Rebirth of the big era of online games
Chapter 82 Remote Image Overflow Attacks
Chapter 82 Remote Image Overflow Attacks
(There are monthly tickets reserved for voting after 12 o’clock tonight, and the rewards are the same. It seems that there will be a doubling event in the three days from 29th to 31st? There are also monthly tickets for "Net Gold", can you vote for the new book? I haven't mixed at the starting point for a long time, and now there are too many routines, which are a bit messy)
Fang Jie is in China, while Robert is in Citi.
If you want to engage with each other, you can only use network technology.
To put it bluntly, hacking is required.
Fang Jie is not a hacker.
Well, he never admitted it himself anyway.
He only "slightly" understands a little bit of technology, and with the advantages of rebirth, he knows how fragile the Microsoft system in this era is, and the loopholes in it can be described as riddled with holes.
But even if he knows some technology, Robert is not a vegetarian. He is a serious software engineer, and the general methods are difficult to work and easy to detect.
Therefore, it is relatively difficult to engage each other.
Fortunately, the techniques that Fang Jie "slightly" understands should be "slightly" better than Robert's, so it's not impossible.
Now the question is, how can people remotely attack Robert, an old American who is far away in Citiland, through the Internet?
In what way do you engage each other?
Hack the other party's computer, make it disconnect from the network, blue screen, crash, etc.?
It doesn't make much sense, and it's too cheap.
Well……
With a flash of thought, Fang Jie felt that it was useless to think so much now, so let's talk about it first.
Organize your thoughts first.
One thing to be clear: the goal is to control the other party's computer, or master the other party's various network accounts and passwords, and then depending on the situation, see how to get him out of breath.
The means of implementation is to plant Trojan horse programs on the computer system of the other party by any means.
For example, directly send a Trojan program to the other party through email or MSN, and then trick the other party to open the Trojan horse program.
However, this method is too low and impossible to achieve. Robert is a software engineer, so he must have a sense of security, and it is impossible to be fooled.
After thinking for a while, Fang Jie came up with a solution.
At this moment, not only the operating system, but also the software has various loopholes.
He knew that MSN had a big vulnerability, named Windows MAN Messenger remote PNG image overflow vulnerability, which was published in Microsoft's MS06-009 vulnerability bulletin, which belongs to the "severe" risk level vulnerability.
This vulnerability has not been officially discovered yet, let alone any patches.
The vulnerability has problems in the processing of malformed PNG files, and a remote attacker can use this vulnerability to construct malicious PNG files to trick clients into processing them, which in turn leads to buffer overflows.
The attacker can peep the contents of the victim's hard drive while the user is chatting, but the user is completely unaware.
However, the two are now MSN friends and belong to users on the software address list. As long as Robert is recruited, Fang Jie can obtain sensitive information such as credit card numbers and passwords from his hard drive.
To exploit this image overflow vulnerability, you must first create an aggressive image with overflow.
To make this picture, you must first create a Trojan horse client program, and the Trojan horse client program must be a program that can be automatically installed and executed.
Here is further related to ActiveX plug-in technical knowledge.
ActiveX is the installation method of many common IE browser plug-ins. It is common to install several ActiveX plug-ins on the computer of ordinary users.
If the Trojan program is installed in the form of an ActiveX plug-in, it will be very hidden, and it is difficult for ordinary users to find it. When people log in to some messy websites in later generations, they will often ask to install a plug-in, many of which are Trojan horses.
However, in this era, there is basically no prompt for ActiveX plug-in installation. Before the vulnerability patch is released, it is automatically downloaded and installed, so it has become the startup method adopted by many Trojans.
With the ActiveX plug-in startup method, the next step is to find Trojan programs.
Fang Jie himself "slightly" can write some Trojan programs, but it is unnecessary to waste time. There are many ready-made Trojan programs on relevant foreign forums, just download them and use them directly.
After a simple search, I randomly selected a Trojan program named "Amalgam lite".
The Trojan is a compact ActiveX Trojan with functions such as backlinks and firewall penetration, and because of its small size and concealed installation, it is very suitable for this black plan.
Open its server-side program operation, in the client settings, set the rebound connection port, the default is port 1228, in the "DNS/IP" settings, enter the domain name "666.com" as the address.
In fact, you can enter the IP of your computer room here, but Fang Jie doesn't want to expose himself too blatantly, so he uses this DNS domain name server that has never been enabled as a proxy server. If the other party tracks it, he has to pass the domain name server first. close.
From a certain point of view, he is actually looking for a meat machine. As for the more complicated meat machine, he is not unable to do it, but it is too troublesome. This is not a top hacker war, and there is no need to be too aggressive.
In "Installation file name", enter the file name of the Trojan server program, and the system process "winlogo.exe" is used by default, so it is very confusing.
Enter the name of the ActiveX plug-in installation module in "ActiveX plug-in startup module", and finally click the "Generate" button.
This generates a Trojan server-side program.
Next, upload the Trojan server program to the free website space provided by the domain name service provider 666.com, and get a download link address.
Next, Fang Jie wrote a code program to set the "outputpath" parameter to the output path for generating the overflow image, and the URL to be the network link address of the Trojan program downloaded in the background.
Hang this code into the website space to execute, and an overflow image file named "test.png" is generated. Although this image file is in image format, it cannot actually be displayed.
As long as the picture is opened on a certain computer, the Trojan backdoor program placed on the website will be automatically downloaded in the background, and automatically installed and executed.
What Fang Jie has to do next is to send this blank picture to Robert via MSN.
But doing this is too low, and it is easy to cause the other party's vigilance.
So his method is more coquettish - directly replace his MSN avatar with this picture.
then……
"Mr. Robert, can you reconsider?"
Through MSN, Fang Jie sent a message to the past.
After a while, Robert replied in the chat window: "Go to hell, chink! Please don't disturb me again!"
Fang Jie smiled slightly: "OK! I wish you a happy weekend..."
Robert's weekend was really enjoyable.
Because his entire net worth was put on the stock market, the Nasdaq hit a new high, and his income also hit a new high.
So for two days on weekends, he took his wife and children, shopping frantically, and swiping credit cards frantically.
At present, the middle class in the developed country, Citi, is basically the same as Robert. Almost all of the money is in the stock market, and they are crazy about it. Everyday consumption is credit card, and they are not worried about not having money to pay the credit card.
Then came Monday, March 3th.
Robert is mad...
(End of this chapter)
(There are monthly tickets reserved for voting after 12 o’clock tonight, and the rewards are the same. It seems that there will be a doubling event in the three days from 29th to 31st? There are also monthly tickets for "Net Gold", can you vote for the new book? I haven't mixed at the starting point for a long time, and now there are too many routines, which are a bit messy)
Fang Jie is in China, while Robert is in Citi.
If you want to engage with each other, you can only use network technology.
To put it bluntly, hacking is required.
Fang Jie is not a hacker.
Well, he never admitted it himself anyway.
He only "slightly" understands a little bit of technology, and with the advantages of rebirth, he knows how fragile the Microsoft system in this era is, and the loopholes in it can be described as riddled with holes.
But even if he knows some technology, Robert is not a vegetarian. He is a serious software engineer, and the general methods are difficult to work and easy to detect.
Therefore, it is relatively difficult to engage each other.
Fortunately, the techniques that Fang Jie "slightly" understands should be "slightly" better than Robert's, so it's not impossible.
Now the question is, how can people remotely attack Robert, an old American who is far away in Citiland, through the Internet?
In what way do you engage each other?
Hack the other party's computer, make it disconnect from the network, blue screen, crash, etc.?
It doesn't make much sense, and it's too cheap.
Well……
With a flash of thought, Fang Jie felt that it was useless to think so much now, so let's talk about it first.
Organize your thoughts first.
One thing to be clear: the goal is to control the other party's computer, or master the other party's various network accounts and passwords, and then depending on the situation, see how to get him out of breath.
The means of implementation is to plant Trojan horse programs on the computer system of the other party by any means.
For example, directly send a Trojan program to the other party through email or MSN, and then trick the other party to open the Trojan horse program.
However, this method is too low and impossible to achieve. Robert is a software engineer, so he must have a sense of security, and it is impossible to be fooled.
After thinking for a while, Fang Jie came up with a solution.
At this moment, not only the operating system, but also the software has various loopholes.
He knew that MSN had a big vulnerability, named Windows MAN Messenger remote PNG image overflow vulnerability, which was published in Microsoft's MS06-009 vulnerability bulletin, which belongs to the "severe" risk level vulnerability.
This vulnerability has not been officially discovered yet, let alone any patches.
The vulnerability has problems in the processing of malformed PNG files, and a remote attacker can use this vulnerability to construct malicious PNG files to trick clients into processing them, which in turn leads to buffer overflows.
The attacker can peep the contents of the victim's hard drive while the user is chatting, but the user is completely unaware.
However, the two are now MSN friends and belong to users on the software address list. As long as Robert is recruited, Fang Jie can obtain sensitive information such as credit card numbers and passwords from his hard drive.
To exploit this image overflow vulnerability, you must first create an aggressive image with overflow.
To make this picture, you must first create a Trojan horse client program, and the Trojan horse client program must be a program that can be automatically installed and executed.
Here is further related to ActiveX plug-in technical knowledge.
ActiveX is the installation method of many common IE browser plug-ins. It is common to install several ActiveX plug-ins on the computer of ordinary users.
If the Trojan program is installed in the form of an ActiveX plug-in, it will be very hidden, and it is difficult for ordinary users to find it. When people log in to some messy websites in later generations, they will often ask to install a plug-in, many of which are Trojan horses.
However, in this era, there is basically no prompt for ActiveX plug-in installation. Before the vulnerability patch is released, it is automatically downloaded and installed, so it has become the startup method adopted by many Trojans.
With the ActiveX plug-in startup method, the next step is to find Trojan programs.
Fang Jie himself "slightly" can write some Trojan programs, but it is unnecessary to waste time. There are many ready-made Trojan programs on relevant foreign forums, just download them and use them directly.
After a simple search, I randomly selected a Trojan program named "Amalgam lite".
The Trojan is a compact ActiveX Trojan with functions such as backlinks and firewall penetration, and because of its small size and concealed installation, it is very suitable for this black plan.
Open its server-side program operation, in the client settings, set the rebound connection port, the default is port 1228, in the "DNS/IP" settings, enter the domain name "666.com" as the address.
In fact, you can enter the IP of your computer room here, but Fang Jie doesn't want to expose himself too blatantly, so he uses this DNS domain name server that has never been enabled as a proxy server. If the other party tracks it, he has to pass the domain name server first. close.
From a certain point of view, he is actually looking for a meat machine. As for the more complicated meat machine, he is not unable to do it, but it is too troublesome. This is not a top hacker war, and there is no need to be too aggressive.
In "Installation file name", enter the file name of the Trojan server program, and the system process "winlogo.exe" is used by default, so it is very confusing.
Enter the name of the ActiveX plug-in installation module in "ActiveX plug-in startup module", and finally click the "Generate" button.
This generates a Trojan server-side program.
Next, upload the Trojan server program to the free website space provided by the domain name service provider 666.com, and get a download link address.
Next, Fang Jie wrote a code program to set the "outputpath" parameter to the output path for generating the overflow image, and the URL to be the network link address of the Trojan program downloaded in the background.
Hang this code into the website space to execute, and an overflow image file named "test.png" is generated. Although this image file is in image format, it cannot actually be displayed.
As long as the picture is opened on a certain computer, the Trojan backdoor program placed on the website will be automatically downloaded in the background, and automatically installed and executed.
What Fang Jie has to do next is to send this blank picture to Robert via MSN.
But doing this is too low, and it is easy to cause the other party's vigilance.
So his method is more coquettish - directly replace his MSN avatar with this picture.
then……
"Mr. Robert, can you reconsider?"
Through MSN, Fang Jie sent a message to the past.
After a while, Robert replied in the chat window: "Go to hell, chink! Please don't disturb me again!"
Fang Jie smiled slightly: "OK! I wish you a happy weekend..."
Robert's weekend was really enjoyable.
Because his entire net worth was put on the stock market, the Nasdaq hit a new high, and his income also hit a new high.
So for two days on weekends, he took his wife and children, shopping frantically, and swiping credit cards frantically.
At present, the middle class in the developed country, Citi, is basically the same as Robert. Almost all of the money is in the stock market, and they are crazy about it. Everyday consumption is credit card, and they are not worried about not having money to pay the credit card.
Then came Monday, March 3th.
Robert is mad...
(End of this chapter)
Tap the screen to use advanced tools
Tip: You can use left and right keyboard keys to browse between chapters.
You'll Also Like
-
Comprehensive comics: Starting with the tragic miko Kikyo
Chapter 125 2 hours ago -
Comprehensive comic: I create a dungeon and harvest all realms
Chapter 132 2 hours ago -
Comprehensive comics: I have a golden finger every month
Chapter 114 2 hours ago -
Konoha Collector, get the Uzumaki Immortal body at the beginning
Chapter 113 2 hours ago -
Martial Arts Sword Immortal Comes to Earth
Chapter 194 2 hours ago -
The salty fish god of the life you yearn for
Chapter 195 2 hours ago -
Pokémon Super Player
Chapter 196 2 hours ago -
Hong Kong Films: Starting from the Legend of Lei Luo
Chapter 185 2 hours ago -
Shenhao: Start with the delivery boy
Chapter 193 2 hours ago -
Academic tyrant: I have become a prodigy since I was able to pursue my academic career with peace of
Chapter 185 2 hours ago
