黑客隐藏技术（Hacker hiding technology）.docVIP

黑客隐藏技术（Hacker hiding technology） Hackers attack hiding - entry [2009-10-26] classification: intrusion technology Intruders use other broilers instead of performing scans themselves File transfer mode: 1 IPC$command: copy source file \ \ target IP\ target directory, Xcopy object file \ \ target IP\\ target directory /E 2 mapping disk: net use local \\ target IP\ target disk drive or right click on the network neighborhood, mapping a network drive. 3, FTP can open the FTP server on the other party or on the machine, and use PUT, GET commands to send files to each other 4 package transport: rarx300 can be used at the command line compression tools Command: rar32 a compressed rar File target file or folder Such as: rar32 a c:\hack.rar c:\hack pack C hack files into hack.rar Rar32 X: rar file decompression after decompression Path Two: file hiding: commands: attrib+h+s files settings, hidden and system properties Such as: attrib, +h, +s, c:\winnt\tools, you can also use system specific folders, storage files, such as: Copy 1.exe c:\winnt\tasks\, and can be used properly, CD winnt\tasks, and found in the graphical interface does not 1.exe file, you can also build a folder, named faskTasks.{D6277990-4C6A-11CF- 8D87_00AA0060F5BF}, this allows you to build this folder anywhere in the remote host, and some other private folders to expand The following name: 2227A280-3AEA-1069-A2DE-08002B30309D network printer folder 645FF040-5081-101B-9F08-00AA002F954E recycle bin folder 871C5380-42A0-1069-A2EA-08002B30309D IE browser folder D20EA4E1-3957-1102-A408-0C5020524153 management tools folder And so on, you can refer to relevant information Three: scanning hidden: upload scanner, login, perform scanning, download the results The command line tool XScan: 1 xscan -host startIP[-endIP]module[option] 2 xscan -file host_list_filemodule[option] module parameters: All scanning all items, Rpc scanning RPC vulnerabilities, Tracert routing, SqlSQL weak password, Snmp-snmp information, Ftp