How to deal with various terminals
Dingchang Poetry
I don't know if the subway ticketing terminal is swollen. cmd said hi ~ The Emperor's airport navigation terminal is a model in the industry, but it does not seem to have been pushed ~ Magu subway ticketing terminal has always been well-behaved. Can it be left blank? The 6C community payment terminal has a strike. Double-click the three-button to stop it ?.........
Preface
Previously, the author often exposed some pictures of the terminal, which aroused everyone's interest. Of course, each time the method is different, and the mobile phone replies to everyone. The reply process is really enough for XO, with this article, you can sum up the methods and identify yourself as a great bypass, because you always have different ways to do it, and your slot is always so low, let's take a look at it. Next time, visit the comments floor. Here are some of the methods I have used and common tips for bypassing science.
0 × 001 what is a terminal?
Come and come ,:
Okay, it's similar. It's our common terminal. In fact, this kind of terminal is operational, easy to use, and practical. After all, living in an environment where the toilet is lined up, setting up a few such machines can solve the problem of queuing of various service units. Okay, this is not the point. After all, we are here to [*] You!
To sum up, the terminal is a machine that runs various systems and can provide services to customers in a semi-interactive manner wrapped in various transformers boxes! (The first time I defined it myself, I felt like the definition was quite long ~~~, Female ticket said: Good Time)
Well, well, as small editors often say, going closer to Science: is the terminal really safe?
The advertisement is followed by the next step.
0 × 002 how is the terminal handled?
Well, there are many problems, such as the various problems mentioned in the beginning.
The pop-up and operation cmd (shell for linux of course) displays and can operate the Registry Manager ''' of the original operating system desktop Resource Manager ''''''''
All in all, even if we get these permissions for the terminal
In fact, security attack and defense are really amazing. There are thousands of protection measures, and there are several hacker attack methods, everyone thinks that hackers need to possess thousands of skills. I mean there is something speechless, and we will do what you teach! Or what you force! (Sorry, I am a philosopher)
Classification of 0x003 Terminals
My classification is relatively simple, and simple classification is helpful for the bypass methods described below
Mouse and mouse operating Terminal
Touch-controlled Terminal
As the name implies, I cannot help you ~
0 × 004 Terminal Handling Method
[Mouse and mouse operating terminal]
This type of terminal is relatively convenient for us, because it is also convenient to operate with the keyboard and mouse.
I didn't mention the terminal protection methods. I don't want to mention them because these protection methods are really bad. Let's talk about them directly.
Terminals of this type usually disable right-click, win, and c-a-d keys (ctrl-alt-del ).
Why can I disable this function? Because the topic interface is a webpage, the user experience is not affected.
The figure can be shown here, which is taken by the Bank downstairs:
We can see that:
Obviously, it is an ie browser. Why is it ie? Compare the font display and control performance of several browsers ~
Then, the system found two control boxes in the green box that covered the toolbar, address bar, settings, and display ~
I have previously said that many buttons and combinations are disabled, so I suddenly think of alt + f4.
The above is just a typical case. Many mouse and keyboard operating terminals are similar. In the face of such terminals, how can we test these methods first? We arrange them one by one:
Programmer reserved backdoor attempts:
What you want to try is to right-click and try to see if there will be a menu, or right-click and so on ~~~ Nima is reserved by programmers themselves.
Many programmers do not use fixed borders in some programs.
What? Can I adjust the border? Yes. Place the mouse at the top corner of the screen and click the left button to pull it to the center of the screen. Why? Isn't it a pleasure? What about the desktop?
Crazy click Method
Don't laugh. Even good programs have the possibility of crashing. Let's not discuss the program that masks the piece. If you keep clicking the link in IE browser, or the row above the mask software goes forward and backward, and the program may crash and quit. (This method has been tried and tested in many service halls or in the pharmacy. Therefore, if the technology is not correct, you can use the Qilin arm !)
Outlook-like Method
Many Web pages have contact us, recruitment contact, boss mailbox or something. After you click it, the browser will not compete to call outlook, after opening it, you can choose to upload attachments or something in outlook. The file selection box is displayed. Then? Then go to cmd! What? Low permissions? Everything is fine. In the file selection box, you can click the General button on the right, create a new 1.txt file, write cmd in it, and rename it 1.bat. okay, now you can finally drop the soap.
Xss Method
I really don't want to talk about this. What about xss? Find a search and then play it ~ Cmd ~
Hand Defects
Long press, click the left mouse button to hold the page, do not loosen, who tm knows how many milliseconds the programmer sets the right-click trigger time? Don't get pregnant ~
Supplement 1:
As mentioned above, what should I do if I keep a webshell and press it or press it three times to see the right-click menu on the webpage? Right-click "print" in the menu, click "open", and then click "Next". After installing the control or something, you can see the "Browse" button. Click it and the file selection box will pop up, then it's the same as Method 4.
Supplement 2: tips that are not commonly used, such as the figure above. For example, the previous method fails.
You can also click forward or backward to refresh the page. In this way, the input focus of IE is in the address bar. If the browser is invisible and blocked, you will lose the page and enter: c: \ windows \ system32 \ cmd.exe cute is the shortcut key for running directly instead of saving:
:
In fact, there are still many methods, but they are similar. In the final analysis, you can either play it! It can be called! You can either write it! Either!
In the end, you can see that the file to be run is half successful, and the file to be run is completely successful. Not advanced ~
[Touch-operated terminal]
Such a terminal is very popular now, for example:
Such a touch-screen terminal generally does not have a complete keyboard and mouse to operate by clicking and touch. In fact, the method to handle it is the same as that of a mouse-and-mouse terminal. You can think like this, the Touch Screen Technology simulates the touch of your fingers into a mouse operation. Then, if the mouse operation is different from the above, why?
Long-pressed method
In the same way, long press won't get pregnant. You just need to press it for a while. What if the menu comes out?
Multi-finger touch
Put two or three fingers on the page and wait ~ Who knows if Brother programmers bought the medicine that day? I met a four-finger menu with a long press for 10 seconds at the same time (a station advertisement screen)
Operation gestures like Apple Systems
This is like a mac touchpad. You hold your finger and hold another finger and click (in two or three fingers mode) until the menu comes out.
Non-fixed border Method
In the same way, if there is a light mark, move the cursor to the corner with your fingers, hold it down, and drag it to the center of the screen to display the desktop behind the screen? Point your finger at the corner, hold down, and drag your finger to the center of the screen.
Diagonal Line Method
This may be something that managers can do to save the effort of programmers, that is, put one finger in the lower right corner, one finger in the upper left corner, and move it to the center of the screen. Then? Then the program is minimized.
After the menu is displayed, just like the mouse-and-mouse terminal, cmd is displayed. Check the Intranet and try the weak password of ipc.
0 × 005 supplementary information about the system
If you find that the terminal screen is small and you are familiar with the font, use a gesture, because it may be an Android tablet or ipad, with a 5-finger grip, clean and slide ~ Android has a lot of applications, and xxx.apk stops running when you click it. Continue or quit!
[I] I found this problem at a terminal (check-in) on the bar of a chain hotel, just an ipad.
[A] real-time indoor map navigation on an airport trolley is an excellent Android tablet.
0 × 006 sharing and sharing
The first two tickets are sold by the Midu Metro. They were sold twice and handled twice,However, I ordered a pass-out test. The subway ticket, like chewing xmai, couldn't be stopped at all. I had to ask a job seeker to explain the reason for the test and apologize --!
VcnQxNDA5NTU3MjU3NzYxLmpwZw = "/>
By the way, all the friends of magic capital know the terminal of XX media on the taxi seat, right?
That's done. If you can also get the permission or ask her to restart or shut down, contact me in the group ~ Communicate with each other ~ Play with our SniFFeR. Pro friends and Freebuf friends ~
Finally, we recommend that you notify the management personnel of the test to gain authorization and stay secure from doing anything illegal, otherwise, you will have to watch the Shuyun terminal: