Hacker's Way of growth-----Ten questions (2nd day)

Source: Internet
Author: User
Tags net send

() Hi everyone, the next day!

First, tool scanners commonly used by hackers?

Answer: every hacker has one or two handy scanners in hand, and scanners play a big role in the hands of a seasoned hacker . !

X-scan and Superscan are most commonly used in scanners.

I think Superscan Better the previous article has already mentioned how to download the

Second, hack software?

A: We have to get the target host information agent after we need to do some hack account password, this time we need to use some cracked software

Cyber Assassin

http://www.greenxf.com/soft/7304.html (Test available!) )

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/71/1E/wKiom1XGnmnzz8A2AAFFBuHdI7Y078.jpg "title=" QQ picture 20150809082409.jpg "alt=" Wkiom1xgnmnzz8a2aaffbuhdi7y078.jpg "/>

Third, A Trojan horse?

Answer: "Trojan Horse" (Trojan) technology is commonly used by hackers attack means. It does this by hiding a program that runs at the start of W i n d o w in your computer system, using the server/client run mode to control your computer on the Internet. Hackers use Trojans to steal your passwords, browse your drives, modify your files, log in to the registry, and more . ,

Recommend a website:

Http://www.xfocus.net/tools/200407/736.html

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/71/1B/wKioL1XGoImyl9r9AAD0msJDprI531.jpg "title=" QQ picture 20150809082645.jpg "alt=" Wkiol1xgoimyl9r9aad0msjdpri531.jpg "/>

Four, A bomb?

Answer: when the hacker is not satisfied with someone, can when he is browsing the Web site to find information, fry him, let his screen turn blue, or let him offline; In addition, if you know his e-mail address, you can fill his mailbox with thousands of useless letters, so that he could not receive letters and so on. The use of bombs to attack each other, compared to other means of attack is relatively simple

Five, Getting Started command?

For:

Ping www.baidu.com (own Baidu!!!!) Don't say so thin, affect your thinking)

Ping-f-S 65000 XXX.XXX.XXX.XXX ", in fact, this command is mainly used to see the speed of each other's response .

Net NET is a command-line command. Can be used to manage the network environment, services, users, login .... etc. local information;

(1) NET VIEW

(2) NET USER

(3) NET Use

(4) NET Time

Function: Synchronize the computer's clock with the time of another computer or domain.

(5) Net Start

Role: Starts the service or displays a list of services that have been started.

Command format: NET start service

6) Net Pause

Role: Pauses a running service.

Command format: NET Pause service

(7) Net Continue

Role: Re-activates the suspended service.

Command format: NET Continue Service

(8) NET STOP

Function: Stops the network service that is running.

23

Command format: net stop service

9) Net Statistics

Role: Displays statistical records of local workstations or server services.

Command format: NET statistics [workstation | Server

Net Share

Role: Create, delete, or display shared resources.

) Net Session

Role: Lists or disconnects the session of the local computer and the client to which it is connected, or it can be written as net sessions or net Sess.

) Net Send

Role: Send messages to other users and computers on the network.

Net Print

Function: Displays or controls print jobs and print queues.

There are some, to check it yourself!

Ipconfig : View your own IP

Tarcert: The diagnostic utility will contain a different lifetime (T T L) value of i n T e R n e t Control Message Protocol I C M P echo packets are sent to the target to determine the route to be used to reach the destination. That is, from where you go, which routers go through, and then you get to the destination.

ftp:: File transfer

Six, Why is there a loophole?

Please write software is not a machine, certainly will have to consider the place, hardware problems through the software display.

Seven, are the systems we use secure?

Answer: What do we usually use? Window7 Windows8, is it safe? Wipe! Especially insecure, the Microsoft system itself is more than a loophole, but also the development of such a multi-port, some services, software if there are loopholes, then what? The door of your house is always open!!!

Eight, intrusion and defense of NetBIOS vulnerabilities?

For:

Vulnerability Description: NetBIOS: Network basic input/output system, The system can use the W i N s service, broadcast and L m h o s t file and other modes to resolve the N e T B I o s name to the corresponding I P address, thus realizing the information communication. If it is a local area network, the use of NetBIOS protocol can be very convenient to achieve information communication! But what? If on the Internet, the NetBIOS protocol is equivalent to a backdoor program.

Vulnerability attack: First download a tool, here I recommend to everyone is shed

What about the download URL? http://down.51cto.com/data/451466

Put a picture below:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/71/1E/wKiom1XGnrex3oVgAAEQKQs9KnU410.jpg "title=" QQ picture 20150809082640.png "alt=" Wkiom1xgnrex3ovgaaeqkqs9knu410.jpg "/>

Specific use, I believe you will definitely go groping!

So how to defend it?

1: disable netBIOS Protocol

2: Close 139 port (i.e. service port)

Ps: All defensive methods are similar to!!!!!!!!!!

① unlocking file shares and printer sharing

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/71/1B/wKioL1XGoMui671_AAGLbK3QewU942.jpg "title=" QQ picture 20150809082634.png "alt=" Wkiol1xgomui671_aaglbk3qewu942.jpg "/>

Remove the hook from the front

② Disable NetBIOS on TCP/IP

Control Panel ------------> Administrative Tools ------------------> Services -----------> Find Tcp/ipnetbios , disable it!!!

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/71/1E/wKiom1XGnuSCqxxzAAHEm1pgtVE261.jpg "title=" QQ picture 20150809082551.jpg "alt=" Wkiom1xgnuscqxxzaahem1pgtve261.jpg "/>

③ to block access to ports 139 and 445 by using IPSec security policy

Control Panel------------> Administrative Tools----------> Local Security Policy

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/71/1B/wKioL1XGoPyygUk-AADQ_yJtQn8631.jpg "title=" QQ picture 20150809082557.jpg "alt=" Wkiol1xgopyyguk-aadq_yjtqn8631.jpg "/>

④ Stopping the Server service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/71/1B/wKioL1XGoSnxi-8LAAHEm1pgtVE803.jpg "title=" QQ picture 20150809082551.jpg "alt=" Wkiol1xgosnxi-8laahem1pgtve803.jpg "/>

Turn off the S e R v E r service, so that although no ports are off, you can abort the service to other machines and, of course, stop sharing the other machines. However, shutting down the service can cause a lot of related services to fail to start, and if I am in the machine, this method cannot be used.

⑤ using firewall defense methods

Add: In addition to shutting down the N e t B I O S protocol or closing the port, we can also use the following methods to keep things simple:

① shutdown does not require shared directories and peripheral properties, which is an effective way to prevent shared intrusions.

② uses complex characters to name shared names, which often causes the output of the N e t V i e w command to fail with some scans.

Ps: Above we attack the process, learn something must be extrapolate!!

Learn about a service (find a vulnerability in a service)-----------> Find the right tool-------------> Of course to learn how to defend!!!!

Nine, IME Vulnerability?

A : When we install the system, the default installs some software, these software general users are not clear, just use the time can use, in fact, these things most dangerous! Below I say Input method vulnerability: in the default installation, W i n d o W s 2 0 0 0 in the Simplified Chinese input method does not correctly detect the current state, resulting in the system login interface to provide an inappropriate functionality in turn, hackers can directly manipulate the computer's keyboard to get the current system permissions, from Instead, run the code of his choice, change the system configuration, create a new user, add or remove system services, add, change, or delete data ....(Good terror has wood, perhaps you have to say, this is Windows2000, now win10 come out, please, What we learn is thought!!! )

Using the IME vulnerability attack, using the Port scan Tool Superscan, Input Method default port is 3389, you are now sweep sweep! If we find it, we can log in. After the login is successful, we can create a user with the IME vulnerability and join Administra, or activate the gust user.

Input Method Vulnerability Prevention?

1. hit the Windows 2000 OS patch.

2. Delete Input method Help files and unwanted input methods

3. Stop Terminal Services

Ps: Any one can do it.

10. winds2000, System crash vulnerability?

End users who use Windows 2000 systems can just hold down the right CTRL key and press two times scroll Lock to completely crash the entire Windo W s 2 0 0 0 system, but at the same time destroy the full current system memory record under C: \ w i n n T. The memory record file name is M e m o r y. D M P. But in the default state, this strange feature is still in the closed state, so we generally do not need to be afraid.


650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/71/1E/wKiom1XGn6igRqKyAAErFTnH5eo211.jpg "title=" QQ picture 20150809082544.jpg "alt=" wkiom1xgn6igrqkyaaerftnh5eo211.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/71/1E/wKiom1XGn-PTQYbsAAC890MLvwo995.jpg "title=" QQ picture 20150809083312.jpg "alt=" Wkiom1xgn-ptqybsaac890mlvwo995.jpg "/>

Prevention of system Crash vulnerability

Prohibit remote users from modifying the registry?

My Computer --------------> Control Panel --------------> Administrative Tools -----------> Service ------------->

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/71/1B/wKioL1XGof7TyTK-AAHCaw53cZg013.jpg "title=" QQ picture 20150809082528.jpg "alt=" Wkiol1xgof7tytk-aahcaw53czg013.jpg "/>


This article is from the "Make a few" blog, be sure to keep this source http://9399369.blog.51cto.com/9389369/1683025

Hacker's Way of growth-----Ten questions (2nd day)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.