论文部分内容阅读
木马程序一般分为客户端程序和服务端程序两部分,客户端程序用于远程控制计算机。而服务端程序,则隐藏到远程计算机中,接收并执行客户端程序发出的命令。本文首先介绍了木马的定义,功能和特点,其次介绍了木马的常见植入技术,包括网站挂马,发送超级链接,电子邮件,缓冲区溢出,和其它病毒形态相结合五种。再次阐述了木马的自启动技术,然后是木马的隐藏技术,包括文件隐藏,进程隐藏和通信隐藏。最后是木马的免杀技术,主要包括加壳,修改特征码和加花指令。
Trojans generally divided into client programs and server programs in two parts, the client program for remote control of the computer. The server-side program, then hide the remote computer, receive and execute the command issued by the client program. This article first introduces the definition, function and characteristic of Trojan, then introduces the common implant technology of Trojan horse, including website hanging horse, sending hyperlink, email, buffer overflow, and other virus forms. Once again explained the Trojan’s self-starting technology, and then the Trojan’s hidden technology, including file hiding, hidden processes and communication hidden. Finally, the Trojans kill technology, including shell, modify the signature and add flowers order.