Common hacker terms
Remote control
Very popular a kind of tool, one of the most famous is gray pigeons, the main function is to control the computer remote control, generally used for computer batch management, school computer room, such as Internet cafes, but after hackers use, there are many new features, such as a keyboard, peep video, etc., in a way this may be a serious illegal behavior, as the antivirus software upgrade, And the crackdown on such software, now fewer and fewer people play remote control.
chicken
A “chicken chicken” is a figurative metaphor for a computer or server that can be manipulated at will. Machines controlled by remote software.
Trojan
Programs that appear to be normal, but when they are run, they gain full control of the computer. There are a lot of hackers is to use Trojan horse to destroy the computer, for example, far control to control the premise of the computer is Mr Trojan, and then think of ways to let the other side run, can control.
Web Trojan
Disguised as ordinary web files on the surface, but the virus code directly inserted into the normal web files, when someone visits, the web Trojan will execute the corresponding vulnerability code to destroy. For example, when someone visits a porn site and finds that the CPU is high, it actually calls the mining code, and when you visit the site, it uses your computer to mine.
Hang a horse
It is in other people’s website file inside the webpage Trojan, malicious code inserted into the other party’s normal webpage file, in order to make the reader in the horse, horse is to describe a kind of operation, not a kind of technology.
The back door
This is a kind of image of example, for example, you want to download a Tencent QQ, but on the Internet to download is not an official file, but someone else first virus file binding in the normal file, when opened will be poisoned, usually this virus is called the back door, because the victim can not find.
Weak password
It refers to passwords that are not strong enough to be easily guessed, such as 123456, ABC123, abcdefg, woainixiaofeng and so on, which are common invasion methods of hackers. About 20 of 100 passwords are such weak passwords.
shell
It refers to a command execution environment. For example, when we press the “Windows key +R” on the keyboard, the “Run” dialog box will appear. Entering “CMD” in the dialog box will present a black window that can run commands. When there is no mouse only keyboard before, it is to rely on this to complete all computer operations!
WebShell
WebShell is a command environment in the form of asp, PHP, JSP and other web files. It can also be called a web back door. Hackers in the invasion of a website, generally will these ASP or PHP backdoor files and the WEB server WEB directory under the normal page files mixed together, generally hidden deep, because can not be discovered by the administrator, deleted can not obtain the control of the site. A web site with a Webshell backdoor can basically do whatever you want, modify any part of the site or delete it. The website transaction between hackers is conducted by Webshell, for example, how much do I spend to buy the webshell permission of this website, and the attacker is responsible for trying to put webshell back door in this website, so we should understand.
injection
With the DEVELOPMENT of B/S structure of the website environment, basically all websites need databases. Users will be able to submit a database query code, according to the result of application back, obtain certain he wants to know, this is normal situation, but in repairing the query to have malicious code, is destructive, this is the so-called SQL injection, the most aggressive web vulnerabilities, let countless enterprises stand was invaded the culprit.
Injection point
A place where SQL injection can be performed, usually a web page address with parameters. The permissions you get vary depending on the account permissions of the injection point database.
Intranet
Colloquial speaking is LAN, such as Internet bar, campus network, company Intranet and so on all belong to this kind. If the IP address ranges from 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255, it indicates that the IP address is on the Intranet.
The network
Directly connected to the Internet (Internet), can let any computer access to each other, the Internet needs access to broadband to achieve.
Free to kill
It is through shell, encryption, modify the characteristic code, add flower instructions and so on operation to change the program, so that it escaped anti-virus software to kill. We said in front of the remote control generated Trojan, often will be found by anti-virus software, can not achieve the effect of computer control, so the need to use no-kill technology to avoid anti-virus software scanning, so that anti-virus software is mistaken for safe software, so as not to intercept.
packer
Is to use special algorithms, exe executable program or DLL dynamic link library file encoding changes (for example, to achieve compression, encryption), in order to reduce the size of the file and encryption program coding, or even escape the intent of anti-virus software. The commonly used shells are UPX, ASPack, PePack, PECompact, UPack, Immune 007 and so on. Shell another important role is to prevent software cracking, there is attack there is defense!
Take instruction
Is a few assembly instructions, let assembly statements for some jump, so that anti-virus software can not normally judge the structure of the virus file. Anti-virus software looks for viruses from head to toe. If we turn the head and feet of the virus upside down, the anti-virus software can’t find the virus.
The router
The equipment used to get online, with broadband line directly connected to the computer input password can get online, now why do computers want to connect routers? Because the mobile phone needs to connect the wifi of the router to get online, so the broadband line went to connect the router, the computer did not have the broadband line, can only go to connect the router.
port
To the network, know the IP address of a computer, just equivalent to know its residential address, to communicate with it, we also know what port it opened, for example, we go to a hospital, registration to the window 1, price to the window 2, take medicine to the window 3. Communication is the same with the computer, then, to access the small wind tutorial website, you have to with small wind tutorial web server 80 ports to connect, to land at the FTP space, transfer files, we have to server port 21 again, so, the port is a data transmission channel, used to receive some of the data, and then passed to the corresponding reply, The computer will process the data and then send the corresponding reply to the other side through the port.
The IP address
There are many computers on the Internet. To enable them to identify each other, each host on the Internet is assigned a 32-bit address only. This address is called an IP address, also known as an Internet address. Each IP address has 256×256-1=65535 ports.
Common Vulnerability Names
Upload the loopholes
You think a hacker can get full access by breaking into the back of a website? Of course not, the background is just the office page of some websites, such as adding articles, managing articles, comment management can be basic functions, upload Webshell can get more permissions, at this time, use the upload loophole, find the uploading loophole in the background, upload Webshell to get the highest permissions of the website, of course, this is exaggerated, The highest level is the server level.
Hackers loopholes
BaoKu
This vulnerability are very rare now, but there are many sites have this vulnerability can apply, BaoKu is submitted characters get the address of the database file, the address of the database file, we will be able to download, is equivalent to take the site is the most important database, which contains the website all the information, including all the user data!
Injection vulnerabilities
This vulnerability is the SQL injection vulnerability mentioned above, is now the most widely used, lethal vulnerability is also very large,
sidenote
When we invade a certain station may be the station to consolidate the airtight, we can find the same server and the station of the site, and then invade the site, with power, sniffing and other methods to invade the site we want to invade. Make an image, for example, such as a building, you and me in my house is very safe, and your house, but loopholes, now there is a thief wants to invade my home, what did he do to my home surveillance (scan), found nothing can use, so the thief found your home and my family a building, it is easy to go in your house, he was able to enter your home, first Then get the key of the whole building through your home (server permission), so that you can get my key naturally, and then you can enter my home (website).
A social worker
If you directly baidu social workers, appear as a result of the social work, we can with the social worker said it doesn’t matter, a social worker full social engineering, is the study of the weakness of human nature to attack a technology, such as a site administrator is called xiao Ming, is the site of the administrator password is likely to be with xiaoming, even xiaohong, Why the little red? Because it may be xiaoming’s favorite person and of course there may be Xiaofeng, but the probability is very low, right? At least much lower than the first two. Social worker attacks are usually carried out in this way of thinking. To put it more simply, you can also think of human flesh. Some of the profiles of people who have been hacked online are social engineering techniques. Small wind for a simple example, such as you want to find a star QQ number, you can search his company’s name in THE QQ group, there may be xx company group, and then you know how to find the QQ number.