Newcomer learning FAQ Summary Www.sandflee.net 2002-9-3 Gray Tracks I have long I have to summarize the common problems and answers. But there is no time to do it. In the forum, I found a question that had to be solved is duplicate. One problem is replaced by the soup without changing the medicine. If you don't answer, you will be considered a title, there is a title of "zero start"; if you answer the answer is really a waste of time; if you simply say a few words, let your questions yourself It is still difficult to find information. Especially now, only certified members can search. So some cases of inviting people to find information. Either it is an application to get a member certification. Everyone's energy is consumed. The so-called "Lin Zi has a big bird." In the forum, everyone is uneven, sometimes a "low-level" problem is too lazy, thinking that the master's answer is not good, even someone goes back to the answer, it is very unpleasant. As a moderator, I asked myself to answer questions, but some problems are really fire (maybe I am a temper.). I simple answer (我 能 能) He believes that the moderator is perfunctory, I have a tone, he thinks you bully the rookie. This ... I sent a stack of horses, but I hope everyone can understand, understand, and understand each other. Let's enter the topic. I have read the recent 50 posts, summarizing some common problems, then finds related answers, and categorize. Write some of your own instructions to help novices understand and get started quickly. Since I have limited level, the following statements have errors and insufficient places, please also paten out in detail. I will change immediately. The moderator here believes that if you think there is any place, you will change it directly. If you have any suggestions, please send a short message or tell me. But this is given to a newbie, don't ask too much. It is a brief description of questions that should not be asked: I am helpless, this is the first place. Related Posts: Finding software here Huajun Software Park http://bj2.onlinedown.net/ find the agent here http://search.lycos.com.cn/dir/computers_and_internet/free_Resource/free_proxy_server/ http: // www8. Big.or.jp/~000/CYBERSYNDROME/PSR3.html Looking for Master Forum is your "teacher". Looking for a registration code here http://www.skycn.com/soft/4445.html About the authentication member and search features Simply description: In order to ensure the normal work of the server, only the authentication members can only use the search function. In addition, certification members are eligible to enter the "Forever Gray Track" version. It is not difficult to become a certified member, but it is not simple. You should try to improve yourself, actively help others, have a lot of posts (including questions and answers). If you are really integrated into the forum family, you will get more than just a certification qualification. Related Posts Discussion on Certification: http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=1&topic=1048552 About invasion brief description: There are often posts: "I am XX Trojan, what should I do? "," My Windows has a problem, is it invaded? "Wait. General practices are to see suspicious processes (Win98 needs to be related tools), registry launch, service, open port, etc., then update the virus library, anti-virus. The premise is that you have to have a certain computer common sense and more understanding your system, it can be normal or not.
If you don't have a lot of computers, it's hard to help you in the forum. In fact, like a virus in reality, it should be prevention. Anti-virus software and network firewall can resist most danger, and the improvement of their own safety knowledge is the most fundamental guarantee. The latest virus-related knowledge can be found on the homepage of anti-virus software companies. In addition, the system is not normal or caused by operating errors. Here is "hacker zero starting point" is not a "computer zero start", so don't mention it on the forum. Related tools: Active ports Monitor the port of your computer http://www.isgrey.com/down/show.asp?id=215&down=1 Windows Optimization Master 4.9 Its process management function is good http://gwbn.onlinedown.net /down/wom49.exe fport-2.0 View port related to the process http://www.heibai.net/download/show.php?id=2670&down=1 Mport is more than fport http: //www.sandflee .NET / DOWN / SHOW.ASP? ID = 247 & Down = 1 Related Posts: About Guangxiang Girl Trojan Handmade Clear Method http://www.sandflee.net/txt/list.asp?id=128 Take the Gray Pigeon to Kill HTTP : //www.sandflee.net/txt/list.asp? id = 181 Clear malicious web page destruction http://it.rising.com.cn/default/spclean.htm http://it.rising.com. CN / Default / Clean.htm deals Win2kpass http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=1&topic=10401&show=396 2000 system process total list http://www.sandflee.net /cgi-bin/lb5000/topic.cgi?forum=1&topic=9268&show=748 Trojan detection, clearance and its prevention http://www.s8s8.net/cgi-bin/topic.cgi?forum=25&topic=17013&show= 0 About the basic knowledge and intrusion steps: Computer and network knowledge can be based on the foundation of hackers, at least you must first understand them again below the post. After reading this section, you just have to stand on "zero start", and the road is still growing. Here I will say a few words about the invasion step, give novices to a guidance. The so-called invasion can be understood as unauthorized access. Since it is unauthorized, it is necessary to use some unconventional means, which is usually used to use vulnerabilities. 1. To use the vulnerability, you must first find it. Port scans and vulnerability scans are "knocking on the door". A general scan can be made for a large number of targets, or a single target can also be scanned. Or both in both. When you are familiar with the vulnerability, you can understand the possible vulnerabilities of the target only through the port scan. This improves both efficiency and not easily recorded. 2. Find the use of the use of the vulnerability is a thousand different. This is one of the places where newbie wants to learn. Not much here. 3. What is the purpose of using the vulnerability? It is the control of the other party, that is, it is a remote shell. The concept of shell is inherited from UNIX, refers to an interactive mode and interface with the core of the operating system. A typical example is Telnet.
There are many ways to get the shell, such as Telnet, terminal service that comes with the system. Or provided by Trojans and tools such as Winshell, glaciers, and so on. 4, Shell is the right to permissions. The highest permission - Administrator privilege is our goal. So sometimes there will be a problem with enhancement. Of course, this also uses a vulnerability. 5. With the shell, it is necessary to further get a better shell. The command line to the graphic, the function is less. So I have "how to open 3389", "how to upload". 6. In order to control the goals next time, you need to keep the shell. It is a kind of "learning" to do a good back door. Clone account, burying wood horse, breaking the password of Administrator, and the means is different. Everyone is learning. Related posts: How to become a hacker http://www.sometips.com/tips/security/186.htm Question Tips http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum= 1 & Topic = 523 TCP / IP foundation introduction http://article.cnhope.org/list.asp?id=659 network attack and defense tutorial http://www.netsill.com/wenzhang/list.asp?id=115 network intrusion steps And think http://www.s8s8.net/cgi-bin/topic.cgi?forum=25550 Several scanners TECHNITY Tutorial Http://www.chinehack.org/file/show.asp? ID = 5614 Global IP Distribution Table http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=3&topic=54&Start=0&show= hacker entry tutorial http://www.heibai.net/Article/ Show.php? id = 2515 About the use of commands: WindowsNT / 2000 is rich in CMD for use, and its role is also huge. It is worth learning to master her. The Windows2000 itself provides detailed command help. In the start menu - "Help you can search for" Windows 2000 Command Reference ". It is highly recommended that the novices take a closer look at it. Installing software such as IIS, there will be new commands, add /? Or -h parameters in the command line mode to view help, other built-in commands are of course possible.
Related posts: ftp command: http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=3&topic=227&show=75 telnet command: http://www.heibai.net/article/show. PHP? ID = 578 net command: http://www.sandflee.net/txt/list.asp?id=143 TFTP command: http://www.sandflee.net/cgi-bin/lb5000/topic.cgi? Forum = 3 & Topic = 32 Several common commands required for general invasion http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=1&topic=4242 About port related tools: Scan port is a scanner Basic features, too much tool. See the "Usage of Common Tools" later. Related posts: Port Scanning http://www.s8s8.net/cgi-bin/topic.cgi?forum=2555063&show=60 FAQ Http://www.s8s8.net/cgi-bin/topic. CGI? Forum = 25 & Topic = 14801 Frequent port detailed and partial attack strategy http://www.sandflee.net/txt/list.asp?id=116 About Windows 98 Brief Description: This type of problem has two: What is invading Win98 System, the second is how the Win98 invades. Since the support of 98 on the network is not perfect, the problem solving is far from "rich". 98 The default has no network service startup, and it will not find anything available vulnerabilities. Sharing is the most common "service". I have written some ways to use the way: http://home.getdns.net/web/eva/98.txt Other methods, such as sniffing passwords, viruses and Trojans to the mailbox, even with QQ " Contact Feelings "After passing on the Flash of the Tang Ma, it is not the meaning, you will hit it. Based on the same reason, 98 is not a good attack platform. If only port scans, SUPERSCAN can be competent. Vulnerability scanning X-Scan of the Web class can also. However, there is an OS that involves IPC $, a vulnerability, a remote control tool, and a service (such as SQL) to "build NT technology". Good client in the 3389 terminal, can be 98, so first, a 3389 broiler is an evading problem. If you are still using 98, sincere advice you: Please use 2000. If you are in the Internet, try the invasion network bar server. Given that the problem of 98 is not high, there is no deep exploration value, so if you are not a special question, please don't have to post.
(Personal View) Related Tools: Netpass 1.0 Crack 98 Shared Password http://www.heibai.net/download/show.php?id=1465&down=1 Cain V2.5 Comprehensive Crack Tool http://www.heibai.net /Download/show.php?id=2585&down=1 ExeBinderz 1.3 EXE bundlers (I used PE to press it, temporarily will not be killed) http://www.v86.net/neet/file/zzzevazz /exebinderz1. 3.Zip About cracking the mailbox Related tools: 雪 http://www.netXeyes.org/dansnowb7setup.exe retroThong Chinese patch http://www.netxeyes.org/dansnowb7_cn.zip (install English first, release to the original English version of the directory) Related Posts: Snow Crack 21CN Mailing Histrace Http://www.heibai.net/download/show.php?id=1263 About the Internet Bar, Web Limit Crack Right-click: http: // WWW .sandflee.net / cgi-bin / lb5000 / topic.cgi? Forum = 1 & Topic = 2215 & show = 1078 crack hard disk restore card: http://www.heibai.net/article/show.php?id=2488 http: // Www.heibai.net/Article/show.php?id=1939 cracks US screen: http://article.cnhope.org/list.asp?id=574 http://www.heibai.net/article/show. PHP? ID = 2546 Related Website: http://webmaster.diy.163.com/cy07/ Related Tools: Internet Caples Ghost 1.8 http://www.heibai.net/download/show.php?id=2847&down=1 About Expand Expiration: The streamer is really a very excellent integrated tool. Its ease of use and practicality is very suitable for new hands. Download one immediately after I haven't used it, I will experience it. It is recommended to look at the instructions before use. Related tools: stream 4.7 http://www.netxeyes.org/fluxay47/fluxay47build3200setup.exe stream 4.7 crack patch http://www.heibai.net/download/show.php?id=2422 FAQ: 1, I downloaded the streamer anti-virus software that there is a virus, how will it? A: Some anti-virus software do recognize that the streamer is the Trojan (who makes it so famous, huh, huh). If anti-virus, the streamer will not be used, so only the anti-virus software stops monitoring. Or use the software that does not believe that stream is a virus, such as Jinshan Taxi. 2, why do some broilers have installed Sensor failed? A: If the copy file is wrong, it may be because the target admin $ shared is not open. Please use other shells to execute the Net Share Admin $ command on the target host.
If the start service fails, it may be taken for use by the port used; it is also possible to target anti-virus software to delete files, or have a firewall to block the Sensor network, there is nothing solution. 3, why can some passwords sweeping from? A: It may be false positives and reduce the scan speed. For WinXP targets, false positives will also be generated. It is also possible to connect the target because you use the non-administrator account that sweeps to the IPC $ Scan option, "Only the Administrators Group is only selected" in the IPC $ Scan option. About dictionary: The operating system stores the user and password information and stored in a specific place and file. Typical SAM files in Windows and ETC / Passwd in Linux. Since the encryption algorithm is one-way hashed, it is almost impossible to find a reverse algorithm. Therefore, the same algorithm has to encrypt various passwords, and the result is removed. The dictionary is a file that selectively stores a batch of passwords. For example, birthday, common words, pinyin of Chinese name, etc. The tools for cracking passwords, generally bring some dictionaries. You can also use a dictionary tool to make a dictionary that meets the requirements. Related tools: 小 小 榕, cracked the password of UNIX system http://www.netxeyes.org/Bladese.exe John The most famous UNIX password crack tool (Windows version) http://www.heibai.net/download /SHOW.PHP? ID=1595&down=1 ProductPass General Dictionary generator http://www.heibai.net/download/show.php?id=2666&down=3 hh_dictall English word Daquan Dictionary http://www.heibai.net /download/show.php?id=396&down=1 SR-Password birthday password generator http://www.heibai.net/download/show.php?id=2442&down=1 About IPC $, air connection and default sharing simple Note: The first thing to point out is that the empty connection and IPC $ are different concepts. The empty connection is a session established with the server without trust, in other words, it is an anonymous access to the server. IPC $ is a named pipe that opens inter-process communication and can obtain appropriate permissions by verifying usernames and passwords. There are many tools that must be used in IPC $. The default sharing is to facilitate remote management and open sharing, including all logical dishes (C $, D $, E $ ...) and system catalog Winnt or Windows (admin $). Related posts: Try the learning idea to solve the problem http://www.sandflee.net/txt/list.asp?id=100 IPC offensive method http://www.sandflee.net/cgi-bin/lb5000/topic. CGI? Forum = 1 & Topic = 2498 & show = 1034 Frequently Asked Questions and Answers: 1, how to build an empty connection, what is it used? A: Use the command NET USE / iPIPC $ "" / user: "to create an empty connection to the target (requires the target open IPC $). For NT, in the default security settings, you can list the sharing of target users, sharing, access Everyone privileges, access small partial registry, etc., without any utilization value.
It is smaller for 2000. And it is not convenient to achieve tools. If you don't understand why "useless", do you still exist, let's take a look at "Professional" explanation: Air connection under NT / 2000 http://www.3389.net/bbs/dispbbs.asp?boardID = 22 & rootid = 3424 & id = 3424 & Page = 1: Anatomical Win2k vacation http://www.sandflee.net/txt/list.asp?id=117 2, why can't I connect to IPC $? A: 1, only NT / 2000 / XP and above can establish IPC $. If you use 98 / me, there is no such thing. 2, confirm that your command is not wrong. The correct command is: NET USE / Target IPIPC $ "Password" / user: "User Name" Note that there is more or less space. Double quotes on both sides may be omitted when the user name and password do not contain spaces. Empty password "" means. 3, according to the returned error number: Error number 5, refuse to access: Most likely you use the user is not administrator privilege, first improve the permissions; error number 51, Windows can't find network path: Network has problems; error number 53 I can't find the network path: IP address error; the target is not boot; the target LanmanServer service is not started; the target has a firewall (port filtering); error number 67, find the network name: Your LanmanWorkStation service is not started; target delete IPC $; Error number 1219, the credentials provided with existing credentials: You have already established an IPC $ with the other party, please delete it. Error number 1326, unknown user name or error password: The reason is obvious; error number 1792, trying to log in, but network login service is not started: The target Netlogon service is not started. (This condition will appear in connection domain) Error number 2242, this user's password has expired: the target has an account policy, enforces the change in periodic requirements. 4. About IPC $ can't connect the problem, this forum did not summarize a unified understanding, I sometimes got a contradictory conclusion on broiler, very difficult. And I know the problem, if you don't have a shell with other ways, many problems still can't resolve. The problem is not suitable for discussion in this article too detailed. Look at it, huh, huh. 3, how to open the target IPC $? A: First you need to get a shell that does not rely on IPC $, such as SQL CMD extensions, Telnet, Trojan. Of course, this shell must be admin privileges. Then you can use the shell to execute the NET Share IPC $ to open the target's IPC $. From the previous question, you can know that IPC $ can use many conditions. Please confirm that the relevant services have been running, not starting it (don't know how to do it, see the usage of the net command). Still don't work (such as a firewall, can't kill) it is recommended to give up.
4, how to map and access the default share? A: Use the command NET USE Z: / Target IPC $ "Password" / user: "User Name" to map the other party's C drive to its own Z disk, other disk classes. If IPC $ has been established with the target, you can use IP addresses to add $ access. For example, Copy Muma.exe /ipd (Patmuma.exe. Or reproduction can also be mapped, just do not need the username and password: Net Use Y: / ipd $. Then Copy Muma.exe Y: pathmuma.exe. When you contain spaces in the path, you must use "" to fully lead the path. 5, how to delete a mapping and IPC $ connection? A: Use the command NET USE / IPIPC $ / DEL to delete and a target IPC $ connection. Use the command NET USE Z: / DEL to delete the mapped Z disk, and other disk classes are pushed. Delete all in order net use * / del. There will be prompts that the requirements are confirmed by Y. 6, even IPC $ then can I do? A: You can use the account number of administrator privileges to connect IPC $, indicating that you can do deeply "communication" with the other system. You can use a variety of command line tools (such as PSTools Series, Win2000SRVRESKIT, TelnetHack, etc.) to get target information, management objects, and services, etc. If the target is open, the default share (no you will help him), you can upload the trees and run. You can also upload it with TFTP and FTP. Tools such as DWRCC, VNC, Remoteadmin (Troja) also have a direct control screen. If it is 2000Server, you can also consider opening the terminal service to easily control. Use the tools mentioned here, please see the instructions or related tutorials. 7, how to prevent others from using IPS $ and the default sharing invading me? A: A, one way is to delete IPC $ and the default sharing. But there will be after restart. This needs to be changed registry. 1, first put existing NET Share IPC $ / del Net Share Admin $ / DEL NET Share C $ / del .......... (there are a few deleted several) 2. It is forbidden to establish an empty connection first run Regedit, find the following primary key [HKEY_LOCAL_MACHINESYSTEMCURRENTCONTROLSETCONTROLLLSA] to change the RESTRICTANONYMOUS (DWORD) key value to: 00000001. For the Pro version, [HKEY_LOCAL_MACHINESYSTEMCURRENTCONTROLSETSERVICESLANSERVERVERVERVERVERVICESLANSERVERVERPARETERS] is changed to: 00000000.
B. The other is to close the IPC $ and the default shared-dependent service (not recommended) Net Stop LanmanServer may have prompts that the XXX service will also turn off whether continued. Because there are still some secondary services depend on LanmanServer. The general situation can continue to continue. C. The easiest way is to set complex passwords to prevent via IPC $ exhaustive password. But if you have other vulnerabilities, IPC $ will be convenient for further intrusion. D, there is another way to install a firewall, or port filtering. The method of firewall does not say, port filtration see here: Configure local strategy to ban 139/445 port connection http://www.sandflee.net/txt/list.asp?id=98 About scanning vulnerabilities simple Explanation: Many scanners have vulnerability scanning functions. When you get some host's vulnerability list, don't rush to post them on the forum, and you will expect others to analyze and tell you how to use. You should first try to do this. The scanned vulnerability is not useful, and some of the vulnerabilities are over time, a part is a false statement. Vulnerability Search: Green League Engine http://security.nsfocus.com/index.php?act=sec_bug 补 天网 网 http://www.patching.net/otherweb/leak/leakIndex.asp Xiaofeng Engine http://www.chinesehack.org/file/list.asp?type=2 Related Posts: CGI Vulnerability Description http://www.sandflee.net/txt/list.asp?id=37 IIS Isapi Printer remote overflow Attack http://www.sandflee.net/txt/list.asp?id=66 How to use Unicode vulnerability http://www.heibai.net/Article/show.php?id=2638 Apache HTTP Server exists in severe vulnerability HTTP : //www.sandflee.net/txt/list.asp? id = 161 msadcs.dll Vulnerability HTTP: //www.sandflee.net/txt/list.asp?id=115 Related Tools: Iisidq Snake IDQ overflow attack program http://www.heibai.net/download/show.php?id=223&down=1 Iis .ida mapping overflower http://www.heibai.net/download/show.php?id=1508&down = 1 About promotion permissions: Classic hacker goals are to get root (ie, admin) permissions. Some vulnerabilities (typical as Unicode vulnerabilities, ASP Trojans) cannot directly get administrator privileges, so it must be upgraded. Some newcomers may make such mistakes, thinking that there is a shell to control everything. As a result, "why not add users", "why not open 3389" and so on. 2000 and higher OS inherited the security structure of NT, multiple mechanism loop deduction to ensure safety, especially account security. The helpless security system is too large, and how many vulnerabilities have, so we have the opportunity. Related Tools: Erunasx Using Debug Registers Vulnerability Lifting Permissions http://www.sandflee.net/down/show.asp?id=118&down=1 comes with instructions.
It should be pointed out that its principle determines that it can only be used once, unsuccessful (such as a wrong word) must restart the target again. PipeUpadmin is effective for SP1 and lower http://www.sandflee.net/down/show.asp?id=255555555 =1 ISPC Util IIS's vulnerability, please refer to your own description http://www.heibai.net/download /Show.php?id=1532&down=1 related posts: NT / 2000 improved permissions Summary http://www.sandflee.net/txt/list.asp?id=62 Windows NT4 security structure (some difficult to novice Let's take a look) http://www.sometips.com/tips/security/184.htm About Making a Proxy and Software Related Tools: Sockscap 2.2 Socks Scheduling Tool http://www.heibai.net/download/show.php ? id = 2410 & down = 1 SKSOCKSERVER 1.04 agent springboard http://www.heibai.net/download/show.php?id=1194&down=1 FTP Serv-U 4.0 most commonly used FTP service program http: //soft.km169 .NET / SOFT / HTML / 4237.HTM SLIMFTP hidden FTP server http://www.netsill.com/download/download/download/download.asp?did=1981 Diagon Web server No installation small web service program http: // www .Netsill.com / Download / Download.ASP? DID = 1979 Related Posts: Agent, broiler, springboard concept http://www.s8s8.net/cgi-bin/topic.cgi?forum=2555803&show=300 agent Server (Proxy) fully parsed http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=1&topic=9092 How to use the proxy server http://netschool.Ayinfo.ha.cn/rhsydlfwq.htm Sockscap32 combines Snakesk Server to make a springboard illustration http://www.sandflee.net/txt/list.asp?id=88 Serv-U Set tutorial http://www.enanshan.com/ftp/ Sockscap32 Using detailed http://www.netsill.com/wenzhang /List.asp?id=66 About Terminal Services (3389) Brief Description: Windows Terminal Services provides the ability to remotely access server desktops remotely through "thin clients" software that works as terminal emulators. The graphical interface and the characteristic of the current local user is its largest advantage. Since it is the function of 2000 Server and the above version, it has become a strong "back door". And Win98 can also be a client, which makes it possible to "work" online.
Related Tools: WinXP's client function than 2000 http://www.sandflee.net/down/show.asp?idflee.net/down/show.asp?id=67&down=1 Terminal Services The local and remote can be copied http://www.sandflee.net/wawa/tools/rdpclip_hotfix.exe Web End Client Using the browser to call an ActiveX control HttP://www.enanshan.com/down/tswebsetup.exe c3389.exe modification Tools of terminal service Http://www.sandflee.net/down/show.asp?id=228&down=1 Win2K Terminal Server End Upset Http://www.netsill.com/download/download/download/download.asp DID = 1965 Related Posts: About Remote Start Terminal Services http://www.s8s8.net/cgi-bin/topic.cgi?forum=2555567 Terminal Service Questions FAQ http: //www.sandflee. NET / WAWA / 3389QA.htm Graphic explanation input method vulnerability invasion http://www.sandflee.net/txt/list.asp?id=22 Terminal Service remote installation http://article.cnhope.org/list.asp • ID = 697 Other issues related to 3389 Terminal Services can go to a special forum and home page to find answers: http://www.sandflee.net/wawa/ http://www.sandflee.net/cgi-bin/lb5000 /forums.cgi?forum=17 please do not post a question in other sub-forums. About cloning account brief description: The principle of cloning account is simple: there are two SIDs relative to the account in the registry, one is the subkey name under SamdomainSaccountusers, the other is the subkey The value of the child f. Here, Microsoft has led to the mistakes that do not synchronize their, and the latter is used when logging in. When you override the F items of other accounts with admin, the account is administrator privilege but the query is still the case. The so-called cloning account. See here: Anatomy Security Account Manager (SAM) structure http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=1&topic=5973 After understanding the principle, you can manually or with ready-made tools. Clone account.
Related Tools: Clone Ca.exe http://www.netxeyes.org/ca.exe Check Cloning CCA.EXE http://www.netxeyes.org/cca.exe manual clones need system permissions, with it PSU.exe http : //www.sandflee.net/down/show.asp? id = 176 & down = 1 Related Posts: CA and CCA Please visit the author home http://www.netxeyes.org/main.html This is an excerpt http : //www.sandflee.net/cgi-bin/lb5000/topic.cgi? Forum = 1 & Topic = 3374 PSU Usage: PSU.exe HTTP: //www.sandflee.net/cgi-bin/lb5000/ Topic.cgi? Forum = 1 & Topic = 5638 manual clone: How to clone the administrator account http://www.sandflee.net/txt/list.asp?id=138 How to clone the administrator account HTTP: //www.sandflee .NET / TXT / LIST.ASP? ID = 139 Frequently Asked Questions and Answers: 1. When using CA, connect **. **. **. ** ... error is it? Answer: CA and CCA require the target to open IPC $, please confirm that IPC $ with the target. See "About IPC $ and Empty Connections" 2, how is "Processing .... Error" when using CA? A: This shows that the opponent's host lacks file msvcp60.dll. If you want to pass over the system directory. 3, the cloning process has no error, but the CCA does not show the account cloning, and cannot use the cloned account. A: This is usually because the other host is a domain controller. The SAM structure in the registry is different, and the tool is invalid. I can't solve it for a temporary. 4. What should I do if I can't access the registry SAM button? A: In the command line, you can use the PSU tool to get System permissions to access the SAM key. See the above description. In the graphical interface, run regedt32.exe, find the SAM key and select it. There is a "permission" in the "Security" submenu bar, open it. There is fully controlled permissions as the Administrator and System are set. Turning off the regedt32 and open it, you can access the SAM key. About logs brief description: If you want to be a stealth man, you should clean your footprints. Many services in Windows are logs. The most important and obvious is IIS and event logs. They are most likely to record your IP and action. And relative to other functions such as FTP, plan tasks, Telnet log more administrators. Also, if you get the shell of the graphical interface, you may leave a cookie.
Related Tools: Cleaniislog Clear Web Log Http://www.netxeyes.org/cleaniislog.zip Elsave.exe Clear Event Log Http://www.sandflee.net/down/show.asp?id=196 Rcls.vbe Remote Clear The script of the event log http://www.v86.net/net/file/zzzevazzz/rcls.zip Related Posts: NT / 2000 Delete Log Method http://www.sandflee.net/txt/list.asp? ID = 129 Windows log Protection and forged http://www.sandflee.net/txt/list.asp?id=182 About backmen and Trojan Related Tools: Wollf-V1.5 Trojan http: // www .Isgrey.com / down / show.asp? id = 144 & down = 1 WINSHELL V5.0 Exquisite Telnet server http://www.isgrey.com/down/show.asp?id=200&down=1 blue flame V0. 5 You can use the IE-controlled Trojan http://www.bluefate.com/bluefire/bluefire050.zip network hobview v3.4 reverse connection, online notification http://www.isgrey.com/down/show.asp?id = 239 & down = 1 Hell v0.4 lion written Trojan and tool http://www.heibai.net/download/show.php?id=2449&down=1 Related Posts: Blue Flame V0.5 Introduction HTTP: // WWW .boefate.com / Bluefire / Help.htm Network Cabin introduction, directly go to the author's homepage http://www.greenstuffsoft.com/nethief/Article.htm About Patching brief description: If you find the broiler if you have a loophole, It is generally possible to find the corresponding patch download URL with the vulnerability search engine mentioned above. Big patch, such as SP2, find Microsoft, "Windows Update). Related posts: broiler patch tutorial http://www.sandflee.net/cgi-bin/lb5000/topic.cgi?forum=1&topic=7180 Related Tools: Win2000sp3 Chinese version http://www.cnns.net/msfix/w2ksp3_cn .exe Win2000sp3 English http://www.cnns.net/msfix/w2ksp3_en.exe windows2k security patch set srp1 http://www.patching.net/otherweb/software/viewAtlic.asp?id=1570 About Telnet brief description : Telnet is a terminal service of a command line, and its advantage is that the client and server are self-contained. It is the best choice of the shell of the CMD in addition to Trojan. When using this service, the most frequently encountered problem is NTLM authentication. When NTLM = 2, you must use your system's current account and password to log in; when NTLM = 0 directly requires you to enter an account and password to verify; NTLM = 1 is the previous requirement to fail after failure .
Since the system default NTLM is 2, you want to log in with your account, either build a username password on your own system, or you want to change the NTLM of the other party. Related tools: TelnetHack remotely open Telnet service http://www.heibai.net/download/show.php?id=2200&down=1 rtcs.vbe remote open telnet script http://www.v86.net/net/file /ZZZEVAZZZ / RTCS.ZIP Related Posts: The fastest login Win2k Telnet service http://www.sandflee.net/txt/list.asp?id=58 does not need tool remote masking Telnet service NTLM authentication http: // www. Sandflee.net/cgi-bin/lb5000/topic.cgi?forum=1&topic=8608&show=1012 About FTP Invasion Brief Description: FTP is an abbreviation of the file transfer protocol, and now it is generally referring to a file transfer mode. It is really difficult to pass it through it. Even if the upload authority is not directly executed, the user can be used to refer to the invasion of Win98 sharing. Some earlier versions of FTP service software, especially on the UNIX platform, with vulnerabilities with overflow or Yue access, please check the part behind the vulnerability. Related posts: Anonymous login FTP server risk research http://www.heibai.net/Article/show.php?id=2094 About SQL brief description: SQL's original intention is Structured Query Language, structured query language. Now generally refers to database software or services. The popular database software is MS-SQL, and the general server provides database services. The following discussion is for it. Since the account SA default password with administrator privilege is empty, and the low version of SQL has a vulnerability to obtain a password directly. Therefore, it has also become a shortcut for intrusion (if there is a vulnerability). After connecting the client tool, use it directly when CMD is used.
Related tools: MSSQLTools attack SQL tool set http://www.haowa.com/down/tt/mssqltools.zip supersqlexec MSSQL connection tool http://www.sandflee.net/down/show.asp?id=142&down= 1 Related Posts: Remove the XP_cmdshell permission http://www.sandflee.net/txt/list.asp?id=148 DOS How to change SQL password http://www.sandflee.net/cgi-bin/lb5000/ Topic.cgi? Forum = 1 & Topic = 8623 & show = 1034 SQL extension delete and restore http://www.haowa.com/bbs/dispbs.asp?boardid=12&rootid=16971&id=16971&page=1 SQL completely concise manual http: // Www.patching.net/otherweb/Works/ViewArticle.asp?id=1513 About SNIFFER Related Tools: Arpsniffer Sniffer Tools Based on Exchange Environment Http://www.netxeyes.org/arpsniffer.rar sniffrpro4.6 The best sniff One of the instruments http://www.sandflee.net/down/show.asp?id=237&down=1 CommView is also an http://www.skycn.com/download.php?id=1351&url=http: / /lnhttp.skycn.net/down/cv3.zip arpkiller1.3 can check who is sniffing (NIC in mixed mode) http://www.heibai.net/download/show.php?id=2547&down=1 pswMonitor2 .0 listening to web-based mailbox passwords (very suitable for Internet cafes) http://www.heibai.net/download/show.php?id=2181&down=1 Gunifer command line mode sniffing tool http: // haowawa. COM / DOWN / GUNIFFER.EXE related posts: Sniffer brief description http://www.sandflee.net/txt/list.asp?id=177 network listening technology overview http://www-900.ibm.com/developerWorks/ CN / Security / SE-SNIFF / INDEX.SHTML NETXRAY STTP: //www.heibai.net/Article/show.php?id=1620 How to Sniffer http://www.netxeyes.org in the switch environment ARPSNIFFER.HTML Windows Exchange Environment Implementation http://www.netxeyes.org/arpspoof.html About DOS and DDoS Ease Description: Deny Service Attack is only available in very special cases. It is completely destroyed and disgusting behavior. Therefore, it is very not recommended to recommend a novice try. Everyone understands it.
Related Tools: Dictorial DDOS Tool http://www.leothreads.com/usr/25/25_18196.zip Three DDOS Tools http://www.heibai.net/download/show.php?id=2706&down=1 Posts: DOS attack principle and common methods introduction http://www.heibai.net/Article/show.php?id=1724 typical DOS attack principle and resistance measures http://www.heibai.net/Article/show.php ? id = 1523 Distributed Denial Service Attack (DDOS) Principle and Prevent Http://www-900.ibm.com/developerWorks/security/se-ddos/index.shtml DOS, DDOS (Denial Service) Attack and Definition Q & A Http://www.chinesehack.org/file/show.asp?id=4876 Dictator (AutoCrat) Tutorial http://www.s8s8.net/cgi-bin/topic.cgi?forum=25&topic=17639&show=0 About UNIX / Linux: Unix / Linux is undoubtedly more famous than Windows. Unfortunately, some "Pacific Offers" have been lacking, so many people look. I don't plan to talk about anything, people who want to learn it is better to find relevant information from learning, huh, huh. Related Posts: Intrusion for beginners FAQ http://article.cnhope.org/list.asp?id=308 rootkit Overview http://www.patching.net/otherweb/Works/viewAsticLe.asp?id=1592 Related Website: Linux Related Websites Http://chenbol.myetang.com/remen.htm About usage of common tools: Hackers 'tools are like soldiers' guns, must be skilled in mastering flexible applications. Here is some commonly used tools for newbie downloads. Other tools are still searching yourself. Tools under the general command line are coming with a simple instructions (ie, usage), which will be displayed when entering an error parameter or no parameters. Don't give up study because of the help of English. The software given the software uses the tutorial, there will always be a place where it is not tailored or not enough. If you encounter a problem, please first try to solve it. If you don't work, please grasp the key points of the problem, clearly expressed. Related tools: Command line tools: Shutdown.exe Restable Gadgets http://www.sandflee.net/down/show.asp?id=109&down=1 PSTools Series Tools include PSLIST, PSKILL, PSINFO, etc. Http://haoawa.com/down/pstools.zip has English instructions, which is more easy to understand.
SMBCRACK V4 violent crack 2000 shared password http://www.sandflee.net/down/show.asp?id=226&down=1 sc.exe service management tool http://www.sandflee.net/down/show.asp? ID = 31 & Down = 1 Nmap-3.00-Win32 The best scan tool http://www.heibai.net/download/show.php?id=2741&down=1 regshell command line mode Interactive Registry Editing Tool HTTP: //www.sometips.com/soft/regshell.exe scanlook 1.0 Vulnerability Scanner http://www.chinehack.org/down/show.asp?id=1559&down=1 Win2k.svr.reskit full installation version of Microsoft out "Hacker" kit http://www.ttian.net/download/show.php?id=136&down=1 nc hacker's Swiss army http://www.sandflee.net/down/show.asp?id=32&down = 1 Graphical interface tool: SuperScan3.0 port scan, fast http://www.sandflee.net/down/show.asp?id=165&down=1 x-scan 2.0 integrated scan tool http://www.sandflee. NET / DOWN / SHOW.ASP? ID = 236 & Down = 1 TFTP server simple file transfer tool, using Unicode vulnerability must-have http://www.sandflee.net/down/show.asp?id=27&down=1 Dameware NT Utilities V3.62 Registration Powerful Remote Control Software http://www.sandflee.net/down/show.asp?id=238&down=1 L0PHT4.0 Crack SAM's Famous Tools (with registration machine) http: // www. Sometips.com/soft/lc400.zip Strc M-VNC STRCM Automatic Loading VNC Remote Graphics Http://www.sandflee.net/down/show.asp?id=235&down=1 Remote Administrator V2.1 Remote Control Screen Tool http://www.sandflee.net/ Down / show.asp? id = 204 & down = 1 Related Posts: SuperScan Using the detailed explanation http://www.heibai.net/Article/show.php?id=1575 Automatically load VNC remote graphic control http: // www.php?id/stliceth/show.php?id=1575 Using STRCM Sandflee.net/txt/list.asp?id=176 Dameware NT Utilities Using experience http://www.sandflee.net/txt/list.asp?id=102 dateware nt utilities graphic tutorial http://www.sandflee .NET / TXT / LIST.ASP? ID =
25 Remote Administrator - Remote Control Software Graphic Tutorial http://www.sandflee.net/txt/list.asp?id=162 Remote Administrator official Chinese Help http://www.sandflee.net/txt/list. ASP? ID = 165 About Radmin remote installation http://www.ttian.net/article/show.php?id=431 sc presentation and tutorial http://www.sandflee.net/txt/list.asp?id = 26 Agent Hunter (Proxy Hunter) Tutorial Http://wwwb.pconline.com.cn/pcedu/soft/doc/10312/1.htm NMAP Details Http://home.getdns.Net/web/eva /nmap.txt About tutorial I collected some download addresses for tutorial. It is important to read the tutorial that learning the ideas and innovation, digestion and absorbing into their own things, and raises an anti-three. Don't be a database, it is difficult to find the article you want to find. There will be repetitions in different tutorials, and it will be a reinforcing memory.
(Ranking is not divided, ^ _ ^) Xiaoxi's hacking tutorial (Rookie version) http://www.sandflee.net/down/show.asp?id=213&down=1 stream light tutorial electronic version http://www.sandflee .NET / DOWN / SHOW.ASP? ID = 34 & Down = 1 three-channel studio organized Delphi and hacking skills 1.5 http://stgzs.myetang.com/hack/delphitechv1.5.chm Terminal Services E-book HTTP: / / www.sandflee.net/wawa/tools/termsrv.zip NCC made of super rookie hacities http://www.heibai.net/download/show.php?id=2136 雪 光 光 小 小 论 论 精 精 集 集 集 集 集 集 光//www.andyxu.net/bana/tools/netxeyes.chm Security Focus Document Essence http://www.andyxu.net/bana/tools/xfocus_doc.rar 派 的 网 经 经 经 经 h. NET / DOWN / Show.asp? id = 63 & down = 1 Rick's UNIX textbook http://www.sandflee.net/down/show.asp?id=153&down=1 phantom group head: thorns hacker tutorial http : //mybanqiao.jia.net/rije/bana/tools/Hy.rar cow brother writes the Chinese and crack software tutorial http://mybanqiao.jia.net/rije/bana/tools/niu.rar stand-alone Install Web service , FTP service, imai mail service, and super Lead Forum all Raiders http://www.andyxu.net/bana/tools/web.chm fog's "System Network Intrusion Method Society" http://www.sandflee. Net / down / show.asp? id = 114 & demy = 1 proud eagle tutorial http://scfly.3322.net/ Blow a cannon written hacker entry http://mybanqiao.jia.net/rije/banana/tools / htp.rar "hacking guide" first phase http: // w Ww.heibai.net/download/show.php?id=2216&down=1 Small Ming wrote "Network Best Hacker Guide" http://www.heibai.net/download/show.php?id=1808&down=1 hacker Anti-line full station tutorial http://www.andyxu.net/bana/tools/bana_01.rar rookie Collection http://www.haowa.com/down/cainiao.zip Hache Basic Textbook Forum Member Sleeping does not wake up Collection Making HTTP: //www.sandflee.net/down/show.asp?id=241&down=1 Recommended URL is actually part of my favorites. If you miss it, please let me know.
(In addition to the first, ranking is not divided, ^ _ ^) gray trajectory http://www.sandflee.net/ or http://www.isgrey.com/ Wawa rotted page http://61.184.86.21/ black and white Network http://www.heibai.net/ Netxeyes http://www.netxeyes.com/Afocused points http://www.xfocus.net/peckerland http://peckerland.com/小 Fengju http: // Www.chinesehack.net/ Phantom Trash Terminal BBS http://www.3389.net/bbs/World Technology http://security.nsfocus.com/ Network Security Evaluation Center http://www.cnns.net/ Sometips http://www.sometips.com/ aaron's homepage http://www.exetools.com/ WhiteCell security systems http://www.whitecell.org/ red alert http://www.china4lert.org/ hacker defense Http://badbanana.3322.net/ Chinese Eagle Pist http://www.chinawill.net/ College Network Alliance http://www.cnhope.org/ Tiant Safety Net http://www.ttian.net/ Tianwanese.com http://www.patching.net/ [Net Sniff] http://www.netsill.com/ cnsafe.net http://www.cnsafe.net/ Search Engine If you have aware software tool, Article tutorial, vulnerability information, website address is used: Google http://www.google.com Google is blocked here http://www.sandflee.net/cgi-bin/lb5000/topic.cgi? Forum = 1 & Topic = 11965 & show = 0 Google Used Help: http://www.sandflee.net/cgi-bin/lb5000/topic.cg I? Forum = 1 & Topic = 5001 There are still a few "questions" to say. I originally thought that I can solve some data. The results have been used in 20 throughout. In addition to the discrete reasons for data, it is mainly because I don't have systematically think about these problems at all, so I can't expressly and effectively. Fortunately, while looking for answers and answers, I have gained improved. If you can find something you need in this article and get an improvement, then I will be satisfied. Gray trajectory copyright, if you need to reprint, please keep the author information and indicate the source!
