The most classic hack introductory textbook-vulnerability warning-the black bar safety net

ID MYHACK58:6220054373
Type myhack58
Reporter 佚名
Modified 2005-11-08T00:00:00


The first section, hack the type and behavior of the To my understanding, the“hackers”generally should be divided into“positive”and“evil”Categories, the decent hackers rely on their own knowledge to help system administrators to identify system vulnerabilities and be improved, while the evil faction of the hacker is through a variety of hacking skills for system attacks, intrusion, or do some other harmful to the network thing, because the evil faction of hackers are engaged in things contrary to the hackers code, so their real name is“Cracker”the Cracker instead of“hacking”(Hacker), that is, we usually often heard of“hacking”the Cacker and“honker”(Hacker)。 No matter what class hackers, their initial learning content will be in this section relates to the content, and mastery of basic skills are also the same. Even after they each go on a different path, but do also almost, but the starting point and destination is not the same. Many people once asked me:“do hackers usually do? Isn't it very exciting?” It was also on the hack of the understanding that“every day to do boring and repetitive things”. In fact, these is also a wrong perception, hackers usually need a lot of time learning, I don't know this process has no end, just know that“more is better”the. Since learn hacking is completely out of personal hobby, so it doesn't matter“boring”; the repetition is inevitable, because“practice makes perfect”, only through constant contact, in practice, it may be their experience some can be felt, can not explain in words the experience. In learning, the hacker should be your own knowledge application to practice, no matter what kind of hack to make the things, the fundamental purpose is nothing other than practice to master the learning content. The hacker's behavior are the following: One, the learning technology: On the Internet new technology once there, the hacker just must learn immediately and with the most short time, mastering this technique, where said Master is not the General understanding, but reading about the“Protocol”rfc, an in-depth understanding of the technology mechanism, otherwise once you stop learning, then rely on his previous mastery of the content, is not able to maintain his“hacker identity”more than a year. The primary hacker to learn the knowledge is more difficult, because they have no Foundation, so learn up to contact a lot of the basic content, however, today the Internet to bring readers a lot of information, which requires primary learners to choose from: in too deep the content may be to learning difficulties; too“fancy”of the content to learn hacking useless. So beginners can not be greedy for more, should try to find a book and Own the complete materials, step-by-step learning. Second, disguise yourself: The hacker's every move will be a server recorded, so the hacker must disguise himself so that the other can not discern its true identity, this need to have skilled skills, used to disguise your IP address, use the springboard to escape the track, clean the record to disturb the other clues, cleverly avoidfirewalland the like. Camouflage is in need of a very excellent basic functions to achieve, this for beginners into the“Dacheng realm”, that is beginner not possible with a short time to learn to camouflage, so I do not encourage beginners to use their learning knowledge of the network attack, otherwise, once their deeds brought to light, and ultimately harm the harm is yourself. If someday you become a real hacker, I also disapprove of your network for attacks, after all the hackers of the growth is a learning, rather than a crime. Third, the discovered vulnerabilities: Vulnerability to hackers is the most important information, hackers often want to learn others to discover the vulnerability, and efforts to find their own unknown vulnerabilities, and from the mass of Vulnerability in search of valuable, may be the use of the vulnerability test, of course, their ultimate object is achieved by a vulnerability to damage or repair on this vulnerability. Hackers to look for loopholes obsession is unimaginable, their slogan says“breaking authority”, from time and time again hackers practice hackers also used their own practical action to the world confirms this-the world is not“there is no vulnerabilities”of the program. In the hacker's eyes, the so-called“seamless”, but is“not found”. Fourth, the use of the vulnerability: For a decent hack, the vulnerability to be patched; for the evil faction hacking, vulnerability to sabotage it. While their basic premise is that the“exploit”that hackers could exploit the vulnerability can do the following things: 1, the obtained system information: some vulnerabilities can leak system information, exposure of sensitive information, thereby further invasion of the system; 2, intrusion system: through the vulnerability into the internal system, or get the server on the internal information, or completely in charge of the server; 3, looking for the next goal: a victory means the next target appeared, the hacker should take full advantage of your own has been in charge of the server as a tool to find and invade the next system; 4, do some good: decent hacker in the completion of the above work, it will fix the vulnerability or notify the system administrator, to make some maintenance of the network security thing; 5, do some bad things: evil faction hacker in the completion of the above work, will determine whether the server and use value. If valuable, they will be on the server implanted Trojan horse or back door, to facilitate the next visit; for there is no use of the value of the server they never mercy, the system crash will make them feel an infinite pleasure!

The second section, a hacker should master the basic skills From this section started, we will truly embark on learning to hack the road, the first thing to introduce is as a Junior hackers must master the basic skills of learning which can be through this section of the reading to learn to hack is not a mystery, but learning it is very easy to use. In order to ensure the beginner to the hacker's interest, so the book took a cycle of progress, that is to say each Chapter is independent, comprehensive, learners only complete study of the Chapter content, to be able to further learning in the next Chapter. A, understand a certain amount of English: Learning English for the hackers is very important, because now most of the information and tutorials are in English version, but for hacker news is also from abroad come here, a vulnerability from discovery to emergence of Chinese introduction, need about a week's time, in this period of time the network administrator has enough time to patch the vulnerability, so when we see the Chinese description of this vulnerability may already does not exist. So learn hacking from the outset to try to read information in English, use English software, and timely attention to the overseas famous network security Station. Second, learn basic software use: Here, the basic software refers to two elements: one is our daily use of various computer commonly used commands, such as ftp, ping, net, etc.; on the other hand also to learn about the hacking tools, which mainly includes a port scanner, vulnerability scanner, information interception tools and password cracking tools. Because these software varieties, features vary, so the book later will be introduced to several popular software use method, the learners in mastering the basic principles later, you can either choose your own, it can also be in the“second section”to find about the software development guide, write your own hack tool. Third, a preliminary understanding of network protocols and working principle: The so-called“preliminary understanding”that is“according to their own understanding”to figure out the network works, because the agreement relates to knowledge are many and complex, so if at the outset an in-depth study is bound to greatly dampen the learning motivation. Here I suggest the learner preliminary to learn about tcp/ip protocols, especially web browsing when the network is how to transmit information, the client browser how to apply for a“handshake”, the server-side how-to“response handshake message”and“accept request”and other content, this section will in later chapters be specifically described. Four, familiar with several popular programming languages and scripts: Above the same, here also does not require learners to conduct in-depth study, as long as they understand about the language, know the program execution results. Recommendations of the learners initial learning of C language, asp and cgi scripting language, in addition to the htm hypertext language php, java, etc. to do basic understanding the main learning of these languages in the“variables”and“array”part, because language exists between the intrinsic link, so long as proficient in one, other languages can also be a pulse of the same, suggest to learn C language and htm hypertext language. Five, familiar with the Web App: Network applications include various server software daemons, for example: wuftp, Apache and other server daemon; and the popular online forums, electronic communities. Conditions the learner will best your own computer into a server, and then install and run some of the forum code, after some tries after, it will be emotional to figure out the network works, this is more than rely on theory a lot easier, can achieve a multiplier effect!

The first Chapter, the basic theory and basic knowledge The first section, network security terminology explained First, the agreement: The network is an information exchange of places, all access to the network the computer can pass each other between the physically connected devices to Exchange Information, this physical device includes the most common cable, Fiber Optic Cable, Wireless WAP and microwave, etc., but the mere possession of these physical devices can not achieve information exchange, it is as if the human body can not be lack of the brain dominate, the information exchange also includes a software environment, this“software environment”is the human realization of the provisions of a good number of rules, referred to as“agreement”, with Protocol, different computers may follow the same Protocol using a physical device, and will not cause each other between“not understanding” it. This Protocol is very similar to the“Morse code”, a simple point and one horizontal, through the arrangement can have the worth of change, but if there is no“table”, who could not understand a disorganized Electrical Code is the representation of what the content is. The computer is the same, they through a variety of pre-specified Protocol to complete a different mission, such as the RFC1459 Protocol can implement an IRC server with a client computer of the communication. So whether it is a hacker or network administrator, you must have the learning agreement to achieve understanding of the operation of the network mechanism for the purpose. Each agreement is the result of many years of modification continues in use today, a new generation of protocols mostly at the grassroots level agreement established on the basis of, and thus the Protocol relative to have high security mechanisms, the hacker is difficult to find agreement in the presence of security directly into the network to attack. But for some new type of Protocol, because time is short, the consideration owed to the thoughtful, but also may be due to security issues and hackers take advantage of. For network Protocol discussions, the more people believe that: today the use of the base Protocol in the beginning of the design there are security risks, and thus whether the network what kind of changes, as long as today this network system is not a fundamental change, fundamentally unable to put an end to cyber hackers. But this hack function is beyond the scope of this book, and thus is not here described in detail. Second, the server and the client: The most simple Web service in the form are: number of computers as the client, using a computer as a server, each client has to the server requesting the capabilities, followed by the server response and completion of the requested action, and finally the server will perform the results returned to the client computer. Such agreements are many. For example, we usually contact the e-mail server, Web server, chat server, etc. all belong to this type. In addition there is a connection, it does not require server support, but directly to the two client computers are connected, that is each computer has both server and client, and between them have the same function, peer to peer complete the connection and information exchange work. For example, DCC transport protocols that belong to this type. Since then seen, the client and the server are the various protocols specified in the request to apply the computer and the answering computer. As a General Internet user is operating their computer, and the network server sends a conventional request to complete, such as browsing the web, email, and other actions, and for the hackers it is through their own PC client on other computer may be a client, it could also be the server for the attack to achieve invasion, destruction, stealing information purposes. Third, the system and system environment: Computer to work you must install theoperating system, and now the popularoperating systemprimarily by the UNIX, Linux, Mac, BSD, Windows2000, Windows95/9 8/Me, Windows NT, etc., theseoperating systemeach run independently, they have their own file management, memory management, process management and other mechanisms on the network, these differentoperating systemcan be used as a server, can also be used as client by a user operation, between them through the“Protocol”to complete the information exchange work. Differentoperating systemwith the different applications constitute the system environment, for example Linux system with the Apache Software can be your computer configuration is set to a Web server, the other using a client computer can use the browser to access the web server for the viewer to read the text information; and then as Windows2000 with the Ftpd software can the computer configuration set to a file server, remotely through ftp, login can access the system on various file resources and the like. Fourth, the IP address and port: Our Internet access, it may also browse the web, send and receive e-mail, voice chat...... So many of the network services through a different Protocol, however the network is so large, our computers how to find the services needed to the computer? How to on a computer at the same time to complete so much work? Here we must introduce to the IP address. Each Internet computer has a unique IP address, this address is similar to the life of the people in the home, through the network routers and other physical equipment without primary learners to understand, the network can be done from one computer to another computer exchange of information between the work, because their IP addresses are different, so as not to appear can not find the target of the chaos. But the hacker can through the special method of forge your own computer's IP address, so that when the server accepts the to hack computer security IP address request, server will send response information is transmitted to the pseudo IP address, thereby causing network confusion. Of course, hacking can also be based on IP address easy to find any Internet access or server, and then for them to attack think about the reality of burglary, so today we will see a lot about how to hide your IP address on the article. Next I explain the above-mentioned second problem: on one PC, why can also use a variety of network services. It seems as if the city had eight gates, like, a different Protocol is reflected in the different network services and different network service on the client computer open up a different port gates to the completion of its information transfer work. Of course, if a network server at the same time open up a variety of network services, then it is also going to open a plurality of different port gates to receive different client requests. On the network often hear the“back door”is the meaning, the hacker through the special function on the server opens up a network service, this service can be used specifically to complete the hacking objective, then the server will be open a new Port to complete such services, because this port is for hackers to use, thus easily will not be a General Internet user and the network administrator found, i.e., the“hidden port”, so the“back door.” Every computer can open 6 5 5 3 5 port, so in theory we can develop at least 6 5 5 3 5 different kinds of network service, but in fact this number is very large, the network is often used to the service agreement, but dozens, such as browsing the Web client and server are using the 8 port number 0, the IRC chat is on the service end of use 6 6 6 7 port, client use 1 0 2 6 ports. Fifth, the vulnerabilities: The vulnerability is that the program does not take into account the case of, for example, the most simple of the“weak password”vulnerability refers to the system administrator forget to shield some network applications in the account; the Perl program vulnerabilities may be due to the programmer in the design process when considering the case of imperfect appear to“allow the program to perform up overwhelmed by”snippet, the“overflow”vulnerability is part of the original design of the system or program when no pre-reserved sufficient resources, and in the future use of the program is the result of insufficient resources; the special IP packet bomb is actually a program in the analysis of some special data when an error occurs, etc....... All in all, vulnerability is the programming of human negligence, that in any program are unable to absolutely avoid, the hacker also took advantage of various vulnerabilities of network attacks this Chapter begins the words“network security”is actually the“vulnerability”of meaning. Hackers exploit vulnerabilities to complete a variety of attacks is the end result, in fact, true to the hacker's definition is to“look for loopholes”, they are not cyber-attacks for fun, but every day to indulge in reading the others in the program and trying to find one of the loopholes. It should be said, to some extent, the hackers are the“good guys”, they in order to pursue perfection, to establish the safety of the Internet to plunge into this line, just because some hack or simply is a pseudo-hackers often use offensive exploits in recent years, it is only for hackers with fear and hostility towards psychology. Sixth, the encryption and decryption: In the“Protocol”explanation, I mentioned that“due to the network design of the base there is a problem......”that Simply put this problem is to allow all Internet users to participate in information sharing, and thus for certain commercial, personal privacy in the network on the transmission, it will be exposed in full view, our credit card, personal e-mail, etc. are available through the monitor or interception mode is others, how can we keep these information safe? The reader may think of the“World War II”in the Spy war: war countries in the use of the Telegraph, all the code for the encryption process, only by knowing the“password Book”of the recipient, it can be carried out decoding work. It is this ancient encryption methods in the modernization of the network also remained its strong Vitality, by the encryption processing of the information transmitted on the network, regardless of who got this document, as long as there is no“password thin”is still in vain. On the network the longest use is to set a personal password, using the DES encryption lock, which two encryption modes, respectively, can complete user login system, website, e-mail address and protection information packet work, and the hack to work, is through vulnerability, violence a guess, the encryption algorithm to reverse the application and other ways to obtain the encrypted file in clear text, someone put the“magic goes, road high battle”is used here, is indeed in the right though! The network on the encryption method and needs password authentication system emerge, the hackers also looking for the hack these systems of the various approaches. You can say,“vulnerability”and“decryption”are two completely different hacking areas, for different learners on their preferences, will directly affect the future will be the hacker type, and thus in between the two the choice should be based on Personal Preferences, the book will focus on learning the“vulnerability”aspect of the knowledge. Seven, the Trojan horse: a A Trojan horse is a program that can do programmers intentionally design not to appear over things. But for the Trojan horses do, regardless of whether the users understand it, are not to be endorsed. According to some people in the know, the virus is a Trojan horse of a special case, namely: the ability to spread to other program that these programs also become the Trojan horse in. According to a further People's understanding, not intentionally cause any damage to the virus is not a Trojan horse. In the end, regardless of how defined, many only use“Trojan horse”to describe can not be copied with a malicious program, so that the Trojan horse with a virus to distinguish

In Section III, a commonly used hacking software use classification First, prevention: This is from a safety perspective relates to the type of software, such asfirewall, check virus software, the system process monitors, port management program, etc. are belong to this software. Such software can The maximum extent to ensure the PC User's security and privacy, not to be hack damage. A network server for such software needs is also very important, such as the Log analysis software, system intrusion software can help administrators to maintain the server and the invasion of the system the hackers can be tracked. Second, the information collected to: Information collection software more types, including port scanning, vulnerability scanning, weak password scanning and other scanning software; and the interception, the intercepted packet such as Spy type of software, most of which belong to the also are also evil of software, that is, whether a decent hack, the evil faction of the hacker, system administrator or General computer user, can the user class software to complete their different purposes. In most cases, the hacker user software more frequently, because they need to rely on such software for the server for a full range of scanning to get as much information about the server, in the server with the full understanding after, in order to hack the action. Third, Trojans and worms: This is two types of software, but their working principle is substantially the same, all have the virus is hidden and destructive, and in addition such software may also be owned by the control person to operate, or by prior well-designed program to complete a certain work. Of course, such software can also be the system administrator to use, as the remote management server tool. Fourth, the flood: The so-called“flood”that information is garbage bomb, through a lot of garbage requests can cause the target server to load to overload and crash, in recent years the network has become popular DOS distributed attack, simply can also be classified as such software. Flood software can also be used as a mail bomb, or chat-type bomb, these are simplified by the network security enthusiasts the procedures of the“fool”the software, which is book one began to accuse the“pseudo-hacker”in the hands of regular use of the software. Five, password crack: Network security can be guaranteed of the most practical method is to rely on a variety of encryption algorithms of a password system, hackers can probably easily obtain a copy of the dark below, the password file, but if there is no encryption algorithm, it still cannot obtain the real password, so the use of password cracking software is imperative, the use of computer, high-speed computing capabilities, such software can use password dictionaries or brute-force way to restore encrypted dark. Sixth, the deception: If you wish to obtain the above-mentioned plaintext password, a hacker needed to ciphertext encryption algorithm restore, but if it is a complex password, the crack up is not so simple. But if know the password tell hacker password the prototype, is not it more convenient? Cheat class software is in order to accomplish this purpose and design. Seven, the pretender: Network for the various operations are ISP, Server recorded, if not after a good camouflage for you to hack the action, it could easily be the anti-tracking technology traced to hackers, so disguise your IP address, the identity of the hackers is very important section of a required course, but the camouflage technique requires profound knowledge of the network, a start without a solid Foundation it is necessary to use this type of software.

Section IV, learning to hack basic environment One, theoperating systemoption: We often hear about hackers love Linux system, this is because Linux relative to Windows provides a more flexible mode of operation, more powerful functions. For example, the IP address of the forged work, the use of the Linux system to write a special IP header can be done easily, but in Windows system it is almost impossible to do. But Linux also has its deficiencies Side, this system command complex.For complex, not for beginners, but also for individual learners, and not too many people would give up the“comfort”of Windows, give up exciting computer games and convenient mode of operation, to devote himself to hack learn. And for the novice hacker of the learners, most of the network knowledge can be in the Windows system is learning, relative to the Linux system under the Windows platform the hack software also is not in the minority, and the other by the package installer, Windows systems can also debug a certain amount of program, so the initial learning to hack is not necessary from the Linux start. This book uses the platform WindowsME, because for individual users, to NT or 2 0 0 0 somewhat harsh-the system configuration requirements are too high; however, the use of 9 5 or 9 8 and the lack of certain necessary functions-NET, TELNET command incomplete. But the present book most of the content tested for vulnerabilities from a remote server departure, it is not necessarily WindowsME operating system to learn, for a few system differences between versions, learners can contact me to obtain the corresponding system of learning methods. Second, the need of commonly used software: If your system is WindowsME, then tell you a good news-you do not need to install too much additional software, because we contact with the hacker knowledge to rely on the system provided to our command and the built-in software on the foot can be done! In addition to the basicoperating system, learners also need to install the various types of scanner, then download a more excellent Trojan software, a monitor software, in addition no other requirements. If necessary, readers can self-install this article the software, and then learn its usage, but I have to tell you, for all types of bombs, as well as network on a wide range of hacking software, in learning the end of this book, you can own production, own development, there is no need to use others to write the software. For scanner and monitor software, I give the following suggestions, and in the book behind the will also for this few software details:

Scanner: x-scanner Download address:<>

Monitor software: analyzer Download address:<>

Trojan: BackOffice Download address:<>

These three software are free, and abnormal function of the powerful. Like xscanner is a domestic software, he integrates a variety of scan functions in one, and supports both console and graphical interface two modes of operation, in addition to providing a detailed vulnerability using the description. For starters, with these two tools, learn hacking has been more than enough. Third, the additional tools: If you can install the following tools, will to learn hacking has a great help, of course, the following software is mainly for learning additional content and for the“second part of”learning for bedding, so no it will not interfere with book learning. 1, the backend Server: With some network applications background service program, you can be your own computer set to a small server to learn the appropriate network from the“internal”understanding of its operation mechanism, which will greatly improve your server's perceptual knowledge, but also to the activation server; monitor their own data on the server, if there are other hackers to attack, it can clearly record the other side of the attack process, thereby learning more of the hacking method. For the present book, mainly introduces the web site of the Perl and asp scripting language vulnerabilities, so you can install a IIS or HTTPD and. Then in the install ActivePerl to make your own server with a compiled cgi and pl scripts the ability. Using your own server there is a benefit, you can save a lot of time online, learning, looking for flaws in the process into your own computer, saves money, does the network constitute a threat, do both. 2, the C language compilation platform: In the future, learn hacking the way, will encounter a lot of“its own problems”, these problems on the network, other people may not notice, so unable to find the appropriate program, this time the learners would do-it-yourself development of relevant tools, so install a Borland C++will be very easy, by this compiler, the learner can both learn the C language, it is possible to modify the present book, listed later in some of the small program, to create a belongs to own tool library. Fourth, the network security software category Now we come to find out about the network security software category, because to learn hacking knowledge are two interrelated processes: both learn how to black, but also learn how to prevent being black. 1, thefirewall: the This is a network on the most common security mechanisms in softwarefirewallwith hardware and software, most readers may see more of Are is softwarefirewall. Its main function is to filter garbage information to ensure the system not subject to bomb attacks, to prevent the worm intrusion, to prevent hacking, increase privacy for sensitive data protection, and real-time monitoring of system resources, prevent system crashes and regular maintenance of the database, backup the main information...... Firewallthe system can be itself a vulnerability patched, so the hack did not start with the opportunities. In addition to have the LAN of the enterprise, firewallyou can restrict the system ports open, and the prohibition of certain network services to eliminate the Trojan in. 2, The detection software: On the Internet there are specifically for a hacking program to clear the tool, but this software is more integrated in the antivirus orfirewallwithin the software, for the system of Trojans, worms can be detected and cleared, the software to protect the system are not infringed, it will automatically protect the hard disk data, to automatically maintain the registry files, test content can be code, monitoring the system port is open state and the like. If the user need, the software can also write about the script on the specified port for the shield(firewallhave this feature. 3, the backup tool: Designed to backup data tools that can help the server regular backup of data, and in the development time to update the data, so even if the hacker destroys the server database, the software can also be in a short time completely restored to receive the invasion of the data. In addition to individual users, such software can to hard drives full image backup, once the system crash, the user using such software can restore the system to its original state, for example, Ghost is such a software leader. 4, log record, analysis tools: For the server, the log file is essential, the administrator can through the logs for the server the request type and the source of the request, and according to the log to determine whether the system vulnerable to hackers attack. By Log analysis software, administrators can easily to the invasion of hackers to conduct anti-tracking, to find the hacker attack sources, and thus the catch is not hacking. This is why the hackers in the attack when the use of IP address masquerading, Server, jump, and in the invasion of the server after clearing the log file the cause.