Scribd
Upload
101 views15 pages

4251 PDF

Uploaded by

Goufi Aouf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
101 views15 pages

4251 PDF

Uploaded by

Goufi Aouf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15






http://www.t0010.com

   

!"   


Binary Tree
# $% %
http://www.devhall.com

&&&&&&&&&&&&&&&&&&&&&&
JK :L  MN

 

T0010.COM
## "#$% *)( ' +,-  . ##
<
 ?
= :; 7  8#9 6
:  D"@ $   % @ 7
http://www.t0010.com
G=
--------------------------------------------------------------

aLTar3q
---------------------------------------------------------------

: %' 234
FH %H I J 9DE Adobe Reader 6 7 9:; < #* =>9D LU . %,  .L97 FOF% P7< Q .%QR S
: S  P7 X#* Z \[ F X = 6  V I
http://www.adobe.com/uk/products/acrobat/readstep2.html

 


http://www.t0010.com

 $ <U " : : K #X .. L

< 8G N    =_ ]  =[  %  =[ K a  


= 8# @"$ :  :  8#  acL   # [ #ig h ef
 6 7 Lg g  K8[# : K ;.K="$ :
$ ] 9#9$  = :Nc f 6% kJ   =  g kJ   ;in
L nL nL #8  8  p  [ :8 L$ 7 ;i# :
= ? [ r  K q%8 ih# ; K :L  6 :; qJ     6
8X K8[# 8% 7 L 8 K =?. K
nL :  ]"#  8 h# quL # qfX ti @"$ q 8#  D; 8## 7 Lg 6
 8%"$ q8% qia@ #; w? : ="i  XU .J Lc] #9$9
 8i [ ; ti : c; 6x_ :  tig M 6x# a "i
_ 6 6  8%   # 8 M[|  kJ "iLU q[8 K{
) quL "$ ] L 7ix cL :N ):
Ji"; : ~n :   # < N "G $ { K; q 8L[<8
"G  7#i i :; L t kJ    X a #ii 7t
"G 8i :N JK :L% 7#i :;i !"G

 


http://www.t0010.com

 I F ' 
=i N @"$nr  "G @"$ _[| J # X 
9Kg _ #  #" 6G "$@ "i f ) L6
 ]% ] U "i :N  %  ... c ( .
; : kJ   8[NL J  @"$ 
8" "GJ K  :
 hg ; KG : a J JK "G K i rX 
"G ] J w"#"$ LL@ _[| J "#] %8 X% ;:
? ?  # #8 q  $ ; :  N : a# :
6 # _" ?  K< 8i  ; $   #. 6fg
J "$@ L 6 f   6 !L M #L;< 
 NG# K; L8NKJ "$ 6 a ;u K ; : K G
"" .
 ]"#J 8% 6 ? J" J   6L @"$ KN f ?q
" 8 :; BASIC e "$ ! D; L% q  # kJ "e K G #88
 ]"#  6 #  ATARI q"$ w"# KNJ ?K .
@"$ e" q? :; D; 8$ 6 8 i :%# ?K J 6q
% i " @"$ e 8 _ % _  p 6e "( Interpreter e
)g  8 "# #  qg ) L ?= "$] ?K J x N
" q kJ " ( e < 8 JN# p ?N K ! cX
J  $ :; i# ?  X;g :  K p x
e 8
=~ {) q; K )X f %< ? i 8 ] ;   ] N #
 p  "8#8 ? e !
 =i ?   Compilers or Interpreter "$@ $ 8=7
? .J f @ q"$ w"# |[M @"$  K @Ni :LLg
" 8[NL $. "  ; : kJ   "
8 "$@ Ni@ 8
 _N _[| J 8[# 8%= q {g N qfX { .$M

 


http://www.t0010.com

'  'O S_:Z


$ = @ X K 8  :  X Kg9 _[ G
"$X 9Kg _[J  "KL "$ G = : [ g @
; :" ] K ) q= x( .
"$@ {  _  p # ; :  Xg #  :$8
[ :8 <U @   q N  =i 6 q"$ :"N t!
K
N   K @"$. k
_$ 6  #   X K
 ?K G p
 # 6K# Backdoor :"XX K @ ?K kJ  p = :
 K :; "X =@ r NG Trojan Horses k K  #88
; K :; Port JN q8[# K $ #r w pX  9 i8
 # @"$; [ |G [8 8[= : { K =q"$ 6K
. qK
6L @"$ f L K  %  6 ="$ q@  =
N = <U ] GL h# LL qi 7; "  [9; q:
J L % ]=" ; h# ]"L _ $ ]=8   6
L _] ; : % = : KG  K#?= :!

x  L 7L p _? :; K X 9Kg _[G

 


http://www.t0010.com

=M w"N _" = 8N$  = w "


=i 8GL k  J
"  6L ] w#r $  8# U : "$ q" ]N <%@ K
  8  %  8%g . K"$ <"G :
" ti ? )r NG( = "X a qNh MM " q
ex i K_ X := p ! JK ]"e_= 8N$ = w r
;<  K" Backdoor "X L 8 kX K i ; q
;i qL  6% g  : [ ] %< = ] G kJ "i 
8 6K G 6 K"$  7 L :; 7KL  ;X =6e
!L
neL
)_ =
: , " $ ]"G# p # 8 U : M[| {
i =?K_ { % :; k8 =c 8  = #8h #L
" ? ;K : _ 6 ) 6L @"$g. ( f
 =c=  8 78 #  Firewallf 8 6 p
Zone Alarm
# ;N J ?K {n ;N J _K = :[i K8= t
XU _N  8#   8 K!

'  F\[ =-F


J  # 8% _8 7i #i; 7iGe= n; q  : @ $_

g N  8#8i 
Lg  7 # : = KNG< @
X  ; %   _%NJ a   K  % 
 Kx n  % ~ g %c; N a  #J
? _ G[ 6 { [ 6 .

,D F%\[ .. LE
< ="] i% =]  #n _ # $ K"G; KN D 
 )8[ L "  ( G "$@  J  K
] K  # { ;i h kJ   # r "K
neL e 8 ~ _; 6eL :; _ i% h]
neL e  e  = : K ;i% :] f 6 N#8
?n  U == w . q
;i kJ ef   g # 7iG : #  8 K MU
  6LXU # M  :=c= : VB  p q?N #8N _ K :
=" $ e =_ ; : ~N J 7 ] K N $ # $8 
8i %  # ]"= 6e# ef ;!q
6

 


http://www.t0010.com

_ bc)  ,Da F%\[


=cM  8 ;hLU   Ki 6i= :x8 ~ _ 6e   K#8 $   % kJxU8 =c 8 < = "$@
e X
.
8[L ; D; ]i% : ? = : ; K % ; D N< <   L @ 6?L = n; qih  =  q 
.h= n; :"X
7 8 N  ? = :[; K8 : % L  #8N ?n  U.

= = :;  7;aU e @"$ LL  kJaU; ( =iK  h#( = f ;; : e ;i% :] ] Kg x<
?<  6%  = 6%  p _ ?N q N "$ ) p@
6L f K [; 8 : p N#8 ; : : eL 77
X  ~i #8N 7?i N  tix #8N X# i8
K  K8[# :  : :; :   "X  XU
!! ): Ki%
  = @"$X ?  ]i% :; K8[= : =c  8]=     :; % e X  ;; D  :  9 #88
; :  pf %  ] 7= 8% K; _ 6.h#

= :; wf :i=
8 i%] g K { L % = 8 @= p 7 =c= ]i% :; "_ "G  8] =  6i % K
@"$   $  %    ti K ; : #8N.
n?L 7% X8  @ ]i% :; Logs< N  ?# 7#n?L X8  9N "i 8?# ] { q neL Ng GU
8 nx _ ; ]i% : 8N ]"= <N ;= n $h ;aL HTML ; <#L8 # 8% "  9 [] x
 kJK !!#
 = % JN= : = @"$ kJ GN ]N; ]N Ng?uL K
X   ]N$ ] J 8; 6h % i ; :J ?  %
" Ng [ #8 |G [8 xg Ng . %

 


http://www.t0010.com

'  F
 - e 
R !=-F
XSS $ <iL 6
i= 6  e  :niLU SQL Injection
% 6 $% ?" Session Hijacking
 N% 6 $ CRLF Injection
 $ Directory Traversal
 $ e  7$n? Parameters Manipulation
 ... N kJ :iL "uLg $ a _8 7i   N

 KM _ 6 ef  K"e# : K  8  :


=? K  =  <N 8  f kJ "G !X :; <c;

 J ?9     K#  %{  f "; L 7Kf


_ kJ "G K"$ #r= %]  % "$@  N]
6x= $ kJ "G   ;i  :Ni ?K :  $ Dh
cL n% $ kJ "G " K; N K@M :; Ng
?
.

Cross Site Scripting


"#K"$ w XG xss  = CSS9 K $ x g i8
GX Cascading Style Sheet  :  ?K [8# ]= @"$ #
# 8N$8  X  ["  i tg ; : x
 $ pN# ]i% ] =_i% x 6M q#] K LX 6 c N$8
# G  K#[= = : ti %L   L 9 x7
! q %
= pN kJ _" ?8$ q ;nX8 ]G 9 ; : N L] K
X L HTML  :; Java Script % K"i?#  %#"= @"$ #
x _ ]i% < 9  M =] J # ! q "K
h# :; i e # : =] N$ w#r $ URL # a; 9
% q"i?= K @"$  9 " "$@ =] "$@ %g= 6_q#
6M J= ]"i w 9#9$  ef  : G K ~ # 8
#= NL 6%Hotmail  :< = "K  x8N # 8 
" ]"= h ef < = <= NG ! XSS

 


http://www.t0010.com

SQL Injection
=< kJ 9#9$ ]"cL N  @    $ L KJ a
  8#8   :: nL SQL Injection 8 _= 8a 6  7#
= @N =  ="]   a X N   w#.

\ , > $#Session Hijacking


% ?" "$ :  " @"$ [8 Session J #
8[L ~N "$ % ?"9"= q # K   % ?"
Session ID =  8 K Brute Force $ = " 8Reverse %
8# 8% Engineering K J   7ix q_ 6LLcL.f
 i N   $ ?" ?" 8 Persistent : :
 #"" #i= K U= )  (9 ~K ;K : [8 :
i# q"$ ~N $ 8N$= :; q  <% X ! .
N :f : ?" e  non-Persistent : KN= :? :
{n [8 " :; G n N# $ =#i % " Session ID
"[8 % ?" qJ 8[# e ;i [8 J L#" K
nX K"# " @"$ q ~N J $ _N# % _ 6;e  :a
? nX  K8[= : %  : [8 <% ?"# qKi p8
 ti e Xg .
 ti ? 8  :#J  6_ %; :a  @i#_ k
;a   8#9 i "$ 6i? q"$ 6   8U $   ix q 8
= N _"  # K   =  8% ?";i q it
i "~ $ K"L# #r HTTP Request w @ ~N J # %
?" q # % q ?" q  :; q#8 J ; =JK; w  :Ni#
 ~ K ~N K  [8 . :
w ] J qN# x  N [8 [ q ) x L @"$ :N6
f ) !! ?  #8J ? # xss =[8 Ln "$@
?" ] #= w#r $ ; L< "~N #  % "
[8 L J K" %!

 


http://www.t0010.com

_ =)> bcV )F  I Z%.


 =_ % ?" q =8i 8%  8[L _ SSL;   L  "L "  @~]
? K % " K"$ :h# q <%;8= : c [8 K nX 8% K nX q"$  ni; @K = 8% q MM ~N   i#8
K8[#
8a ]~ G -? XSS

CRLF Injection
 CRLF "G GX Carriage Return , Line Feed CR  9Lg:
13 LF  9 10 :LgJ 9 K8[# 8N# 8N$ @"$ Deh
Enter "9N @ . 8#8 L
~ 8[# N ; D GX LF 9 J N  ?K  X
" #eK" #  @G% ;X  q"in kJ $N  ef  =_q#
6M c  G 8 kJ _" = 8%  $ 7 qL  w J
= ?.q
J N  ?K # 8$ 7 h# ;| nX8 [8 ) = 
SQL Injection ) c= xss 8 [8
#n$ 6X8 ; \n\r:
nX8 )
; :g 8[" K # : 8[L kJ  "N9
@ ( 8#8 L
 | :; nf a J q# :; hi 8N 7?# = 8[L q
Enter J # 8N$ q"$ Deh @ \n\r  {  !  ;N$ :
a L  "[8 X  "_ CRLF 9!!

10

 


http://www.t0010.com

>F SH 9#>%Directory Traversal


J N  ?K  ni; X "%<  qX  ?K "$@
rUn   [#  ur q x q 7i g w  # :
neL J N  ef ;8 K 8  J
N#  X q
8 X !
; J N  ?K  r # K  [  $ ?"8
?J " Root directory % @ ?"8 X = "i ?" 8 ?J ; : 
:N$a f  a G L :; ; N#8 i= :  6 # IIS
?" 8 ?J "$ % :
C:\Inetpub\wwwroot
J ?" 8 J =" q; 8  ]i%   ; : 9 NL ;D
 = G "  ; :J ?" 8 ?"8 $  8"X q
KN "$@ L 6 f ?" news 8 G ; :Lgi= 6]  $
" 6 _? "?"8 acL : f .K"$

g =[  6 N$ ]#8 ; ]= : J ?JK q _6


http://www.yoursite.com/news/show.aspx?view=file.html

11

 


http://www.t0010.com

Ni # $8L " file.html 8[" qa$ " # file.html
#  ;"?  : news 8; g  K %  $n; 7:
Ni JK q _:6
http://www.yoursite.com/news/show.aspx?view=../../../../../Windows/system.ini

  = 8 ... G_8 " !!  System.ini   w J


? @"$ 6#8i  # q " L K   KN @"$ 6#8i
" > System.ini
 = :Ni#~  ]i% :; 6 _ :; D;  6e  6 % ;:
 6 ; i% h] ! Lg  ] =[ 6 ~] #
_ ti 6e  @"$  w#r $ % _# ) 6
= pJ
N   ! ( =  K  [  ?" 8 ?J  ; : f
# 8% w  x @ L g  : =N J Format
"; c"!!q
J N  ?K # # 6#  7?# :# =[8 #
 6 _":
nX  - 1 _ c= K= : 8 ;; ]G nX8 e
 @ ~N c=  8 a = K N  q
nX  - 2 8$ ; J =" ) q =" q _ ]i% qh
) Da # kJ8$U  N # x" 7"r @ " X
?" 8 ?J "% q % | ; N] $ 8 #rw
  nX _ c = " X # ?" 8 ?J i%]
<iL ] ;JK :Ni# $8 ; i% h] { N
7?# =i8  N# ; "r q 7 " X  ?"8
 :  7"r _ i% h] =i 6#8 ] 8 $8
_   ; : N  8#9 1 % .#

12

 


http://www.t0010.com

 y% 7 =*4 Parameters Manipulation


 8 6 KM K "x @ ; K  ]"i= #r $ 6 e k
@ ~N J # q? <% ] w#r $ e  7$n  k @
Ni URL =e K% L % [  $N e  q
# K ;i L 6 [ c = :8G  ~N KN kJ L6
8$L K K; @"$  7 ~N . ]#8
8[# 8% h# K #r  7$n e # e "Session q
w#r $ Ni M   nX   q G :; HTTP Request
e ? # K8[= : # N #r ;i   e
?" qJ  $ #r w " HTTP Request 7  G q 
Ni! URLf @"$ XJ N  ?K   x # 7 :
=  KG 9  Kui e L" ?; 6 : %
M ... i"L @"$ 6K# K % L xN$ N .
kJLg  c K8[L 8< e ; :  p J %< ? q
  %n kJ  # "i K 8[L N ) x N _( q
 = ti % 6#8i  8U   : ]i% @"$ a   cN$:
 ] kJ . G
 %  [ _ # Yahoo Shopping #[8 #r 8
 iL # " i @ x 8Ni; ;8X "" i =N qui 
_ # iL " i "  : K=X ;  : _
 ;9" K~#
Hidden :[ 6 :  qN ;M : % HTML
 8 K M 6#8i KN HTML  6"% L i " i  : @

 8   % # " 7_ir 6 : @ x ;8 :


< ) i
 q%  ( 8 U  K! : _ J
"$ <= 8% 6 L[n "  %?N q # q w _
"" !! K"r :
?; 6 :g _" _< ; G;   8! :
"i ; : 8 _  i J % # qN KN  L?n
$;8 ;X K#8  = kJ ef Lf <"e  8 K
 D; <"eL !k8
 N :X  8$ :N <iL Xn kJ N [G =KN]
@ 8 X a :; 7# 8% 8K ; :  #  G 7X% c8
=8 =; qK  "= KN  f !! 8$ 7?# :N ;   " $6
   kJ ef 8$ 9#9$  NL :; ;c :J g _6
8 ):
13

 


http://www.t0010.com

; .c 3E Phishing Scam


$ :L i 2004 6LU Phishing Scam 8$ $ 2005 q
 7G ] J 6LU  r :8# @"$ ]"G= 6L  U:
"L K; :$8#   ;8K#  KN @ = 7 w Ni .
 e q""% " ; 6L @"$ D f K ih 6%M; K:
" i i #L  # 8  :L"< @ $8  8 
[. 8
=~ K kJ "  L" g @ L Kc"  N] L  ="N 7]
a  L = ]= #8  w#r $ N D ; :| L  J
# D @  :; w % % G L "#N 7]  
q nXX =] ) L [8 "   "i ;a :% %
g ! (.
J f @"$ 8 6LU K : ; : " i i #
J N   :; :# 6_ K~# 6L #  . ; "# :L ]
9#9$  ?  $ KM 6LU:
- 1 ]N 7"= 6LX =]  @"$ NL   "L K  ]N J
=.qi 6i
- 2 ]="i 6?= 7"= 6L _[ ]g G< 9 !
- 3 :$8= 6L %  K  8# U ) := ]N 7"= ( nf 6$
X " !
- 4L"= 6N 7] X "i  L =Kc :$8  Xn kJ
"i L "] =[ 8 =;]  M= ]#] ; ...:
 kJ "i ;i 8## ] w#8x K"rL =]):
- 5M Kc :$8= 6L _ 6eg ;?= : ni =]"= Kc :$8
 |G[ p ni ! i
N  8#8i  6L  K$[# 8% : {g |[M #f=
6w
 ]N 7"=  L 8 K G[M "i ] kJ "i =;K q
 K 6M c :#  L 8 K;i= % K K"L @  #<
N$  8#   q"L kJ   L N$  K 8# wf= n; qL] J
=    6K8 L 6] L  =~K ] c L" K Ni :
6K; [email protected]   
14

 


http://www.t0010.com

; .c Hoax Email (##~%


J N    { 7#
6LX   p$9 qN  ! ]h
kJ = 6L $ #J= @"$   ;#  q  =6L
kJ e  L  $J = 7a ; : f _ kJ
 @"$ 6L N 8 :i 8  X J= h  L c "
jdbgmgr.exe  ;~ : _ 6e8N# "  :LL " ~N
 ;# 8K# i { K# |[M q"L # 8GL8K
" i !!
ir kJ _ i_ ; :L  % Hoax 6 L :e"  N #9"?U
)  #  KN 7x # K# 8K# " ! ( # 8 xN
8 [N  i kJ e  L  #~N ! ! "i ;i f
$  6L  q""h Xc q%  6L  q""h K~= : "$@  
J http://www.symantec.com/avcenter/hoax.html : D

" X
 nX kJ    < =" D h  $ @"$ K KM  6 ef
 K8[# : K @"$ {  =_ 7i a f ;$ q
N:
 < r ~i g  Lc" =N :<  Lc" $
#  ;K q [ :8 L 7 :"$ N #8i 8
_ 6 ef  = "i#  KN K"i w N"$ <G@ _
Sniffing "i w"i#  KN U$ Spoofing ?K w"i#  KN 
 [ DOS 8  "i "" e [ "i DXU 
?8$ ... :$ = kJK :%  a 
8M 7 =[KGG
8  c Ki   L 8K  Kr  7 f :
kJ  aN$ :8 h#$ # # !  K  

8#
N$ a 6_ qa { #;
: :  _< [# 8%  %
kJ    !:"L
= @N  8%;< ;r : a _L 6" ; : { 7
= ="i  # c  : :8#9L 8  @"$ "x "L" "
$J ? ?  "i.
 ~n w" ] : 9#9$ #   6N kJ   @ N8
 X %   MU  M D @ 8G    ; DU
J  !  N K kJ   "<   <% ?  8K J "$ q L
  :; Ni = 7   MU 8G a  
15

You might also like