û¡¶Xµµ°¸¡·12ÆÚ¡¶Ò»´Î¼èÄѵÄÐéÄâÖ÷»úÈëÇÖ¡·£©£¬CMDÉÏ´«³É¹¦ÁË¡£Ö´ÐÐnet start £¬FTP¹ûÈ»ÊÇÓõÄServ-U¡£ÎÒÒ»ÉùÀäЦ£¬ºÙºÙ£¬Ô¹ÄãÃü¿à°É¡£È»ºóÉÏ´«ÁËServ-U±¾µØȨÏÞÌáÉý©¶´ÀûÓóÌÐòSu.exe£¬Âú»³Ï£ÍûµÄÔËÐÐC:\winnt\system32\inetsrv\data\su.exe ¡°net suer intruder$ 0123123 /add¡± ¡£½á¹û·µ»ØÁËÕâÑùµÄ½á¹û£º
USER LocalAdministrator
PASS #l@$ak#.lk;0@P
·À»ðǽ£¬²»ÔÊÐí·ÃÎÊ·ÇÈÏÖ¤¶Ë¿Ú¡£Õâ¸ö¶Ë¿ÚÈç¹û¸Ä³É21ÊDz»Ðеģ¬ÎÒ²âÊÔÁËÁ½Ì¨£¬¶¼ÄªÃûÆäÃîµÄʧ°ÜÁË¡£
ºóÀ´Ï룬ÎÒ¼ÈÈ»ÓÐÁËÃÜÂ룬ÎÒÖ±½ÓÐÞ¸ÄÄǸöȨÏÞÌáÉý©¶´ÀûÓóÌÐòÖеÄÃÜÂë¡°#l@$ak#.lk;0@P¡±ÎªÎҵõ½µÄÃÜÂë²»¾Í¿ÉÒÔÀûÓÃÁËÂÕÒ³öÕâ¸ö±¾µØȨÏÞÌáÉý©¶´µÄÀûÓôúÂ룬¸ÄµôÕâ¸öÃÜÂ룬±àÒë³É¹¦£¬ÉÏÄÇ̨·þÎñÆ÷ÉÏÊÔÊÔ£¬³É¹¦ÁË£¡µÃµ½ÏµÍ³È¨ÏÞ£¡ÂíÉϼÓÁ˸öÓû§£¬È⼦ÒѾ­¿ªÁËÖն˷þÎñ£¬ºÜ·½±ã£¡
ÈëÇÖµ½´Ë½áÊø£¬Ê£ÏµľÍÊÇ´òɨս³¡ÁË¡£
ͨ¹ýÖն˵ǽÉÏÈ⼦ºó·¢ÏÖ£¬¸Õ²ÅNCÌá½»µÄ¶«¶«ÊÇÓÐЧ¹ûµÄ£¬·þÎñÆ÷ÀïÓÐÁËÒ»¸öMyFTPµÄÐÂÓò£¬Á¬½Ó²»ÉÏÊÇÒòΪÈ⼦ÉÏ×°ÁË_blank">·À»ðǽ¡££¨Í¼Æߣ©
screen.width-300)this.width=screen.width-300' border='0' alt='Click to Open in New Window'>

ºóÀ´ÏëÏ룬ºÜ¶àÅóÓѵĻúÆ÷ÉÏûװCÓïÑÔ£¬ÕâÑùÀûÓñϾ¹²»·½±ã¡£ÎÒ¾ÍʹÓÃÎÒѧµÄʵÔÚ²»ÔõôÑùµÄBCBдÁ˸öͼÐνçÃæµÄÅäÖóÌÐò£¨Í¼°Ë£©£¬´ó¼ÒÏÈ´ÕºÏ×ÅÓÃ×Å£¡Ö»ÊÇÕâ¸ö³ÌÐò´óÁ˵㣬300¶àK£¬´ø×Ų»·½±ã£¬ÄÇЩ³öÃÅÔÚÍâ²»ÍüºÚÕ¾µÄ¸çÃÇÃÇ¿ÉÄÜÊܲ»ÁË£¬ÄÇÎÒÃÇ¿ÉÒÔÖ±½ÓÓÃXhex´ò¿ªsu.exe£¬²éÕÒ¡°LocalAdministrator¡±ºÍ¡°#l@$ak#.lk;0@P¡±£¬¸Ä³É×Ô¼ºµÃµ½µÄÃÜÂëÒ²¿ÉÒÔ¡£
screen.width-300)this.width=screen.width-300' border='0' alt='Click to Open in New Window'>

¡¡ ËÄ¡¢ÊºóµÄ˼¿¼
ÕâÖÖServ-U±¾µØȨÏÞÌáÉý©¶´µ½µ×ÒªÔõôÐÞ²¹ÄØ£¿ÕâÖÖ½ö½ö¼òµ¥ÐÞ¸ÄÎļþÖÐĬÈÏÃÜÂëµÄ×ö·¨ÏÔÈ»ÊDz»°²È«µÄ¡£ÄÇÎÒÃÇ¿ÉÒÔ²»¸øÄǸöInternetÀ´±öÕʺÅServ-U°²×°Ä¿Â¼ä¯ÀÀµÄȨÏÞ£¬ÕâÑù¾Íû·¨ÏÂÔسÌÐòÕÒÃÜÂëÁË£¨Í¼¾Å£©¡£µ«ÊÇÕâô×öÕ⩶´µÄÒþ»¼»¹ÊÇ´æÔڵģ¬±ÈÈç±¾µØÓû§µÄȨÏÞÌáÉý¡£
screen.width-300)this.width=screen.width-300' border='0' alt='Click to Open in New Window'>

 [1] [2] [3]  


ͼ¾Å
ÔÙÏëÏ룬ÒòΪServ-UÊÇÒÔ·þÎñÆô¶¯Ä¬ÈÏÊÇÒÔSystemȨÏÞÔËÐеģ¬ËùÒÔ²ÅÓб»È¨ÏÞÌáÉýµÄ¿ÉÄÜ¡£Èç¹ûÎÒÃÇ°ÑServ-UµÄÆô¶¯Óû§¸Ä³ÉÒ»¸öUSER×éµÄÓû§£¬ÄÇô¾ÍÔÙ²»»áÓÐËùνµÄȨÏÞÌáÉýÁË¡££¨Í¼Ê®£©µ«Òª×¢ÒâµÄÊÇ£¬Õâ¸öµÍȨÏÞÓû§Ò»¶¨Òª¶ÔServ-U°²×°Ä¿Â¼ºÍÌṩFTP·þÎñµÄĿ¼»òÅÌ·ûÓÐÍêÈ«¿ØÖƵÄȨÏÞ¡£¾­²âÊÔ·¢ÏÖ£¬Ê¹ÓÃÆÕͨ×éÓû§Æô¶¯µÄServ-UÊDz»ÄÜÔö¼ÓÓû§ºÍɾ³ýÓû§µÄ£¬ÆäËûÒ»ÇÐÕý³£¡£

£¨³ö´¦£ºhttp://www.sheup.com£©


 [1] [2] [3] 

£¨³ö´¦£ºhttp://www.sheup.com£©


 [1] [2] [3] [4] 

±êÇ©£º