Re: [閒聊] 知名 NAS 系統藏後門
影片我看了一下
雖然標題沒有提到EOL
但是影片裡反向工程的部分還是有點出一些問題
大概有三個點:
1. 系統上有一個無密碼使用者messagebus
2. 可以透過HTTP request以此使用者的名義在機器上執行命令
3. 系統重新開機會檢查messagebus使用者是否存在 若否則建立 若密碼被設定則清空
這些code還有稍微被obfuscated
反正我覺得是惡意植入的
解法是不要讓機器暴露在Internet上
或是乾脆別用了
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 103.197.174.121 (臺灣)
※ 文章網址: https://www.ptt.cc/bbs/PC_Shopping/M.1713615704.A.3C7.html
→
04/20 20:55,
2周前
, 1F
04/20 20:55, 1F
→
04/20 20:56,
2周前
, 2F
04/20 20:56, 2F
→
04/20 21:17,
2周前
, 3F
04/20 21:17, 3F
→
04/20 21:17,
2周前
, 4F
04/20 21:17, 4F
→
04/20 21:17,
2周前
, 5F
04/20 21:17, 5F
→
04/20 21:17,
2周前
, 6F
04/20 21:17, 6F
→
04/20 21:17,
2周前
, 7F
04/20 21:17, 7F
→
04/20 21:17,
2周前
, 8F
04/20 21:17, 8F
→
04/20 21:19,
2周前
, 9F
04/20 21:19, 9F
→
04/20 21:19,
2周前
, 10F
04/20 21:19, 10F
→
04/20 21:19,
2周前
, 11F
04/20 21:19, 11F
→
04/20 21:19,
2周前
, 12F
04/20 21:19, 12F
→
04/20 21:19,
2周前
, 13F
04/20 21:19, 13F
→
04/20 21:19,
2周前
, 14F
04/20 21:19, 14F
→
04/20 21:28,
2周前
, 15F
04/20 21:28, 15F
推
04/20 21:36,
2周前
, 16F
04/20 21:36, 16F
推
04/20 21:39,
2周前
, 17F
04/20 21:39, 17F
→
04/20 21:52,
2周前
, 18F
04/20 21:52, 18F
→
04/20 21:52,
2周前
, 19F
04/20 21:52, 19F
→
04/20 21:55,
2周前
, 20F
04/20 21:55, 20F
→
04/20 22:00,
2周前
, 21F
04/20 22:00, 21F
推
04/20 22:00,
2周前
, 22F
04/20 22:00, 22F
→
04/20 22:00,
2周前
, 23F
04/20 22:00, 23F
→
04/20 22:03,
2周前
, 24F
04/20 22:03, 24F
→
04/20 22:03,
2周前
, 25F
04/20 22:03, 25F
→
04/20 22:03,
2周前
, 26F
04/20 22:03, 26F
→
04/20 22:04,
2周前
, 27F
04/20 22:04, 27F
噓
04/20 23:14,
2周前
, 28F
04/20 23:14, 28F
→
04/20 23:14,
2周前
, 29F
04/20 23:14, 29F
→
04/20 23:34,
2周前
, 30F
04/20 23:34, 30F
→
04/20 23:34,
2周前
, 31F
04/20 23:34, 31F
推
04/20 23:38,
2周前
, 32F
04/20 23:38, 32F
→
04/20 23:38,
2周前
, 33F
04/20 23:38, 33F
推
04/21 02:07,
1周前
, 34F
04/21 02:07, 34F
推
04/21 10:14,
1周前
, 35F
04/21 10:14, 35F
→
04/21 10:14,
1周前
, 36F
04/21 10:14, 36F
→
04/21 10:14,
1周前
, 37F
04/21 10:14, 37F
推
04/21 13:18,
1周前
, 38F
04/21 13:18, 38F
→
04/21 13:18,
1周前
, 39F
04/21 13:18, 39F
討論串 (同標題文章)
完整討論串 (本文為第 3 之 3 篇):
閒聊
-19
62