Discovery of public password in SUB7

zhaozj2021-02-08  257

The discovery of the public password in SUB7 is transferred from http://dgdown.myetang.com/text/text24.htm, translator and original author unknown. The discovery of the public password in SUB7 is Sub7 you think that you set a password on the SUB7 server, then others can't connect it? You made a big mistake! I will show you here, how do I find a safe vulnerability in this Trojan server. You need tools: (x) Softice ( symbolloader.) Can be found from Crack fans, many CRACK websites can also be found! (x) HIEW 6.16, an editor. (x) Objective, SUB7, can be found here: subseven.slak.org (x) Softice's command and assembly language basics. Let's get started: I am interested in the process of comparing the password when connecting the client. . So, I use Softice's Symbol Loader to enter some WINSOCK ports :) Run Loader, click the "File - Load Exports" menu, point to your Windows system directory, select "WSOCK32.DLL" to open. SymbolLoader should display: "Exports for z: /windblowz/system/wsock32.dll loaded successful" Now set the SUB7 server using the EditServer.exe file (see other documents, I don't mention it here) I set the port 666 The password is "abuse". Trojans running the server, you can be installed on the server, but don't be on the Internet. (I don't have any responsibility for you, it is not my compilation) Execute Subseven.exe to connect to the server (IP address is 127.0.0.1, that is, you have a unit), the password box will pop up, please enter a password arbitrarily . The server is information using WSOCK32! RECV to receive the client. Windows Sockets Recv Receive Data Features Use a socket. The structure is as follows: int RECV (Socket S, CHAR FAR * BUF, INT LEN, INT FLAGS); CHAR FAR * BUF) is very important. Information is stored there. Now, set breakpoints on the RECV in Softice (enter "D ESP-> 8") Click OK to send a password. SoftICE rebounds, press F11 (g @ss: ESP). The 'PWD' is displayed in the information bar of Softice when jumping to the password. Now set a breakpoint in the address of the password.

转载请注明原文地址:https://www.9cbs.com/read-1539.html

New Post(0)