黑客隐藏技术（Hackers hide technology）.doc

黑客隐藏技术（Hackers hide technology） Hacker attack and defense primer 6 - hide technology [2009-10-26] classification: intrusion technology The intruder USES other broilers to perform scans and other operations 1. File transfer mode: 1 IPC $, command: copy source file \ \ target IP \ target directory, Xcopy target file \ \ target IP \ \ target directory/E Map hard disk: net use b0 \ target IP \ \ target disk or right click online neighbor, map network drive. FTP server can open FTP server, use PUT, and send files to each other Package transport: rarx300 can be used for compression tools at the command line Compression command: rar32 a rar file target file or folder Rar c: \ hack package the hack files of the c disk into hack.rar Decompression: rar32 x rar file decompresser path 2. File hide: command: attrib + h + s file to set hidden and system properties For example: attrib + h + s c: \ winnt \ tools, can also use the system special folder, storage files, such as: Copy 1. Exe c: \ winnt \ tasks \ and can be used normally, CD winnt \ tasks and found no in the graphical interface 1. Exe files can also be created in a folder named faskTasks. {d6277990-4c6a-11cf - 8D87_00AA0060F5BF}, which can set up this folder at any location on the remote host, and other dedicated folder extensions Name: 2227 a280-3aea-1069 - A2DE - 08002b309d network printer folder 645ff040-5081-101b - 9f08-00aa002f954e recycle bin folder 871c5380-42a0-1069 - a2ea-08002b309d Internet explorer browser folder D20ea4e1-3957-1102-a408-0c5020524153 management tool folder Please refer to the relevant information Three: scan hidden: upload scanner, login, perform scan, download results X - Scan command line tool: 1 xscan - host startIP [- endIP ] module [option] 2 the xscan may - the file host_list_file module [option] module parameter: all - scan all items, RPC - scan RPC vulnerability, tracert - route, SQL - SQL weak password, SNMP - SNMP information, FTP - FTP weak password, port - por