Feem ntau cov neeg uas yog cov los yog lwm yam kev ua hauj lwm pib lawv txoj kev mus rau ib tug loj computer guru nrog cov me nyuam rau hack ib yam dab tsi. Kev ua si los yog qhov chaw - nws tsis muaj ib tug muaj zog tus nqi. Tsis tas li ntawd ib lo lus ceeb toom - cov ntaub ntawv no yog nyob ntawm no thiaj tau tuaj rau koj lub hom phiaj thiab nws siv thiab daim ntawv thov nyob rau hauv kev xyaum yog tsis pom zoo. Tsis tas li ntawd, kom tsis txhob tau tus tsis zoo los yuav tseem yuav tau piav nyob rau hauv nqe lus dav dav, tsis muaj specifics zoo li cov npe ntawm cov kev pab cuam los yog hacking ncauj lus kom ntxaws algorithms. Thiab nyob rau hauv lub kawg nws yuav tau los sib tham yuav ua li cas rau hack neeg rau zaub mov admin.
kev taw qhia
Yog li ntawd, yuav ua li cas mus ua txhaum mus rau hauv lub servers? Thawj kauj ruam nyob rau hauv tej lub tswv yim - ib tug qhov chaw nres nkoj scan. Qhov no yog ua li cas mus nrhiav tau tawm yog dab tsi software yog ntsia. Txhua qhib chaw nres nkoj yog cov neeg rau zaub mov kev pab cuam. QAUV: 21 m chaw nres nkoj yog FTP. Yog hais tias koj xa mus rau nws thiab tau qhov kev tsim nyog permissions, koj yuav tau yooj yim download los yog upload tej ntaub ntawv. Thawj kauj ruam yog los luam theej duab cov thawj 1024 ports. Qhov uas koj yuav nrhiav tau ntau yam txuj cov kev pab cuam. Txhua tus ntawm lawv yog ib tug zoo ntawm qhov rooj. Thiab ntau yam ntxiv ntawm lawv, qhov yooj yim dua nws yuav mus nrhiav tau hais tias ib tug los yog ntau tshaj ntawm lawv raug kaw. Yuav kom ib tug loj raws li nws yog nyob rau hauv lub tsim nyog ntawm cov neeg khiav dej num computer uas zoo rau lub neeg rau zaub mov. Cov tau cov lus qhia txog cov weaknesses yuav tsum tau muab sau tseg rau ib tug siv yooj yim tsheb (daim ntawv daim ntawv los yog phaj).
Tom ntej no, mus saib tag nrho cov ports saum toj no 1024. Yog vim li cas? Qhov tseeb hais tias cov kev pab cuam uas yog nyob rau hauv lawv, tej zaum yuav muaj vulnerabilities los yog ib tug neeg ua ntej protroyanil neeg rau zaub mov. Ib tug siab phem software yeej ua nws "qhov rooj" qhib. Tom ntej no, nrhiav kom paub cov kev khiav hauj lwm qhov system. Oh, thiab yog hais tias koj txiav txim siab rau hack ib yam dab tsi, ces tag nrho cov ntaub ntawv kaw, nws yog ntshaw kom ua kom puas ua ntej koj nrhiav tau peb valiant tub ceev xwm. Qhov no cov ntaub ntawv yuav tsum txaus mus nqa tawm ib tug yooj yim hack. Dhau li ntawm tus Internet muaj ntau qhov chaw, uas luam tawm cov lus qhia txog tshiab vulnerabilities. Thiab muab hais tias muaj ntau yam ntawm cov servers tsis hloov lawv cov kev nyab xeeb vim yog lub negligence los yog unqualified cov thawj coj, ces muaj ntau yam ntawm lawv muaj peev xwm yuav tawg thiab cov "laus" teeb meem. Koj yuav nrhiav tau lawv nrog kev pab los ntawm kev kawm tshwj xeeb. Tiam sis yog tias txhua yam yog kaw thiab tsis muaj ib tug muaj Access (uas yog tsis zoo li), ces tos rau lub xov xwm ntawm tshiab kev ruaj ntseg qhov. Ntawm no yog yuav ua li cas mus ua txhaum mus rau hauv lub servers muaj tseeb cov tub txawg. Nws yog tseeb hais tias qhov no yog tsis cov ntaub ntawv rau ib feeb, thiab yog ua tom qab cov sij hawm, hnub thiab lub lis piam zog ua hauj lwm.
kev ruaj ntseg kev soj ntsuam
Yuav luag txhua txhua hnub, kev ruaj ntseg cov kws txawj kuj tshem tawm ntau yam shortcomings. lawv feem ntau yog paub zoo heev yuav ua li cas rau hack lub servers, thiab ua txhua yam kom tsis txhob muaj qhov no yog tsis tau. Yog li ntawd, cov yuav xaiv, thaum muaj es ntev mus nrhiav tau ib tug muaj zog qhov chaw. Txawm li ntawd, yog tsis muaj universal database ntawm tag nrho cov shortcomings, yog li ntawd yog koj xav kom paub tias cov teeb meem uas koj xav tau rau Tshuag li on lub sij hawm, ua siab ntev thiab ib tug ntau ntawm cov kev pab cuam. Tom qab tag nrho, kom paub tias cov slack thiab coj kom zoo dua ntawm nws nyob rau hauv feem ntau yog yooj yim npaum li mus patch lawv.
Yuav ua li cas puas muaj tus tiag tiag tawg ntawm tej thaj chaw deb neeg rau zaub mov?
Muaj ntau cov teeb meem tshwm sim vim hais tias ntawm CGI-scripts. Nws yog tsis xav tsis thoob hais tias lawv yog cov tseem ceeb. Qhov no yog vim lub versatility ntawm programming lus nyob rau hauv uas lawv sau. Raws li ib tug tshwm sim, lub zog nyob rau hauv tsab ntawv cov ntaub ntawv uas tsis yog soj ntsuam, thiab tam sim ntawd xa mus rau tej zaum vulnerabilities. Lub weakest lus los ntawm ib tug ruaj ntseg standpoint - yog Perl. Lwm tus, xws li PHP thiab ASP, dhau lawm, muaj hnav qhov chaw, tab sis lawv yog tsawg dua. Kuj muaj kev tiv thaiv xam tau tias yog Java, tab sis nws twb tsis xav siv los tau vim ntawm lub qeeb ua. Tab sis qhov teeb meem biggest - nws yog tus tib neeg tau. Muaj ntau programmers yog nws tus kheej-qhia tsis txawm xav hais tias txog kev ruaj ntseg. Yog li ntawd nyob rau hauv cov ntaub ntawv no, nws yuav pab tau ob peb zoo CGI scanner.
Qhov twg yuav nrhiav tau tus tsim nyog cov ntaub ntawv?
Yog li ntawd peb ntsia yuav ua li cas rau hack mus rau hauv servers. Thiab yuav ua li cas nrhiav tau dab tsi peb yuav tsum tau, thiab qhov twg? Nws tag nrho cov nyob rau hauv dab tsi koj yuav tsum mus nrhiav. Piv txwv li, yog tias ib cov ntaub ntawv nyob rau hauv lub neeg rau zaub mov, uas yog ib tug tshaj plaws. Yog hais tias koj xav kom hloov mus rau lub database - yog lwm heev. Tau cov ntaub ntawv, koj ua tau, thaum koj yuav tau download tau nws los neeg rau zaub mov. Rau xws li tus neeg mob yuav txoj kev lub 21 th chaw nres nkoj. Hloov cov database yuav tsum tau yuav tsum tau ntxiv mus saib nws los yog sau ntawv nws edits.
QAUV ntes nyob rau hauv general
Yuav ua li cas puas tau tus tiag tiag hacking tshwm sim los ntawm ib tug mus rau Z? Cia saib tus txheej txheem no los ntawm cov piv txwv ntawm kev nkag tau mus rau lub neeg rau zaub mov Contra Strike ua si. Qhov no xaiv tau tau vim hais tias ntawm lub chaw ntawm no kev lom zem. Yuav ua li cas rau hack ib tug neeg rau zaub mov admin, vim hais tias lawv sawv cev rau lub feem ntau txaus siab? Muaj ob lub ntsiab txoj kev - yooj yim xaiv ntawm passwords thiab ntau sophisticated. Ib tug xws li nce complex thiab npaum txoj kev uas yog backdoor. Lawv koom nrog nkag mus rau hauv lub console ntawm qhib ports tsis pub dhau rau ib thaj tsam ntawm 27000-37000 thiab editing ib cov ntaub ntawv uas qhia leej twg yog tus neeg khiav dej num. Muaj lwm txoj kev yuav ua li cas rau hack neeg rau zaub mov "CS", tab sis nco ntsoov hais tias cov kev ua txhaum kevcai!