What are the 17 basic hacking techniques?

Hacking techniques , to put it simply, are the discovery of flaws and vulnerabilities in computer systems and networks, as well as techniques for exploiting these flaws. The defects mentioned here include software defects , hardware defects, network protocol defects, management defects and human error.

As the saying goes, as the Romans do, since they enter the hacker’s door, they must understand the hacker’s jargon. The editor below will introduce hacker-specific terminology.

Hacking techniques , to put it simply, are the discovery of flaws and vulnerabilities in computer systems and networks, as well as techniques for exploiting these flaws. The defects mentioned here include software defects , hardware defects, network protocol defects, management defects and human error.

As the saying goes, as the Romans do, since they enter the hacker’s door, they must understand the hacker’s jargon. The editor below will introduce hacker-specific terminology.
1. Broiler: The so-called “broiler chicken” is a very figurative metaphor. It is a metaphor for computers that can be controlled by us. The other party can be a WINDOWS system or a UNIX/LINUX system. It can be an ordinary personal computer or a large one. Servers, we can operate them like our own computers, without being noticed by the other party.
2. Trojans: These are programs that are pretending to be normal, but when these programs are run, they get the full control of the system. Many hackers are keen to use Trojans to control other people’s computers, such as gray pigeons, black holes, PcShare and so on.
3. Web Trojan: Apparently disguised as a normal web file or insert your own code directly into a normal web file. When someone visits, the web Trojan will automatically use the vulnerability of the other system or browser to configure the Trojan. The server is downloaded to the visitor’s computer for automatic execution.
4. Hanging horses: Just put a webpage trojan in someone else’s website file or sneak into the normal webpage file of the other party to make the viewers.
5. Backdoor: This is an image metaphor. After an intruder successfully controls a target host using some methods, it can embed a specific program in the other system or modify some settings. These changes are ugly on the surface, but the intruder can use the appropriate program or method to easily connect to the computer and re-control the computer as if the intruder secretly matched it. The key to the owner’s room can be accessed at any time without being discovered by the owner.
Usually most Trojan Horse programs can be used by intruders to make Backdoors.
6. Rootkit: The rootkit is a tool used by attackers to hide their own whereabouts and to retain root (root privileges, which can be understood as system or administrator privileges under WINDOWS). Usually, an attacker obtains root access rights through remote attack, or first obtains normal access rights to the system by using password guessing (cracking), and then enters the system, and then passes through the security vulnerability system in the other system. Root privileges. Then, the attacker will install the rootkit on the other’s system to achieve the purpose of controlling the other party for a long time. The rootkit is similar to the Trojan and the back door we mentioned earlier, but it is far more hidden than them. The hacker guard is very typical. Rootkits, as well as domestic ntroorkits, are good rootkit tools.
7. IPC$: is a resource that shares the “named pipe”. It is a named pipe that is open for inter-process communication. It can be used to authenticate the user name and password to obtain the corresponding permissions, and to use it when managing the computer remotely and viewing the shared resources of the computer.
8. Weak passwords: those that are not strong enough to be easily guessed, such as passwords (passwords) like 123, abc
9. Default sharing: The default share is that the WINDOWS2000/XP/2003 system automatically opens the sharing of all hard disks when the shared service is enabled. Because the “$” symbol is added, the shared handhold chart is not visible, also called hidden sharing.
10. Shell: refers to a command execution environment. For example, when we press the “Start Key + R” on the keyboard, the “Run” dialog box appears. Entering “cmd” in it will display a black window for executing commands. It is the shell execution environment of WINDOWS. Usually the environment we use to execute the system command after successfully overflowing the remote computer using the remote overflow program is the other party’s shell.
11. WebShell: WebShell is a command execution environment in the form of web files such as asp, php, jsp or cgi. It can also be called a web page backdoor. After hacking a website, hackers usually mix these asp or php backdoor files with normal web files in the web server’s WEB directory, and then use the browser to access these asp or php backdoors to get a command execution environment. In order to achieve the purpose of controlling the website server. You can upload and download files, view databases, execute arbitrary program commands, and more. The commonly used WebShell in China has Haiyang ASP Trojan, Phpspy, c99shell, etc.
12. Overflow: To be exact, it should be a “buffer overflow.” The simple explanation is that the program does not perform valid detection on the accepted input data and causes an error. The result may be a program crash or an attacker’s command. Can be roughly divided into two categories: (1) heap overflow; (2) stack overflow.
13. Injection: With the development of B/S mode application development, more and more programmers use this mode to write programs, but because of the level of programmers, a considerable part of the application has security risks. Users can submit a database query code, according to the results returned by the program, get some of the data he wants to know, this is the so-called SQLinjection, namely: SQL injection.
14. Injection point: It is the place where injection can be performed, usually a connection to the database. Depending on the permissions of the running account of the injection point database, the permissions you get are different.
15. Intranet: The popular saying is that the local area network, such as Internet cafes, campus networks, company intranets, etc. belong to this category. If the IP address is within the following three ranges, it means that we are in the intranet: 10.0.0.0—10.255.255.255, 172.16.0.0—172.31.255.255, 192.168.0.0—192.168.255.255
16. External network: directly connected to the Internet (Internet), can access each other with any computer on the Internet, IP address is not reserved IP (intranet) IP address.
17. Port: (Port) is equivalent to a data transmission channel. It is used to accept certain data and then transfer it to the corresponding service, and the computer processes the data and  The so-called “broiler chicken” is a very figurative metaphor. It is a metaphor for computers that can be controlled by us. The other party can be a WINDOWS system or a UNIX/LINUX system. It can be an ordinary personal computer or a large one. Servers, we can operate them like our own computers, without being noticed by the other party.