2015_dumpÀº ¸ð ȸ»ç³» ³×Æ®¿öÅ© °ü¸®ÀÚ°¡ ´Ü½Ã°£ ÆÐŶÀ» ĸÃÄÇÑ ÆÄÀÏÀÌ´Ù. ´ã´çÀÚ´Â ÇöÀç ³»ºÎ ³×Æ®¿öÅ©¿¡ Àΰ¡ ¹ÞÁö ¾ÊÀº »ç¿ëÀÚ°¡ ¼­¹ö¿¡ Á¢±ÙÇÏ¿© ¹º°¡ ÀÏÀ» ²Ù¹Ì°í ÀÖ´Ù°í ÀǽÉÀ» ÇÏ°í ÀÖ´Â »óȲÀÌ´Ù. ¶ÇÇÑ, »ç³» º¸¾È °¨»ç Àü Ȥ½Ã ¸ð¸¦ ³»ºÎ Á¤º¸ À¯Ãâ »ç°Ç ¹æÁö ¿¹¹æÀ» ÇÏ°íÇÏ´Â ¸ñÀûÀ¸·Î ÆÐŶÀ» ºÐ¼®À» Àü¹® º¸¾È ÄÁ¼³ÅÏÆ®ÀÎ ´ç½Å¿¡°Ô ºÐ¼® ÀÇ·Ú ÇÏ¿´´Ù. ±×¸®°í »ç³» ³×Æ®¿öÅ© °ü¸®ÀÚ´Â º¸°í¼­·Î °á°ú¹°À» ¹Þ±â ¿øÇÑ´Ù. 1. °ø°Ý È£½ºÆ® IP´Â ¹«¾ùÀΰ¡? 192.168.21.130 2. ´ë»ó È£½ºÆ® IP´Â ¹«¾ùÀΰ¡? 192.168.21.132 3. ¿­·Á ÀÖ´Â Port´Â ¹«¾ùÀΰ¡? 20,21,22,23 , 25,111,113,1010,13282,26335,46658,56523,39813,39814,39819 4. °ø°ÝÀÚ´Â ¾î¶°ÇÑ Port¸¦ ÅëÇØ Á¢±Ù ÇÏ¿´´Â°¡? 21,23 5. ÀǽɵǴ PacketÀ» È®ÀÎÇÏ¿© ½Ã°£ È帧¿¡ ¸ÂÃç »ç°ÇÀ» À籸¼º ÇϽÿÀ (ex : ¾î¶°ÇÑ ÆÄÀÏÀ» »ç¿ëÇÏ¿© ¹«¾ùÀ» ¾î¶»°Ô ÇÏ¿´´Ù µîµî..) 192.168.21.130 -> 192.168.21.132 Æ÷Æ®·Î Æ÷Æ®½ºÄµ°ø°ÝÀ» ÇÏ¿© ¿­·ÁÀÖ´Â Æ÷Æ®¸¦ ã¾Ò°í, FTP 21Æ÷Æ®¸¦ ÀÌ¿ëÇÏ¿© Á¢¼ÓÀ» ½ÃµµÇϸç root Æнº¿öµå ã±â(°¡Àå ÀÚÁÖ»ç¿ëÇÏ´Â »çÀü´ëÀÔ°ø°Ý)¸¦ °è¼ÓÀû ½Ãµµ¸¦ ÇÑ´Ù. ±×·¸°Ô ã¾Æ³½ user:root¿Í password:toor ÀÌ°í,»ó´ë ftpÆ÷Æ®¸¦ ÅëÇØ ish-v0.2.tar.gzÀÇ ÆÄÀÏÀ» ´ë»óÈ£½ºÆ® ip·Î Àü¼ÛÇÏ¿´½À´Ï´Ù. ftpÆÐŶ¿¡¼­ ´Éµ¿¸ðµå·Î Àü¼ÛÀ̵Ǿú´Ù. ±×¸®°í telnet 23¹ø Æ÷Æ®¸¦ ÅëÇØ centos·Î µé¾î°¡ root°èÁ¤ Á¢¼Ó ÈÄ¿¡ ftp¿¡¼­ ¾ò¾î³½ ish-v0.2.tar.gzÀ» tar-zxvf¸í·É¾î·Î ¾ÐÃàÀ» Ç®¾úÀ¸¸ç,cd ISHELL-v0.2°æ·Î·Î °¡¼­ make linux¸¦ ÇÏ°í ./ishd -i 65535 -t 0 -p 2621 ½ÇÇàÇÏ¿´½À´Ï´Ù. ¹éµµ¾î hacker °èÁ¤À» ÅëÇØ Á¢¼ÓÀÌ °¡´ÉÇÏ´Ù.