Home > Cloud Computing > Cloud Security

Testing the return of an asp Trojan Horse Backdoor

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Testing the return of an asp Trojan Horse Backdoor

A hacker posted a post on our blacklist forum a few days ago.
Is sharing a no-kill asp Trojan
However, I am often very sensitive to such Trojans, because I feel that such sharing is carried with backdoors.
In addition, it also sends private messages to some Members.

I used mumaasp boxes
This box was taken out by xss.

Let's see why I say he is a shell with a backdoor.

 
Zoomed in

 
There is a hop. What is this? Click open is the connection http://7jyewu.cn/m.asp


But it is a 404
This is a secret.
I think this is a fake 404 page. Then I will test it.

 
The returned value is 200.
Obviously not 404
This should be a receiving port.
The next step is to step on the page.

What are the common ways to log on?
This should be conservative first. Let's talk about the method.

Let me take a look at how I did it.
Check whois and hide it.
Check the same server. Nima.
All websites, virtual hosts.

 



 
If there are so many sites, do you say there is motivation or no motivation.
Anyway, I don't have any motivation ....

 
I don't know what the data center is.
Hong Kong HOSTCREST
Can I say I have never heard of it.
What will happen next? Let's guess for a while and send it tomorrow. Let's leave it to the space for thinking.

------------------- Chapter 2 -----------------------
Stopped before.
Next I will continue to explain how I operate.
In this case, I just mentioned that the success rate of the Direct main site is not high.

 


So let's first look at the side station,
One site opened one by one and found a site jump.

 
It should be a page provided by the service provider.
Then this domain name should be the service provider's.
Let's go back to the domain name for viewing

 
This TM is teasing me.
Then I checked the same server of tixing.idc99-sql.com.

 
Found this domain name www.idc99.net

 


This domain name jumps to another IDC page.
Http://www.net222.net/
If you do not guess correctly, it should be registered here. Let me ask customer service.

 
Thx is returned. Continue. Click this idc to continue shooting.

 

 

 
I did not know the email address of this account before.

 


This email address is directly displayed after I click here to retrieve the password. Is a chicken rib,
Then it was easy to go in.

 
Remove the source code.

 
Key code

 
However, when you are preparing to mount a black page.
Manage and delete it by yourself.

 
Maybe I am afraid I will send your backdoor? Or?
At the same time, the fairy also finds out the backdoor password.
Every Trojan on this site has a password for killing.

 

 

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to get rid of trojan horse how to get rid of trojan horse virus trojan backdoor virus trojan horse virus definition trojan horse antivirus trojan horse killer trojan horse statue
Related Article
How does personal cloud security guarantee data security?
Model-driven cloud security-automating cloud security with cl...
Cloud security to achieve effective prevention of the future ...
Focus on three major cloud security areas, you know?
Decrypting Cisco type 5 password hashes
Using redis to write webshell

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More