SOME IMPORTANT TERMS
1) Weak password
Refers to the passwords that are not strong enough and easy to guess. Passwords (passwords) like 123456, abc123, abcdefg, and woainixiaofeng are common intrusion methods for hackers. About 20 of 100 passwords are such weak passwords.
2) shell
Refers to a command execution environment. For example, when we press the "windows key + R" on the keyboard, the "Run" dialog box appears. Entering "cmd" in it will present a black window where you can run commands. This window is basically I have used it on the Internet or watched it in a hacker movie. This is the Windows Shell execution environment. In the past, when there was no mouse and only a keyboard, all computer operations were completed by this!
3) WebShell
WebShell is a command environment that exists in the form of asp, php, jsp and other web files, and it can also be called a web page backdoor. After hackers invade a website, they will usually mix these asp or php backdoor files with the normal webpage files in the web directory of the website server, and they will usually hide deeper, because they cannot be found by the administrator, and the website cannot be obtained if they are deleted. Control it. A website is linked to the webshell backdoor, basically you can do whatever you want, you can modify any part of the website or delete it. The website transactions between hackers are carried out by webshell. For example, how much money do I spend to buy the webshell permission of this website, and the attacker is responsible for finding a way to put the webshell backdoor in this website, so everyone should understand.
4) injection
With the website environment developed by the B/S structure, basically all websites need a database. The user can submit a piece of database query code and obtain some data he wants to know according to the results returned by the program. This is normal. However, if the query statement is modified into malicious code, it is destructive. This is The so-called SQL injection, the most offensive web page vulnerability, is the culprit for countless enterprise sites being invaded.
5) Injection point
Refers to the place where SQL injection can be performed, generally a web page address with parameters. Depending on the account permissions of the injection point database, the permissions you get are also different.
6) Intranet
Generally speaking, it is a local area network, such as Internet cafes, campus networks, and company intranets. If the IP address is within the following three ranges, it means that we are in the intranet: 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255.
7) Extranet
Connect directly to the internet (Internet), allowing any computer to access each other, and the external network needs to be connected to broadband to achieve.
8) Kill
It is to change the program through operations such as packing, encrypting, modifying feature codes, adding flower instructions, etc., so that it can escape the detection and killing of anti-virus software. The Trojans generated by the remote control we mentioned earlier are often found by anti-virus software and cannot achieve the effect of controlling the computer. Therefore, anti-virus technology must be used to avoid scanning by anti-virus software, so that anti-virus software mistakes it for safe software and does not proceed. Intercept.
9) Flower instruction
It is just a few assembly instructions to make some jumps in the assembly statement, so that the anti-virus software cannot normally judge the structure of the virus file. The popular point is that "antivirus software searches for viruses in order from head to toe. If we reverse the head and foot of the virus, the antivirus software will not find the virus.
1) Weak password
Refers to the passwords that are not strong enough and easy to guess. Passwords (passwords) like 123456, abc123, abcdefg, and woainixiaofeng are common intrusion methods for hackers. About 20 of 100 passwords are such weak passwords.
2) shell
Refers to a command execution environment. For example, when we press the "windows key + R" on the keyboard, the "Run" dialog box appears. Entering "cmd" in it will present a black window where you can run commands. This window is basically I have used it on the Internet or watched it in a hacker movie. This is the Windows Shell execution environment. In the past, when there was no mouse and only a keyboard, all computer operations were completed by this!
3) WebShell
WebShell is a command environment that exists in the form of asp, php, jsp and other web files, and it can also be called a web page backdoor. After hackers invade a website, they will usually mix these asp or php backdoor files with the normal webpage files in the web directory of the website server, and they will usually hide deeper, because they cannot be found by the administrator, and the website cannot be obtained if they are deleted. Control it. A website is linked to the webshell backdoor, basically you can do whatever you want, you can modify any part of the website or delete it. The website transactions between hackers are carried out by webshell. For example, how much money do I spend to buy the webshell permission of this website, and the attacker is responsible for finding a way to put the webshell backdoor in this website, so everyone should understand.
4) injection
With the website environment developed by the B/S structure, basically all websites need a database. The user can submit a piece of database query code and obtain some data he wants to know according to the results returned by the program. This is normal. However, if the query statement is modified into malicious code, it is destructive. This is The so-called SQL injection, the most offensive web page vulnerability, is the culprit for countless enterprise sites being invaded.
5) Injection point
Refers to the place where SQL injection can be performed, generally a web page address with parameters. Depending on the account permissions of the injection point database, the permissions you get are also different.
6) Intranet
Generally speaking, it is a local area network, such as Internet cafes, campus networks, and company intranets. If the IP address is within the following three ranges, it means that we are in the intranet: 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255.
7) Extranet
Connect directly to the internet (Internet), allowing any computer to access each other, and the external network needs to be connected to broadband to achieve.
8) Kill
It is to change the program through operations such as packing, encrypting, modifying feature codes, adding flower instructions, etc., so that it can escape the detection and killing of anti-virus software. The Trojans generated by the remote control we mentioned earlier are often found by anti-virus software and cannot achieve the effect of controlling the computer. Therefore, anti-virus technology must be used to avoid scanning by anti-virus software, so that anti-virus software mistakes it for safe software and does not proceed. Intercept.
9) Flower instruction
It is just a few assembly instructions to make some jumps in the assembly statement, so that the anti-virus software cannot normally judge the structure of the virus file. The popular point is that "antivirus software searches for viruses in order from head to toe. If we reverse the head and foot of the virus, the antivirus software will not find the virus.
Enjoy! follow us for more...
No comments:
Post a Comment