һλºÚ¿ÍÈÕÇ°·¢ÏÖÁËLinksys¼°ÆäËü¼¸¼Ò¹«Ë¾ÎªÎÞÏß·ÓÉÆ÷²úÆ·Éè¼ÆµÄ¿ªÔ´¹Ì¼þÖеÄÒ»¸öÖÂÃü©¶´£¬ÀûÓø鶴£¬¹¥»÷Õß¿ÉÒÔ·Ç·¨»ñµÃ¶ÔÎÞÏß·ÓÉÆ÷µÄÈ«²¿¿Ø ÖÆȨ¡£Êܸ鶴ӰÏìµÄ¹Ì¼þ°üÀ¨×î½ü°æ±¾µÄDD-WRT¹Ì¼þ£¬Õâ¿î¹Ì¼þ¿ÉÒÔÔöÇ¿ÎÞÏß·ÓÉÆ÷µÄ¹¦ÄÜ£¬Òò´Ë±»ºÜ¶àÓû§×·¼Ó°²×°ÔÚ×Ô¼ºµÄ²úÆ·ÉÏ¡£ÍâÍøµÄ·ÇÊÚȨÓû§ Ö»ÒªÒýÓÕÄÚÍøÓû§·ÃÎÊÏÂÂíÍøÕ¾£¬¾Í¿ÉÒÔÇáËÉ»ñµÃÎÞÏß·ÓÉÆ÷µÄÔ¶³Ì¿ØÖÆȨ¡£
¸Ã©¶´ÊÇÓÉÓÚDD-WRTËù²ÉÓõÄHTTPÐÒéÒýÆðµÄ£¬¸ÃÐÒé²¢²»»á¶ÔÓû§ÊäÈëµÄÐÅÏ¢½øÐÐÉó²é²¢ÇÒÓµÓжÔϵͳµÄ¿ØÖÆȨ£¬Óɴ˱ãΪ¹¥»÷´ò¿ªÁË·½±ãÖ®ÃÅ£¬¹¥»÷Õß¿ÉÒÔʹÓÃCSRF¼¼Êõ¹¥ÆƸÃÐÒé¡£ÒÔÏÂÍøÒ³ÊǺڿÍʵÏÖÔ¶³Ì¿ØÖƵÄÒ»¸öÀý×Ó£º
http://routerIP/cgi-bin/;command_to_execute
Ä¿Ç°Óг¬¹ý200¿îÎÞÏß·ÓÉÆ÷¼°Ç¶ÈëʽÉ豸¾ùÔÚʹÓÃDD-WRT¹Ì¼þ£¬ÊÜÓ°ÏìµÄÆ·ÅÆ°üÀ¨Linksys, D-Link, BuffaloÒÔ¼°Netgear¡£MetasploitµÄÓû§¿ÉÒÔµã»÷Õâ¸öÁ´½ÓÏÂÔØÓйصÄ©¶´¼ì²âÄ£¿é£¬¼ì²é×Ô¼ºµÄ·ÓÉÆ÷ÊÇ·ñ»áÊܵ½Õâ¸ö©¶´µÄÓ°Ïì¡£
DD-WRTµÄ¿ª·¢ÕßSebastian Gottschall¸Õ¸Õ·¢²¼ÁËÐÞ²¹Õâ¸ö©¶´µÄÁÙʱ²¹¶¡£¬ÓÐÐËȤµÄ¶ÁÕß¿ÉÒÔµã»÷Õâ¸öÁ´½Ó½øÐÐÏÂÔØ¡£
À´Ô´£ºcnbeta
mconela ÓÚ 2009-07-22 16:38:41·¢±í:
ºÃ¿ÉÅÂ