Website trap counterattack from here

Some malicious users use scanning tools to detect vulnerabilities on websites that have been created by webmasters. A manager's carelessness may make the website a thing in the hands of attackers. In fact, it is very easy to deal with these novice hackers who want to intrude into the website. As long as the website administrator adds a specific backdoor program to the page, the intruders will not return.

Database plugging

The default database download vulnerability is a technology that many hackers prefer to exploit. Management personnel can leave this "Vulnerability" for the website, allowing hackers to download the specified database, but they will gradually go into the trap.

1. How to exploit database download Vulnerabilities

Although the default database downloading, uploading, and background password bypass vulnerabilities are very primitive, many malicious attackers use this vulnerability to attack the website. Once successful, the consequences are self-evident. Therefore, the website administrator can modify the name of the real database of the website, change its path for protection purposes, and delete the database disguised as a Trojan without changing it, waiting for the attacker to download it.

2. Database insertion Trojan

First, prepare a remote control tool (for example, remote control) for simple configuration to generate the server. Run unzip mdbexp.all.v1.04.exe in the "full set of office Trojan Tools" toolkit, specify the trojan program to run, set the trojan saving path, and click "OK ", this server program is disguised as a database file in MDB format. (Note: The server cannot exceed 50KB .)

3. Set traps

Taking the dynamic network DVBBS Forum as an example, website administrators modify the name of the original database and change its path. Change the name of the database inserted to the Remote Control Server to "dvbb7.mdb" and place it in the default directory of the database on the Internet. When attackers attempt to exploit the database download vulnerability to conduct website attacks, they will download disguised database files inserted into the Remote Control Server. When they double-click to open the database, the Remote Control Server embedded in it runs automatically, and the computers of intruders are controlled by website administrators.

Management Background Trojan

Attackers often log on to the website's Management page illegally and upload Trojans to further penetrate, escalate permissions, and even control servers. For such intrusion, in addition to reinforcing server settings, website administrators can also set traps in the management background.

1. Attack principles

After obtaining the Administrator's username and password, a malicious attacker attempts to enter the background on the website management page. For such a vicious behavior, website administrators can punish attackers by adding code to the logon page file to run the specified program.

2. Create a webpage Trojan background trap

Step 1: run the MS-07004 web horse, generate a trojan client, upload the program to a directory of the website, get a URL address.

Step 2: run the "small golden pig MS-07004 network horse V3.0" tool, in the "Network horse configuration", enter the network horse URL, select the trojan type as "MS06014 + MS07004 ", click "generate normal Web horse" to generate a file named "mm. js.

Step 3: place the mm. js file in the same folder on the background page of the website forum, and insert the code "" in the "login. asp" file on the background logon page. In this way, when an attacker attempts to enter the background illegally, if the system does not have the latest patch package, it will be a Trojan.

3. Severely punish attackers

Through the preceding security measures, website administrators can remotely control malicious attackers. If you want to severely punish them, you can insert some virus programs on the Web page so that intruders cannot be attacked and punished. The specific practices will not be repeated.

Summary:

To maintain the security of your website, website administrators must strictly deploy the website. Do not give malicious attackers the opportunity. Of course, it is necessary to set a trap and give a warning to those unscrupulous attackers to fight back. Instead of passive defense, it is better to take the initiative.