Nowadays, many Internet cafes have installed the Management System of Wanxiang Internet cafes. The convenience brought by this system is obvious to all. However, the more convenient the system is, the more security risks it has. Many hackers have come up with a way to crack this management system. Some may even intrude into Internet cafe servers to gain administrator privileges, it can even control the entire Internet cafe, which is quite harmful. So I will introduce how hackers intrude into the server, hoping to help the network management.
First, a hacker chooses an internet cafe. When the hacker opens the host, the system is locked. In fact, the Wanxiang Internet cafe management system does not lock the system, but limits the moving range of the mouse.) There are many ways to unbind the system, most of which are through the smart pinyin ABC Input Method vulnerabilities, the methods are not introduced here. I believe everyone knows, but it is worth mentioning that if a hacker unlocks the system and renames or deletes the files in Vientiane, if the restore wizard is installed on the host, after the computer is restarted, the system is locked. Because the restore wizard is the first to start, it will restore the renamed or deleted files. The solution is to open the registry after unlocking the system and remove the restore wizard from the startup bar. After the host is restarted, the system is started. Now, hackers are about to start real intrusion. First, the hacker must download the installation program www.intous.com. Why not install it? The reason is: in an Internet cafe, all computers are divided into clients and servers, and clients are the hosts on which we access the internet. The server is the server, that is, the host used for network management. The Network Administrator sends various commands to the client through the server, such as boot, shutdown, and checkout. That is to say, the server controls the entire Internet cafe. After downloading the installer, a hacker can choose whether to install the client or the server, of course, to install the client. But it is not immediately installed. Because the host used by hackers is actually a client
, Which is clearly displayed on the server. For example, if you are on host 24, the server displays various situations of host 24. Once the server is installed. First, the serial number of host 24 as the client will be damaged, which will be displayed on the server, so that the network administrator can check the cause, of course, hackers will not make such dangerous mistakes. In addition, there will be two servers in an Internet cafe after the server is installed, and the system does not know
Which server-side command should be executed will usually allow both servers to control the client, which is not what hackers want to achieve. Therefore, if hackers want to completely control the entire Internet cafe, they need to intrude into the real server and cause its system to crash. The Real Server disappears and takes over from the original server, the client is the new server. This method not only controls the entire Internet cafe, but also won't be discovered by the network management, so it is a common method for hackers.
So how did hackers crash the server system?
The answer is simple: attack the server.
There are also many methods to attack the server. Here we will introduce how to paralyze the network by using the PING command. We know that the PING command can send data packets to the target host, but there is a vulnerability, when the number of data packets sent to the target host exceeds 65532byt, the target host will crash or restart. Therefore, Microsoft limits the data packet size so that the sent data packet cannot exceed bytes.
However, even if 65500 of data packets are sent continuously, the target host will be paralyzed. Hackers use this command: ping-1 65500-t 192.168.1.025 (the input IP address is the IP address of the host to be attacked. Here is an example.) This command will continuously send 65500 packets to the target host, it generally takes less than 10 minutes to know that the system is paralyzed. Therefore, if hackers send this command to the internet cafe server, the server will be paralyzed and the entire Internet cafe will be suspended. Hackers can take over the server. But there is another question: How can I obtain the IP address of the server? In fact, it is very simple. You only need to use a scanning tool to scan the local IP address and change the last value to 1. For example, if the local IP address is 192.168.1.023, then the Server IP address is 192.168.1.01. In this way, the whole process of hacker intrusion into Internet cafe servers is over, hoping that the articles will be enlightened.