¸¶·çÀ¥È£½ºÆà :: À¥È£½ºÆÃ, µµ¸ÞÀÎ µî·Ï, ¼îÇθô È£½ºÆÃ, À̹ÌÁö ¸µÅ©, ¼­¹ö È£½ºÆÃ, ÄÚ·ÎÄÉÀ̼Ç, ¼­¹ö°ü¸®Åø, ¸®¼¿·¯, ȨÆäÀÌÁö Á¦ÀÛ, ¹«·áÈ£½ºÆà Á¦°ø
140-008-011577
 
140-008-011577
ÀÔ±ÝÈ®ÀνÅû ½ÅûÇöȲº¸±â

°í°´Áö¿ø¼¾ÅÍ

1:1 ¹®ÀÇÇϱâ
  • AM 09:00 ~ PM 05:00
  • AM 11:30 ~ PM 01:00

Q&A °Ô½ÃÆÇ



   Á¦·Îº¸µå ¼Ò½º º¯Á¶¿¡ ´ëÇÑ ¾È³» ¸»¾¸.
     2010-12-21 11:27:53 9422 

¡Ø ºü¸¥ 󸮸¦ À§Çؼ­ µµ¸ÞÀÎ ¶Ç´Â  FTP ¾ÆÀ̵𠸦 Àû¾î ÁÖ½Ã±æ ¹Ù¶ø´Ï´Ù.
¡Ø ºü¸¥ 󸮸¦ À§Çؼ­ µµ¸ÞÀÎ ¶Ç´Â  FTP ¾ÆÀ̵𠸦 Àû¾î ÁÖ½Ã±æ ¹Ù¶ø´Ï´Ù.
¾È³çÇϼ¼¿ä. ¸¶·çÀÎÅͳÝÀÔ´Ï´Ù.

12¿ù 18ÀÏ ÀÌÈÄ·Î Á¦·Îº¸µå Ãë¾à¼ºÀ¸·Î ÀÎÇÑ ÆÄÀÏ º¯Á¶°¡ ¹ß»ýÇÏ°í ÀÖ½À´Ï´Ù.

ÇöÀç±îÁö ¹ß»ýÇÑ °æ¿ì¸¦ º¸¸é Á¦·Îº¸µåÀÇ ¹öÀüÀÌ pl8 ÀÌÇÏÀÎ °æ¿ì¿¡
¹ß»ýÇÏ°í ÀÖ½À´Ï´Ù. Á¦·Îº¸µåÀÇ ¹öÀüÀº bbs Æú´õÀÇ lib.php ÆÄÀÏ¿¡¼­
È®ÀÎÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù.
_________________________________________________________________________

¿øÀÎ :  Á¦·Îº¸µå 4 °Ô½ÃÆÇÀÇ Ãë¾à¼ºÀ» ÀÌ¿ëÇÑ ÆÄÀÏ º¯Á¶

Áõ»ó  :   1. bbs/icon Æú´õ¿¡ group_qazwsxedc.jpg ÆÄÀÏ°ú visitLog.php »ý¼º

            2. °èÁ¤³» È®ÀåÀÚ°¡ html, php  ÆÄÀϵ鿡 frame src="¾Ç¼ºÄÚµå ¹èÆ÷Áö URL »ðÀÔ (¿¹: http://h.nexprice.com/css/x.htm)

                * ÁÖ·Î bbs/Æú´õ³»ÀÇ ÆÄÀϵ鿡 ¼Ò½º°¡ »ðÀԵ˴ϴÙ.
                * °èÁ¤³» ÆÄÀϵ鿡 iframe »ðÀÔÀº ¾øÀ» ¼öµµ ÀÖ½À´Ï´Ù.
          
            3. Á¦·Îº¸µå DB¿¡ zetyx_group_table »ý¼ºµÇ°í ÀÌ Å×À̺íÀÇ  header ¶Ç´Â
                header_url ¿¡ À§ 2¹ø°ú µ¿ÀÏÇÑ ¾Ç¼ºÄÚµå ¹èÆ÷Áö URL »ý¼º.

2010³â 12¿ù 22ÀÏ RFI Ãë¾àÁ¡ º¸¾È ÆÐÄ¡

1. bbs/icon Æú´õ¿¡ »ý¼ºµÈ group_qazwsxedc.jpg, visitLog.php ÆÄÀÏ »èÁ¦
2. html, php ÆÄÀÏ¿¡ »ðÀÔµÈ iframe ¼Ò½º »èÁ¦
3. °ü¸®ÀÚ ÆäÀÌÁö¸¦ ÅëÇØ qazwsxedc ±×·ì »èÁ¦
4. Á¦·Îº¸µå¼³Ä¡Æú´õ/_head.php ÆÄÀÏÀÇ 13¹ø° ÁÙ ¼Ò½º º¯°æ(°ø½Ä º¸¾È ÆÐÄ¡ ÆäÀÌÁö Âü°í)
5. Á¦·Îº¸µå¼³Ä¡Æú´õ/skin/zero_vote/ask_password.php / error.php / login.php ÆÄÀÏÀÇ 2¹ø° ÁÙ ¼Ò½º °¢°¢ º¯°æ(°ø½Ä º¸¾È ÆÐÄ¡ ÆäÀÌÁö Âü°í)

¡Ø Á¦·Îº¸µå °ø½Ä º¸¾È ÆÐÄ¡
http://www.xpressengine.com/zb4_security/19346851

Á¦·Îº¸µå4 pl9 ¹öÀü¿¡¼­ RFI (¿ø°ÝÆÄÀÏ ÀÎŬ·çµå) Ãë¾àÁ¡ÀÌ ¹ß°ßµÇ¾ú½À´Ï´Ù.

Àå°æĨ´Ô²²¼­ Á¦º¸ÇØÁֽŠ³»¿ëÀÔ´Ï´Ù.

_head.php ÆÄÀÏ°ú skin/zero_vote/*.php ÆÄÀÏ¿¡ ´ëÇØ ¾Æ·¡ ³»¿ëÀ¸·Î ÄÚµå ¼öÁ¤À» ÅëÇÑ ÆÐÄ¡¸¦ ±Çµå¸³´Ï´Ù.

_head.php

[¼öÁ¤Àü]

_head.php
view sourceprint?13.if(eregi(":\/\/",$_zb_path)||eregi("\.\.",$_zb_path)||eregi("^\/",$_zb_path)||eregi("data:;",$_zb_path)) $_zb_path ="./";

[¼öÁ¤ÈÄ]

_head.php: ¹®ÀÚ°¡ $_zb_path¿¡ Æ÷ÇÔµÇÁö ¾Êµµ·Ï ¼öÁ¤
view sourceprint?13.if(eregi(":\/\/",$_zb_path)||eregi("\.\.",$_zb_path)||eregi("^\/",$_zb_path)||eregi("data:;",$_zb_path)||eregi(":",$_zb_path)) $_zb_path ="./";


skin/zero_vote/ µð·ºÅ丮ÀÇ ¾Æ·¡¿¡ ÇØ´çµÇ´Â .php ÆÄÀÏ

        - ask_password.php

        - error.php

        - login.php

[¼öÁ¤Àü]

./skin/zero_vote/ask_password.php, error.php, login.php
view sourceprint?2.if(eregi(":\/\/",$dir)||eregi("\.\.",$dir)||eregi("^\/",$dir)||eregi("data:;",$dir)) $dir ="./";

[¼öÁ¤ÈÄ]

./skin/zero_vote/ask_password.php, error.php, login.php
view sourceprint?2.if(eregi(":\/\/",$dir)||eregi("\.\.",$dir)||eregi("^\/",$dir)||eregi("data:;",$dir)||eregi(":",$dir)) $dir ="./";

--------------------------------------------------------------------------------------------
   
_
À§ ³»¿ëÀÇ Á¶Ä¡´Â ±Ùº»ÀûÀÎ Á¶Ä¡´Â ¾Æ´Ï¸ç ¾Ç¼ºÄÚµå ¼Ò½º »ðÀÔ¿¡ ´ëÇÑ ´ëÀÀ Á¶Ä¡·Î
Á¦·Îº¸µå Ãë¾à¼ºÀÌ ÇØ°áµÇÁö ¾ÊÀ¸¸é ¹Ýº¹µÉ ¼ö ÀÖ½À´Ï´Ù. ±×·¯³ª Á¦·Îº¸µå4 °Ô½ÃÆÇÀÇ
°æ¿ì¿¡´Â 2009.09.29ÀÚ·Î Á¦·Îº¸µå4 °ø½Ä ¹èÆ÷°¡ ÁßÁöµÇ¾ú±â ¶§¹®¿¡ ÇØ°áÀÌ µÇÁö ¾Ê½À´Ï´Ù.

À§¿Í °°Àº Á¡À» °í·ÁÇÏ¿© Á¦·Îº¸µå4 °Ô½ÃÆÇ »ç¿ëÀÚ²²¼­´Â xe·ÎÀÇ ¾÷±×·¹À̵峪
Áö¼ÓÀûÀ¸·Î º¸¾È ÆÐÄ¡°¡ °¡´ÉÇÑ °Ô½ÃÆÇÀ¸·ÎÀÇ º¯°æÀ» °í·ÁÇϽñ⠹ٶø´Ï´Ù.


¹Ú¹ÎÈ£
¾îÁ¦µµ ¸îº¯À» ¹®ÀÇ µå·ÈÁö¸¸ À§ ³»¿ëÀº Á¦°¡ ¸ÕÀú ¸µÅ©·Î ¾Ë·Áµå¸°°Å°í¿ä.
¸¶·çÄ«¿îÅÍ ¸¶·çÆ˾÷ ÆÄÀÏ¿¡ ¾Ç¼ºÄÚµå ¼Ò½º »ðÀÔµÈ °ÍÀº ¾î¶»°Ô ÇؾßÇÏ³Ä°í ¸î ¹øÀ» ¹®ÀÇ µå·È´Âµ¥ ´äº¯ÀÌ ¾øÀ¸½Ã³×¿ä. 		2010-12-21
 


¾È³çÇϼ¼¿ä ¸¶·çÀÎÅͳÝÀÔ´Ï´Ù.

¸¶·çÄ«¿îÅÍ, ¸¶·çÆ˾÷Àº »èÁ¦ ÇϽŠÈÄ ´Ù½Ã ¼³Ä¡ ÇϽðųª,
ÆäÀÌÁö º¯Á¶½Ã ÃÖÇÏ´Ü¿¡ ¾Ç¼º½ºÅ©¸³Æ®°¡ »ðÀÔ µÇ¿À´Ï, ¼Ò½º ÆÄÀÏÀ» ¿­¾î¼­
¾Ç¼º ½ºÅ©¸³Æ® ºÎºÐ¸¸ »èÁ¦ Çϼż­ ÀÌ¿ë ÇÏ½Ã¸é µË´Ï´Ù.

°¨ »ç ÇÕ ´Ï ´Ù. 		2010-12-21
 


14722    [re] °í°´´ÔÀÇ µµ¸ÞÀÎÁÖ¼Ò¸¦ ÀÔ·ÂÇÏ½Ã¸é µË´Ï´Ù.       2003/12/29 9529
14721    [re] µð·º ¼ÒÀ¯±Ç º¯°æ½Åû      °¡°¡³ª¿ì 2004/03/28 9519
14720    ^^³Ü ȯ°æ Á¶Á¤ÇÏ¿© µå·È½À´Ï´Ù.       2003/12/27 9519
14719    [re] ½ÅûÁ¤º¸´Â ¸¶ÀÌÆäÀÌÁö¿¡¼­ È®ÀÎÇÏ½Ç ¼ö ÀÖÀ¸¼¼¿ä.       2003/12/20 9519
14718  ³×ÀÓ¼­¹ö¿¡ ÇѱÛÀÎÅͳÝÁÖ¼Ò ±â´ÉÀ» Ãß°¡ÇØ ÁÖ¼¼¿ä.      ÀÌ»ó¾ï 2003/12/27 9518
14717    [re] localhost·Î ¹Ù²ãÁÖ¼¼¿ä.       2004/02/22 9513
14716    [re] ´äº¯ÀÔ´Ï´Ù^^       2003/12/20 9513
14715    [re] ÇÚµåÆù °áÁ¦´Â 1¿ù¸»°æ¿¡ ¿¹»óÇÏ°í ÀÖ½À´Ï´Ù.       2003/12/24 9502
14714    [re] ³× º¯°æÇÏ¿© µå·È½À´Ï´Ù.       2003/12/28 9499
14713            [re] °æ·Î ¹®Á¦ÀÎ°Í °°½À´Ï´Ù.       2003/12/24 9497
14712  ³ëµ¿Á¶ÇÕ È¨ÆäÀÌÁö ¸¸µé·Á°í Çϴµ¥      È«ÀºÁ¤ 2003/12/29 9491
14711    [re] È®ÀÎÀ» ÇÏ´Ï.. ^^;       2003/12/26 9486
14710      [re] ºü¸¥´äº¯ °¨»çµå¸³´Ï´Ù.(³Ã¹«)      Á¤ÁøÈñ 2003/12/13 9483
14709  2Â÷ DDOS °ø°Ý ¹ß»ý°ú ´ëÀÀ ¹× Á¶Ä¡»çÇ׿¡ ´ëÇÑ º¸°í       2007/02/09 9482
14708        [re] º¹±¸Çصå·È½À´Ï´Ù^^       2003/12/19 9482
14707    [re] ´äº¯ÀÔ´Ï´Ù^^       2003/12/26 9480
14706    [re] Áö±Ý À妽ºÆÄÀÏÀ» ¼öÁ¤ÇØ µå·È´Âµ¥¿ä.       2004/01/17 9477
14705    [re] ȨÆäÀÌÁö µî·ÏÀº ^^       2003/12/22 9477
14704    [re] ÇöÀç ½Åû±â°£Á¶Á¤À» À§ÇÑ È¸ÀÇÁøÇà ÁßÀÔ´Ï´Ù.^^       2003/12/25 9468
14703    [re] ¾ÆÀÌÁðºô´õ ¼³Ä¡½Åû¿ä.. ^^*       2003/12/24 9462
14702  FTP!      È«Á¤ÈÆ 2004/01/01 9457
14701  Áú¹®ÀÌ ÀÖ½À´Ï´Ù. -_-      Á¶ÀºÁö 2003/12/15 9452
14700      ÀÌÁ¦ Àß µÇ³×¿ä ^^      ±èÁ¤¹Î 2003/12/09 9448
14699  .htaccess¸¦ ÀÌ¿ëÇÑ rewrite°¡ ¿Àµ¿ÀÛÇÏ´Â °Í °°½À´Ï´Ù.  [2]    ì  2010/02/05 9446
14698   Áú¹®ÀÔ´Ï´Ù  [2]    È²ÁöÇý 2004/07/13 9441
14697    [re] ¿Ö Á¦·Îº¸µå admin.php°¡ Á¢ÀÌ ¾ÈµÅÁ´??       2004/05/23 9441

 [1]..[21][22][23][24][25][26] 27 [28][29][30]..[593]