网吧入侵的战役（Internet invasion campaign）.docVIP

网吧入侵的战役（Internet invasion campaign） Internet invasion campaign An Internet intrusion. A lot of intrusion methods, but what is the most commonly used method of Internet intrusion? First, automatic landing. Now the Internet is generally WIN2000 or Windows XP machines, network management is generally the machine set to automatic landing! So when we boot into the system login window flashed! When if we findfass.exe try to find out the login account password is not successful! Because the account password not in memory, and findfass.exe by Winlogon and PID on the right of domain name, looking for a good segment with dense memory block in memory (save encrypted password), then decrypts it, so you can get the plaintext password. In fact, automatic login password in the registry. We open the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows registry key AutoAdminLogon NT\CurrentVersion\Winlogon\ in the directory, this one is 1, said automatic landing. For the 1 time, open the control panel user and password will find the password required in front of the hook was removed. DefaultUserName the corresponding key is corresponding to the DefaultPassword login username, password is the key. Shanghai ocean top Trojan 2006 has a function, the principle is the same, but because the authority, can not read. In this way, we find out the account password. But you know, an Internet bar automatic login password account is generally the same, but the network management in order to facilitate their setting in general Internet worm Administrators group, at least in group user. Know the account password, can not also worry about intrusion? Internet cafes machine of the server service is disabled, then we cannot use the IPC invasion. We can not use opentelnet.exe, because a is also dependent on the IPC connection, dameware remote control does not work, the same reason. We can use recton with a compact and practical tools to open Telnet, this tool under WIN2000 so special. Open Telnet, we telnet u