【 Weak current College 】 common underlying hackers technology related terms term explanation

Describes some of the more common terms. basis of hackers dedicated

1. chicken: the so-called "broiler" is an image of the metaphor, analogy that can be controlled, they can be a WINDOWS system, or UNIX/LINUX system, may be an ordinary personal computer, or it can be a large server, we can operate their own computer to manipulate them like that, not being found by each other.

2. the Trojan horse: who on the surface, disguised as a normal procedure, but when the program is running, you will get the entire control system. Many hackers are hot in and use the Trojan to control someone's computer, such as the gray pigeon, black hole, PcShare etc.

3. Web Trojans: disguised as an ordinary Web page file or just code directly into a normal Web page file, when someone visits the page Trojans will use each other's system or browser vulnerabilities automatically configured on the server side to download Trojan horse to a visitor's computer up executed automatically.

4. hang horse: is in someone else's Web site files into Web pages is a Trojan or dive into the code to each other normal Web page file, so that visitors to the Maldives.

5. the back door: this is an image of the parables, intruders in the use of certain methods of successful control of the target host, you can in each other's system in the implantation of a specific program or modify certain settings. These changes on the surface, it is very difficult to be detected, but the intruder can use the appropriate procedure or a way to easily and establish connections with this computer, to regain control of the computer, as if intruders secretly with a master room, you can access at any time if without being the owner found. Usually most of the Trojan horse (TrojanHorse) program can be an intruder language system, a backdoor (BackDoor)

6.rootkit: rootkit is the attacker used to hide their whereabouts and retain root (root permissions, can be understood as the WINDOWS system or administrator rights) access tools. Typically, an attacker remotely exploitable manner obtain root access, or use the password guess solution (solution) to gain access to the system of common access rights, access to the system after it is passed, the other system memory in security vulnerability to obtain system root permissions. Then, the attacker will in each other's rootkit, installed in the system to achieve their long-term control each other's purpose, rootkit and we mentioned the Trojans and the front door is similar, but much lower than they are subtle, hackers defenders is very typical of the rootkit, domestic ntroorkit etc are good rootkit tools.

7.IPC $: is shared "named pipes" of resources, it is to enable inter-process communication and open hungry named pipes, you can verify the user name and password for the appropriate permissions, in the remote management computer and view the computer's shared resources.

8. the weak password: refers to those who have enough strength, easy to guess solution, similar to 123, abc such password (password).

9. default share: default share is WINDOWS2000/XP/2003 systems open shared services automatically when you open a shared hard disk, because a "$" symbol, so don't see share hand chart, also become hidden shares.

10.shell: refers to a command line environment means, such as our press the keyboard's "start key + R" run "when", inside the dialog box, enter "cmd" a black used to execute the command window, this is the Windows Shell execution environment. Usually we use remote overflow overflow remote computer program successfully from the command used to execute the system environment is the other side of the shell

11.WebShell: WebShell is to asp, php, jsp or cgi, a Web page file in the form of a command execution environment, it can also be called a Web back door. Hacker in the invasion of a site, usually the asp or php backdoor file and Web servers WEB Directory normal Web page file, after you use a browser to access the asp or php backdoor, get a command execution environment to achieve the purpose of controlling the Web server. You can upload and download files, view the database, to execute arbitrary programs command, etc. There are domestic common WebShell, Haiyang ASP Trojan, c99shell Phpspy etc

12. overflow: exact, should be "buffer overflow". The simple explanation is the procedure to accept input data does not implement effective detection and result in an error, the consequences may be caused program crash or execute the attacker's command. Can roughly be divided into two categories: (1) heap overflow; (2) stack overflow.

13. injection: with B/S mode application development development, use this mode to write the program more and more programmers to more, but as a programmer of DMV a considerable part of the application for security breaches. Users can submit a database query code, according to the procedure returns results for certain he'd known data, this is the so-called SQLinjection, namely: SQL note.

14. the injection point: can the injection place, usually a Access database. According to the injection point database running account permissions, you receive permissions differently.

15. intranet: popular is the LAN, such as Internet, intranet, corporate intranet, etc. belong to this class. View the IP address if it is in the following three scope, descriptionWe are in the intranet of: 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255 192.168.0.0-192.168.255.255,

16. external network: direct to the INTERNET (Internet), and the Internet as a computer with access, the IP address is not a reserved IP (gateway) IP address.

17. port (Port) corresponds to a data transmission channel. To accept some data, and then transmitted to the appropriate services, and computer processing of these data, and then apply the appropriate recovery through open ports to each other. Generally each port open pairs corresponding to the service, to close the ports need only turn off the corresponding service.

18.3389, 4899 broiler: 3389 is the Windows Terminal Services (TerminalServices) by default uses port number, the service is Microsoft in order to facilitate network administrators to remotely manage and maintain the server and launch, network administrators can use remote desktop to connect to any server on your network to open the Terminal Services computer, after a successful login will be like the operation of their computer as operations master. It and the remote control software or even a Trojan program implementation functions very similar to the Terminal Services connection is stable and will not be any antivirus software, so it is killing the hacker's favorite. Hacker in the invasion of a host, usually try to first add in a own backdoor account, and then turn on the other side of the Terminal Services, so that, at any time you can use Terminal Services to control each other, the host, usually is called 3389 broiler. Radmin is an excellent remote control software, 4899 is Radmin default to often be hackers as a Trojan to use (it is for this reason, the current anti-virus software also on Radmin killing). Some people in the use of the service port number. Since Radmin control is powerful, the transmission speed is faster than most Trojans, but without being the killing virus software, Radmin remote administration computers using a blank password or weak passwords that hackers could use some software to scan the network exists Radmin blank password or weak password for host, then you should be able to login on the remote control up, this is controlled by the host usually was to do 4899 broiler.
China Red League network security services expert http://www.runet.cn xiaocao QQ1191924009021-51872351 Server security services
19. free: through a shell, encryption, modifying the signature, and take instructions, and so on technology to modify the program, to escape the killing virus software.

20. shell: is the use of special acid, EXE executable or DLL dynamic link library file to change the encoding (such as compression, encryption) to reduce the file size or encryption program code, or even escape the purpose of killing the virus. At present there are more commonly used shell UPX, ASPack, PePack, PECompact, UPack, immune 007, Trojans sparingly, and so on.

21. the flower directive: it is a few compilation instructions for compiling statement some jump, anti-virus software can not be normal judge virus file structure. Said popular point is "antivirus software is from head to foot in order to find the virus. If we put a virus on the head and foot upside-down position, the anti-virus software will not find viruses ".