{"id":57891,"date":"2018-11-14T09:00:24","date_gmt":"2018-11-14T01:00:24","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=57891"},"modified":"2018-11-07T12:17:27","modified_gmt":"2018-11-07T04:17:27","slug":"%e8%a8%ad%e5%ae%9a%e4%b8%8d%e7%95%b6%e7%9a%84%e5%ae%b9%e5%99%a8%e8%a2%ab%e7%94%a8%e4%be%86%e6%95%a3%e6%92%ad%e6%8c%96%e7%a4%a6%e7%97%85%e6%af%92","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=57891","title":{"rendered":"\u8a2d\u5b9a\u4e0d\u7576\u7684\u5bb9\u5668\u88ab\u7528\u4f86\u6563\u64ad\u6316\u7926\u75c5\u6bd2"},"content":{"rendered":"

\u8da8\u52e2\u79d1\u6280<\/a><\/u>\u6700\u8fd1\u767c\u73fe\u6709\u8a2d\u5b9a\u4e0d\u7576\u5c0e\u81f4API\u7aef\u53e3\u66b4\u9732\u7684Docker\u906d\u5230\u60e1\u610f\u5229\u7528\u7684\u6848\u4f8b\u3002\u6709\u60e1\u610f\u6d3b\u52d5\u6703\u6383\u63cf\u958b\u653e\u7aef\u53e32375\/TCP\u548c2376\/TCP\uff0c\u9019\u4e9b\u662fDocker\u5f15\u64ce\u670d\u52d9\uff08dockerd\uff09\u6240\u4f7f\u7528\u7684\u7aef\u53e3\u3002\u653b\u64ca\u8005\u63a5\u8457\u5c07\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u75c5\u6bd2<\/a>\uff08\u8da8\u52e2\u79d1\u6280\u5075\u6e2c\u70baCoinminer.SH.MALXMR.ATNE\uff09\u6563\u5e03\u5230\u9019\u4e9b\u8a2d\u5b9a\u4e0d\u7576\u7684\u7cfb\u7d71\u3002<\/p>\n

\"\"<\/a><\/p>\n

Docker\u6703\u5728\u4f5c\u696d\u7cfb\u7d71\u5c64\u7d1a\u5be6\u73fe\u865b\u64ec\u5316 \u2013 \u4e5f\u7a31\u70ba\u5bb9\u5668\u5316\uff08containerization\uff09\u3002Docker API\u80fd\u5920\u8b93\u9060\u7aef\u4f7f\u7528\u8005\u50cf\u672c\u5730\u7aef\u7528\u6236\u90a3\u6a23\u5730\u63a7\u5236Docker\u6620\u50cf\u3002\u5efa\u8b70\u4e0d\u8981\u958b\u653e\u80fd\u5920\u8b93\u5916\u90e8\u5b58\u53d6\u7684API\u7aef\u53e3\uff0c\u56e0\u70ba\u9019\u6703\u8b93\u99ed\u5ba2\u6709\u6a5f\u6703\u5229\u7528\u6b64\u4e0d\u7576\u8a2d\u5b9a\u9032\u884c\u60e1\u610f\u6d3b\u52d5\u3002<\/p>\n

Docker\u5f15\u64ce\u672c\u8eab\u4e26\u6c92\u6709\u906d\u5230\u653b\u64ca\uff0cDocker\u4f01\u696d\u7248\u672c\u4e5f\u6c92\u6709\u53d7\u5230\u5f71\u97ff\u3002\u6211\u5011\u662f\u5728Docker\u793e\u7fa4\u7248\u672c\u770b\u5230\u9019\u4e9b\u5c11\u898b\u7684\u60e1\u610f\u884c\u70ba\u3002\u4e8b\u5be6\u4e0a\uff0cDocker\u6280\u8853\u63d0\u4f9b\u8b93\u4f7f\u7528\u8005\u53ef\u4ee5\u555f\u7528\u53ca\u8a2d\u5b9a\u7684\u5b89\u5168\u529f\u80fd<\/a>\u4f86\u4fdd\u8b77\u5bb9\u5668\u548c\u5de5\u4f5c\u8ca0\u8f09\u3002Docker\u4e5f\u63d0\u4f9b\u4e86\u9632\u8b77Docker\u793e\u7fa4<\/a>\u548c\u4f01\u696d<\/a>\u7248\u672c\u7684\u5de5\u5177\u3001\u6587\u4ef6\u548c\u6307\u5357\u3002\u7576\u7136\uff0c\u5169\u8005\u7684\u5b89\u5168\u6700\u4f73\u5be6\u4f5c\u90fd\u6703\u8981\u6c42\u4e0d\u8981\u958b\u653e\u9019\u4e9b\u7aef\u53e3\u3002\u6bd4\u65b9\u8aaa\u5efa\u8b70\u904b\u884c\u5546\u696d\u61c9\u7528\u7a0b\u5f0f\u7684\u4f01\u696d\u4f7f\u7528\u5546\u696d\u7528\u7684Docker\u4f01\u696d\u7248\uff0c\u80fd\u5920\u63d0\u4f9b\u7cbe\u78ba\u3001\u57fa\u65bc\u89d2\u8272\u7684\u5b58\u53d6\u63a7\u5236\u8a2d\u5b9a\uff0c\u5fc5\u9808\u7d93\u904e\u8eab\u4efd\u8a8d\u8b49\u624d\u80fd\u4f7f\u7528API\u3002<\/p>\n

\u5728\u6211\u5011\u7684\u7814\u7a76\u4e2d\uff0cDocker API\u7aef\u53e3\u66b4\u9732\u662f\u4f7f\u7528\u8005\u8a2d\u5b9a\u4e0d\u7576\u7684\u7d50\u679c\uff0c\u56e0\u70ba\u6211\u5011\u767c\u73fe\u9019\u4e0d\u7576\u8a2d\u5b9a\u662f\u5728\u7ba1\u7406\u54e1\u5c64\u7d1a\u624b\u52d5\u8a2d\u5b9a\u7684\u3002\u5be6\u969b\u4e0a\uff0c\u56e0\u70ba\u8a2d\u5b9a\u4e0d\u7576<\/a>\u800c\u8b93\u81ea\u8eab\u66b4\u9732\u65bc\u5a01\u8105\u4e2d\u4e26\u975e\u65b0\u9bae\u4e8b\uff0c\u800c\u9019\u5c0d\u4f01\u696d\u4f86\u8aaa\u4e5f\u53ef\u80fd\u662f\u5f97\u9577\u671f\u9762\u5c0d\u7684\u6311\u6230\u3002\u4e8b\u5be6\u4e0a\uff0c\u6211\u5011\u900f\u904eShodan\u641c\u5c0b\u767c\u73fe\u6709\u8a31\u591a\u4eba\u7684Docker\u4e3b\u6a5f\u8a2d\u5b9a\u4e0d\u7576\uff0c\u7279\u5225\u662f\u5728\u4e2d\u570b\u3002\u800c\u540c\u6642\u9084\u6709\u7f8e\u570b\u3001\u6cd5\u570b\u3001\u5fb7\u570b\u3001\u65b0\u52a0\u5761\u3001\u8377\u862d\u3001\u82f1\u570b\u3001\u65e5\u672c\u3001\u5370\u5ea6\u548c\u611b\u723e\u862d\u4e5f\u51fa\u73fe\u8a2d\u5b9a\u4e0d\u7576\u7684Docker\u4e3b\u6a5f\u3002\u5927\u591a\u6578\u66b4\u9732\u7684\u7cfb\u7d71\u90fd\u662f\u904b\u884cLinux\u4f5c\u696d\u7cfb\u7d71\u3002\u6709\u610f\u601d\u7684\u662fLinux\u4e0a\u7684\u670d\u52d9\u9700\u8981\u624b\u52d5\u8a2d\u5b9a\uff0c\u800c\u5728Windows\u4e0a\u76f4\u523017.0.5-win8<\/a>\u90fd\u4e0d\u662f\u5982\u6b64\uff0c\u51fa\u65bc\u5b89\u5168\u7406\u7531\u800c\u7981\u6b62\u670d\u52d9\u66b4\u9732\u3002\u96d6\u7136\u4e0d\u7576\u8a2d\u5b9a\u5ee3\u6cdb\u5730\u5728\u5404\u7248\u672c\u90fd\u6709\u767c\u751f\uff0c\u4f46\u6839\u64daShodan\u7684\u641c\u5c0b\u7d50\u679c\u986f\u793a\u8d85\u904e\u4e00\u534a\u6709\u6b64\u554f\u984c\u7684\u4e3b\u6a5f\u904b\u884c\u7684\u662f18.06.1-ce\u7248\u672c\uff0c\u9019\u662f\u76f8\u5c0d\u8f03\u65b0\u7684Docker\u7248\u672c\u3002<\/p>\n

 <\/p>\n

<\/p>\n

\u57161<\/em>\uff1a\u5728\u7aef\u53e32375<\/em>\u548c2376<\/em>\u89c0\u5bdf\u5230\u7684\u60e1\u610f\u6d3b\u52d5\u6216\u56e0\u4e0d\u7576\u8a2d\u5b9a\u906d\u6feb\u7528\u7684\u6642\u9593\u8ef8\uff08\u4e0a\uff09\u548c\u570b\u5bb6\/<\/em>\u5730\u5340\u5206\u4f48\uff08\u4e0b\uff09<\/em><\/p>\n

<\/p>\n

\u57162<\/em>\uff1a\u653b\u64ca\u4e0d\u7576\u8a2d\u5b9aDocker<\/em>\u5f15\u64ce\u7684\u611f\u67d3\u93c8<\/em><\/p>\n

<\/p>\n

\u5c01\u5305\u8ffd\u8e64\u548c\u6709\u6548\u8ca0\u8f09\uff08payload<\/em><\/strong>\uff09\u5206\u6790<\/em><\/strong><\/p>\n

 <\/p>\n

\u8da8\u52e2\u79d1\u6280<\/a><\/u>\u767c\u73fe\u653b\u64ca\u8005\u7d93\u5e38\u6703\u5229\u7528\u66b4\u9732\u7684API\u7aef\u53e3\u5efa\u7acbDocker\u5bb9\u5668\uff08\u5982\u57162\u6240\u793a\uff09\uff0c\u4e26\u5728\u5165\u4fb5\u7684Docker\u5be6\u4f8b\u4e0a\u57f7\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a<\/p>\n