Upgrade to Pro — share decks privately, control downloads, hide ads and more …

あの脆弱性は今 ~ハニーポットで追ってみた~

あの脆弱性は今 ~ハニーポットで追ってみた~

2018年11月10日 すみだセキュリティ勉強会2018その3
@morihi_soc #sumida_sec
https://sumidasec.connpass.com/event/104182/

Kazuaki Morihisa

November 10, 2018
Tweet

More Decks by Kazuaki Morihisa

Other Decks in Technology

Transcript

  1. 2018೥11݄10೔ ͢ΈͩηΩϡϦςΟษڧձ2018ͦͷ3ൃදࢿྉ
    ͋ͷ੬ऑੑ͸ࠓ
    ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    @morihi_soc

    View full-size slide

  2. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    XIPBNJ
    w ৿ٱ࿨ত !NPSJIJ@TPD

    w ຊۀ͸ωοτϫʔΫηΩϡϦςΟΤϯδχΞɾΞφϦετ
    w झຯͰϋχʔϙοτͷӡ༻Λ͢Δϋχʔϙολʔ
    w ϒϩάˠIUUQTXXXNPSJIJTPDOFU
    w ϋχʔϙολʔٕज़ަྲྀձओ࠵ऀ
    w IUUQTIBOJQPUFDIDPOOQBTTDPN
    2
    ࠓ·Ͱʹ͓ੈ࿩ʹͳͬͨΠϕϯτ(Ұ෦)
    ɾ*5,FZT ݱ4FD$BQ

    ɾωοτϫʔΫύέοτΛಡΉձ Ծ

    ɾ/*4$αΠόʔϋϩ΢Οϯ
    ɾ*OUFSOFU8FFLɾ)BSEFOJOH
    ɾTTNKQɾ"*4FDɾ4UVEZ$PEF
    ɾULULηΩϡϦςΟษڧձ
    ɾ૯ؔ੢αΠόʔηΩϡϦςΟ-5େձ
    ɾ08"41/BHPZBɾ*P54FD+1
    ग़൛ͨ͠ຊ΍ٕज़ಉਓࢽ NEW 2018೥10݄ˣ

    View full-size slide

  3. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ϋχʔϙοτ
    w ϋχʔϙοτ )POFZQPU
    ͱ͸ɺ͋͑ͯ߈ܸΛड͚Δ
    ͜ͱΛલఏͱͨ͠γεςϜͰ͢ɻ
    w ϋχʔϙοτΛӡ༻͢Δਓͷ͜ͱˠϋχʔϙολʔ
    w ϋχʔϙοτͰ͸༷ʑͳϩάΛऩूՄೳ
    w ௕ظతʹϋχʔϙοτΛӡ༻͍ͯ͠Δ͔Βͦ͜ɺ

    ߈ܸͷ܏޲Λ೺Ѳ͢Δ͜ͱ͕Ͱ͖Δ
    w ࠓճ͸ɺڴҖ৘ใ 5ISFBU*OUFMMJHFODF
    ͷ৘ใݯͷ

    ͭͱͯ͠׆༻͢Δࣄྫͷ঺հͰ͢ɻ
    3

    View full-size slide

  4. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ηΩϡϦςΟ৘ใͷऩू
    w ηΩϡϦςΟٕज़ऀ͚ͩͰͳ͘ɺ*5ʹؔΘΔਓ͸

    ͳΜΒ͔ͷηΩϡϦςΟ৘ใΛऩू͍ͯ͠ΔͷͰ͸
    w *1"৘ใηΩϡϦςΟ

    IUUQTXXXJQBHPKQTFDVSJUZ
    w +1$&35$$

    IUUQTXXXKQDFSUPSKQNFOV@SFDFJWFJOGPSNBUJPOIUNM
    w ಛʹࣗ෼͕ܞΘ͍ͬͯΔ੡඼΍ɺ࢖͍ͬͯΔιϑτ
    ΢ΣΞɺϥΠϒϥϦ͸ؔ৺͕ߴ͍͸ͣ

    Өڹ༗ແͷ֬ೝ͕ඞਢ

    4

    View full-size slide

  5. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ηΩϡϦςΟ৘ใ͕ൃ৴͞ΕΔ࣌ظ
    w ੬ऑੑ͕ใࠂɾൃݟɾमਖ਼͞Εͨͱ͖
    w ߈ܸίʔυ 1P$
    ͕ެ։͞Εͨͱ͖
    w ߈ܸΛݕ஌ͨ͠ͱ͖
    w ྲྀߦͷஹ͕͋͠Δͱ͖
    w ݄࣍ɾ࢛൒ظɾقץɾ೥࣍ͳͲͷఆظϨϙʔτͳͲ
    5
    Өڹൣғͷେ͖͍΋ͷ΄Ͳ
    χϡʔεʹͳΓ(औΓ্͛ΒΕ)΍͍͢

    View full-size slide

  6. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ΍͹͍Αɺ΍͹͍Α
    w ੬ऑੑରࡦ͸ॏཁɻύονద༻΍Ξοϓσʔτ͸ɺ
    ඞཁͩΑͶɻ
    w Ͱ΋ɺ͜͏͍͏৔߹΋͋Δ
    w ௕࣌ؒࢭΊΒΕͳ͍αʔϏε͔ͩΒɺࠜຊରࡦͷ
    ࣮ࢪ·ͰɺϫʔΫΞϥ΢ϯυͷํ๏Λ࠾༻͢Δ

    4USVUT 44
    ΛϑΟϧλͰ͙྇

    w ߈ܸͷྲྀߦΓ͕͓͞·Δ·ͰɺΞΫηε੍ݶΛ͠
    ͯ߈ܸΛड͚ΔՄೳੑΛ௿͘͢Δ

    $JTDP8FCFYͰඞཁͳ઀ଓ͢Δάϩʔόϧ*1
    ΞυϨε͚ͩΞΫηεΛڐՄ͢Δ

    6

    View full-size slide

  7. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ͦͷ৔͠ͷ͗Λղܾ͢Δ࣌ظ
    w ӡ༻ͰΧόʔ͸ݶք͕͋Δ
    w όʔδϣϯΞοϓ͸͍ͭ΍Δͷ
    w ͦͷ৔͠ͷ͗ͷঢ়ଶ͕ଓ͍͍ͯͳ͍ 


    ˠ࣌ظͷݟۃΊɾ൑அͷࢀߟ৘ใͱͯ͠
    7
    ߈ܸ͸ऩଋͨ͠ͷ͔?

    View full-size slide

  8. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ൃ৴͞ΕͨηΩϡϦςΟ৘ใͷߟ͑ํ
    w جຊతʹ߈ܸͷऩଋએݴ͸͞Εͳ͍ͱߟ͑Δ΂͖
    w ߈ܸ৘ใ͕ެ։͞Ε͍ͯΔͱ؆୯ʹɺ޿ൣғʹ߈
    ܸ͢Δ͜ͱ͕Ͱ͖Δ
    w αΠόʔۭؒʹ͸໛฿൜΍εΫϦϓτΩσΟͷΑ
    ͏ͳਓ͕ͨͪେ੎ଘࡏ͢Δ
    w ߈ܸ৘ใ͕༰қʹೖखՄೳͰɺ߈ܸऀ͕ଟ਺ଘࡏ͢
    Δͷ͔ͩΒɺ͍ͭ߈ܸ͕࠶ൃ΍࠶ྲྀߦͯ͠΋͓͔͠
    ͘ͳ͍ɻ

    ˠऩଋએݴ͸ग़ͤͳ͍
    w ͨͩ͠ɺ܏޲ͷมԽ͸ಘΔ͜ͱ͕Ͱ͖Δɻ
    8

    View full-size slide

  9. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ϋχʔϙοτͷ௕ظӡ༻
    w ܏޲ͷมԽΛࣗ෼Ͱ೺ѲͰ͖ΔΑ
    w ݸਓͰӡ༻͢Δগ਺ͷϋχʔϙοτͰ͑͞߈ܸ͞Ε
    ΔΑ͏Ͱ͋Ε͹ɺଟ਺ͷϗετΛૂͬͨ߈ܸͱߟ͑
    Δ͜ͱ΋Ͱ͖Δ
    w ͋͘·Ͱࢀߟఔ౓
    9

    View full-size slide

  10. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ϋχʔϙοτͷ߈ܸ܏޲
    w ੬ऑੑΛϐοΫΞοϓͯ͠঺հ
    $(*൛1)1ͷ੬ऑੑ "QBDIF.BHJDB

    #BTI 4IFMMTIPDL

    8FC-PHJD
    %SVQBM %SVQBMHFEEPO

    %PDLFS
    K2VFSZ
    w ௐࠪظؒ͸೥݄೔͔Β݄೔·Ͱ
    w ର৅͸NPSJIJTPDͰߏஙɾ؅ཧ͍ͯ͠Δϋχʔϙο
    τ 808)POFZQPU
    ͷϩάͷΈ
    10
    WOWHoneypot: ॳ৺ऀ޲͚! ߈ܸऀΛ͓΋ͯͳ͢͠Δ Web ϋχʔϙοτ
    https://github.com/morihisa/WOWHoneypot

    View full-size slide

  11. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ิ଍
    ϋχʔϙοτͷϩά؅ཧͱௐࠪ
    11
    ϋχʔϙοτ
    ϋχʔϙοτ
    ϋχʔϙοτ
    Syslog Ͱ
    ϩάΛू໿
    खݩʹόοΫ
    Ξοϓ
    Google Cloud Storage
    Google BigQuery
    Ξοϓϩʔυ
    Insert

    View full-size slide

  12. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    $(*൛1)1ͷ੬ऑੑ "QBDIF.BHJDB

    w $(*Ͱ࣮ߦ͍ͯ͠Δ1)1ʹର͢Δ߈ܸ 3$&

    w $7&
    w ৽͍͠߈ܸख๏͕ެ։͞Ε೥݄͝Ζʹྲྀߦ
    w "QBDIF.BHJDBͱݺ͹ΕΔ
    12
    ࢀߟ৘ใ
    CGI൛PHPʹର͢Δຐ๏গঁΞύονϚΪΧ߈ܸΛ؍ଌ͠·ͨ͠

    https://blog.tokumaru.org/2013/11/apache-magica-attack.html
    CGI൛PHP΁ͷApache Magica߈ܸͷ؍࡯
    https://ozuma.hatenablog.jp/entry/20131103/1383413495
    ϋχʔϙοτ؍࡯ه࿥(12)
    https://www.morihi-soc.net/?p=114
    PoC ͷίϝϯτʹॻ͔Ε͍ͯΔ
    https://www.exploit-db.com/exploits/29290/

    View full-size slide

  13. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    "QBDIF.BHJDB߈ܸྫ
    13
    ←ݕ஌ͨ͠ϩάΛ֬ೝ͢Δͱ
    ߈ܸର৅ͷύε͕%Τϯίʔυ
    ͞Ε͍ͯΔͷ͕ݟͯऔΕΔɻ
    ←σίʔυͨ݁͠Ռ
    Apache Magica ͷಛ௃తͳ
    จࣈྻؚ͕·Ε͍ͯΔɻ

    View full-size slide

  14. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    "QBDIF.BHJDBݕ஌ঢ়گ
    w ೥ܦͬͨࠓ͸ɺҰ݄ʹ਺ճݕ஌͍ͯ͠Δఔ౓ ΄΅

    14

    View full-size slide

  15. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    #BTI 4IFMMTIPDL

    w -JOVYͷγΣϧͷͭͰ͋Δ#BTIͷ؀ڥม਺ͷॲ
    ཧʹෆඋ͕͋Γɺ೚ҙͷίʔυ࣮ߦ͕Մೳͳ੬ऑੑ
    w $7&ͳͲෳ਺
    w 4IFMMTIPDLͱݺ͹ΕΔ
    15
    ࢀߟ৘ใ
    bashͷ੬ऑੑ(CVE-2014-6271) #ShellShock ͷؔ࿈ϦϯΫΛ·ͱΊͯΈͨ
    http://d.hatena.ne.jp/Kango/20140925/1411612246
    GNU bash ͷ੬ऑੑ ʙ shellshock ໰୊ʙ ʹ͍ͭͯ
    http://www.nca.gr.jp/2014/shellshock/index.html
    bashʹ͓͚Δ੬ऑੑʮShellshockʯʹ͍ͭͯ
    https://www.netagent.co.jp/study/blog/ganso/51996406.html
    ←NHK ͷχϡʔεͰ΋ใಓ͞ΕΔ͘Β͍஫໨౓͕ߴ͔ͬͨ
    ӾཡͰ΢Πϧεײછ΋ʮ̷̱̰͂ʯʹॏେܽؕ
    http://www3.nhk.or.jp/news/html/20140927/k10014922101000.html
    ڕ୓
    https://megalodon.jp/2014-0927-2204-24/www3.nhk.or.jp/news/html/20140927/k10014922101000.html

    View full-size slide

  16. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    4IFMMTIPDLͷ߈ܸྫ
    w 6TFS"HFOUϔομͳͲɺ)551ϔομʹϖΠϩʔ
    υؚ͕·Ε͍ͯΔɻ
    16

    View full-size slide

  17. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ 17
    ิ଍
    ߈ܸऀΛ͓΋ͯͳ͢͠Δʮ808)POFZQPUʯͷ঺հ
    ߈ܸऀ
    WOWHoneypot
    ᶃअຐ͢ΔͰʙ
    HTTP ϔομʹ echo 2014 | md5sum ΛؚΉ
    ᶅϘοτʹײછͤͨ͞Ζ
    wget ͰϑΝΠϧμ΢ϯϩʔυ&࣮ߦ
    ᶄίϚϯυ࣮ߦ݁ՌͰ͢ɻͲ͏ͧ!
    Ԡ౴಺༰Ͱʮad43fd99987a8f6a648abe05095bf52cʯΛฦ͢
    ͓ͬίϚϯυ࣮ߦ੒ޭ͍ͯ͠Δ΍Μ
    ίϚϯυ࣮ߦ͠Α͏ͱͯ͠ΔΈ͍ͨ΍ͳ…
    GitHub→ https://github.com/morihisa/WOWHoneypot
    ෼ੳ
    ෼ੳ

    View full-size slide

  18. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    4IFMMTIPDLݕ஌ঢ়گ
    w ೥ܦͬͨࠓͰ΋ɺ݅਺͸গͳ͍͕ݕ஌͕͋Δɻ
    w ݄೔ͷ݅ݕ஌͕࠷ଟ
    18

    View full-size slide

  19. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    8FC-PHJDͷ੬ऑੑ
    w 0SBDMF8FC-PHJD4FSWFSͷ8-44FDVSJUZʹؔ
    ͢Δॲཧͷෆඋʹ͓͚Δ੬ऑੑ 3$&

    w $7&
    w ೥຤͕େมͳ͜ͱʹɾɾɾ
    19
    ࢀߟ৘ใ
    Oracle WebLogic Server ͷ੬ऑੑ (CVE-2017-10271) ʹؔ͢Δ஫ҙשى
    http://www.jpcert.or.jp/at/2018/at180004.html
    ϋχʔϙοτ؍࡯ه࿥(38)ʮWebLogic ͷ WLS Security ʹର͢ΔίϚϯυ࣮ߦͷࢼΈ(CVE-2017-10271)ʯ
    https://www.morihi-soc.net/?p=910
    WebLogic ͷ੬ऑੑ(CVE-2017-10271)Λૂ͏߈ܸऀͨͪͷख๏
    https://speakerdeck.com/morihi_soc/weblogic-falsecui-ruo-xing-cve-2017-10271-woju-ugong-ji-zhe-tatifalseshou-fa
    ←2017೥12݄24೔ͷπΠʔτ
    ߈ܸऀ͔Βͷશવخ͘͠ͳ͍
    ϓϨθϯτʹ͍ͭͯڞ༗
    https://twitter.com/morihi_soc/status/945054924114599936

    View full-size slide

  20. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    8FC-PHJDʹର͢Δ߈ܸͷྫ
    20

    View full-size slide

  21. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    8FC-PHJDʹର͢Δ߈ܸͷݕ஌ঢ়گ
    w (&5ʹΑΔ8FC-PHJDͷՔಇঢ়گͷௐࠪͱɺ1045
    ʹΑΔ߈ܸΛ෼͚ͯάϥϑԽɻ1045͕ѹ౗తଟ਺ɻ
    21

    View full-size slide

  22. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    %SVQBM %SVQBMHFEEPO

    w $.4ͷͭͰ͋Δ%SVQBMʹ͓͚ΔɺϦϞʔτ͔Β
    ίʔυ࣮ߦՄೳͳ੬ऑੑ
    w $7& $7&
    w ೥ͷ੬ऑੑΛኲኵͱͤ͞Δ΄Ͳةݥ౓͕ߴ͍
    ͨΊɺ%SVQBMHFEEPOͱݺ͹ΕΔɻ
    22
    ࢀߟ৘ใ
    Drupalgeddon2ʹؔ͢ΔݕূϨϙʔτʢCVE-2018-7600ʣ
    https://www.mbsd.jp/blog/20180420.html
    Drupalͷ੬ऑੑʹؔ͢ΔݕূϨϙʔτʢCVE-2018-7602ʣ
    https://www.mbsd.jp/blog/20180502.html
    Drupalgeddon2 ΛϋχʔϙοτͰ؍࡯ͯ͠Έͨ
    https://speakerdeck.com/morihi_soc/drupalgeddon2-wohanipotutodeguan-cha-sitemita
    ը૾Ҿ༻ݩˣ
    https://scanforsecurity.com/news/drupalgeddon-2-vulnerability-used-infect-servers-backdoors-coinminers.html

    View full-size slide

  23. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    %SVQBMHFEEPOͷ߈ܸྫ
    w 04ίϚϯυΠϯδΣΫγϣϯ͕ଟ͍
    23
    ※εϖʔεͷ%20ͳͲΛ URL σίʔυࡁΈ
    ෳ਺ͷϑΝΠϧʹ෼ׂͯ͠
    ߈ܸऀͷૂ͍ΛӅ͍ͯ͠Δ

    View full-size slide

  24. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    %SVQBMHFEEPOͷݕ஌ঢ়گ
    w ΄΅ຖ೔ݕ஌͍ͯ͠Δɻ݄೔ͱ೔͸݅௒͑
    24

    View full-size slide

  25. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    %PDLFS
    w ઃఆෆඋͷঢ়ଶͩͱɺϦϞʔτ͔Β"1*ܦ༝Ͱίϯ
    ςφΛىಈՄೳ ੬ऑੑͰ͸ͳ͍

    w )BSEFOJOH**$PMMFDUJWF

    ೥݄։࠵
    Ͱ࢓ࠐ·

    Ε͍ͯͨωλͷͭΒ͍͠
    w ೥݄݄͸ɺ೔ʹ

    ਺े݅ͷݕ஌͕͋Γ·ͨ͠ˠ
    25
    ࢀߟ৘ใ
    Docker ίϯςφͷઃఆෆඋΛѱ༻͠Ծ૝௨՟ൃ۷Ϛϧ΢ΣΞΛ֦ࢄ͢Δ߈ܸΛ֬ೝ
    https://blog.trendmicro.co.jp/archives/19773
    Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
    https://www.blackhat.com/docs/us-17/thursday/us-17-Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-
    Origin-Bypass-And-Persistence.pdf
    https://twitter.com/morihi_soc/status/1015530623279120384

    View full-size slide

  26. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    %PDLFSʹର͢Δ߈ܸͷྫ
    w ίϯςφͰ࣮ߦ͍ͨ͠γΣϧεΫϦϓτΛμ΢ϯϩʔ
    υ͓Αͼ࣮ߦ͢Δ಺༰ؚ͕·Ε͍ͯΔɻ
    26

    View full-size slide

  27. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    %PDLFSʹର͢Δ߈ܸͷݕ஌ঢ়گ
    w ݄͸΄ͱΜͲݕ஌ͳ͠ɻ݄த०͝Ζ͔Β૿Ճ
    w ݄೔͕݅Ͱ࠷ଟ
    27

    View full-size slide

  28. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    K2VFSZ
    w ೚ҙͷϑΝΠϧ͕ΞοϓϩʔυՄೳͳ੬ऑੑɻ
    8PSE1SFTTͷϓϥάΠϯͳͲʹ΋࢖ΘΕ͍ͯΔͷ
    ͰӨڹൣғ͕޿͍ɻ
    w $7&
    w ݸਓతʹ਺೥લ͔Βɺ40$ͷ෼ੳऀ΍8PSE1SFTT
    ؅ཧऀɺ8FCαʔό؅ཧऀɺϋχʔϙολʔʹ͸ط
    ஌ͷ੬ऑੑͩͱࢥ͍ͬͯͨɻ

    खݩͷϩάͩͱ೥݄೔ʹࠟ੻༗Γ

    28
    ࢀߟ৘ใ
    Thousands of applications affected by a zero-day issue in jQuery File Upload plugin
    https://securityaffairs.co/wordpress/77245/hacking/jquery-file-upload-plugin-0day.html
    Having The Security Rug Pulled Out From Under You
    https://blogs.akamai.com/sitr/2018/10/having-the-security-rug-pulled-out-from-under-you.html

    View full-size slide

  29. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    K2VFSZʹର͢Δ߈ܸͷྫ
    w 8PSE1SFTTϓϥάΠϯΛૂ͍ͬͯΔ
    29
    த਎͸ϑΝΠϧͷ
    ΞοϓϩʔυػೳΛ
    ࣋ͭ WebShell →

    View full-size slide

  30. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    K2VFSZʹର͢Δ߈ܸͷݕ஌ঢ়گ
    w ݄೔ʹෳ਺ͷεΩϟϯΛݕ஌ ݅

    w ͦͷޙɺ੬ऑੑ͕૽͕Ε݄ͨ೔ʹݕ஌͕ٸ૿
    30

    View full-size slide

  31. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    ·ͱΊ
    w ηΩϡϦςΟ৘ใͷऩू͸ॏཁɻͨͩ͠ɺެ։͞Ε
    ͨ߈ܸ৘ใʹ͍ͭͯɺऩଋએݴ͸͞Εͳ͍ͱߟ͑ͨ
    ํ͕͍͍ɻ
    w ϋχʔϙοτΛ௕ظӡ༻͢Δͱɺ߈ܸͷ܏޲มԽΛ
    ೺Ѳ͢Δ͜ͱ͕Մೳɻ
    w ੈؒͰ૽͕Εͨ੬ऑੑɺ૽͕Εͳ͔ͬͨ੬ऑੑͲͪ
    Β΋߈ܸ͸͞Εଓ͚͍ͯΔɻ
    31
    ৽چ໰Θͣɺࣗ෼ʹؔΘΓͷ͋Δ੬ऑੑ
    ৘ใ͸ऩूɾ׆༻͍͖ͯ͠·͠ΐ͏
    ৘ใऩूͷબ୒ࢶͷ1ͭʹϋχʔϙοτ΋Ͳ͏ͧ(খ੠)

    View full-size slide

  32. ͋ͷ੬ऑੑ͸ࠓ ʙϋχʔϙοτͰ௥ͬͯΈͨʙ
    )BQQZ)POFZQPU
    32
    ↑2018೥10݄20೔ ਗ਼ਫެԂ(ՖϑΝϯλδΞ)ͰࡱӨ
    ৯஬২෺Ͱ͸ͳ͍ɻ
    ͓͠·͍

    View full-size slide