::玩☆Pubwin☆的人::

PUBWIN这个管理软件在网吧使用非常普及，它的使用、管理上非常方便，在国内网吧管理软件是首屈一指的。
　　今天我就讨论一下：PUBWIN的安全性。（测试的的环境是安全性比较低的系统）

一、破解篇：

　　1、客户端的破解：

　　目前比较流行的PUBWIN的客户端的破解方式有3种

　　（1） 通过智能ABC输入法漏洞和软件冲突等错误破解

　　我们从001.jpg这张图片可以看到PUBWIN的客户端只要有2个进程RECLOCK.EXE和PUBWIN.EXE..

　　rerock.exe主要的作用就是每隔1-2分钟自动检测PUBWIN进程是否运行，如果没有则自动扫描PUBWIN的默认路径重启PUBWIN... （见图片1）

图1

　下面我们就来修改一下PUBWIN的默认的路径：PUBWIN客户端一般默认装在C:\Program files\Hintsoft\Pubclt\下

　　一般网吧的C盘是隐藏和禁止访问的。。。不过我们可以通过组策略来解除这个限制 运行gpedit.msc

　　依然打开“用户配置”---“管理模板”-----“WINDOWS组件”----“WINDOWS资源管理器”-----“隐藏我的电脑中这里指定的驱动器”---将其设置成“不启用”；“防止从我的电脑中访问驱动器” 将其设置成“不启用”；

　　然后我们就修改PUBWIN客户端的路径，即C:\Program files\Hintsoft\Pubclt\将其任一文件夹改名即可。。

　　如果PUBWIN客户端不是........继续 and more ......

各种型号的路由器初始默认密码④
来 源：20NT网络安全组网络收集



以前收集的默认密码，几乎市面上有的这里都有了，密码都在这里，嘿嘿~
觉得好就顶~！
Osicom NETPrint 500 E/B Telnet sysadm sysadm Admin
Osicom NETPrint 500 E/N Telnet sysadm sysadm Admin
Osicom NETPrint 500 T/B Telnet sysadm sysadm Admin
Osicom NETPrint 500 T/N Telnet sysadm sysadm Admin
Osicom Osicom Plus T1/PLUS 56k Telnet write private
Osicom JETXPrint 1000E/B Telnet sysadm sysadm Admin
Osicom JETXPrint 1000E/N Telnet sysadm sysadm Admin
Osicom JETXPrint 1000T/N Telnet sysadm sysadm Admin
Osicom NETCommuter Remote Access Server Telnet debug d.e.b.u.g User
Osicom NETCommuter Remote Access Server Telnet echo echo User
Osicom NETCommuter Remote Access Server Telnet guest guest User
Osicom NETCommuter Remote Access Server Telnet Manager Manager Admin
Osicom NETCommuter Remote Access Server Telnet sysadm sysadm Admin
Osicom NETPrint 1500 E/B Telnet debug d.e.b.u.g User
Osicom NETPrint 1000E/D Telnet debug d.e.b.u.g User
Osicom NETPrint 1000E/NDS Telnet debug d.e.b.u.g User
Osicom NETPrint 1500E/N Telnet debug d.e.b.u.g User
Osicom NETPrint 2000E/N Telnet debug d.e.b.u.g User
Osicom NETPrint 1500 E/B Telnet echo echo User
Osicom NETPrint 1000E/D Telnet echo echo User
Osicom NETPrint 1000E/NDS Telnet echo echo User
Osicom NETPrint 1500E/N Telnet echo echo User
Osicom NETPrint 2000E/N Telnet echo echo User
Osicom NETPrint 1500 E/B Telnet guest guest User
Osicom NETPrint 1000E/D Telnet guest guest User
Osicom NETPrint 1000E/NDS Telnet guest guest User
Osicom NETPrint 1500E/N Telnet guest guest User
Osicom NETPrint 2000E/N Telnet guest guest User
Osicom NETPrint 1500 E/B Telnet Manager Manager Admin
Pacific Micro Data MAST 9500 Universal Disk Array ESM ver. 2.11 / 1 Console pmd (none) Admin
Packard Bell PC BIOS Console n/a bell9 Admin
PentaSafe VigilEnt Security Manager 3.0 VigilEnt Security Manager Console PSEAdmin $secure$ Admin
phoenix 4.0 6.0.2 Multi n/a admin Admin
Planet WAP-1900/1950/2000 2.5.0 Multi (none) default Admin
Prime PrimeOS Multi test test User
Prime PrimeOS Multi netlink netlink User
Prime PrimeOS Multi mfd mfd User
Prime PrimeOS Multi guest guest User
Prime PrimeOS Multi mail mail User
Prime PrimeOS Multi guest1 guest User
Prime PrimeOS Multi guest1 guest1 User
Prime PrimeOS Multi system prime Admin
Prime PrimeOS Multi system system Admin
Prime PrimeOS Multi tele tele User
Prime PrimeOS Multi prime prime User
Prime PrimeOS Multi primenet primenet User
Prime PrimeOS Multi primenet primeos User
Prime PrimeOS Multi primos_cs primos User
Prime PrimeOS Multi primos_cs prime User
Pyramid Computer BenHur all HTTP admin gnumpf Admin
QDI SpeedEasy BIOS Console n/a lesarotl Admin
QDI PC BIOS Console n/a QDI Admin
Quantex PC BIOS Console n/a teX1 Admin
Quantex PC BIOS Console n/a xljlbj Admin
Raidzone raid arrays n/a raidzone
Ramp Networks WebRamp wradmin trancell
RedHat Redhat 6.2 HTTP piranha q User
RedHat Redhat 6.2 HTTP piranha piranha User
Research PC BIOS Console n/a Col2ogro2 Admin
RM RM Connect Multi setup changeme
RM RM Connect Multi teacher password
RM RM Connect Multi temp1 password
RM RM Connect Multi admin rmnetlm
RM RM Connect Multi admin2 changeme
RM RM Connect Multi adminstrator changeme
RM RM Connect Multi deskalt password
RM RM Connect Multi deskman changeme
RM RM Connect Multi desknorm password
RM RM Connect Multi deskres password
RM RM Connect Multi guest (none)
RM RM Connect Multi replicator replicator
RM RM Connect Multi RMUser1 password
RM RM Connect Multi topicalt password
RM RM Connect Multi topicnorm password
RM RM Connect Multi topicres password
RM Server BIOS Console n/a RM
SAP SAP SAP client EARLYWATCH SUPPORT SAP internal; Mandant 066
SAP SAP SAP client SAP* 07061992 SAP internal; Mandant 066
SAP SAP SAP client SAP* PASS SAP internal; all Mandants
SAP SAP SAP client SAP* 07061992 SAP internal; Mandant 000
SAP SAP SAP client DDIC 19920706 SAP internal; Mandant 000
SA

各种型号的路由器初始默认密码
来 源：20NT网络安全组网络收集



以前收集的默认密码，几乎市面上有的这里都有了，密码都在这里，嘿嘿~
觉得好就顶~！
Novell Netware Multi POST POST
Novell Netware Multi PRINT (none)
Novell Netware Multi PRINT PRINT
Novell Netware Multi PRINTER (none)
Novell Netware Multi PRINTER PRINTER
Novell Netware Multi ROOT (none)
Novell Netware Multi ROOT ROOT
Novell Netware Multi ROUTER (none)
Novell Netware Multi SABRE (none)
Novell Netware Multi SUPERVISOR NETFRAME
Novell Netware Multi SUPERVISOR NFI
Novell Netware Multi SUPERVISOR NF
Novell Netware Multi SUPERVISOR HARRIS
Novell Netware Multi SUPERVISOR SUPERVISOR
Novell Netware Multi SUPERVISOR (none)
Novell Netware Multi SUPERVISOR SYSTEM
Novell Netware Multi TEST TEST
Novell Netware Multi TEST (none)
Novell Netware Multi USER_TEMPLATE (none)
Novell Netware Multi USER_TEMPLATE USER_TEMPLATE
Novell Netware Multi WANGTEK (none)
Novell Netware Multi WANGTEK WANGTEK
Novell Netware Multi WINDOWS_PASSTHRU WINDOWS_PASSTHRU
Novell Netware Multi WINDOWS_PASSTHRU (none)
Novell Netware Multi WINSABRE SABRE
Novell Netware Multi WINSABRE WINSABRE
Novell Groupwise 5.5 Enhancement Pack HTTP servlet manager Servlet Mgr URI: /servlet/ServletManager
Novell Groupwise 6.0 HTTP servlet manager Servlet Mgr URI: /servlet/ServletManager
Novell Netware Multi ADMIN ADMIN
Novell Netware Multi ADMIN (none)
Novell Netware Multi ARCHIVIST (none)
Novell Netware Multi ARCHIVIST ARCHIVIST
Novell Netware Multi BACKUP (none)
Nurit PC BIOS Console $system (none) Admin
OCE Printers Hardware HTTP n/a 0 and the number of OCE printer Admin You can gain acsess to every OCE printer..
OCE Printers Hardware HTTP n/a 0 and the number of OCE printer Admin You can gain acsess to every OCE printer..
Optus Counter-Strike 1.3 Multi Administrator admin Admin password
Oracle Oracle RDBMS 8i Multi AQDEMO AQDEMO
Oracle Oracle RDBMS 7 and 8 Multi APPS APPS
oracle 8.1.7 Multi n/a (none) Admin
Oracle Oracle RDBMS 7 and 8 Multi AURORA@ORB@UNAUTHENTICATED INVALID
Oracle Oracle RDBMS 7 and 8 Multi AURORA$ORB$UNAUTHENTICATED INVALID
Oracle Web DB HTTP webdb webdb Admin Running on port 81/TCP (Nicolas Gregoire)
Oracle Oracle RDBMS 7 and 8 Multi BLAKE PAPER
Oracle Oracle RDBMS 8i Multi CATALOG CATALOG
Oracle Oracle RDBMS 8i Multi CDEMO82 CDEMO82
Oracle Oracle RDBMS 8i Multi CDEMOCOR CDEMOCOR
Oracle Oracle RDBMS 8i Multi CDEMOUCB CDEMOUCB
Oracle Oracle RDBMS 8i Multi CDEMORID CDEMORID
Oracle Oracle RDBMS 8i Multi FINANCE FINANCE All Privileges
Oracle Oracle RDBMS 7 and 8 Multi CLARK CLOTH
Oracle Oracle RDBMS 8i Multi COMPANY COMPANY All Privileges
Oracle Oracle RDBMS 7 and 8 Multi CTXDEMO CTXDEMO
Oracle Oracle RDBMS 7 and 8 Multi CTXSYS CTXSYS DBA
Oracle Oracle RDBMS 8i Multi SYSMAN oem_temp DBA created by Oracle Enterprise Manager
Oracle Oracle RDBMS 7 and 8 Multi CTXSYS (none)
Oracle Oracle RDBMS 7 and 8 Multi DBSNMP DBSNMP RESOURCE and CONNECT roles
Oracle Oracle RDBMS 7 and 8 Multi DEMO DEMO
Oracle Oracle RDBMS 8i Multi DEMO8 DEMO8
Oracle Oracle RDBMS 8i Multi EMP EMP
Oracle Oracle RDBMS 8i Multi EVENT EVENT DBA
Oracle Oracle RDBMS 8i Multi FND FND
Oracle Oracle RDBMS 8i Multi GPFD GPFD
Oracle Oracle RDBMS 8i Multi GPLD GPLD
Oracle Oracle RDBMS 7 and 8 Multi JONES STEEL
Oracle Oracle RDBMS 7 and 8 Multi MDSYS MDSYS All Privileges with Admin
Oracle Oracle RDBMS 8i Multi MFG MFG All Privileges
Oracle Oracle RDBMS 8i Multi MILLER MILLER
Oracle Oracle RDBMS 8i Multi MMO2 MMO2
Oracle Oracle RDBMS 8i Linux Multi MODTEST YES DBA
Oracle Oracle RDBMS 8i Multi MOREAU MOREAU
Oracle Oracle RDBMS 8i WinNT Multi MTYSYS MTYSYS
Oracle Oracle RDBMS 7 and 8 Multi NAMES NAMES
Oracle Oracle RDBMS 8i Multi OCITEST OCITEST
Oracle Oracle RDBMS 7 and 8 Multi ORDPLUGINS ORDPLUGINS
Oracle Oracle RDBMS 7 and 8 Multi ORDSYS ORDSYS
Oracle Oracle RDBMS 7 and 8 Multi OUTLN OUTLN
Oracle Oracle RDBMS 8i Multi PO PO DBA
Oracle Oracle RDBMS 8i Multi POWERCARTUSER POWERCARTUSER
Oracl

各种型号的路由器初始默认密码
来 源：20NT网络安全组网络收集



以前收集的默认密码，几乎市面上有的这里都有了，密码都在这里，嘿嘿~
觉得好就顶~！
Hewlett-Packard HP 2000/3000 MPE/xx Multi RSBCMON SYS
Hewlett-Packard HP 2000/3000 MPE/xx Multi SPOOLMAN HPOFFICE
Hewlett-Packard HP 2000/3000 MPE/xx Multi WP HPOFFICE
Hewlett-Packard Vectra Console n/a hewlpack Admin
Hewlett-Packard HP 2000/3000 MPE/xx Multi ADVMAIL HPOFFICE DATA
Hewlett-Packard HP 2000/3000 MPE/xx Multi ADVMAIL HP
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD SUPPORT
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD MGR
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD SERVICE
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD MANAGER
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD HPP187 SYS
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD LOTUS
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD HPWORD PUB
Hewlett-Packard HP 2000/3000 MPE/xx Multi FIELD HPONLY
Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO MANAGER.SYS
Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO MGR.SYS
Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO FIELD.SUPPORT
Hewlett-Packard HP 2000/3000 MPE/xx Multi HELLO OP.OPERATOR
Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL MAIL
Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL REMOTE
Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL TELESUP
Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL HPOFFICE
Hewlett-Packard HP 2000/3000 MPE/xx Multi MAIL MPE
Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER TCH
Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER SYS
Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER SECURITY
Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER ITF3000
Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER HPOFFICE
Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER COGNOS
Hewlett-Packard HP 2000/3000 MPE/xx Multi MANAGER TELESUP
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGE VESOFT
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGE VESOFT
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR SYS
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR CAROLIAN
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR VESOFT
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR XLSERVER
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR SECURITY
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR TELESUP
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPDESK
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR CCC
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR CNAS
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR WORD
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR COGNOS
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR ROBELLE
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPOFFICE
Hewlett-Packard HP 2000/3000 MPE/xx Multi MGR HPONLY
hp sa7200 Multi admin admin Admin
hp sa7200 Multi admin (none) Admin
IBM VM/CMS Multi DEMO2 (none)
IBM VM/CMS Multi DEMO3 (none)
IBM VM/CMS Multi DEMO4 (none)
IBM VM/CMS Multi DIRECT (none)
IBM VM/CMS Multi DIRMAINT (none)
IBM VM/CMS Multi DISKCNT (none)
IBM VM/CMS Multi EREP (none)
IBM VM/CMS Multi FSFADMIN (none)
IBM VM/CMS Multi FSFTASK1 (none)
IBM VM/CMS Multi FSFTASK2 (none)
IBM VM/CMS Multi GCS (none)
IBM VM/CMS Multi IDMS (none)
IBM VM/CMS Multi IDMSSE (none)
IBM VM/CMS Multi IIPS (none)
IBM VM/CMS Multi IPFSERV (none)
IBM VM/CMS Multi ISPVM (none)
IBM VM/CMS Multi IVPM1 (none)
IBM VM/CMS Multi IVPM2 (none)
IBM VM/CMS Multi MAINT (none)
IBM VM/CMS Multi MOESERV (none)
IBM VM/CMS Multi NEVIEW (none)
IBM VM/CMS Multi OLTSEP (none)
IBM VM/CMS Multi OP1 (none)
IBM VM/CMS Multi OPERATNS (none)
IBM VM/CMS Multi OPERATOR (none)
IBM VM/CMS Multi PDMREMI (none)
IBM VM/CMS Multi PENG (none)
IBM VM/CMS Multi PROCAL (none)
IBM VM/CMS Multi PRODBM (none)
IBM VM/CMS Multi PROMAIL (none)
IBM VM/CMS Multi PSFMAINT (none)
IBM VM/CMS Multi PVM (none)
IBM VM/CMS Multi RDM470 (none)
IBM VM/CMS Multi ROUTER (none)
IBM VM/CMS Multi RSCS (none)
IBM VM/CMS Multi RSCSV2 (none)
IBM VM/CMS Multi SAVSYS (none)
IBM VM/CMS Multi SFCMI (none)
I

各种型号的路由器初始默认密码
来 源：20NT网络安全组网络收集

以前收集的默认密码，几乎市面上有的这里都有了，密码都在这里，嘿嘿~
觉得好就顶~！
Manufacturer Product Revision Protocol User ID Password Access Level Comment
3COM CellPlex 7000 Telnet tech tech
3COM CoreBuilder 7000/6000/3500/2500 Telnet debug synnet
3COM CoreBuilder 7000/6000/3500/2500 Telnet tech tech
3COM HiPerARC v4.1.x Telnet adm (none)
3COM LANplex 2500 Telnet debug synnet
3COM LANplex 2500 Telnet tech tech
3COM LinkSwitch 2000/2700 Telnet tech tech
3COM NetBuilder SNMP ANYCOM snmp-read
3COM NetBuilder SNMP ILMI snmp-read
3COM Office Connect ISDN Routers 5x0 Telnet n/a PASSWORD Admin
3COM SuperStack II Switch 2200 Telnet debug synnet
3COM SuperStack II Switch 2700 Telnet tech tech
3COM Telnet adm (none)
3COM Telnet admin synnet
3COM Telnet manager manager
3COM Telnet monitor monitor
3COM Telnet read synnet
3COM Telnet security security
3COM Telnet write synnet
3COM AirConnect Access Point 01.50-01 Multi n/a (none) Admin
3com OfficeConnect 812 ADSL Multi adminttd adminttd Admin
3com router Multi n/a (none) Admin
3com hub Multi n/a (none) Admin
3com Wireless AP ANY Multi admin comcomcom Admin Works on all 3com wireless APs
3COM LinkBuilder Telnet n/a (none) Admin
3COM CellPlex 7000 Telnet tech tech User
3com cellplex 7000 Telnet admin admin Admin
3com super stack II Console n/a (none) Admin
Accelerated Networks DSL CPE and DSLAM Telnet sysadm anicust
ADC Kentrox Pacesetter Router Telnet n/a secret
Adtran MX2800 Telnet n/a adtran
Advanced Integration PC BIOS Console n/a Advance Admin
Alcatel PBX 4400 Port 2533 kermit kermit unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 dhs3mt dhs3mt unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 at4400 at4400 unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 mtch mtch unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 mtcl mtcl unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 root letacla unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 dhs3pms dhs3pms unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 adfexc adfexc unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 client client unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 install llatsni unknown thanks to Nicolas Gregoire
Alcatel PBX 4400 Port 2533 halt tlah unknown thanks to Nicolas Gregoire
Allied Telesyn Multi manager friend Admin
allied CJ8MO E-U Telnet (none) (none) Admin
Allied Telesyn Multi secoff secoff Admin
Allied Telesyn Switch AT-8124XL 1.0.3 Multi admin (none) Admin By Nicolas Gregoire
Alteon ACEDirector3 console admin (none)
Alteon ACEswitch 180e HTTP admin admin Admin
Alteon ACEswitch 180e Telnet admin (none)
AMI PC BIOS Console n/a amipswd Admin
AMI PC BIOS Console n/a AMISETUP Admin
AMI PC BIOS Console n/a BIOSPASS Admin
AMI PC BIOS Console n/a HEWITT RAND Admin
AMI PC BIOS Console n/a AM Admin
AMI PC BIOS Console n/a AMI Admin
AMI PC BIOS Console n/a A.M.I Admin
AMI PC BIOS Console n/a AMI_SW Admin
AMI PC BIOS Console n/a AMI?SW Admin
AMI PC BIOS Console n/a aammii Admin
AMI PC BIOS Console n/a AMI!SW Admin
AMI PC BIOS Console n/a AMI.KEY Admin
AMI PC BIOS Console n/a AMI.KEZ Admin
AMI PC BIOS Console n/a AMI~ Admin
AMI PC BIOS Console n/a AMIAMI Admin
AMI PC BIOS Console n/a AMIDECOD Admin
AMI PC BIOS Console n/a AMIPSWD Admin
Amptron PC BIOS Console n/a Polrty Admin
Asante IntraSwitch multi IntraSwitch Asante Admin
Asante IntraStack multi IntraStack Asante Admin
Ascend Yurie Multi readonly lucenttech2
Ascend Router Telnet n/a ascend Admin
Ascend Sahara Multi root ascend
Ascend Yurie Multi readwrite lucenttech1
AST PC BIOS Console n/a SnuFG5 Admin
ast powerexec 4/25sl Multi n/a (none) Admin
AT&T 3B2 Firmware Console n/a mcp Admin
Autodesk Autocad Multi autocad autocad User
Avaya Definity G3Si Multi craft (none) Admin
AVAYA g3R v6 Console root ROOT500 Admin
Avaya Definity G3Si

文件大小：136K 总浏览：27
运行平台：Windows9X/ME/NT/2000/XP
::软件简介::

密码监听器+破解注册机　
本软件已破解，可用自带的注册机注册，
密码监听器用于监听基于网页的邮箱密码、POP3收信密码、FTP登录密码等，只需在一台电脑上运行，就可以监听局域网内任意一台电脑登录网页邮箱、使用POP3收信以及其它登录的用户名和密码，并将密码显示、保存，或发送到用户指定的邮箱

::下载地址::

点这里下载-> 密码监听器+破解注册机

RPC2.zip

提交时间：2004
提交用户：lw
工具分类：攻击程序
运行平台：Windows
工具大小：764249 Bytes
文件MD5 ：ac917bb4c5945812b9f51cec9e900772
工具来源：http://www.darksideofkalez.com/

图形版的RPC溢出程序.
加了FTP和端口扫描.
不想多说　用了就知道

::下载地址::

点这里下载-> 攻击程序

增加了以下几个功能: 1、进制转换，用于sql注射。 2、来源于czy的跨越wsh\fso写文件的代码。不过我发现czy的原代码无法解决回车与换行。换行解决了，回车实在没办法。就是用echo怎么写个回车这个问题。 3、插入木马。可以在别的asp文件里插入一个后门。 4、免fso的cmd有回显了，感谢zzzevazzz 5、电脑文件检索，可以检索机器里是否有asp木马了，当然检索别的也行。 6、物理路径下载文件。现在你可以随便下载物理或虚拟目录的文件了 实在对不住一直用这个黑客小东东的人，这个版本的推出没有实质性的突破。本来打算最后一版叫做海阳顶端网asp木马罗马假日版，最终由allen来完成。allen打算完全采用ado.stream和xmlhttp来完成现有木马的所有功能，完全不用fso。但是allen一直神龙不见首尾，所以在推出终版前，还是我改造了一下，推出2004版吧。 加了以下几个功能: 1、进制转换，用于sql注射。本想打算写一个asp的sql注入工具，想一下asp实在太慢，再把代码加入，那木马就太大了。 2、来源于czy的跨越wsh\fso写文件的代码。不过我发现czy的原代码无法解决回车与换行。换行我解决了，回车实在没办法。就是用echo怎么写个回车这个问题。 3、插入木马。可以在别的asp文件里插入一个后门。 4、免fso的cmd有回显了，感谢zzzevazzz 5、电脑文件检索，可以检索机器里是否有asp木马了，当然检索别的也行。 6、物理路径下载文件。现在你可以随便下载物理或虚拟目录的文件了 就加了这几个功能，期待allen的最终版。至于被杀毒软件杀，这一点我也没人好的办法。：-）

::下载地址::

点这里下载-> 海阳顶端网asp木马2004版

清除pubwin限制包括pubwin自己

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Pubwin"=-
"RunD1l"=-
"Pubwin"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
"Pubwin"=-

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices-]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
"1803"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=hex:95,00,00,00
"CDRAutoRun"=hex:00,00,00,00
"NoSetTaskBar"=dword:00000000
"NoMovingBands"=dword:00000000
"NoCloseDragDropBands"=dword:00000000
"NoRun"=dword:00000000
"NoLogOff"=dword:00000000
"NoViewContextMenu"=dword:00000000
"NoTrayContextMenu"=dword:00000000
"NoCloseDragDropBands"=dword:00000000
"NoViewContextMenu"=dword:00000000

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000

[HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions]
"NoBrowserOptions"=dword:00000000

[HKEY_LOCAL_MACHINE\Enum\ACPI\*PNP0700\0\Papi]
"DeviceStatus"=hex:00,00


[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\SysProtect]
"CDRAutoRun"=hex:00,00,00,00
"NoSetTaskBar"=dword:00000000
"NoMovingBands"=dword:00000000
"NoCloseDragDropBands"=dword:00000000
"NoViewContextMenu"=dword:00000000
"NoTrayContextMenu"=dword:00000000
"0"="no"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoNetHood"=dword:00000000
"NoSetFolders"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDevMgrpage"=dword:00000000

B.Win2000以上：Ipconfig/all

C.NSLOOKUP：如查看河北的DNS
C:\>nslookup
Default Server: ns.hesjptt.net.cn
Address: 202.99.160.68
>server 202.99.41.2 则将DNS改为了41.2
> pop.pcpop.com
Server: ns.hesjptt.net.cn
Address: 202.99.160.68

Non-authoritative answer:
Name: pop.pcpop.com
Address: 202.99.160.212

3.网络信使
Net send 计算机名/IP|* (广播) 传送内容，注意不能跨网段
net stop messenger 停止信使服务，也可以在面板－服务修改
net start messenger 开始信使服务

4.探测对方对方计算机名，所在的组、域及当前用户名
ping －a IP －t ，只显示NetBios名
nbtstat -a 192.168.10.146 比较全的

5.netstat -a 显示出你的计算机当前所开放的所有端口
netstat -s -e 比较详细的显示你的网络资料，包括TCP、UDP、ICMP 和 IP的统计等

6.探测arp绑定（动态和静态）列表，显示所有连接了我的计算机，显示对方IP和MAC地址
arp -a

7.在代理服务器端
捆绑IP和MAC地址，解决局域网内盗用IP：
ARP －s 192.168.10.59 00－50－ff－6c－08－75
解除网卡的IP与MAC地址的绑定：
arp -d 网卡IP

8.在网络邻居上隐藏你的计算机
net config server /hidden:yes
net config server /hidden:no 则为开启

9.几个net命令
A.显示当前工作组服务器列表 net view，当不带选项使用本命令时，它就会显示当前域或网络上的计算机上的列表。
比如：查看这个IP上的共享资源，就可以
C:\>net view 192.168.10.8
在 192.168.10.8 的共享资源
资源共享名 类型 用途 注释
--------------------------------------
网站服务 Disk
命令成功完成。

B.查看计算机上的用户帐号列表 net user
C.查看网络链接 net use
例如：net use z: \\192.168.10.8\movie 将这个IP的movie共享目录映射为本地的Z盘

D.记录链接 net session
例如：
C:\>net session
计算机 用户名 客户类型 打开空闲时间
-------------------------------------------------------------------------------
\\192.168.10.110 ROME Windows 2000 2195 0 00:03:12

\\192.168.10.51 ROME Windows 2000 2195 0 00:00:39
命令成功完成。

10.路由跟踪命令
A.tracert pop.pcpop.com
B.pathping pop.pcpop.com 除了显示路由外，还提供325S的分析，计算丢失包的％

11.关于共享安全的几个命令
A.查看你机器的共享资源 net share
B.手工删除共享
net share c$ /d
net share d$ /d
net share ipc$ /d
net share admin$ /d
注意$后有空格。
C.增加一个共享：
c:\net share mymovie=e:\downloads\movie /users:1
mymovie 共享成功。
同时限制链接用户数为1人。

12.在DOS行下设置静态IP
A.设置静态IP
CMD
netsh
netsh>int
interface>ip
interface ip>set add "本地链接" static IP地址 mask gateway
B.查看IP设置
interface ip>show address

Arp
显示和修改“地址解析协议 (ARP)”缓存中的项目。ARP 缓存中包含一个或多个表，它们用于存储 IP 地址及其经过解析的以太网或令牌环物理地址。计算机上安装的每一个以太网或令牌环网络适配器都有自己单独的表。如果在没有参数的情况下使用，则 arp 命令将显示帮助信息。

语法
arp [-a [InetAddr] [-N IfaceAddr]] [-g [InetAddr] [-N IfaceAddr]] [-d InetAddr [IfaceAddr]] [-s InetAddr EtherAddr [IfaceAddr]]

参数
-a [InetAddr] [-N IfaceAddr]
显示所有接口的当前 ARP 缓存表。要显示指定 IP 地址的 ARP 缓存项，请使用带有 InetAddr 参数的 arp -a，此处的 InetAddr 代表指定的 IP 地址。要显示指定接口的 ARP 缓存表，请使用 -N IfaceAddr 参数，此处的 IfaceAddr 代表分配给指定接口的 IP 地址。-N 参数区分大小写。
-g [InetAddr] [-N IfaceAddr]
与 -a 相同。
-d InetAddr [IfaceAddr]
删除指定的 IP 地址项，此处的 InetAddr 代表 IP 地址。对于指定的接口，要删除表中的某项，请使用 IfaceAddr 参数，此处的 IfaceAddr 代表分配给该接口的 IP 地址。要删除所有项，请使用星号 (*) 通配符代替 InetAddr。
-s InetAddr EtherAddr [IfaceAddr]
向 ARP 缓存添加可将 IP 地址 InetAddr 解析成物理地址 EtherAddr 的静态项。要向指定接口的表添加静态 ARP 缓存项，请使用 IfaceAddr 参数，此处的 IfaceAddr 代表分配给该接口的 IP 地址。
/?
在命令提示符显示帮助。
注释
InetAddr 和 IfaceAddr 的 IP 地址用带圆点的十进制记数法表示。
物理地址 EtherAddr 由六个字节组成，这些字节用十六进制记数法表示并且用连字符隔开（比如，00-AA-00-4F-2A-9C）。
通过 -s 参数添加的项属于静态项，它们不会 ARP 缓存中超时。如果终止 TCP/IP 协议后再启动，这些项会被删除。要创建永久的静态 ARP 缓存项，请在批处理文件中使用适当的 arp 命令并通过“计划任务程序”在启动时运行该批处理文件。
只有当