in the afternoon of June 21st, the Tianjin Software Industry Association Branch of the fifth week study period of Internet application meeting began, the official QQ group: 39241075, the research by the webmaster network www.admin5.com, www.admin5.com, Chinese red Chinese red UNITA UNITA www.redhacker.cn cooperation, the theme of network security: network intrusion.
interconnect Liu Weijun (MAI 296128095)
Hello everyone! According to the schedule, this afternoon held seminar on network intrusion, still by the Honker Union speaker. What is the problem we can exchange, the way is still the guests speak for 30 minutes, and then we discuss.
is Chinese Honker Union (www.redhacker.cn) CEO, "Honker Fengyun" author, author of "interpretation of insider exposure" honker.
China Red League SharpWinner
all right? Our training is now, everyone’s website has been hacked?……
it seems that now the hackers rampant ah, we all know how website was hacked?
just did a survey, all web site intrusion happens more, but also a part of the webmaster know how hackers are invading, now there are many PHP sites by hackers, there are also many online tools for PHP penetration.
now let’s let everyone know what hackers have invaded the site
SQL injection vulnerability invasion
This is the website of ASP+ACCESS
invasion, through the injection point list inside the database administrator account and password information, and then guess the website backstage address, and then use the account and password to log into place to find the file upload, upload ASP Trojan up, get a website WEBSHELL.
then there is a SQL injection vulnerability invasion, and that is the way ASP+MSSQL website invasion. MSSQL will usually assign an account to the user, the account permissions are divided into three kinds of SA, dbowner, public, SA highest permissions, public minimum.
used to have a lot of database to SA privileges, especially some of South Korea’s website, a lot of SA permissions are swept away, now most of the site is to give DBOWNER permission.
if the site is SA permissions, injection points, then you can directly use the database storage expansion XP_CMDSHELL to execute the system command, the establishment of a system account, and then log in through 3389. Or upload a NC program, and then use NC back to get a remote SHELL permissions, of course, the use of S>