Recently, Microsoft has a hole, JPEG vulnerability, the specific detailed thing I will not say, let's talk about this hole. Preparing I have a JPEG Trojan Builder here. If you want to use it, you can search online and you should be able to find it. Now there is a network is convenient, 嘿嘿 ~~ then double-click JPEG.exe, it prompts you to enter the address of the Trojan. Why use this vulnerability to play the LAN, this is a very important reason, because now online Trojans, even if you find it, it is compressed, if you have your own broiler or server, you can get it Go on the Internet, you can post it to the forum, you can send QQ people, how to do it, look at it. The words retired, we have to do is the LAN. Since the tool reminds us to specify an HTTP address, we are a rookie, what should I do? Is it necessary to install an IIS or apaceh? Think about terror, don't play. No need to trouble. It is not possible to find a simple HTTP server. I use NetBox. You can download it from the Internet. There is a main.box inside. With Notepad, you can configure some items of NetBox, such as the port of listening, and The default web address. The configuration is not straightforward, I give my basic configuration DIM HTTPD
Shell.Service.Runservice "NBWeb", "NetBox Web Server", "NetBox Http Server Sample"
'---------------------- Service Event ---------------------
SUB ONSERVICESTART () SET httpd = createObject ("NetBox.httpserver)
IF httpd.create (", 80) = 0 THEN SET HOST = httpd.addhost (" "," / wwwroot ")
Host.enablescript = true host.adddefault "default.asp" host.adddefault "default.htm"
httpd.start else shell.quit 0 end ifend sub
Sub onServiceStop () httpd.closend SUB
Sub onservicepause () httpd.stopend sub
Sub OnServiceResume () httpd.startend Sub is configured, double-click NetBox, HTTP server, it is good. If you think about there is your own website, you can be a homepage, huh, huh ~~ Configure us. Trojans put into our configured web directory, mine / wwwroot. The Trojan address is then entered in the JPEG's URL. For example, my local area network address is 169.254.174.150, the address is http://169.254.174.1/ Trojan .exe. Trojans choose. The same, still watching personal preferences, huh, huh ~ then point Make, do a Trojan JPEG waiting to hook ok, everything is ready, but how to make people look at the picture? Hey, the way is what people think, because we are in the local area network, the local area network, sharing something is normal. And often someone else is moving with people? This way, put our JPEG Trojan, put it under the folder to share, start the attractive name, to seduce them to hook it ~~ Don't say that I am too bad, I can only say it is curious. Heart is dead. Sharing, what we did was just waiting for the fish, go to the chat room bubble MM first. It's raining, I will receive a chicken ~~ Wait a day, I don't know how many people have browsed my shared folder, don't hit me PP oh ~~ How to find chicken? Find a scanned interface, my Trojan opened the port of 4567, then scan 4567, I sweep ~~ Ah, there are still a lot, 嘿嘿, in addition to the picture, I also put another good picture. Oh, there are not many people who don't do it. Find a connection to connect, look, it is good to have a good stuff. Take a look at IP, run ipconfig, line, is online, there is a public network IP, then I will be welcome, upload an HTTP agent, hey, I will not spend money in the future ~~ As long as you are. Each broiler is a proxy, so it is not afraid that a machine does not boot, I can't get on the Internet, I will always say that this invasion does not have any techniques, it is a ready-made thing, but the main thing is The use of vulnerabilities, when there is a vulnerability, it is to see how you use it. If you don't have a host on the network, this vulnerability is hard to use. Don't want to use this vulnerability to get the server unless the administrator is using the server. So I wrote this vulnerability on how to protect this vulnerability, first talk about this vulnerability hazard is XP and 2003, because it is a microsoft's GDI image processing engine handles JPEG to trigger a vulnerability, except for the system Outside, if you are NT or 2000 or 98, if you installed any of the following software installed, you must install this patch Office XP, Visio 2002, Project 2002, Office 2003, Visio 2003 and Project 2003, IE 6.0XP installed SP2 The influence of this vulnerability pays attention to the upgrade, gives the checkup vulnerability and upgrade http://www.microsoft.com/security/bulletins/200409_jpeg.mspx
