[Description] This article has been written for a long time, very simple, just to explain that sometimes we don't have the whole letter to scan the software, we can do it in your own manual, you can get your administrator black temptation invitation, in the confusion I have been in Chongqing, I have been so long, but I just returned a few posts, I turned two articles, I also felt that I didn't feel it. So today I have a simple invasion of the original invasion, I will share it together, I hope everyone can often come to Chongqing, learn from each other!
[Special Description]: I have written so much, I want our rookie to experience how to invade and know what the weakness of the website is, it is imposed, but don't try to say this below, if you really invade If a small part is enough, there is no need to do so much like I said, but mainly for the study of our rookie, I will also
Ok, I will say less, not to waste everyone, I am 揍! First, prepare tools, do you have tools? Isn't it idiot? But we don't trust the tool too much (Hey, you will know why I say this, don't believe it? Waiting for me .....)
1, X-scan finds yourself, don't tell me you don't know 2, SupPerscan 3.0 (in fact tool 1 and 2 choose one, that is, you can only want x-scan, just use SupPerscan speed Fast, convenient, first, a general scan, what is the service, so that you don't have a web service, if you sweep the IIS vulnerability, then, don't you spend a valuable time?) 3, SqlTools connection tool, if you don't have SQL, this tool is good, I don't have to say it, I don't have to say it, I will understand it, if there is no, you can use Google to find two, target 65, * **, ***, *** is a company website, providing information, don't say that my quality is not high, I don't mess up others, I am going, but I don't mess, as a safe We don't make it destruction. Second, scan and intrusion 1, use supperscan all the ports, the Lord is 21, 80, 1433 3389 No 139 like this good thing, but it is also enough, it seems that the administrator still made Some processing, 21 and 80, I don't want to say, 2, ok, 1433,, very good, see if the SA's password has changed, wow, no change, great, (this The old brother is too big, don't be happy ....) Try to connect, first look at what it is in the computer again, I cry, the administrator is not too delicious, deleted SQL cmdshell If you don't execute a command, you don't have to import files. If you have any administrator, write down them, useful, it seems that 1433 is not good, look at 3389 3, take your x-scan Let's go, just weak passwords, other things, don't worry about it, I am dizzy, sweep, no weakness, don't you, give up, don't work, let's take manual, Guess, 4, take the user name you get in 2, do 3389, there is no 3389 vulnerability, but we can try it, it is a 123321 password, and there is an empty password such as Admin (but X-scan is not sweeping, don't trust the scanner), it is not a few, it will be done. 5, enter, how to think, but you can also enter their network, wow, online neighbors, don't say, what financial staff management, remember -------- Don't mess, out Don't say anything, don't say that I have not reminded you
