The so-called Crack big secret

I often see some Mao kiddies on the Internet clamoring that they are hackers who can intrude into a website and create a Trojan. Many of them worship it very much. Today, we will reveal the so-called Crack here.
What are you doing. The so-called Crack I am talking about here is not a hacker, but a hacker who masturbate in some dark conversations. The so-called Crack activities are generally divided
I will explain these activities to everyone: attacks, intrusions, control, and dissemination.

Attack

The behavior that can bring down the target machine is called attack behavior. These attacks are generally manifested in attacks with fewer competitors, paralyzing the opponent's server, or failing to provide services in a short time, or blackmail target users to stop attacks with conditions. Common attacks include the following:

DDOS attacks are the simplest and most common and most effective DDOS attacks. Talking about
Before launching a DDos attack, let's talk about DOS attacks. Note that this DOS attack has nothing to do with the operating system DOS. Here, the DOS attack is to reject server attacks. We open the webpage and perform many other operations.
TCP is based on the TCP protocol, while TCP is not a connection protocol. Three handshakes are required to verify the target machine. It can be simply understood that our machine needs to access a server resource
Communication, the server needs a verification process to confirm the authenticity of the customer. Specifically, the client first marks the server and requests a connection from the server. When the server receives the request, it will send a response to the requesting machine.
The random password flag returned. The server waits for the client to return the request and password together with the request content to the server, and then the server responds. This feature is used for common DOS attacks.
Point, first send a request sign to the server, and then discard the password sign returned by the server, so that the server waits for a long time. Just like we went to a restaurant for dinner and ran away after the meal, let the cook
Busy for a period of time. If a large number of such requests are sent, the server will be in the waiting state, knowing that all the waiting resources are used up and other services will be rejected. However, the server can block a large number of semi-connections.
Ip address, so at this time, the customer's machine forged an ip address source. For example, I went to dinner, and I said my name was Li Si. In fact, I am Zhang San, and the boss went to Li Si, of course, Li Si does not blame him, packet loss, resulting in hotel Paralysis
. However, this problem occurs again. Generally, a server has too many resources and a single machine attack does not work at all. Therefore, multiple machines are attacked at the same time, we use the combination of multiple machines for attack.
Distributed Denial of Service (DDOS) attacks ).
DDOS attacks are so simple that any so-called small hacker can download an attacker from the Internet, and then find someone to buy some "bots" and click attack. And write simple network program Utilization
Check the TCP protocol in VB/Delphi/C ++ to create an attacker within several hours.

CC multi-connection attack: this attack is generally used to attack Web servers. Simply put, the processing of any web request requires consuming certain server resources.
Inevitably, some operations waste more resources than other operations, such as fuzzy search, such as a large number of downloads. At this time, the attacker repeatedly requests these resource-consuming requests. Drag servers
. A large number of bots are required. Generally, CC attacks can be downloaded from the Internet. If a programmer who writes simple network communication programs, it can be done almost half a day.

DNS attacks: Generally, low-level hackers do not use DNS server vulnerabilities to attack the DNS server. They mostly use DDOS or a large number of UDP packets to poison the DNS server, which is similar to DDOS attacks and has no technical knowledge, the difficulty is very simple.

Similar TCP packets that contain ICMP flood, UDP flood, and slice IP attacks, TCP packet attacks that do not have any flag set, and TCP packets with the FIN flag but no ACK flag set
Packet Attack, death PING, address guessing attack, address guessing attack, IP Address Spoofing, WinNuke attack, Land Attack, virtual terminal (VTY) depletion attack, route protocol attack,
The following attacks are difficult for device Forwarding Table attacks and require a certain understanding of routes and protocols. However, these attacks are rarely used by hackers, but are not difficult in general, three or five days can be used as a master.

　　Intrusion

I call illegal access to others' servers and programs as intrusion. The following are common examples:

SQL Injection: this vulnerability is exploited by programmers to concatenate SQL statements. Then, SQL injection is used to execute SQL statements, create a server administrator account, and directly
Intrude into the server, or enter the website background, upload Trojans in the background, and use database backup to change files with other extensions to executable files to control the server. You need to be familiar with SQL statements.
Generally, three or five days of SQL statements can become a master.

The weak password of the server administrator is used to guess the intrusion. For example, the password of the server administrator is used to guess the intrusion. For example, some scans are required. Attackers can use the dictionary to crack server passwords and SQL sa user passwords. The upload vulnerability occurs because the programmer's program does not write well. The program can upload executable files and then upload and escalate the Trojan horse.

Cookie Vulnerability. Some programs store user verification in plain text in cookies. This feature can be used to forge and manage user upload Trojans and enter the background. It is relatively difficult, but it takes a long time to study the program.

Cross-site scripting (XSS) injection allows some websites to write scripts, write scripts to drive Trojans, redirect traffic, or obtain administrator privileges. You can also use CSS to call scripts to achieve the goal. It is no difficulty and you need to be careful.

Elevation of Privilege: As the name implies, users who do not have certain permissions can be improved through some operations. To achieve this goal, we have more knowledge points and need some experience to become a master in half a month.

Through the invasion of social engineering, it is easy to tell you to pass a file, lie to you to click, and then implant a Trojan, you need to be fooled.

Intrude by embedding Free Software Trojans. When the server downloads the cracking software. It is difficult to pack normally.

　　Control

Kill-free: In the past, the anti-virus software was implemented by adding flowers or shells. You can use a general shelling tool. If it is difficult, you can click assemble on your own. It's not hard. Experience and patience are needed. You can get started in three days.

Remote Control: you can download a gray pigeon, or purchase some remote control software. In addition, there is no technology at all, and there is indeed a technology to write remote attack software.

　　Propagation

In order to control many machines, it is necessary to spread it in a wide range. Therefore, spread is used: some are called chickens. Spread can capture a large number of bots. Used for the above tools or springboards to destroy evidence.

Web horse: use some 0-day browsers and ActiveX Vulnerabilities, and then write some script language or shellcode. the original web horse requires a high level of technology to discover vulnerabilities, but there is basically no originality in China. At most, it expands and spreads some discovered vulnerabilities abroad, write a web horse generator to become a master in a week.

Pony: A downloader that starts the software and is mainly used to download the trojan. It has no skills or difficulty. Three days can become a master.

DAMA: the remote control software purchased. The difficulty lies in the no-kill aspect.

Trojan: Generally, scripts are mounted to the target site to attract visitors to the target site. No difficulty. Now the website is not good, so it is too easy to get infected.

Social Engineering: for example, building a color picture station, hanging a Trojan, creating an exe file, impersonating a video, playing a video player, and putting it on a yellow site, A Trojan says it's okay to have a naked chat and a Trojan.
The trojan impersonates a certain door, creates a free cracked version with a Trojan, and creates a program with a backdoor. This method is too many, but it is not difficult, mainly mean. You can become a master by month.

All of the above are the so-called Crack in China, which is called half of the hacker's Hongke behavior. If they only need one month or two, anyone with a little computer base
And even surpass them. There is no secret or spirit, and no so-called brilliant. This article is released. On the one hand, we hope that the Youth Department will blindly worship and think that a trojan will be a master, a hacker, or something,
Shit. On the other hand, I hope that you can pay attention to network security. A kid can be the little devil who destroys your fence.