Now many customers are based test as an excuse to come after the test machine or machines used to scan the meat, or used for DDOS attacks, or do such as ARP attack linked to horse and some network applications, with room to stability to great effect, it is generally regular IDC service providers are not allowed to test. Because the test machines are generally only a short time of testing, so a lot of people tend to cook after the test to get the back door at the top, continue to use easy after this.
There are many ways to do backdoors. There are so many hacking softwares. The sethcexe intrusion is very simple. Use the COPY command to copy cmd.exe to sethc.exe, so that the login interface is pressed five times and left SHIFT. Can call out our cute CMD command window SHELL (system privileges)! ---------------------- copy cmd.exe sethc.exe, after the final restart ... Now we enter the login interface according to the five consecutive appearance at left SHIFT .. had a cmd command window, it is the shell (the system privileges) .... use the DOS command: net user administrator 123456 you can put into the administrator password: 123456 123456 under the test .. you can use landed .. For example, you can also use CMD to replace logon.scr and wait for the screen saver to get CMDSHELL. Knowing the principle, it is also very simple to handle. Here are two methods: The first is to directly delete the sethc.exe file in C:\\WINDOWS\\system32 and C:\\WINDOWS\\system32\\dllcache. (Note: The dllcache directory is hidden and should be in the folder option. Select "Show all files and folders"cancel the option to hide the system-protected operating system files" to see it.
2. Permissions to constrain the two files C:\\WINDOWS\\system32 and C:\\WINDOWS\\system32\\dllcache in the two directories of the sethc.exe file, (note: the dllcache directory is hidden, in the text In the folder option, select "Show all files and folders"cancel the option to hide the system-protected operating system files" to see it.) Set to Permissions for all users (Everyone) to disable running.
The above pictures will not be explained in detail. Everyone should know. Deletion is worse than direct prohibition. This will prevent it from being installed and covered again.
There are already a lot of homes with more than two desktops, and the old machines that have been re
Sometimes the following error occurs when opening the home page, ie http://localho
Building cloud-based data and application servers typically requires creating a remote connection to
prohibit IIS cache static files (png, js, html, etc.) Background: IIS to improve performance, by def
RAID is mature. Disk Redundancy Array Technology Resolution
How large is the server 1U size?
Three ways to resolve IIS 6 directory check security vulnerabilities
Linux server application: About Apache configuration and logging
Identify whether it is fifteen ways of cloud computing
How to manage your backup server?
Configuring Internet access for DNS in Windows Server 2003
Teach you to use a free DNS server abroad
CA (Certificate Authority) Server Configuration Diagram Process
How to delete the options in the Win7 system right-click menu?
Teach you to use old hardware drivers to help Windows XP
How to detect unsigned driver in Win10 system
How to uninstall software in Windows 10 system in the start menu
Win8 system administrator access folder access denied solution
Windows10 system click shutdown to become an automatic restart how to solve
What should I do if the Win10 system lol security component fails to load?
Win10 official version of my computer where? How to display this computer on the desktop?
Win8 install 360 after the right-click menu extra options how to delete