On the principle and realization way of web page hanging horse

First, the introduction of the page hanging horse

(1), Hanging Horse and net horse

1. Hanging Horse

Ø From the word "hanging horse" know that it and "Trojan" is not a relationship, indeed, the purpose of the horse is to spread the Trojan

Ø Hackers invaded a number of websites, the Web site will be embedded in their own web pages (can often be in the home page), the use of the site's traffic to their own web Trojan spread out from the page to achieve their own purposes

2. NET Horse

Ø NET horse, that is, "Web Trojan", is the Trojan and Web page together, when the Web page will automatically download and run its Trojan program

(2), Web Trojan running principle

Ø The original web Trojan is the use of IE Browser ActiveX control, in the running of the Web Trojan will pop up a control download prompts, only after the user confirmed will run the Trojan

Ø The new Trojan usually uses the loophole which the IE browser exists to spread the webpage Trojan

(3), the page hangs the horse step

A) application site Space : The Trojan Horse and the net all uploaded to the site space, so that it can be visited, if the successful application of the site space address for "http://www.xxx.com/xxx"

b) upload trojan program : Upload completed after the Trojan's access address for "Http://www.xxx.com/horse.exe"

C Use the Web Trojan generator to generate a network horse : If generated after the net horse address is "http://www.xxx.com/horse.htm"

d) Carry on the horse : the generation of the net horse address embedded into other normal website page, if embedded into Tencent's homepage "http://www.qq.com/index.htm"

Two, the Web page hangs the horse the realization Way

(1), the IFRAME frame embedded hanging horse

Requirements are as follows: (using an IFRAME statement to embed a Trojan horse in the normal page)

NET Horse Address: http://192.168.2.4/user.htm

Create an administrator account named Hacker, and turn on Remote Desktop