{"id":48975,"date":"2017-04-28T09:00:31","date_gmt":"2017-04-28T01:00:31","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=48975"},"modified":"2017-04-18T18:14:36","modified_gmt":"2017-04-18T10:14:36","slug":"%e5%be%8c%e9%96%80%e6%95%9e%e9%96%8b%ef%bc%9a%e7%89%a9%e8%81%af%e7%b6%b2%e7%9a%84%e5%8f%a6%e4%b8%80%e9%a0%85%e6%8c%91%e6%88%b0","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=48975","title":{"rendered":"\u5f8c\u9580\u655e\u958b\uff1a\u7269\u806f\u7db2\u7684\u53e6\u4e00\u9805\u6311\u6230"},"content":{"rendered":"<p>\u5ee0\u5546\u5c07\u5e33\u865f\u5bc6\u78bc\u5beb\u6b7b\u5728\u88dd\u7f6e\u88e1\u9762\uff0c\u662f<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/securing-the-it-supply-chain\/\">\u6d88\u8cbb\u578b\u7269\u806f\u7db2 (IoT) \u88dd\u7f6e<\/a>\u3001<a href=\"https:\/\/blog.trendmicro.com\/scada-vulnerability-underscores-utility-sector-issues\/\">\u5de5\u696d\u7528\u76e3\u63a7\u8207\u8cc7\u6599\u64f7\u53d6 (SCADA) \u88dd\u7f6e<\/a>\u3001\u751a\u81f3<a href=\"https:\/\/blog.trendmicro.com\/understanding-the-attack-surface-for-critical-infrastructure\/\">\u95dc\u9375\u57fa\u790e\u5efa\u8a2d<\/a>\u76ee\u524d\u6240\u9762\u81e8\u7684\u56b4\u91cd\u554f\u984c\u4e4b\u4e00\u3002\u5118\u7ba1\u76ee\u524d\u5df2\u51fa\u73fe\u8981\u6c42\u5ee0\u5546\u56b4\u683c\u5be9\u67e5\u539f\u59cb\u7a0b\u5f0f\u78bc\u8207\u97cc\u9ad4\u7684\u547c\u8072\uff0c\u4f46\u9019\u985e\u6f0f\u6d1e\u4ecd\u5c62\u898b\u4e0d\u9bae\uff0c\u5c0d\u4f7f\u7528\u8005\u7684\u96b1\u79c1\u548c\u8cc7\u6599\u5b89\u5168\u9020\u6210\u5371\u5bb3\u3002<\/p>\n<p>\u8cc7\u5b89\u7814\u7a76\u54e1 Elliot Williams <a href=\"https:\/\/hackaday.com\/2017\/03\/06\/another-day-another-iot-backdoor\/\">\u5728 Hackaday \u7db2\u7ad9\u4e0a\u64b0\u6587<\/a>\u00a0\u6307\u51fa\uff0c\u7d55\u5927\u591a\u6578 DBLTek \u516c\u53f8\u751f\u7522\u7684 GSM \u8f49 IP \u88dd\u7f6e\u5167\u90e8\u90fd\u6709\u4e00\u7d44\u5beb\u6b7b\u7684\u5e33\u865f\u5bc6\u78bc\u53ef\u7528\u4f86\u57f7\u884c\u7ba1\u7406\u54e1\u6b0a\u9650\u7684\u6307\u4ee4\u3002\u6b64\u554f\u984c\u5df2\u901a\u5831\u7d66\u5ee0\u5546\uff0c\u4f46\u5ee0\u5546\u4f3c\u4e4e\u4e26\u5c0d\u8a72\u6f0f\u6d1e\u9032\u884c\u4fee\u88dc\uff0c\u53cd\u800c\u662f\u63a1\u7528\u4e86\u8fc2\u8ff4\u7684\u4f5c\u6cd5\uff0c\u591a\u52a0\u4e86\u4e00\u9053\u81ea\u88fd\u7684\u9a57\u8b49\u7a0b\u5e8f\uff0c\u4f46\u5176\u6f14\u7b97\u6cd5\u537b\u662f\u53ef\u7d93\u7531\u53cd\u5411\u5de5\u7a0b\u5f97\u77e5\u3002<a href=\"https:\/\/www.trustwave.com\/Resources\/SpiderLabs-Blog\/Undocumented-Backdoor-Account-in-DBLTek-GoIP\/\">Trustwave \u90e8\u843d\u683c\u4e0a\u7684\u4e00\u7bc7\u6587\u7ae0<\/a>\u5c0d\u6574\u8d77\u4e8b\u4ef6\u6709\u5b8c\u6574\u7684\u8aaa\u660e\uff0c\u800c\u4e14\u76ee\u524d Github \u4e0a\u4e5f\u5df2\u7d93\u53ef\u4ee5\u627e\u5230\u5c08\u9580\u653b\u64ca\u8a72\u6f0f\u6d1e\u7684\u5de5\u5177\u3002<!--more--><\/p>\n<p>\u7d93\u7531\u7269\u806f\u7db2\u88dd\u7f6e\u641c\u5c0b\u5f15\u64ce Shodan \u53ef\u4ee5\u627e\u5230\u8a31\u591a\u516c\u958b\u7684 DBLTek GoIP \u88dd\u7f6e\uff0c\u6709\u4e9b\u5df2\u5305\u542b\u65b0\u7684\u9a57\u8b49\u6d41\u7a0b\uff0c\u4f46\u6709\u4e9b\u6c92\u6709\u3002\u8da8\u52e2\u79d1\u6280\u627e\u5230\u7684\u88dd\u7f6e\u5927\u591a\u4f4d\u65bc\u82f1\u570b\u3001\u5df4\u897f\u3001\u70cf\u514b\u862d\u548c\u5fb7\u570b\u3002\u96a8\u6a5f\u6e2c\u8a66\u4e86\u5e7e\u500b\u88dd\u7f6e\u4e4b\u5f8c\u53ef\u4ee5\u767c\u73fe\uff0c\u5927\u591a\u6578\u88dd\u7f6e\u90fd\u5df2\u66f4\u65b0\u5230\u5167\u542b\u984d\u5916\u9a57\u8b49\u624b\u7e8c\u7684\u65b0\u7248\u97cc\u9ad4\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2017\/03\/figure_01_DBLTek.jpg\" width=\"1472\" height=\"916\" \/><\/p>\n<p><em>\u5716 1\uff1a\u5728 Shodan \u4e0a\u641c\u5c0b\u542b\u6709\u6f0f\u6d1e\u7684 DBLTek \u88dd\u7f6e\u3002<\/em><\/p>\n<p>\u4f01\u696d\u7684 GoIP \u88dd\u7f6e\u4e00\u65e6\u906d\u5230\u5165\u4fb5\uff0c\u5c31\u53ef\u80fd\u5c0d\u5340\u57df\u7db2\u8def\u5167\u7684 VoIP \u8edf\u9ad4\u9020\u6210\u5371\u96aa\uff0c\u99ed\u5ba2\u53ef\u4ee5\u5c0d\u5916\u6216\u5c0d\u5167\u64a5\u6253\u96fb\u8a71\u3001\u807d\u53d6\u8a9e\u97f3\u4fe1\u7bb1\u3001\u5b58\u53d6 SIP \u4e2d\u7e7c\u9023\u7dda\uff0c\u4ee5\u53ca\u5728\u5167\u90e8\u7db2\u8def\u56db\u8655\u904a\u8d70\u3002\u7531\u65bc\u8a72\u88dd\u7f6e\u9084\u63d0\u4f9b\u4e86<a href=\"https:\/\/www.dbltek.com\/pdf\/User_Manual_goip_series.pdf\">\u8def\u7531\u5668\u6a21\u5f0f<\/a>\u00a0 (\u53ef\u8b8a\u6210\u4e00\u53f0\u5bb6\u7528\u8def\u7531\u5668)\uff0c\u56e0\u6b64\u4e00\u65e6\u906d\u5230\u99ed\u5ba2\u5165\u4fb5\uff0c\u5f88\u53ef\u80fd\u5371\u53ca\u7d93\u7531\u8a72\u88dd\u7f6e\u4e0a\u7db2\u7684\u96fb\u8166\u3002<\/p>\n<p>\u8da8\u52e2\u79d1\u6280\u4e0d\u5efa\u8b70\u5c07 IoT \u88dd\u7f6e\u548c VoIP \u9598\u9053\u76f4\u63a5\u9023\u4e0a\u7db2\u969b\u7db2\u8def\uff0c\u56e0\u70ba\u9019\u6a23\u505a\u6703\u8b93\u88dd\u7f6e\u66b4\u9732\u5728\u5916\uff0c\u5c11\u4e86\u8def\u7531\u5668\u7684\u4fdd\u8b77\u3002<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li>\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/another-challenge-iot-open-backdoors\/\">Another Challenge For IoT: Open Backdoors<\/a><\/li>\n<li>\u4f5c\u8005\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/author\/philippelin\/\">Philippe Lin (\u8cc7\u6df1\u5a01\u8105\u7814\u7a76\u54e1)<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5ee0\u5546\u5c07\u5e33\u865f\u5bc6\u78bc\u5beb\u6b7b\u5728\u88dd\u7f6e\u88e1\u9762\uff0c\u662f\u6d88\u8cbb\u578b\u7269\u806f\u7db2 (IoT) \u88dd\u7f6e\u3001\u5de5\u696d\u7528\u76e3\u63a7\u8207\u8cc7\u6599\u64f7\u53d6 (SCADA) \u88dd\u7f6e\u3001\u751a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":41700,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[10,1723,1335],"tags":[1599,1593],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/48975"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=48975"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/48975\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/media\/41700"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=48975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=48975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=48975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}