Theory with practice is the best way to learn, we know how to penetrate the attack at the same time, someone to start to try to simulate a real attack.
Infiltration, when we found that a certain machine opened some ports, you can think of how to use the relevant service vulnerabilities to launch attacks.
The success of each attack depends on the operating system of the target host. The installed Service Pack (ServicePack) version and language type, while also relying on the successful bypassing of data Execution Protection (dep:dataexecutionprevention). DEP is designed to protect against buffer overflows. It renders the program stack as read-only, preventing shellcode from being maliciously placed on the stack and executing, but we can bypass DEP protection with some complex stack operations.
The essence of attack infiltration is to fully identify the security weaknesses in the target system, and to find the corresponding attack for the weakness, and obtain the access rights of the system.
1. For operating system penetration
In the previous experiment has been explained, do not know can go to see.
2. Infiltration of installed service packs
Use Nmap to detect the target machine amount, scan the port and the version number of the service used
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
