*°¨¿°
°æ·Î
-À©µµ¿ì
º¸¾È
Ãë¾àÁ¡À»
ÅëÇØ
°¨¿°
-»ç¿ëÀÚ
°èÁ¤ÀÇ
Ãë¾àÇÑ
¾ÏÈ£¿¡
ÀÇÇØ
°¨¿°
:
À©µµ¿ì
NT°è¿(À©µµ¿ì
NT,2000,XP)ÀÇ
°ü¸®
¸ñÀû
°øÀ¯Æú´õ¿¡
´ëÇÑ
»ç¿ëÀÚ
·Î±×ÀÎ
°èÁ¤ÀÇ
¾ÏÈ£°¡
Ãë¾àÇÑ
°æ¿ì
½Ã½ºÅÛ¿¡
Á¢¼Ó
ÈÄ
½ÇÇà.
»ç¿ëÀÚ
·Î±×ÀÎ
°èÁ¤¿¡
´ëÀÔÇÏ´Â
¾ÏÈ£
¸®½ºÆ®´Â
¾Æ·¡¿Í
°°´Ù.
abc123 passwd SERVER BACKUP ACCESS FILES
WRITE SHARE GUEST SYSTEM system Password PASSWORD
password ADMINISTRATOR Administrateur Administrador admin123
Admin ADMIN guest admin admins administrat administrateur
administrador administrator
µîµî...
*Áõ»ó
-À©µµ¿ì
½Ã½ºÅÛ
Æú´õ¿¡
windrpd.exe
¶ó´Â
ÆÄÀÏÀ»
»ý¼ºÇÑ´Ù.
À©µµ¿ì
½Ã½ºÅÛ
Æú´õ |
95/98/ME |
C:\Windows\System |
NT/2000 |
C\WinNT\System32 |
XP |
Windows\System32 |
.
-·¹Áö½ºÆ®¸®¿¡
´ÙÀ½
value¸¦
µî·ÏÇØ
À©µµ¿ì
±¸µ¿½Ã
ÀÚµ¿
½ÇÇàµÇµµ·Ï
¸¸µç´Ù.
HKEY_CURRENT_USER\SOFTWARE\MicrosoftOLE
¡°Microsoft
System Application ¡° = windrpd.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
¡°Microsoft
System Application ¡° = windrpd.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices ¡°Microsoft
System Application ¡° = windrpd.exe
-°¨¿°µÈ
½Ã½ºÅÛÀº
TCP ÀÓÀÇÀÇ
Æ÷Æ®¸¦
LISTENING »óÅ·Î
¿¾îµÐ´Ù.
(»ó´ë·ÎºÎÅÍ
Á¢¼ÓÀ»
±â´Ù¸®´Â
»óÅÂ)
±×
ÈÄ
»ç¿ëÀÚ
¸ô·¡
Á¢¼Ó
ÇØ
½ºÆÔ
¸ÞÀÏ
¹ß¼Û,
¾Öµå¿þ¾î
¼³Ä¡,
µ¥ÀÌÅÍ
»èÁ¦,
±×¸®°í
°³ÀÎÀÇ
ÄÄÇ»ÅÍ
»ç¿ë
³»¿ªÀ»
ÈÉÃĺ¸°Å³ª
°¢Á¾
ÆÄÀÏ(°³ÀÎ
¹®¼,
±â¹Ð
¹®¼
µî)À»
¿ÜºÎ·Î
»©°¡´Â
º¸¾È»ó
¹®Á¦µµ
¹ß»ýÇÒ
¼ö
ÀÖÀ½
-¹ÂÅؽº
»ý¼º
´ÙÀ½
¹ÂÅؽº(Mutex)¸¦
»ý¼ºÇØ
Áߺ¹
½ÇÇàÀ»
¹æÁöÇÑ´Ù.
-.:H:.
- °¨¿°µÈ ½Ã½ºÅÛÀº ½ÇÇàÁßÀΠƯÁ¤ ÇÁ·Î¼¼½º¸¦
°Á¦ Á¾·ù ½ÃŲ´Ù.
ssate.exe winsys.exe WINUPDATE.EXE
WINTSK32.EXE
VSCAN40.EXE VPTRAY.EXE
TVMD.EXE TSADBOT.EXE
µîµî... |