Back to Question Center
0

Uchwepheshe we-Semalt: Ukubheka ngokucophelela ku-Hackers Toolkit

1 answers:

Uma abahlaseli befunda indlela yokudonsa inhlangano, bayayisebenzisa ekudwebeni kwaboisipiliyoni kanye nempumelelo yangaphambilini. Ngakho-ke, ukuzama ukuqonda ukuphulwa kwedatha kungabonisa ukubaluleka okukhulu njengoba umuntu engena engqondweniwomhlaseli futhi ucabange izindlela abangasebenzisa ukulimaza.

uFrank Abagnale, iMenenja yokuPhumelela kweKhasimende i-Semalt Amasevisi weDivaysi, inikeza izinhlobo ezivame kakhulu zokuhlaselwa ngokuvamile ezisetshenziswa ngabaduni:

1. I-Malware

I-Malware ibhekisela ekusetshenzisweni kwezinhlelo eziyingozi ezifana ne-virus kanye ne-ransomwareokunikeza abahlaseli ukulawula okude. Uma ithola ukungena kukhompyutheni, ithazamisa ubuqotho bekhompuyutha futhi ithatha phezu kwayoumshini osetshenziswayo. Iphinde ihlolisise lonke ulwazi olugeleza ngaphakathi nangaphandle kwesistimu, kanye nezenzo ezithinta izinkinobho. Iningiizimo, kudinga ukuthi i-hacker isebenzise indlela abangathola ngayo i-malware efakwe njengezixhumanisi, ne-imeyili ekhangayo engabonakaliokunamathiselwe.

2. I-Phishing

Ukuphishingwa ngokweqile kuyasetshenziswa lapho umhlaseli efihla ukuthi ungumuntu noma iinhlangano abathembela ukwenza into abayithandi. Bavame ukusebenzisa ukuphuthuma ku-imeyili, njengomsebenzi wokukhwabanisa, ne-imeyiliokunamathiselwe. Ngokulanda okunamathiselwe, kufaka i-malware, eqondisa umsebenzisi kwiwebhsayithi ekhangelekile, eqhubekayoukucela ulwazi lomuntu siqu kumsebenzisi.

3. Ukuhlasela kwe-SQL Injection

Ulimi Lokusebenza Oluhlelekile lulimi lohlelo, olusiza ukuxhumanange yolwazi. Amaseva amaningi agcina imininingwane eyimfihlo kulwazi lwazo. Uma kukhona izikhala emkhosini womthombo, i-hacker ingafakwai-SQL eyabo, evumela ukuba kube nomnyango wangemuva lapho bangacela khona iziqinisekiso kusuka kubasebenzisi besayithi. Inkinga iba yinkinga enkuluuma isayithi ligcina imininingwane ebalulekile mayelana nabasebenzisi bayo njengolwazi lwekhredithi kulwazi lwabo..

4. I-Cross-Site Scripting (XSS)

Isebenza ngendlela efanayo ne-SQL injection, njengoba ijoza ikhodi enonya ibe yiiwebhusayithi. Lapho izivakashi zithola ukungena kusayithi, ikhodi ifaka ngokwayo kusiphequluli somsebenzisi, ngaleyo ndlela ithinta izivakashi ngokuqondile.Abahlaseli bafaka ngokuzenzakalelayo ukuphawula imibono noma izikripthi kwisayithi ukusebenzisa i-XSS. Abasebenzisi bangase bangaqapheli ukuthi abaduni baqothuleulwazi kuze kube sekwephuzile.

5. Ukulahlwa Kwemisebenzi (i-DoS)

Ukuhlaselwa kwe-DoS kuhilela ukulayisha ngokweqile lewebhusayithi nge-traffic enkulu kuze kube sezingeniilayisha ngaphezulu iseva futhi ayikwazi ukuhambisa okuqukethwe kwayo kubantu abazama ukuyifinyelela. Uhlobo lomgwaqo osetshenziswa abaduni abanonyaokuhloswe ukukhukhumeza lewebhu ukuyivala kubasebenzisi. Uma kwenzeka amakhompiyutha amaningana asetshenziselwa ukuphazamisa, iba yi-Distributed Denialyokuhlaselwa kwe-Service (DDoS), enikeza umhlaseli amakheli e-IP ahlukene ukuze asebenze kanyekanye, futhi okwenza kube nzima ukuwalandelela.

6. I-Session Hijacking kanye no-Man-in-the-Middle Attacks

Ukubuyela emuva nokuphuma phakathi kwekhompiyutha kanye nesiphakeli sewebhu esikude ngayinyeube ne-ID yeseshini eyingqayizivele. Uma umshayeli ephethe i-ID yeseshini, angenza izicelo zibeke njengekhompyutha. Kubenza bazuzeukungena ngokungemthetho njengomsebenzisi ongalindelekile ukuthola ukulawula ulwazi lwabo. Ezinye zezindlela ezisetshenziselwa ukugubha ama-ID weseshini kuqhubekascripting cross-site.

7. Ukusetshenziselwa kabusha kweCredential

Ngenxa yenani elikhulayo lamawebhusayithi adinga amaphasiwedi, abasebenzisi bangakhetha ukuphinda basebenziseamaphasiwedi awo kumasayithi anikeziwe. Ochwepheshe bezokuphepha banxusa abantu ukuthi basebenzise amaphasiwedi ahlukile. Abaqaphi bangathola ama-abasebenzisi namaphasiwedifuthi usebenzise ukuhlaselwa ngamandla ukuze uthole ukufinyelela. Kukhona abaphathi bephasiwedi atholakalayo ukuze basize nge-credential ehlukahlukene esetshenziselwa amawebhusayithi ahlukene.

Isiphetho

Lawa angamaqhinga ambalwa kuphela asetshenziswa abahlaseli bewebhu. Zihlala njaloukuthuthukisa izindlela ezintsha ezintsha. Nokho, ukuqaphela ukuthi yindlela eyodwa yokunciphisa ingozi yokuhlasela nokuthuthukisa ukuphepha.

November 28, 2017
Uchwepheshe we-Semalt: Ukubheka ngokucophelela ku-Hackers Toolkit
Reply