Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker invade > Content
Hot Articles
The local area network i
Manual injection ASP scr
Simulates the intruder t
Invades the chinalinux s
Invades the Linux operat
Invades in the process t
Invades once more using
Invades the WINDOWS serv
PHP pours into the invas
Brief analysis Linux sys
Invades the Turkish webs
Invades RedHat the Linux
Buffer overflow analysis
Invades the Linux system
The study contains the c
Recommend Articles
Manual injection ASP scr
Simulates the intruder t
Invades the chinalinux s
The local area network i
Invades the Linux operat
Invades in the process t
Invades once more using
Invades the WINDOWS serv
PHP pours into the invas
Brief analysis Linux sys
Invades the Turkish webs
Invades RedHat the Linux
Buffer overflow analysis
Invades the Linux system
The study contains the c
New Articles
Invades the Turkish webs
Invades RedHat the Linux
Buffer overflow analysis
Invades the Linux system
The study contains the c
System revelation passwo
Has the firewall website
Invades RedHat the Linux
Breaks through Stationma
The RPC crack invades
dcomrpc invasion
Environment variable in
One time attempts IRIX t
The security examines AS
Three minutes do hide th
Has the firewall website invasion process
  Add date: 07/26/2008   Publishing date: 07/26/2008   Hits: 1
Total 2 pages, Current page:1, Jump to page:
 
First, steps on the spot

  the ping www.111.com discovery overtime, might have the firewall or make the strategy. Uses superscan to sweep again, discovered that the open port has many, the preliminary estimate is the software firewall.

  Second, pours into

  Searches key words asp from the source document, found one to pour into the spot. Pours into with nbsi, the discovery is the sa password debarkation, added a user, demonstrated that the order completes. Ha, looked like the manager to be too careless. Uploads webshell first, has uploaded a veteran's asp wooden horse. Was has been used to it personally, I usually invaded the custom uploads webshell first, then the webshell promotion was the system jurisdiction again. Because said like this may say when the invasion unusual convenient, I will think that this method will be good.

  Third, promotion jurisdiction

  Which privileges first looks at:

  cs cript C:\Inetpub\AdminS cripts \ adsutil.vbs get /W3SVC/InProcessIsapiApps

  Obtains:

  Microsoft (R) Windows script host edition 5.1 for Windows

  All rights reserved (C) Microsoft Corporation 1996-1999. All rights reserved.

  InProcessIsapiApps: (LIST) (5 Items)

  “C:\WINNT\system32\idq.dll”

  “C:\WINNT\system32\inetsrv\httpext.dll”

  “C:\WINNT\system32\inetsrv\httpodbc.dll”

  “C:\WINNT\system32\inetsrv\ssinc.dll”

  “C:\WINNT\system32\msw3prt.dll”

  Adds asp.dll:

  cs cript C:\Inetpub\AdminS cripts \ adsutil.vbs

  set /W3SVC/InProcessIsapiApps “C:\WINNT\system32\idq.dll” “C:\WINNT\system32

  \ inetsrv \ httpext.dll " “C:\WINNT\system32\inetsrv\httpodbc.dll” “C:\WINNT\system32

  \ inetsrv \ ssinc.dll " “C:\WINNT\system32\msw3prt.dll "" c:\winnt\system32

  \ inetsrv \ asp.dll "

  Then adds a user with the asp wooden horse, demonstrated that the order completes.

  Fourth, TerminalService

  Was opens 3389, demonstrated with net start, discovered already has opened the TS service, but on the port 3389, had not thought that possibly was changes the port. But they deceive me in fact the sentiment, I used netstat - an to observe, discovered has 3389, from net start the discovery was the ghost which again opposite party firewall did. Considers as finished, an upload wooden horse, uploaded one to change the condition code 20CN bounce wooden horse, then has fallen the firewall with the wooden horse in the GUI Xiaguan, used 3389 debarkations to ascend again, here I did this am because I will know the manager certainly not in side. But regarding this time, may use fpipe compared with old road's method everybody to realize the port heavy direction detection, or uses httptunnel. With such which black against inside said that but I try not to succeed one time, moreover I in collect in the material to see black against that and other high writing by hand entirely alike, did not know who copies anyone. Also one kind of tool is despoxy, (TCP tunnel for HTTP Proxies) everybody has the interest words to be possible to go to try, it may penetrate the http proxy.

 
Other pages: : 1 * 2 * Next>>
Prev:Invades RedHat the Linux system's method Next:System revelation password invasion analysis

Comment:

Category: Home > hacker invade
Home