{"id":52525,"date":"2017-09-20T09:00:08","date_gmt":"2017-09-20T01:00:08","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=52525"},"modified":"2017-09-19T17:16:06","modified_gmt":"2017-09-19T09:16:06","slug":"netgear-%e8%b7%af%e7%94%b1%e5%99%a8%e7%9a%84%e9%81%a0%e7%ab%af%e5%ad%98%e5%8f%96%e6%bc%8f%e6%b4%9e%e9%81%ad%e6%94%bb%e6%93%8a-%e8%b2%a1%e5%af%8c500-%e5%bc%b7%e4%bc%81%e6%a5%ad%e6%81%90%e6%88%90","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=52525","title":{"rendered":"Netgear \u8def\u7531\u5668\u7684\u9060\u7aef\u5b58\u53d6\u6f0f\u6d1e\u906d\u653b\u64ca, \u8ca1\u5bcc500 \u5f37\u4f01\u696d\u6050\u6210\u76ee\u6a19"},"content":{"rendered":"

\u6700\u8fd1\u8da8\u52e2\u79d1\u6280<\/a>\u767c\u73fe<\/a>\u4e86\u4e00\u96bb\u91dd\u5c0dNetgear\u8def\u7531\u5668\u7684\u60e1\u610f\u8edf\u9ad4 \u2013 RouterX\uff0c\u5b83\u6703\u5229\u7528\u9060\u7aef\u5b58\u53d6\u548c\u547d\u4ee4\u57f7\u884c\u6f0f\u6d1e\uff08CVE-2016-10176\uff09\u9032\u884c\u653b\u64ca\u3002RouteX\u6703\u5c07\u53d7\u611f\u67d3\u8def\u7531\u5668\u8f49\u8b8a\u6210SOCKS\u4ee3\u7406\u4f3a\u670d\u5668\uff0c\u9650\u5236\u53ea\u6709\u653b\u64ca\u80fd\u5b58\u53d6\u8a2d\u5099\u3002RouteX\u9084\u80fd\u5920\u8b93\u653b\u64ca\u8005\u9032\u884c\u6191\u8b49\u586b\u5145\uff08Credential Stuffing\uff09\u653b\u64ca\uff0c\u9019\u662f\u5229\u7528\u7aca\u4f86\u7684\u6191\u8b49\u5c0d\u4f7f\u7528\u8005\u5e33\u865f\u9032\u884c\u975e\u6cd5\u5b58\u53d6\u7684\u7db2\u9801\u6ce8\u5165\u653b\u64ca<\/a>\u3002\u64da\u5831\u5c0e\u9019\u4e9b\u653b\u64ca\u91dd\u5c0d\u7684\u662f\u8ca1\u5bcc500\u5f37\u4f01\u696d\u3002<\/p>\n

<\/p>\n

 <\/p>\n

CVE-2016-10176<\/a>\u662f\u51fa\u73fe\u5728\u7279\u5b9aNetgear\u8def\u7531\u5668\u548c\u6578\u64da\u6a5f\u8def\u7531\u5668\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c\u4e00\u65e6\u653b\u64ca\u6210\u529f\u5c31\u53ef\u4ee5\u653b\u64ca\u8005\u9060\u7aef\u5b58\u53d6\u8a2d\u5099\u3002\u9084\u53ef\u4ee5\u8b93\u99ed\u5ba2\u56de\u5fa9\u8a2d\u5099\u5bc6\u78bc\u4e26\u57f7\u884c\u547d\u4ee4\u3002\u9019\u500b\u6f0f\u6d1e\u7684\u97cc\u9ad4\/\u8edf\u9ad4\u4fee\u88dc\u7a0b\u5f0f\u65e9\u57282017\u5e741\u6708\u5c31\u5df2\u7d93\u91cb\u51fa\u3002<\/p>\n

[<\/strong>\u76f8\u95dc\u8cc7\u8a0a\uff1a<\/strong>Netgear<\/strong>\u6f0f\u6d1e\u63d0\u9192\u4e86\u4f01\u696d\u8ddf\u5bb6\u5ead\u90fd\u9700\u8981<\/strong>\u6ce8\u91cd\u8def\u7531\u5668\u5b89\u5168<\/strong><\/a>]<\/strong><\/p>\n

\u900f\u904e\u5c07\u53d7\u611f\u67d3\u8a2d\u5099\u8f49\u8b8a\u70baSOCKS\u4ee3\u7406\u4f3a\u670d\u5668\uff0c\u53ef\u4ee5\u7528\u4f86\u91cd\u5c0e\u653b\u64ca\u8005\u548c\u76ee\u6a19\u9593\u7684\u7db2\u8def\u6d41\u91cf\u3002\u9019\u4e0d\u50c5\u66ff\u99ed\u5ba2\u63d0\u4f9b\u4e86\u9032\u4e00\u6b65\u653b\u64ca\u7684\u8df3\u677f\uff0c\u800c\u4e14\u9084\u53ef\u4ee5\u6df7\u6dc6\u7db2\u8def\u72af\u7f6a\u6d3b\u52d5\u7684\u771f\u6b63\u4f86\u6e90\u8b93\u99ed\u5ba2\u533f\u540d\u5316\u3002<\/p>\n

\u9019\u624b\u6cd5\u4e26\u4e0d\u65b0\u9bae\u3002Android\u60e1\u610f\u8edf\u9ad4\uff08\u5982MilkyDoor<\/a>\u548cDressCode<\/a>\uff09\u6703\u5229\u7528SOCKS\u5354\u5b9a\u900f\u904e\u4e2d\u6bd2\u624b\u6a5f\u9023\u9032\u4f01\u696d\u5167\u90e8\u7db2\u8def\u3002\u751a\u81f3\u662f\u7269\u806f\u7db2\uff08IoT\uff09\u60e1\u610f\u8edf\u9ad4\u5982TheMoon<\/a>\u6703\u611f\u67d3IP\u651d\u5f71\u6a5f\u51fa\u73fe\u985e\u4f3c\u7684\u884c\u70ba\u3002RouteX\u7684\u4e0d\u540c\u8655\u5728\u65bc\u8a2d\u7f6eSOCKS\u4ee3\u7406\u7a0b\u5f0f\u5f8c\uff0c\u5b83\u6703\u52a0\u5165Linux\u9632\u706b\u7246\u898f\u5247\u4f86\u9632\u6b62\u5176\u4ed6\u60e1\u610f\u8edf\u9ad4\u5229\u7528\u540c\u4e00\u500b\u6f0f\u6d1e\uff0c\u4e26\u5c07\u53ef\u9023\u4e0a\u8def\u7531\u5668\u7684\u4f4d\u7f6e\u9650\u5236\u5728\u53ef\u80fd\u53d7\u653b\u64ca\u8005\u63a7\u5236\u7684\u67d0\u4e9bIP\u4f4d\u5740\u3002<\/p>\n

[<\/strong>\u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong>\u4fdd\u8b77\u4f60\u7684\u8def\u7531\u5668\u5c0d\u6297Mirai<\/strong>\u548c\u5176\u4ed6\u5bb6\u5ead\u7db2\u8def\u653b\u64ca<\/strong><\/a>]<\/strong><\/p>\n

RouteX\u4e5f\u88ab\u767c\u73fe\u6709\u6bb5\u503c\u5f97\u6ce8\u610f\u7684\u7db2\u8def\u72af\u7f6a\u904e\u53bb\u3002\u767c\u73fe\u9019\u60e1\u610f\u8edf\u9ad4\u7684\u5b89\u5168\u7814\u7a76\u4eba\u54e1\u767c\u73fe\u4e00\u4e9b\u5b83\u8ddfRouteX\u524d\u8eab\uff08\u653b\u64caUbiquiti Networks\u8a2d\u5099\u7684\u6f0f\u6d1e\u653b\u64ca\u78bc\/\u60e1\u610f\u8edf\u9ad4<\/a>\uff09\u4f5c\u8005\u9593\u7684\u9023\u7d50\uff0c\u4e3b\u8981\u662f\u547d\u4ee4\u548c\u63a7\u5236\uff08C&C\uff09\u7db2\u57df\u548c\u555f\u52d5\u87a2\u5e55\u3002<\/p>\n

RouteX\u9032\u4e00\u6b65\u5f37\u8abf\u4e86\u4e0d\u5b89\u5168\u8def\u7531\u5668\u6216IoT\u8a2d\u5099\u5e36\u4f86\u7684\u98a8\u96aa\u3002\u5728\u53bb\u5e74\u5341\u4e8c\u6708\uff0c\u4e00\u6ce2\u653b\u64ca\u5229\u7528\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u9020\u621090\u842c\u53f0<\/a>Deutsche Telekom\u8def\u7531\u5668\u505c\u64fa\u3002\u6bad\u5c4d\u7db2\u8def\u4e5f\u5229\u7528Mirai\u4e2d\u6bd2\u8def\u7531\u5668\u548c\u5176\u4ed6IoT\u8a2d\u5099\u4f86\u5c0dDNS\u670d\u52d9\u5546Dyn<\/a>\u9032\u884c\u5206\u6563\u5f0f\u963b\u65b7\u670d\u52d9\uff08DDoS\uff09\u653b\u64ca\u3002<\/p>\n

\u4e0d\u5b89\u5168\u7684\u8def\u7531\u5668\u53ef\u80fd\u5c0e\u81f4\u77e5\u540d\u7db2\u7ad9\u96e2\u7dda\uff0c\u8a2d\u5099\u7121\u6cd5\u4f7f\u7528\uff0c\u751a\u81f3\u8cc7\u6599\u88ab\u7aca\u3002\u4e8b\u5be6\u4e0a\uff0c\u4fdd\u8b77\u4f60\u7684\u8def\u7531\u5668<\/a>\u8ddf\u4fdd\u8b77\u4f01\u696d\u7db2\u8def\u5468\u908a\u4e00\u6a23\u91cd\u8981\u3002RouteX\u5c55\u793a\u51fa\u6709\u6f0f\u6d1e\u7684\u8def\u7531\u5668\u6703\u5982\u4f55\u88ab\u5229\u7528\u4f86\u91dd\u5c0d\u4f01\u696d\u7db2\u8def\u548c\u8cc7\u7522\u3002\u4e5f\u53ef\u4ee5\u88ab\u7528\u4f86\u653b\u64ca\u9023\u5230\u5b83\u7684\u8a2d\u5099\u53ca\u6240\u5132\u5b58\u7684\u8cc7\u6599\u3002\u4f46\u66f4\u91cd\u8981\u7684\u662f\uff0c\u5ee0\u5546\u5c0d\u65bc\u78ba\u4fdd\u81ea\u5df1\u6240\u88fd\u9020\u7db2\u8def\u9023\u7dda\u8a2d\u5099\u5b89\u5168\u6027\u65b9\u9762\u626e\u6f14\u81f3\u95dc\u91cd\u8981\u7684\u89d2\u8272<\/a>\uff0c\u6240\u4ee5\u5728\u958b\u767c\u7522\u54c1\u6642\u8981\u5c07\u5b89\u5168\u6027\u843d\u5be6\u5728\u8a2d\u8a08\u88e1\u3002<\/p>\n

 <\/p>\n

@\u539f\u6587\u51fa\u8655\uff1aRouteX Malware Found Exploiting Remote Access Vulnerability in Netgear Routers<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\u6700\u8fd1\u8da8\u52e2\u79d1\u6280\u767c\u73fe\u4e86\u4e00\u96bb\u91dd\u5c0dNetgear\u8def\u7531\u5668\u7684\u60e1\u610f\u8edf\u9ad4 \u2013 RouterX\uff0c\u5b83\u6703\u5229\u7528\u9060\u7aef\u5b58\u53d6\u548c\u547d\u4ee4\u57f7\u884c\u6f0f\u6d1e\uff08 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[1723,1335],"tags":[1599,3513,1593,2981],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/52525"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=52525"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/52525\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=52525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=52525"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=52525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}