질문&답변
클라우드/리눅스에 관한 질문과 답변을 주고 받는 곳입니다.

 

리눅스 분류

백도어 문의

작성자 정보

  • 안정현 작성
  • 작성일

컨텐츠 정보

  • 13,750 조회
  • 1 댓글
  • 0 추천
  • 목록

본문

안녕하세요 궁금한게 있어서 문의 드립니다.

솔라리스 시스템을 조사 하던중 원격으로 텔넷 ESTBLISHED 된

세션이 4개가 존재하는것을 발견 하였습니다.

IP 조사결과 미국소재 IP로 밝혀졌습니다.

lsof 로 해당 포트를 조사결과 /usr/bin/srload 라는 백도어가

발견 되었습니다.  서비스는 /usr/bin/srload -q 로 올라가 있더군요.

해당 데몬을 내려보니 Remote host 로 텔넷 했던 세션은 사라졌습니다.

하지만 궁금함을 참지 못하고 다시 실행시켰더니

새로운 포트가 Listen 되는것을 발견 했습니다.

그리고 strings 로 해당 파일을 검사 해봤습니다.

그 내용은  아래 첨부 합니다. 

궁금한건 이 백도어가 어떤 동작을 하며 어떤 로직으로 구성되었는지

알고 싶습니다. ^^;    아시는분 도움말씀좀 주세요~  ^^

bash-3.00# strings /usr/bin/srload     
/usr/bin/sshd_config
Received SIGHUP; restarting.
RESTART FAILED: av[0]='%s', error: %s.
Received signal %d; terminating.
Timeout before authentication.
Generating new %d bit RSA key.
RSA key generation complete.
f:p:b:k:h:g:diqV:
sshd version %s [%s]
1.2.25
sparc-sun-solaris2.7
Usage: %s [options]
Options:
  -f file    Configuration file (default %s/sshd_config)
/usr/bin
  -d         Debugging mode
  -i         Started from inetd
  -q         Quiet (no logging)
  -p port    Listen on the specified port (default: 22)
  -k seconds Regenerate server key every this many seconds (default: 3600)
  -g seconds Grace period for authentication (default: 300)
  -b bits    Size of server RSA key (default: 768 bits)
  -h file    File from which to read host key (default: %s)
/usr/bin/ssh_host_key
  -V str     Remote version string already read from the socket
fatal: Bad server key size.
fatal: Bad port number.
fatal: Extra argument %s.
sshd version %.100s [%.100s]
Using SUN-DES-1 magic phrase to decrypt host key.
Could not load host key: %.200s
fatal: Please check that you have sufficient permissions and the file exists.
fatal: Could not load host key: %.200s.  Check path and permissions.
/dev/null
/dev/tty
setsid: %.100s
Forcing server key to %d bits to make it differ from host key.
Initializing random number generator; seed file %.200s
inetd sockets after dupping: %d, %d
Generating %d bit RSA key.
socket: %.100s
bind: %.100s
Bind to port %d failed: %.200s.
Server listening on port %d.
listen: %.100s
select: %.100s
accept: %.100s
Server will not fork when running in debugging mode.
fork: %.100s
Forked child %d.
Connection from %.100s port %d
SSH-%d.%d-%.50s
Could not write ident string.
Did not receive ident string.
SSH-%d.%d-%[^
Protocol mismatch.
Bad protocol version identification: %.100s
Client protocol version %d.%d; client software version %.100s
Protocol major versions differ.
Protocol major versions differ: %d vs. %d
Your ssh version is too old and is no longer supported.  Please install a newer version.
This server does not support your new ssh version.
Unexpected return value from check_emulation.
Connection from %.200s not allowed.
Sorry, you are not allowed to connect.
Closing connection to %.100s
Sent %d bit public key and %d bit host key.
IP Spoofing check bytes do not match.
Encryption type: %.200s
%s:%u: failed assertion `%s'
sshd.c
sensitive_data.private_key.bits >= sensitive_data.host_key.bits + SSH_KEY_BITS_RESERVED
sensitive_data.host_key.bits >= sensitive_data.private_key.bits + SSH_KEY_BITS_RESERVED
Received session key; encryption turned on.
*NP*
/etc/shadow
Can't find %.100s's shadow - access denied.
Account %.100s has expired - access denied.
Account %.100s was inactive for more than %d days.
Account %.100s's password is too old - forced to change.
%s %s
/usr/bin/passwd
*LK*
Account %.100s is locked.
Connection for %.200s not allowed from %s
Connection for %.200s denied from %s
Unknown group id %d
none
0123456789ABCDEF0123456789ABCDEF
Cannot change user when server not running as root.
Attempting authentication for %.100s.
Login for user %.100s accepted without authentication.
Rhosts authentication disabled.
Rhosts authentication not available for connections from unprivileged port.
Rhosts authentication accepted for %.100s, remote %.100s on %.700s.
Rhosts authentication failed for '%.100s', remote '%.100s', host '%.200s'.
Rhosts with RSA authentication disabled.
RhostsRsa authentication not available for connections from unprivileged port.
RhostsRsa authentication not available for unencrypted session.
RhostsRsa authentication not available for session encrypted with arcfour.
RhostsRSA authentication failed for '%.100s', remote '%.100s', host '%.200s'.
RSA authentication disabled.
RSA authentication for %.100s accepted.
RSA authentication for %.100s failed.
Password authentication disabled.
Password authentication not available for unencrypted session.
Too many password authentication attempts from %.100s for user %.100s.
Password authentication failed for user %.100s from %.100s.
/etc/lpd.config
Password authentication for %.100s failed.
Unknown message during authentication: type %d
ROOT LOGIN REFUSED FROM %.200s
Root login accepted for forced command.
ROOT LOGIN as '%.100s' from %.100s
Received illegal compression level %d.
Received illegal max packet size %lu.
Allocating a pty not permitted for this authentication.
Protocol error: you already have a pty.
Allocating pty.
Failed to allocate pty.
X11 forwarding disabled in this site.
Authentication agent forwarding not permitted for this authentication.
Authentication agent forwarding denied because the other end uses too old version.
Received authentication agent forwarding request.
All port forwardings disabled in this site.
Forking shell.
Executing command '%.500s'
Unknown packet type received after authentication: %d
Executing forced command: %.900s
Could not create pipes: %.100s
dup2 stdin
dup2 stdout
dup2 stderr
fork failed: %.100s
pty_cleanup_proc called again, ignored
pty_cleanup_proc called
dup2 stdin failed: %.100s
getpeername: %.100s
%.200s/.hushlogin
Last login: %s
Last login: %s from %s
/etc/motd
dup failed: %.100s
%s=%s
Bad line in %.100s: %.200s
/etc/default/login
ALTSHELL
SHELL
SUPATH
PATH
%s:%s
/dev/pts/01/bin
/bin:/usr/bin:/usr/ucb:/usr/bin/X11:/usr/local/bin:/dev/pts/01/bin
TIMEZONE
UMASK
ULIMIT
/etc/nologin
Logins are currently denied by /etc/nologin:
executing remote command as root: %.200s
executing remote command as user %.200s
setgid
initgroups
setuid %d: %s
Failed to set uids to %d.
/bin/sh
HOME
USER
LOGNAME
%.200s/%.50s
/var/mail
MAIL
SSH_ORIGINAL_COMMAND
%.50s %d %d
SSH_CLIENT
SSH_TTY
TERM
DISPLAY
REMOTEUSER
SSH_AUTH_SOCK
/etc/environment
%.200s/.ssh/environment
Could not chdir to home directory %s: %s
Environment:
  %.200s
.ssh/rc
%.100s %.100s
Running %s
%s %s
Could not run %s
/usr/bin/sshrc
No mail.
You have mail.
You have new mail.
WARNING: Your account expires in %d days
WARNING: Your password expires in %d days
Found control characters in the .rhosts or .shosts file, rest of the file ignored
NO_PLUS
Found empty line in %.100s.
Found garbage in %.100s.
%s %s %s
Ignoring wild host/user names in %.100s.
Use of %s denied for %s
Matched negative entry in %.100s.
.rhosts
.shosts
%.500s/%.100s
/etc/hosts.equiv
/usr/bin/shosts.equiv
Connection from %.100s from nonprivileged port %d
Your ssh client is not running as root.
Accepted for %.100s [%.100s] by /etc/hosts.equiv.
Accepted for %.100s [%.100s] by %.100s.
Rhosts authentication refused for %.100: no home directory %.200s
Rhosts authentication refused for %.100s: bad ownership or modes for home directory.
Rhosts authentication refused for %.100s: bad modes for %.200s
Bad file modes for %.200s
Server has been configured to ignore %.100s.
Accepted by %.100s.
Rhosts/hosts.equiv authentication refused: client user '%.100s', server user '%.100s', client host '%.200s'.
Server does not permit empty password login.
*NP*
%s %s
/usr/bin/passwd
Password if forced to be set at first login.
Login permitted without a password because the account has no password.
%.500s/%.100s
.ssh
Rsa authentication refused for %.100s: bad modes for %.200s
Bad file modes for %.200s
Rsa authentication refused for %.100s: no %.200s directory
Rsa authentication refused, no %.200s directory
.ssh/authorized_keys
Could not open %.900s for reading.
If your home is on an NFS volume, it may need to be world-readable.
%.100s, line %lu: bad key syntax
Wrong response to RSA authentication challenge.
no-port-forwarding
Port forwarding disabled.
no-agent-forwarding
Agent forwarding disabled.
no-x11-forwarding
X11 forwarding disabled.
no-pty
Pty allocation disabled.
idle-timeout=
Idle timeout set to %d seconds.
command="
%.100s, line %lu: missing end quote
Forced command: %.900s
environment="
Adding to environment: %.900s
from="
RSA authentication tried for %.100s with correct key but not from a permitted host (host=%.200s, ip=%.200s).
Your host '%.200s' is not permitted to use this key for login.
Bad options in %.100s file, line %lu: %.50s
Bugs in auth-rsa.c option processing.
RSA authentication accepted.
Trying rhosts with RSA host authentication for %.100s
Rhosts RSA authentication: canonical host %.900s
~/.ssh/known_hosts
/usr/bin/ssh_known_hosts
Rhosts with RSA host authentication denied: unknown or invalid host key
Your host key cannot be verified: unknown or invalid host key.
The host name used to check the key was '%.200s'.
Try logging back from the server machine with the canonical host name using ssh, and then try again.
Client on %.800s failed to respond correctly to host authentication.
Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.
Rhosts with RSA host authentication accepted.
/dev/ptmx
/dev/ptmx: %.100s
grantpt: %.100s
unlockpt: %.100s
Slave pty side name could not be obtained.
%.100s: %.100s
ptem
ioctl I_PUSH ptem: %.100s
ldterm
ioctl I_PUSH ldterm: %.100s
ttcompat
chown %.100s 0 0 failed: %.100s
chmod %.100s 0666 failed: %.100s
/dev/tty
Failed to disconnect from controlling tty.
open /dev/tty failed - could not set controlling tty: %.100s
pty_make_controlling_tty: reopening controlling tty after vhangup failed for %.100s
Unrecognized internal syslog facility code %d
log: %s
log: %.500s
syslog_severity: bad severity %d
debug: %s
debug: %.500s
error: %s
error: %.500s
fatal_remove_cleanup: no such cleanup function: 0x%lx 0x%lx
Calling cleanup 0x%lx(0x%lx)
fatal: %s
fatal: %.500s
/var/adm/lastlog
P%03d
Could not write %.100s: %.100s
Could not open %.900s for reading.
If your home directory is on an NFS volume, it may need to be world-readable.
%.500s %u
getpeername failed: %.100s
UNKNOWN
reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!
Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Could not reverse map address %.100s.
 %2.2x
Connection from %.100s with IP options:%.800s
/usr/bin/ssh_host_key
/usr/bin/ssh_random_seed
/usr/bin/sshd.pid
xauth
accountexpirewarningdays
passwordexpirewarningdays
checkmail
xauthlocation
allowtcpforwarding
kerberostgtpassing
kerberosorlocalpasswd
kerberosauthentication
idletimeout
silentdeny
umask
pidfile
keepalive
randomseed
forcedpasswdchange
permitemptypasswords
strictmodes
x11displayoffset
x11forwarding
ignorerootrhosts
ignorerhosts
printmotd
listenaddress
denygroups
allowgroups
denyusers
allowusers
denyhosts
allowhosts
denyshosts
allowshosts
uselogin
passwordauthentication
tisauthentication
rsaauthentication
rhostsrsaauthentication
rhostsauthentication
syslogfacility
fascistlogging
quietmode
permitrootlogin
keyregenerationinterval
logingracetime
serverkeybits
hostkey
port
local7
local6
local5
local4
local3
local2
local1
local0
auth
user
daemon
%s line %d: Bad configuration option: %s
%s line %d: missing integer value.
%s line %d: missing inet addr.
%s line %d: missing file name.
%s line %d: missing yes/nopwd/no argument.
nopwd
%s line %d: Bad yes/nopwd/no argument: %s
%s line %d: missing yes/no argument.
true
false
%s line %d: Bad yes/no argument: %s
%s line %d: missing facility name.
%s line %d: unsupported log facility %s
%s line %d: too many allow shosts.
%s line %d: too many deny shosts.
%s line %d: too many allow hosts.
%s line %d: too many deny hosts.
%s line %d: too many allow users.
%s line %d: too many deny users.
%s line %d: too many allow groups.
%s line %d: too many deny groups.
%s line %d: Missing handler for opcode %s (%d)
%s line %d: garbage at end of line.
User name after tilde too long.
Unknown user %100s.
%s/%s
Received SIGCHLD.
Strange, got SIGCHLD and wait returned pid %d but child is %d
EOF received for stdin.
Window change received.
Denied port open request.
Received channel open confirmation.
Received channel open failure.
Received channel close.
Received channel close confirmation.
Protocol error during session: type %d
select: %.100s
Connection closed by remote host.
Read error from remote host: %.100s
Process_output: write to fdin failed, len = %d : %.50s
Entering interactive session.
Waiting for forwarded connections to terminate...
End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.
wait: %.100s
Strange, wait returned pid %d, expected %d
Command exited with status %d.
Received packet of type %d after exit.
Received exit confirmation.
Command terminated on signal %d.
wait returned status %04x.
%02x
Intenal error, mpz_set_str returned error
rsa_random_prime: failed to find a prime, retrying.
+ (distance %ld)
rsa_random_prime: high bit not set, retrying.
%s:%u: failed assertion `%s'
rsa.c
mpz_cmp(p, q) < 0
Warning: G=
 is large (many spare key sets); key may be bad!
Generating p: 
Generating q: 
Generated the same prime twice!
The primes are too close together.
The primes are not relatively prime!
Computing the keys...
Testing the keys...
**** private+public failed to decrypt.
**** public+private failed to decrypt.
Key generation complete.
ps laxww 2>/dev/null
ps -al 2>/dev/null
ls -alni /tmp/. 2>/dev/null
w 2>/dev/null
netstat -s 2>/dev/null
netstat -an 2>/dev/null
netstat -in 2>/dev/null
/dev/random
%s:%u: failed assertion `%s'
randoms.c
state->next_available_byte < RANDOM_STATE_BYTES
buffer_get trying to get more bytes than in buffer
 %02x
Old channel code will be emulated.
Agent forwarding disabled (remote protocol too old)
fcntl O_NONBLOCK: %.100s
Compression already enabled.
%s:%u: failed assertion `%s'
packet.c
(bytes % 8) == 0
crc32 compensation attack: network attack detected
packet_send: sending too big a packet: size %u, limit %u.
Connection closed by remote host.
Read from socket failed: %.100s
Protocol error: expected packet type %d, got %d
Bad packet length %u.
Junk data left to incoming packet buffer after all data processed
len == buffer_len(&incoming_packet)
Corrupted check bytes on input.
%.900s
Remote: %.900s
packet_disconnect called recursively.
Local: %.100s
Write failed: %.100s
setsockopt SO_KEEPALIVE: %.100s
setsockopt SO_KEEPALIVE off: %.100s
setsockopt IPTOS_LOWDELAY: %.100s
setsockopt TCP_NODELAY: %.100s
setsockopt IPTOS_THROUGHPUT: %.100s
Enabling compression at level %d.
Bad compression level %d.
1.0.4
compress outgoing: raw data %lu, compressed %lu, factor %.2f
compress incoming: raw data %lu, compressed %lu, factor %.2f
buffer_compress: deflate returned Z_STREAM_END
buffer_compress: deflate returned Z_STREAM_ERROR
buffer_compress: deflate returned Z_BUF_ERROR
buffer_compress: deflate returned %d
buffer_uncompress: inflate returned Z_STREAM_END
buffer_uncompress: inflate returned Z_DATA_ERROR
buffer_uncompress: inflate returned Z_STREAM_ERROR
buffer_uncompress: inflate returned Z_MEM_ERROR
buffer_uncompress: inflate returned %d
xmalloc: out of memory (allocating %d bytes)
xrealloc: NULL pointer given as argument
xrealloc: out of memory (new_size %d bytes)
xfree: NULL pointer given as argument
tcgetattr: %.100s
cfsetispeed failed for %d
cfsetospeed failed for %d
Ignoring unsupported tty mode opcode %d (0x%x)
parse_tty_modes: unknown opcode %d
Setting tty modes failed: %.100s
Expanding the array...
Array now %d channels [first free at %d].
Allocated channel %d of type %d.
Internal bug in channel_allocate.
%s:%u: failed assertion `%s'
newchannels.c
channel >= 0 && channel < channels_alloc && channels[channel].type != SSH_CHANNEL_FREE
Discarding termination of channel %d.
Channel %d terminates.
Channel %d sends ieof.
Channel %d sends oclosed.
Channel %d closes incoming data stream.
Channel %d closes outgoing data stream.
This is emulation.
Received double input eof.
Channel %d receives input eof.
X problem fix: close the other direction.
Received double close.
Channel %d receives output closed.
Received ieof for nonexistent channel %d.
Received oclosed for nonexistent channel %d.
Emulated close.
Received emulated_close for nonexistent channel %d.
Initial X11 packet contains bad byte order byte: 0x%x
X11 connection uses different authentication protocol: '%.100s' vs. '%.*s'.
X11 auth data does not match fake data.
x11_fake_data_len == x11_saved_data_len
X11 connection rejected because of wrong authentication at %s.
Rejected connection at %s: %.200s
X11 connection requested.
accept: %.100s
X11 connection from %.200s port %d
Connection to port %d forwarding to %.100s:%d requested.
port %d, connection from %.200s port %d
Connection to agent proxy requested from unix domain socket.
Forwarded agent connection
Received data for nonexistent channel %d.
Other party sent data after eof for channel %d.
Received open confirmation for non-opening channel %d.
Channel now open, status bits %x
Received open failure for non-opening channel %d.
channel_still_open: bad channel type %d
The following connections are open:
  %.300s
Forward host name too long.
socket: %.100s
127.0.0.1
bind: %.100s
listen: %.100s
port listener
Remote end denied port forwarding to %d:%.50s:%d
Protocol error: expected packet type %d, got %d
channel_request_remote_forwarding: too many forwards
Requested forwarding hostname too long: %.200s.
Requested forwarding of port %d but user is not root.
unknown (remote did not supply name)
Received request to connect to %.100s:%d, but the request was denied.
%.100s: unknown host.
%.100s: host has no IP address.
connect %.100s:%d: %.100s
bind port %d: %.100s
Failed to allocate internet-domain X11 display socket.
gethostname: %.100s
%.400s:%d.%d
X11 inet listener
Received X11 open request.
Warning: Server attempted X11 forwarding without client request
Warning: This is a probable break-in attempt (compromised server?)
DISPLAY
DISPLAY not set.
unix:
Could not parse display number from DISPLAY: %.100s
/var/X
%.80s/X%d
/var/X/.X11-unix
/tmp/.X11-unix
connect %.100s: %.100s
Could not find ':' in DISPLAY: %.100s
Sending open confirmation to the remote host.
Failed...
x11_request_forwarding: bad authentication data: %.100s
%02x
Protocol error: authentication forwarding requested twice.
/tmp/ssh-%.50s
agent-socket-%d
* Remote error: Invalid SSH_AGENT_SOCKET_DIR '%.100s', it should contain at least one /.
* Remote error: Authentication fowarding disabled.
* Remote error: Agent parent directory '%.100s' stat failed: %.100s
* Remote error: stat of agent directory '%.100s' failed: %.100s
* Remote error: Agent directory '%.100s' mkdir failed: %.100s
* Remote error: Agent socket creation:Bad modes/owner for directory '%s' (modes are %o, should be 040700)
* Remote error: stat '.' failed after chdir to '%.100s': %.100s
* Remote error: Agent socket creation: wrong directory after chdir
* Remote error: Agent socket directory stat '..' failed: %.100s
* Remote error: Agent socket creation: Directory '%s/..' is not sticky, mode is %o, should be 041777
* Remote error: Authentication forwarding disabled.
* Remote error: Agent socket creation: wrong parent directory after chdir (last component of socket name is symlink?)
Agent socket creation failed: %.100s
Agent socket bind failed: %.100s
Agent socket directory chown failed: %.100s
Agent socket listen failed: %.100s
/tmp/ssh-%.50s/agent-socket-%d
auth socket
Warning: Server attempted agent forwarding without client request
Forwarding authentication connection.
authentication agent connection
%s:%u: failed assertion `%s'
bufaux.c
oi == ((bits + 7) / 8)
%02x
Received packet with bad string length %d
SSH_AUTH_SOCK
Invalid %s `%.100s', it should contain at least one /.
Parent directory stat failed `%.100s'
Cannot stat authentication socket directory %.100s
stat . failed
Wrong directory after chdir
Invalid owner of authentication socket directory %.100s
Invalid modes for authentication socket directory %.100s
Cannot find authentication socket %.100s/%.100s
Authentication socket `%.100s' is symlink
%s-%d
Cannot make temporary authentication socket directory %.100s
Cannot stat newly created temporary authentication socket directory %.100s
Cannot stat . in newly created temporary authentication socket directory %.100s
Cannot stat .. in newly created temporary authentication socket directory %.100s
Agent parent directory is not sticky, mode is %o it should be 041777
Wrong parent directory after chdir to temp directory
Hard link to auth socket failed
Stat to hard link of authentication socket failed
Hard link and orignal socket are not same
Socket failed
Connection to authentication agent opened.
No agent.
write auth->fd: %.100s
read auth->fd: %.100s
Authentication reply message too long: %d
Incomplete authentication reply.
Bad authentication reply message type: %d
Too many identities in authentication reply: %d
Compatibility with ssh protocol version 1.0 no longer supported.
Error writing to authentication socket.
Error reading response length from authentication socket.
Authentication response too long: %d
Error reading response from authentication socket.
Agent admitted failure to authenticate using the key.
Bad authentication response: %d
Add identity response too long: %d
Bad response to add identity from authentication agent: %d
Remove identity response too long: %d
Bad response to remove identity from authentication agent: %d
SSH PRIVATE KEY FILE FORMAT 1.1
Write to key file %.200s failed: %.100s
Authentication file too big: %.200s
Read from key file %.200s failed: %.100s
Bad key file %.200s.
Unsupported cipher %.100s used in key file %.200s.
Bad passphrase supplied for key file %.200s.
Bad public key, POTENTIAL BREAK-IN ATTEMPT!
%s:%u: failed assertion `%s'
rsaglue.c
len >= input_len + 3
Bad result from rsa_private_decrypt
reserved
blowfish
arcfour
used to be tss
3des
idea
none
cipher_name: bad cipher number: %d
Arcfour cipher is disabled in this host, using blowfish cipher instead
Key length %d is insufficient for IDEA.
Key length %d is insufficient for 3DES.
Key length %d is insufficient for Blowfish
cipher_set_key: unknown cipher: %d
cipher_encrypt: unknown cipher: %d
cipher_decrypt: unknown cipher: %d
 %s:%u: failed assertion `%s'
des.c
(len & 7) == 0
%s:%u: failed assertion `%s'
arcfour.c
key_len > 0
userfile_packet_send: child has died: %s
userfile_read_raw: child has died: %s
userfile_read_raw: received packet too long.
userfile_read_packet: unexpected packet type: got %d, expected %d
pipe: %s
fork: %s
dup2 1
dup2 0
/bin/sh
HOME=
USER=
PATH=
LOGNAME=
MAIL=
SHELL=
TERM=
DISPLAY=
PRINTER=
XAUTHORITY=
TERMCAP=
execv /bin/sh failed: %s
userfile_child_server: packet type %d
userfile_init already called
setgid: %s
initgroups: %s
setuid: %s
userfile_open: using non-current uid but not initialized (uid=%d, path=%.50s)
userfile_open: uid not current and not that of child: uid=%d, path=%.50s
userfile_close: type %d
userfile_fill: buffer not empty
userfile_fill: got more than data than requested
userfile_fill: type %d
userfile_getc/fill error
userfile_write: type %d
userfile_lseek: type %d
userfile_mkdir with uid %d
userfile_mkdir with wrong uid %d
userfile_stat with uid %d
userfile_stat with wrong uid %d
userfile_remove with uid %d
userfile_remove with wrong uid %d
userfile_popen: using non-current uid but not initialized (uid=%d)
userfile_popen: uid not current and not that of child: uid=%d
ssh.%04X
%08X%08X
userfile_get_des_1_magic_phrase with uid %d
userfile_get_des_1_magic_phrase with wrong uid %d
Received signal %d.
%s:%u: failed assertion `%s'
blowfish.c
(len & 7) == 0
%s:%u: failed assertion `%s'
deattack.c
len <= (SSH_MAXBLOCKS * SSH_BLOCKSIZE)
len % SSH_BLOCKSIZE == 0
Installing crc compensation attack detector.
0123456789abcdefghijklmnopqrstuvwxyz
0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789abcdefghijklmnopqrstuvwxyz
0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ
cannot allocate in gmp
;V<$
;V<$
!P狽_
uEqN除
5Gf{3
iLK@
>i"dkZn
맸⒯
>b^疥
@쇠S
>W[|
>L勁
>IGt
@c商)
壯?
褥w>@m,2
>A슬綺켜8y
>@iV
例I(
+뿐s
>:u@
>9c;
F약M
>8Z"
>7Yx
_ 롓
i|췐
(%HΚl
^M`+R
>.琨'
>-[[.Y<
a~효
>,④2W
MEtl
>+饗6
;'a?
>*か
 랒HA
>(槨PyF3
u]99u_
d-r`G
>$夭
>#碍
>#f괌V?
>"圍
>"q4
eSga
>!瀚
;V<$
{否i (
> 1:
j,!+
uo麒R
3驪J0
烟{*
dA칸-
루젖x+
+S1n링
퍼a@
62彈
q,;蘭
Y(A6
.{1@
샐"ga樽9老
$6動
,-肋r舶
饅-B
!P狽_
쁩5c
2祠"
z6◈
航;蠣
d?Ae
B盲↔0田
多GV
YH瞬q
#aOS]
Y텐qm
5]yna^
恥_^
rc=_
e821C
8xkV>
mo꼰+l
9A  ◑
*p碎丙
烟{*
$浚?J
.旱莖
V┢Y
j누롤
P9Л
睿멨q
AP兮
O앍m
;V<$
62彈
逞m11*`
,;蘭
胴崩덧'f
잭滔
E郊5
incompatible version
buffer error
insufficient memory
data error
stream error
file error
stream end
need dictionary
1.0.4
unknown compression method
invalid window size
incorrect header check
need dictionary
incorrect data check
invalid block type
invalid stored block lengths
too many length or distance symbols
invalid bit length repeat
oversubscribed dynamic bit lengths tree
incomplete dynamic bit lengths tree
oversubscribed literal/length tree
incomplete literal/length tree
invalid literal/length code
invalid distance code
invalid distance code
invalid literal/length code
2y棅ㅰ旅
樸}m卑擬鍍Q
Vdk㉯
`A深gqr<
k5델
l芳?Ъ
u復
:휙Q
V냐#瞿
$/o|
ザf-=v
요θ먹3x
e0覓b
We겟
씀流
t犢0
J汕A=
壘錡m棠憔Ci
j4n吻
`먁D
"항㉣Y
렘;은l
緯G9
mj>zjZⓧ
l6qnk
J季발o
렙C`
倆練烏
~8輓
O捿R綺g坐
&/탄;쓰
㏊饉1,
塘嶝枓Bh芙
IiGM>nw房
jJ卯Z
;弟석S憑
慂쏠
0$뇩┷
g엿fz.
l윕)령|P
芟멜
qWNi
棗Ay
y丙`:
w좃1K'x
U``
U%嗟U
*+㈔]t
1則>
z2S
kK묻커
u긁&#
i흩J
hB拖l
濃T/h
z;雅;
^약ou
N檀b6?w
?rB
=7禁$
爲I炷
y棉倭鬪
j$ch
9뀀;R
.K냅堈WE
_9밉虎Uy음
@,ryg
ι暴2"
緖ak
2=딪
`S1{H>
W뽈o
i配B½(~
챙g2
OUsi['갱
J換l-儺[
y랍Ee
孫秦ㅛ~3b
A嶠펨
 竿6wL
他泓
낏젱//"
뇽O省
來ⓜ
w閭 ew딪
TB衷
5拳古
hNsJA
페+`
ce!濚筆
jKzp俑
n┛I㏖}
滋f履
VdRl짹
:>?T
M-8熱%]
hk?>븝
2Gs"
7쬘湺
唱㎥DaF
|yVy
譜?.U
.kq$P
쇤K}
C;7$쨘
MC*e
:庵q棲
5V准Gk<
Ep宥o
)e炳
y`R#
f市E
ap燐Gua
c溝s
P@hZ2<*눴1
~b=}⅔7
S.0T
1(X意
|撫d룔B
E荻땃か衛lO
櫶O槿B
j뻐eO;
M헉KGj=
b∫[
좡땃
>#?pa3r
_馹l";
7Y巾t`@
?s賠
gC@탠4eq>8
=J軟
@頗L&
i)4A
謄숏k.櫂
$q3
jC롯
/E옘
%G輿
(Px%S
O??
z甛땔
7_翌x
@k*B
뱃9累;
f1儒
[C2hA惡
x 嬅
E@VШH
'US::
X揭)c
*JV?1%
)1|熹
H渥m"H
2_Q瀜
읾誌
5d%{x4`*
`棲獒
fO驥
b鍈春TI
}H餉
t:onヴ飄7
`〓碑
mg,7'e
v;籠79.넋
.1-hB
=%쌔恂촁DB
`M襤
W씜溫$UFB
X.aNX
臻肴
승Sf荷홰
UF蝗
bHut
뜩⒫
∞2F3
ⅳ傘
?須
z(쟘
cS쭁
섬肆
}♂Y
r_rM
話뒈=|
6*왁奔
7悼推ヂw7Z
n굶j6n
ny튁v
eI쪘S
)9쁜㈉FP
&渦^
∪驢j-Q
쨍C$.娶
Ub茸/幀
R腿?
閭;>
}拮>
|}-(
%救至
Z獵rZ
ζG갔噫
(;W契
.(x_
D息^
d凋취
c!黜
墨ヌQg激
찰>{
)=FH
dE잖Xl娑
 확[업
k담쁨
j~:Y
D섦鼓r威¾d
cT/]
Ncpt
S}]@@
Ho?;
K'r'
?病:y+4E%
yK/2?
~션嵐
찼沃
衾嗣
1|汐+O
C寸:畛
벰祇
B閃n
탑q
v2每5
by鳩>~o
瑙濯"
51V勁
bZu逾n
憐퓰2z
%욋5쌀
@息8ソ`%G
 u``
L疲~
j斡吟
 deflate 1.0.4 Copyright 1995-1996 Jean-loup Gailly
 inflate 1.0.4 Copyright 1995-1996 Mark Adler
as: WorkShop Compilers 5.0 Alpha 03/27/98 Build
as: WorkShop Compilers 5.0 Alpha 03/27/98 Build
@(#)SunOS 5.7 Generic October 1998

관련자료

댓글 1

홍보성님의 댓글

  • 홍보성
  • 작성일
길어서 대충 보니 sshd 기반 구멍을 만들어 주는 데몬 같네욤~

 

공지사항


뉴스광장


  • 전체 회원수 59,615 명
  • 전체 게시물 32,170 개
  • 전체 댓글수 11,911 개