Web1 \uc11c\ubc84\ub294 iis 7.5\ubc84\uc804\uc774 \uc124\uce58\ub418\uc5b4 \uc788\uc5c8\uace0 ‘This website has been attacked. So, password link is missing now’ \uc989, \ud328\uc2a4\uc6cc\ub4dc \ub9c1\ud06c\ub97c \ucc3e\ub294\uac8c \ubb38\uc81c\uc600\uae30\uc5d0 IIS Short File\/Foder Name Disclosure \ub77c\ub294 \ucde8\uc57d\uc810\uc73c\ub85c \uc0bd\uc9c8\uc744 \ud588\ub2e4.<\/p>\n
\uad00\ub828 \ubb38\uc11c : http:\/\/soroush.secproject.com\/downloadable\/microsoft_iis_tilde_character_vulnerability_feature.pdf<\/p>\n
\/ip\/admin\/*~1*\/.aspx \ub85c \uc811\uc18d\ud588\uc744\ub54c Error Code 0x00000000 \uac00 \ub728\ub294\uac83\uc73c\ub85c \ubcf4\uc544 admin\ub514\ub809\ud1a0\ub9ac\uc5d0 1\uac1c \uc774\uc0c1\uc758 \ud30c\uc77c\uc774\ub098 \ud3f4\ub354\uac00 \uc874\uc7ac\ud55c\ub2e4\ub294\uac83\uc744 \uc54c \uc218 \uc788\uc5c8\uace0<\/p>\n
\/ip\/a*~1*\/.aspx
\n\/ip\/b*~1*\/.aspx
\n\/ip\/c*~1*\/.aspx \ucc98\ub7fc \ud55c \uae00\uc790\uc529 bruteforce\ud574\uc11c \ud30c\uc77c\uc774\ub098 \ud3f4\ub354\uc758 \uc774\ub984\uc774 iisvul~ \ub77c\ub294\uac83\uc744 \uc54c\uc544\ub0c8\ub2e4.<\/p>\n
\/ip\/admin\/iisvul*~1\/.aspx \ub85c \uc811\uc18d\ud588\uc744\ub54c Error Code 0x80070002 \uac00 \ub728\ub294\uac83\uc73c\ub85c \ubcf4\uc544 iisvul~ \ub294 \ub514\ub809\ud1a0\ub9ac\uac00 \uc544\ub2c8\ub77c \ud655\uc7a5\uc790\ub97c \uac00\uc9c0\ub294 \ud30c\uc77c\uc774\ub77c\ub294 \uac83\uc744 \uc54c \uc218 \uc788\uc5c8\ub2e4.<\/p>\n
\/ip\/admin\/iisvul*~1.%3f%3f%3f\/.aspx \uac00 Error Code 0x00000000 \uc774\ubbc0\ub85c iisvul~ \uc758 \ud655\uc7a5\uc790\ub294 3 \uae00\uc790\uc600\uace0,<\/p>\n
\/ip\/admin\/iisvul*~1.a%3f%3f\/.aspx
\n\/ip\/admin\/iisvul*~1.b%3f%3f\/.aspx
\n\/ip\/admin\/iisvul*~1.c%3f%3f\/.aspx \ub85c bruteforce\ud574\uc11c \ud655\uc7a5\uc790\uac00 txt\uc784\uc744 \uc54c\uc544\ub0c8\ub2e4.<\/p>\n
\uadf8\ub7ec\ubbc0\ub85c admin \ub514\ub809\ud1a0\ub9ac\uc5d0\ub294 \uc774\ub984\uc774 iisvul\ub85c \uc2dc\uc791\ud558\ub294 txt\ud30c\uc77c\uc774 \uc874\uc7ac\ud55c\ub2e4\ub294 \uac83\uc744 \uc54c \uc218 \uc788\uc5c8\uace0 iisvulnerability.txt \ub85c \uc811\uc18d\ud574\uc11c Password\ub97c \uc5bb\uc5b4\ub0c8\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"
Web1 \uc11c\ubc84\ub294 iis 7.5\ubc84\uc804\uc774 \uc124\uce58\ub418\uc5b4 \uc788\uc5c8\uace0 ‘This website has been attacked. So, password link is missing now’ \uc989, \ud328\uc2a4\uc6cc\ub4dc \ub9c1\ud06c\ub97c \ucc3e\ub294\uac8c \ubb38\uc81c\uc600\uae30\uc5d0 IIS Short File\/Foder Name Disclosure \ub77c\ub294 \ucde8\uc57d\uc810\uc73c\ub85c \uc0bd\uc9c8\uc744 \ud588\ub2e4. \uad00\ub828 \ubb38\uc11c : http:\/\/soroush.secproject.com\/downloadable\/microsoft_iis_tilde_character_vulnerability_feature.pdf \/ip\/admin\/*~1*\/.aspx \ub85c \uc811\uc18d\ud588\uc744\ub54c Error Code 0x00000000 \uac00 \ub728\ub294\uac83\uc73c\ub85c \ubcf4\uc544 admin\ub514\ub809\ud1a0\ub9ac\uc5d0 1\uac1c \uc774\uc0c1\uc758 \ud30c\uc77c\uc774\ub098 \ud3f4\ub354\uac00 \uc874\uc7ac\ud55c\ub2e4\ub294\uac83\uc744 \uc54c \uc218 \uc788\uc5c8\uace0 \/ip\/a*~1*\/.aspx \/ip\/b*~1*\/.aspx \/ip\/c*~1*\/.aspx \ucc98\ub7fc \ud55c \uae00\uc790\uc529 bruteforce\ud574\uc11c \ud30c\uc77c\uc774\ub098 \ud3f4\ub354\uc758 \uc774\ub984\uc774 iisvul~ \ub77c\ub294\uac83\uc744 \uc54c\uc544\ub0c8\ub2e4. \/ip\/admin\/iisvul*~1\/.aspx \ub85c \uc811\uc18d\ud588\uc744\ub54c Error Code 0x80070002 \uac00 \ub728\ub294\uac83\uc73c\ub85c \ubcf4\uc544 iisvul~ \ub294 \ub514\ub809\ud1a0\ub9ac\uac00 \uc544\ub2c8\ub77c \ud655\uc7a5\uc790\ub97c \uac00\uc9c0\ub294 \ud30c\uc77c\uc774\ub77c\ub294 \uac83\uc744 \uc54c \uc218 \uc788\uc5c8\ub2e4. \/ip\/admin\/iisvul*~1.%3f%3f%3f\/.aspx \uac00 Error Code 0x00000000 \uc774\ubbc0\ub85c iisvul~ \uc758 \ud655\uc7a5\uc790\ub294 3 \uae00\uc790\uc600\uace0, \/ip\/admin\/iisvul*~1.a%3f%3f\/.aspx \/ip\/admin\/iisvul*~1.b%3f%3f\/.aspx \/ip\/admin\/iisvul*~1.c%3f%3f\/.aspx \ub85c bruteforce\ud574\uc11c \ud655\uc7a5\uc790\uac00 txt\uc784\uc744 \uc54c\uc544\ub0c8\ub2e4. \uadf8\ub7ec\ubbc0\ub85c admin \ub514\ub809\ud1a0\ub9ac\uc5d0\ub294 \uc774\ub984\uc774 iisvul\ub85c \uc2dc\uc791\ud558\ub294 txt\ud30c\uc77c\uc774 \uc874\uc7ac\ud55c\ub2e4\ub294 \uac83\uc744 \uc54c \uc218 \uc788\uc5c8\uace0 iisvulnerability.txt \ub85c \uc811\uc18d\ud574\uc11c Password\ub97c \uc5bb\uc5b4\ub0c8\ub2e4.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts\/81"}],"collection":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/comments?post=81"}],"version-history":[{"count":1,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts\/81\/revisions"}],"predecessor-version":[{"id":82,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/posts\/81\/revisions\/82"}],"wp:attachment":[{"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/media?parent=81"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/categories?post=81"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.rubiya.kr\/index.php\/wp-json\/wp\/v2\/tags?post=81"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}