|
|
|
|
¹ÙÀÌ·¯½º
À̸§ |
Backdoor-W32/RBot.184320 |
¹ÙÀÌ·¯½º
Á¾·ù |
Backdoor |
½ÇÇà
ȯ°æ |
Windows |
Á¦ÀÛÁö |
ºÒºÐ¸í |
¹ß°ßÀÏ |
20050928 |
¹ÙÀÌ·¯½ºÅ©±â |
184,320 Byte |
¸ÞÀÏ
Á¦¸ñ |
|
÷ºÎÆÄÀÏ |
|
¹ÙÀÌ·¯½º Áõ»ó |
ÀÌ ¿úÀº À©µµ¿ì º¸¾ÈÇêÁ¡°ú ³×Æ®¿÷ °øÀ¯ Æú´õ¸¦ ÅëÇÏ¿© ÀüÆĵǸç,
°¨¿°µÈ ¸ÞÀÏÀ̳ª ÆÄÀÏÀ» ƯÁ¤ ¼¹ö·ÎºÎÅÍ ¹ÞÀ»¼ö ÀÖ´Ù.
[Ư¡]
¹éµµ¾î°¡ ½ÇÇàµÇ¸é ´ÙÀ½°ú °°ÀÌ À©µµ¿ì ½Ã½ºÅÛ Æú´õ(win 2000, NT : c:\Wint\system32, win XP : c:\windows\system32)
¿¡ bott.pif(194,560 Byte) ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.
¶ÇÇÑ, ´ÙÀ½Ã³·³ ·¹Áö½ºÆ®¸¦ ¼öÁ¤ÇÏ¿© ´ÙÀ½ ºÎÆýà ½ÇÇàµÇµµ·Ï Á¶ÀÛÇÑ´Ù.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Ç׸ñ¿¡
Microsoft Intrenet Explorer = "bott.pif"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
Ç׸ñ¿¡
Microsoft Intrenet Explorer = "bott.pif"
HKEY_CURRENT_USER\Software\Microsoft\Ole
Ç׸ñ¿¡
Microsoft Intrenet Explorer = "bott.pif"
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
Ç׸ñ¿¡
Microsoft Intrenet Explorer = "bott.pif"
À» »ý¼ºÇÑ´Ù.
±×¸®°í ´ÙÀ½°ú °°Àº Á¤º¸¸¦ ÀÌ¿ëÇÏ¿© ½Ã½ºÅÛ ±ÇÇÑ ¾ò±â¸¦ ½Ãµµ ÇÑ´Ù.
12345
123456
1234567
12345678
123456789
1234567890
access
accounting
accounts
admin
administrador
administrat
administrateur
administrator
admins
backup
bitch
blank
brian
changeme
chris
cisco
compaq
computer
control
database
databasepass
databasepassword
db1234
dbpass
dbpassword
default
domain
domainpass
domainpassword
exchange
george
guest
hello
homeuser
internet
intranet
katie
linux
login
loginpass
nokia
oeminstall
oemuser
office
oracle
orainstall
outlook
owner
pass1234
passwd
password
password1
peter
qwerty
server
siemens
sqlpassoainstall
staff
student
susan
system
teacher
technical
win2000
win2k
win98
windows
winnt
winpass
winxp
wwwadmin
¹éµµ¾î·Î¼ µ¿ÀÛ ÇϰԵǸé, ´ÙÀ½°ú °°Àº ½Ã½ºÅÛ ¿Àµ¿ÀÛÀÌ ÀϾ ¼ö ÀÖ´Ù.
1. ÆÄÀÏ ½ÇÇà¹× »èÁ¦
2. Æ÷Æ®°¨½Ã
3. Å°º¸µå ŸÀÌÇÎ ³»¿ë ÀúÀå
4. ÆÄÀÏ ´Ù¿î·Îµå
5. ftp¹× IRC ¼¹ö·Î µ¿ÀÛ°¡´É
6. ½Ã½ºÅÛ Çϵå¿þ¾î Á¤º¸ ¼öÁý
7. ¿ø°ÝÁ¢¼Ó¹× ·Î±× ¿ÀÇÁ ±â´É
8. ¼ºñ½º °ÅºÎ(DoS)°ø°Ý
±×¸®°í ÀÌ ¹éµµ¾î´Â RPCSS ¿ø°ÝÄÚµå ½ÇÇà À§Çè, RPC ÀÎÅÍÆäÀ̽º ¹öÆÛ ¿À¹ö·± º¸¾ÈÇêÁ¡ µîÀ»
ÀÌ¿ëÇϹǷÎ, ´ÙÀ½ º¸¾ÈÆÐÄ¡¸¦ ±Ç°íÇÑ´Ù.
*MS04-011 RPCSS ¿ø°ÝÄÚµå ½ÇÇà
http://www.microsoft.com/korea/technet/security/bulletin/MS03-039.asp
*MS03-026 RPC ÀÎÅÍÆäÀ̽ºÀÇ ¹öÆÛ ¿À¹ö·±
http://www.microsoft.com/korea/technet/security/bulletin/MS03-026.asp
¸¶Áö¸·À¸·Î ´ÙÀ½°ú °°Àº °ÔÀÓÀÇ CD Key¸¦ ÃßÃâÇÑ´Ù.
Battlefield 1942
Battlefield 1942 (Road To Rome)
Battlefield 1942 (Secret Weapons of WWII)
Battlefield Vietnam
Black and White
Chrome
Command and Conquer: Generals
Command and Conquer: Generals (Zero Hour)
Command and Conquer: Red Alert 2
Command and Conquer: Tiberian Sun
Counter-Strike (Retail)
FIFA 2002
FIFA 2003
Freedom Force
Global Operations
Gunman Chronicles
Half-Life
Hidden & Dangerous 2
IGI 2: Covert Strike
James Bond 007: Nightfire
Legends of Might and Magic
Medal of Honor: Allied Assault
Medal of Honor: Allied Assault: Breakthrough
Medal of Honor: Allied Assault: Spearhead
NHL 2002
NHL 2003
Nascar Racing 2002
Nascar Racing 2003
Need For Speed Hot Pursuit 2
Need For Speed: Underground
Neverwinter Nights (Hordes of the Underdark)
Neverwinter Nights (Shadows of Undrentide)
Rainbow Six III RavenShield
Shogun: Total War: Warlord Edition
Soldier of Fortune II - Double Helix
Soldiers Of Anarchy
The Gladiators
Unreal Tournament 2003
Unreal Tournament 2004
|
Ä¡·á ¹æ¹ý |
Åͺ¸¹é½Å Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.
|
Á÷Á¢Ä¡·á¹æ¹ý |
|
|
|
|
|