There are so many hacking websites nowadays, no matter where you are willing to learn, you can learn one and a half tricks. I’ve seen other people’s signatures: Aunt Wang who sells vegetables is a hacker, Uncle Li who roasts sweet potatoes is also a hacker, the owner of the sex shop opposite, digging a day, is still a hacker-_-~! .. There are so many hackers!!! According to incomplete statistics, at least thousands of websites are invaded and tampered with every day. Once chatting in a certain group, a high school student hacked into the intranet server of the local Civil Affairs Bureau to check the information in order to find the information of a girl he met. Great. The process is estimated to be quite exciting. As the saying goes, as long as there are computers, there will be rivers and lakes. There is always a reason to be hacked...
How to prevent the website from hacking?
Let's start with the station.
It is very important to choose the server first. Because no matter how secure your website program is, if the server is compromised, your website will become a plaything. Maybe there is an idea in the eyes of friends that a secure server will be more expensive. In fact, it is not the case. The investment of funds can only be said to be the enhancement of software and hardware, so that the network speed or load capacity has been improved. However, the security of the server can be manually configured. As long as the network management is properly set, the server can be much more secure. In some previous practices, it was found that many government schools were poorly set up. It seems that if IIS is installed, as long as the website can be browsed, it will be completed. I heard from a friend before that the government school website, as long as you get a webshell, basically the server can be taken down. This sentence can explain a phenomenon that the webmasters of many school governments obviously do not pay enough attention to website security. Although your website is just publishing some news articles, if it is invaded by an attacker, his goal is not necessarily a simple website, but a bridge to the intranet server.
Let's talk about our personal website again. Due to financial considerations, personal websites are basically hosted on virtual servers. Our personal webmasters can't do much work on the security of the server, so it is necessary to choose a good and safe space. The same is a virtual host, and the ones I have encountered are relatively safe. Put an end to some common security risks of information leakage due to improper configuration of directory permissions. At least it will not be fiddled with by those "hackers" who hang up black pages.
Let's take a look at some common attack methods used by hackers.
1. Dangerous upload vulnerability
This also falls into three categories:
One is that there is no authentication at the place of uploading, and Trojan horses can be directly uploaded.
One type can be uploaded just by registering an account, and then the place where the upload is not properly filtered.
One type is uploaded by the administrator background authentication.
Of course, some uploads can directly upload the script Trojan horse, and some can upload the script Trojan horse after certain processing. In any case, many attackers gain access to the website by uploading.
2. Injection Vulnerabilities
Various script injection exploit methods and permissions are different. Dangerous ones can directly threaten server system authority. Ordinary injection can expose the account information in the database. To obtain the administrator's password or other useful information. If the authority is high, it can directly write to the webshell, read the directory file of the server, or directly add the management account to perform attacks such as replacing services.
3. Transfer injection, also called cookie transfer injection
Originally this should be attributed to the category upstairs, but I listed it separately. Some programs themselves or additional anti-injection programs only filter post or get parameters. while ignoring the cookie. Therefore, the attacker can also achieve the purpose of injection as long as the transfer is made.
4. Database writing Trojan horse
That is to say, in the past, some programmers may think that the mdb database is easy to be downloaded, so they replaced it with asp or asa. But I didn't expect that such a change would bring greater security risks. These two formats can be downloaded to the local with Thunder. What's even more frightening is that the attacker can submit a one-sentence Trojan horse in some way, insert it into the database, and then use a tool to connect to gain permission.
5. Database backup
This is actually a function of the background of many websites. The original intention is to allow administrators to back up the database. But the attacker uses this to change the format of the picture Trojan horse uploaded by himself with a backdoor to the real Trojan horse format. to obtain permission. I remember that there was a page backed up by the website system database before that did not have management certification, and the harm was even greater. Although some website database backups have limitations, they are still broken by some special circumstances. For example, the formats that an attacker can back up are asp, asa, cer, htr, cdx, php, jsp, aspx, ashx,
asmx also has several .asp;x.jpg .asa;x.jpg .php;x.jpg available in the iis6.0 environment. Many asp programs written by programmers only filter and parse the asp format, ignoring Other analysis such as php. There is also the analysis of the folder named zzfhw.asp zzfhw.asa in the backup directory. If none of the above can be used, the attacker may back up the conn.asp file in the website directory to zzfhw.txt to check the database path, and may use the method of writing a Trojan horse to the database. Of course, the methods of attack are beyond our list. Only through everyone's communication can we learn more.
6. Leakage of management account passwords
Maybe everyone will say that the above attack method needs to be completed under the premise of having an administrative account. Here I will talk about some common leaks of administrative account passwords.
First: universal password 'or'='or'. There are many more ways of writing. The principle of this can be searched on my website. Just put this in front of the administrator's account password and you can directly enter the background. There are still many websites that can still be entered.
Second: weak passwords. For example, your password is admin/admin888/123456/5201314 and so on. This is easy to guess.
Third: default password. Here are the default background password and the default background database. If the attacker knows which set of source code your website is built with, they will go to the next set of the same source code to see if the default database can be downloaded and whether the background password has not been changed.
Fourth: the webmaster's personal general password. Many people use only one password on the Internet. No matter which link your password is leaked, the attacker may use this password to test your website background, your mailbox, your QQ number, your ftp, and your account registered elsewhere. . . This question is a bit serious and involves social engineering.
7. Editor
The two main editors are ewebeditor and fckeditor. The low version of ewebeditor does have a loophole, and the code can be constructed to upload the Trojan horse directly. However, the high version currently on the market has not yet said that there are any loopholes. But the most evil thing is that everyone forgets the background password and database path of the ewebeditor when using it, which leads to the invasion of the website. Some modified versions of fckeditor are Trojan horses that can be uploaded directly. But since the ";" loophole appeared, the intruders became more crazy. Some versions failed to be uploaded once, and they succeeded after being uploaded again. Many large websites have been implicated.
8.ftp weak password
As mentioned above, it is possible that you have used a common password. There are also weak passwords. For example, your website is www.zzfhw.com. Then the attacker may use zzfhw as the user name (it turns out that many virtual hosts are configured in this way), and then generate a series of weak passwords, such as zzfhw123/zzfhw123456/zzfhw888/zzfhw520/123456/888888/zzfhw.com/zzfhwftp, etc. , because you can use related tools to scan, so he can generate many passwords that ordinary people use to test your ftp password. Scientific research has proved that this method is also more harmful.
9.0 days
Now many people use some mainstream programs. For example, Dongwang, Discuz Forum, phpwind, Dongyi, Xinyun, etc. These users have a lot of source code, and they will bring you "surprises" from time to time. For this, please pay more attention to the article about the latest program loopholes of the webmaster anti-blacknet. Patch the program as soon as possible.
10. Stand by
It is to take down other websites on the same server as you, and then get more information through some xx means. If the authority is large enough, throw a Trojan horse directly into your directory; if the authority is general, the Trojan horse cannot be thrown in, and read your administrator password or other sensitive information for further intrusion; if the authority is weaker, the attacker will try to sniff.
11. There are some things that cannot be ignored
Violent library, listing directories, arbitrary download vulnerabilities, including file vulnerabilities, iis write vulnerabilities, cookie spoofing, cross-site xss, etc., are many, many. If you are interested, you can search for these terms and methods on my website.
Well, these basic methods are all finished. We learned about the means of these attacks. Then you can attack each one. Keep your own website safe. For example, the commonly used background is admin.manage.system, we can change it to an uncommon one that will not be guessed, and don’t write any background login links on the program. When selecting a program, use Baidu and Google to check whether there are any loopholes and whether it is the latest version. If you still love your website, you can test your website according to some of the methods listed above to prevent problems before they happen. Don't wait until the black pages hang high to feel bad.
After talking about anti-hacker, let’s talk about how to become a hacker (the following content is only for novice hackers)
Hacker Learning Roadmap
Suggested learning sequence:
1. Learn about network security and popularize the law (I have a number in mind, I have to go in and sit for a few years!)
1. Understand and introduce the "Network Security Law"
2. "Decision of the Standing Committee of the National People's Congress on Maintaining Internet Security"
3. "Regulations of the People's Republic of China on the Protection of
Computer Information 5. " Administrative
Measures for the Security Protection of International Networking of Computer Information Networks"
6. "Administrative Measures for Internet Information Services"
7. "Administrative Measures for Testing and Sales Licenses for Computer Information System Security Special Products"
8. "Communication "Network Security Protection Management Measures"
9. "National Security Law"
II. Lay a solid foundation, sort out and review
Basics of LINUX system operation and maintenance
1, LINUX service management
2, Docker installation and use
3, LINUX security hardening
Network necessary foundation
1, physical layer
2, data link layer and switch
3, network model OSI TCP peer-to-peer transmission
4, virtual local area network VLAN
5, static routing and configuration
6, network address translation NAT
7, access control list ACL
8, IP protocol and IP address classification
9, subnet mask
10, gateway
11, subnet division
3, HTML and JAVASCRIPT (you only need to know the grammar, the requirements are not high)
1. Introduction to HTML? Why learn HTML
2. HTML document format, detailed explanation of entities
3. HTML tags, frames, tables, lists, forms, images, background explanations
4. Introduction to JAVASCRIPT
5. Features of JAVASCRIPT
6. Composition of JAVASCRIPT
7. How to Write JAVASCRIPT in the webpage
4. Introduction to PHP
1. PHP environment construction, code writing tool selection
2. PHP basic grammar (function, variable, constant, comment, data type, flow control, arithmetic operation) 3.
PHP flow control (IF statement multiple nested SWITCH statement WHILE loop FOR Loop GOTO loop) PHP function
4, PHP regular expression
5, PHP file upload, PHP error handling
6, PHP operation MYSQL database
7, PHP session management and control
5, MYSQL/MSSQL
1. Database introduction, classification, installation, configuration, login, connection, etc.
2. Basic database operations Create, view, select, check database tables, delete databases and other related command line operations 3. Data
field operations create, modify, add, adjust field order, sort and delete 4. Database table operation
creation, viewing, selection, deletion of database tables and other related command line operations
5. Data type integer, floating point, character, time, matching type, etc.
6. Character set index
7. Addition, deletion, modification and query Update record, database permission operation
VI. Key points
02 Hacking Rules
03 Industry Development and Employment Trends of Security Operation and Maintenance Engineers
04 Overview of enterprise-level website attack methods and common Linux systems. ..
05 Security Introduction / Virus / Malicious Program / Hacker / Intrusion /
06 CentOS7.The x template machine is packaged with system optimization / and attack and defense ring. ..
07 CentOS7.The x template machine is packaged with system optimization / and attack and defense ring. ..
08 Offensive and defensive environment construction / DVWA shooting range construction / website front-end technology. ..
09 Enterprise-level CentOS7. Common commands for x system directory management
10 Enterprise-level CentOS7. X system file operation basic commands
11Enterprise-level CentOS7. VI/VIM text editor in x system
12 Enterprise-level CentOS7. x system file permissions
13 Enterprise-level CentOS7. x system file attributes
14 Enterprise-level CentOS7. x system user management
15 Enterprise-level CentOS7. x system character set, wildcard, special. ..
16 Enterprise-level CentOS7. x system character set, wildcard, special. ..
17 Enterprise-level CentOS7. x file compression and file transfer (1)
18 Enterprise-level CentOS7. X system file search practical skills
19Enterprise-level CentOS7. x system timed task/scheduled task
20 Enterprise-level CentOS7. X system disk management and project combat
21 Enterprise-level CentOS7. x network management / and static routing project. ..
22 Introduction to Web Application Security and Risk for Penetration Testing
23 Web services such as Nginx/Apache/Tomcat for penetration testing. ..
24 Information collection of penetration testing security tools
25 Vulnerability Scanning of Penetration Testing Security Tools
26 SQL Injection Basics for Penetration Testing (Part 1)
27 Attack Framework of Penetration Testing Security Tools,
28 SQL injection basics of penetration testing (below), tools and POST. ..
29 Asset sorting and Nmap tool introduction for penetration testing
30 SQL injection blind injection for penetration testing
31 SQL injection for penetration testing based on error injection (Part 1)
32 SQL injection for penetration testing based on error injection (Part 2)
33 SQL usage of SQL injection for penetration testing
34 SQL Injection for Penetration Testing and SQL Injection Defense, 35 Essential Tools for Penetration Testing (Part 1)
36 Essential Tools for Penetration Testing (Part 2)
37 Penetration Testing Vulnerability Mining / Vulnerability Scanning
38 Penetration Testing Kali Linux Security Penetration
39 levels of security protection process and penetration test report writing
40 Level Protection of Linux System Security Hardening (Part 1) 41 Introduction to Network Security Cross-site Scripting Attacks of Penetration Testing-XSS. ..
42 File Upload Vulnerability for Penetration Testing
43 Introduction to Network Security Cross-Site Scripting Attacks of Penetration Testing-XSS. ..
44 Introduction to Network Security Cross-Site Scripting Attacks of Penetration Testing-XSS. ..
45 Penetration Testing Network Security Service Request Forgery Vulnerability-CSRF
46 Penetration Test Network Security Service Request Forgery Vulnerability-SSRF, 47 Business Security Copper Leakage Top 10
48 Brute force cracking and verification code security of penetration testing
49 DDoS–DDoS, CC, SYN–Linux three major security attacks. ..
50 DDoS-Firewall Technology/Shell Programming Technology Practice
51 DDoS – DDoS Security Defense
52 DDoS-DDoS security defense
53 Security - Social Engineering (Part 1)
54 Security - Social Engineering (Part 2)
55 Access Denied Attack and Defense Description-DoS-DDoS, 56 Serialization and Deserialization
57 file upload
58 Social Engineering III
59 Social Engineering IV
60WAF Bypass Penetration and Defense
61 verification code security penetration and defense
62 WEBSHELL Related Penetration and Defense
63 system privilege escalation penetration and defense
64 database privilege escalation penetration and defense
65 Three-party application software security
66ARP Penetration and Defense
67 Intranet related penetration and defense
68 Wireless security-related penetration and defense
69 penetration report writing
70 Trojan Horse Avoidance Problems and Defenses
71windows security series problems
72 levels of protection
73 Risk assessment
74 safety inspection
75 emergency response
76 code audit
VII. If you have spare time, you can learn
1. ANDROID unpacking and reverse engineering
2. Shell in-depth
3. C in-depth learning
4. C++ in-depth learning
5. Go language
6. JAVA language
7. Windows unpacking and reverse engineering
8. Blockchain
9. CTF in-depth
8. Recommendation of learning materials
Book list recommendation:
Computer operating system:
[1] Coding: the language hidden behind computer software and hardware
【2】In-depth understanding of the operating system
【3】In-depth understanding of windows operating system
【4】Linux kernel and implementation
Programming development class:
【1】windows programming
【2】windwos core becomes
【3】Linux programming
【4】Unix environment advanced into
【5】IOS becomes
[6] The first line of code Android
【7】C programming language design
【8】C primer plus
[9] C and pointers
[10] C expert programming
[11] C traps and defects
[12] Assembly language (Wang Shuang)
【13】java core technology
【14】java programming ideas
【15】Python core programming
[16] Linux shell script strategy
[17] Introduction to Algorithms
[18] Compilation principle
[19] Compilation and decompilation technology practice
[20] The way to clean code
[21] Code Encyclopedia
[22] TCP/IP Detailed Explanation
【23】Rootkit: Lurkers in the gray area of the system
【24】Hacking Attack and Defense Technology Collection
【25】Encryption and decryption
【26】C++ Disassembly and Reverse Analysis Technique Revealed
[27] web security testing
【28】White hat talks about web security
【29】Proficient in script hacking
【30】Web front-end hacking technology secret
[31] Programmer's application
【32】English Writing Handbook: Elements of Style
Common Internet Security and Forums
Kanxue Forum
Safety Class
Safety Niu
Safety Internal Reference
Green League
Prophet Community
XCTF Alliance
I have also compiled some network security information for you below. If you don’t want to find them one by one, you can refer to these information.
video tutorial
SRC&Hacking Technical Documentation
Hacking Tools Collection
