ThinkPHP¤Î¸Å¤¤ÀȼåÀ¤ò°ÍѤ·¤¿¥µ¥¤¥Ð¡¼¹¶·â¤ò³Îǧ¡¢Ãí°Õ¤ò
Akamai Technologies¤Ï¤³¤Î¤Û¤É¡¢¡Ö2024: Old CVEs, New Targets - Active Exploitation of ThinkPHP¡ÃAkamai¡×¤Ë¤ª¤¤¤Æ¡¢ThinkPHP¤Î¸Å¤¤ÀȼåÀ¤ò°ÍѤ¹¤ë¥µ¥¤¥Ð¡¼¹¶·â¤Î¥¥ã¥ó¥Ú¡¼¥ó¤òȯ¸«¤·¤¿¤ÈÊ󤸤¿¡£¤³¤Î¥¥ã¥ó¥Ú¡¼¥ó¤Ç¤ÏThinkPHP¤òÍøÍѤ·¤Æ¤¤¤ëWeb¥µ¥¤¥È¤ËÂФ·¥Ð¥Ã¥¯¥É¥¢¡ÖDama Web¥·¥§¥ë¡×¤òŸ³«¤¹¤ë¤È¤¤¤¦¡£
2024: Old CVEs, New Targets - Active Exploitation of ThinkPHP¡ÃAkamai
¡û¡ÖThinkPHP¡×¤È¤Ï
º£²ó¹¶·â¤ÎÂоݤȤʤä¿¡ÖThinkPHP¡×¤Ï¡¢Ãæ¹ñ¤Î¥ª¡¼¥×¥ó¥½¡¼¥¹PHP¥Õ¥ì¡¼¥à¥ï¡¼¥¯¡£¥â¥Ç¥ë¥Ó¥å¡¼¥³¥ó¥È¥í¡¼¥é¡¼(MVC: Model View Controller)¥¢¡¼¥¥Æ¥¯¥Á¥ã¤Ë¤è¤ëWeb¥¢¥×¥ê¥±¡¼¥·¥ç¥ó³«È¯¤ò»Ù±ç¤¹¤ë¡£
¡û¿¯³²·ÐÏ©
Akamai Technologies¤Ë¤è¤ë¤È¡¢º£²ó¤Î¥¥ã¥ó¥Ú¡¼¥ó¤Ç¤Ï¡¢¼¡¤Î2·ï¤ÎÀȼåÀ¤¬°ÍѤµ¤ì¤¿¤È¤¤¤¦¡£
CVE-2018-20062 - ThinkPHP¤ÎApp.php¤ËǤ°Õ¤ÎPHP¥³¡¼¥É¼Â¹Ô¤ÎÀȼåÀ
CVE-2019-9082 - ThinkPHP¤Ë¥ê¥â¡¼¥È¥³¡¼¥É¼Â¹Ô(RCE: Remote Code Execution)¤ÎÀȼåÀ
¹¶·â¼Ô¤Ï¤³¤ì¤éÀȼåÀ¤òÍøÍѤ·¡¢¸Å¤¤ThinkPHP¤¬Æ°ºî¤·¤Æ¤¤¤ëWeb¥µ¥¤¥È¤ò¿¯³²¤·¡¢¥Ð¥Ã¥¯¥É¥¢¤òÀßÃÖ¤¹¤ë¡£¤³¤Î¥¥ã¥ó¥Ú¡¼¥ó¤Ï2023ǯ10·îº¢¤«¤éÆÃÄê¤Î¸ÜµÒ¡¢ÁÈ¿¥¤òɸŪ¤Ë³«»Ï¤µ¤ì¡¢ºÇ¶á¤Ë¤Ê¤ê³èÆ°ÈϰϤ¬³ÈÂ礷¤¿¤È¤µ¤ì¤ë¡£
¡û±Æ¶Á¤ÈÂкö
Akamai Technologies¤ÎÄ´ºº¤Ë¤è¤ë¤È¡¢¤³¤Î¹¶·â¤Î¿¤¯¤Ï¹á¹Á¤Î¥¯¥é¥¦¥É¥×¥í¥Ð¥¤¥À¡¼¤Î´ÉÍý²¼¤Ë¤¢¤ëÊ£¿ô¤Î¥µ¡¼¥Ð¤«¤é¼Â¹Ô¤µ¤ì¤¿¤È¤¤¤¦¡£¤·¤«¤·¤Ê¤¬¤é¡¢¤³¤ì¤é¥µ¡¼¥Ð¤Ë¤âƱ¤¸¥Ð¥Ã¥¯¥É¥¢¤¬ÀßÃÖ¤µ¤ì¤Æ¤¤¤ë¤³¤È¤«¤é¡¢¹¶·â¼Ô¤Ï¤³¤ì¤é¥µ¡¼¥Ð¡¼¤òƧ¤ßÂæ¤Ë¤·¤Æ¹¶·â¤ò³ÈÂ礷¤¿¤â¤Î¤È¤ß¤é¤ì¤Æ¤¤¤ë¡£
¤Ê¤ª¡¢ÀßÃÖ¤µ¤ì¤ëDama Web¥·¥§¥ë¤Ë¤Ï¾ðÊóÀà¼è¡¢¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤ÎÁàºî¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤ÎÀà¼è¡¢¥·¥§¥ë¥³¥Þ¥ó¥É¤Î¼Â¹Ô¡¢Windows¥¿¥¹¥¯¥¹¥±¥¸¥å¡¼¥é¡¼¤ÎÁàºî¤ò²ð¤·¤¿Æø¢¥æ¡¼¥¶¡¼¤ÎÄɲõ¡Ç½¤Ê¤É¤¬¤¢¤ë¤È¤µ¤ì¤ë¡£
Dama Web¥·¥§¥ë¤ÎÁàºî²èÌÌ¡¡°úÍÑ¡§Akamai Technologies
Akamai Technologies¤Ï¤³¤Î¹¶·â¤ò²óÈò¤¹¤ë¤¿¤á¡¢ThinkPHP¤òºÇ¿·¥Ð¡¼¥¸¥ç¥ó¤Î8.0°Ê¹ß¤Ë¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ë¤³¤È¤ò¿ä¾©¤·¤Æ¤¤¤ë¡£¤·¤«¤·¤Ê¤¬¤é¡¢ThinkPHP¤òÁȤ߹þ¤ó¤Ç¤¤¤ë¤¹¤Ù¤Æ¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òºÇ¿·ÈǤ˥¢¥Ã¥×¥Ç¡¼¥È¤Ç¤¤ë¤È¤Ï¸Â¤é¤Ê¤¤¡£¤½¤¦¤·¤¿¾ì¹ç¤Ï¡¢Akamai Technologies¤Î¡ÖAdaptive Security Engine¡×¤òÈ÷¤¨¤¿¡ÖApp & API Protector¡×¤ÎƳÆþ¤ò¿ä¾©¤·¤Æ¤¤¤ë¡£
¡û¡ÖThinkPHP¡×¤È¤Ï
º£²ó¹¶·â¤ÎÂоݤȤʤä¿¡ÖThinkPHP¡×¤Ï¡¢Ãæ¹ñ¤Î¥ª¡¼¥×¥ó¥½¡¼¥¹PHP¥Õ¥ì¡¼¥à¥ï¡¼¥¯¡£¥â¥Ç¥ë¥Ó¥å¡¼¥³¥ó¥È¥í¡¼¥é¡¼(MVC: Model View Controller)¥¢¡¼¥¥Æ¥¯¥Á¥ã¤Ë¤è¤ëWeb¥¢¥×¥ê¥±¡¼¥·¥ç¥ó³«È¯¤ò»Ù±ç¤¹¤ë¡£
¡û¿¯³²·ÐÏ©
Akamai Technologies¤Ë¤è¤ë¤È¡¢º£²ó¤Î¥¥ã¥ó¥Ú¡¼¥ó¤Ç¤Ï¡¢¼¡¤Î2·ï¤ÎÀȼåÀ¤¬°ÍѤµ¤ì¤¿¤È¤¤¤¦¡£
CVE-2018-20062 - ThinkPHP¤ÎApp.php¤ËǤ°Õ¤ÎPHP¥³¡¼¥É¼Â¹Ô¤ÎÀȼåÀ
CVE-2019-9082 - ThinkPHP¤Ë¥ê¥â¡¼¥È¥³¡¼¥É¼Â¹Ô(RCE: Remote Code Execution)¤ÎÀȼåÀ
¹¶·â¼Ô¤Ï¤³¤ì¤éÀȼåÀ¤òÍøÍѤ·¡¢¸Å¤¤ThinkPHP¤¬Æ°ºî¤·¤Æ¤¤¤ëWeb¥µ¥¤¥È¤ò¿¯³²¤·¡¢¥Ð¥Ã¥¯¥É¥¢¤òÀßÃÖ¤¹¤ë¡£¤³¤Î¥¥ã¥ó¥Ú¡¼¥ó¤Ï2023ǯ10·îº¢¤«¤éÆÃÄê¤Î¸ÜµÒ¡¢ÁÈ¿¥¤òɸŪ¤Ë³«»Ï¤µ¤ì¡¢ºÇ¶á¤Ë¤Ê¤ê³èÆ°ÈϰϤ¬³ÈÂ礷¤¿¤È¤µ¤ì¤ë¡£
¡û±Æ¶Á¤ÈÂкö
Akamai Technologies¤ÎÄ´ºº¤Ë¤è¤ë¤È¡¢¤³¤Î¹¶·â¤Î¿¤¯¤Ï¹á¹Á¤Î¥¯¥é¥¦¥É¥×¥í¥Ð¥¤¥À¡¼¤Î´ÉÍý²¼¤Ë¤¢¤ëÊ£¿ô¤Î¥µ¡¼¥Ð¤«¤é¼Â¹Ô¤µ¤ì¤¿¤È¤¤¤¦¡£¤·¤«¤·¤Ê¤¬¤é¡¢¤³¤ì¤é¥µ¡¼¥Ð¤Ë¤âƱ¤¸¥Ð¥Ã¥¯¥É¥¢¤¬ÀßÃÖ¤µ¤ì¤Æ¤¤¤ë¤³¤È¤«¤é¡¢¹¶·â¼Ô¤Ï¤³¤ì¤é¥µ¡¼¥Ð¡¼¤òƧ¤ßÂæ¤Ë¤·¤Æ¹¶·â¤ò³ÈÂ礷¤¿¤â¤Î¤È¤ß¤é¤ì¤Æ¤¤¤ë¡£
¤Ê¤ª¡¢ÀßÃÖ¤µ¤ì¤ëDama Web¥·¥§¥ë¤Ë¤Ï¾ðÊóÀà¼è¡¢¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤ÎÁàºî¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤ÎÀà¼è¡¢¥·¥§¥ë¥³¥Þ¥ó¥É¤Î¼Â¹Ô¡¢Windows¥¿¥¹¥¯¥¹¥±¥¸¥å¡¼¥é¡¼¤ÎÁàºî¤ò²ð¤·¤¿Æø¢¥æ¡¼¥¶¡¼¤ÎÄɲõ¡Ç½¤Ê¤É¤¬¤¢¤ë¤È¤µ¤ì¤ë¡£
Dama Web¥·¥§¥ë¤ÎÁàºî²èÌÌ¡¡°úÍÑ¡§Akamai Technologies
Akamai Technologies¤Ï¤³¤Î¹¶·â¤ò²óÈò¤¹¤ë¤¿¤á¡¢ThinkPHP¤òºÇ¿·¥Ð¡¼¥¸¥ç¥ó¤Î8.0°Ê¹ß¤Ë¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ë¤³¤È¤ò¿ä¾©¤·¤Æ¤¤¤ë¡£¤·¤«¤·¤Ê¤¬¤é¡¢ThinkPHP¤òÁȤ߹þ¤ó¤Ç¤¤¤ë¤¹¤Ù¤Æ¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òºÇ¿·ÈǤ˥¢¥Ã¥×¥Ç¡¼¥È¤Ç¤¤ë¤È¤Ï¸Â¤é¤Ê¤¤¡£¤½¤¦¤·¤¿¾ì¹ç¤Ï¡¢Akamai Technologies¤Î¡ÖAdaptive Security Engine¡×¤òÈ÷¤¨¤¿¡ÖApp & API Protector¡×¤ÎƳÆþ¤ò¿ä¾©¤·¤Æ¤¤¤ë¡£