[IT] 修改 host，可黑你的账号？ by june0620

hive-105017 · @june0620 · Apr 21 '20

$17.47

[IT] 修改 host，可黑你的账号？

pixabay
https://cdn.pixabay.com/photo/2015/06/18/01/46/hack-813290_960_720.jpg

***

身为QA，很多时候都会用到修改 host 文件的方法来测试。因为太常用太习惯，我便忘记的它的作用。
前些日子，新闻报道有些黑客修改 host 文件偷取用户信息，使我恍然大悟。
那么让我们了解一下黑客怎么盗取用户信息吧。

了解 host 之前，我们应先知道 IP 地址。目前 IP 地址太普遍，就不多说跳过。
我们访问的网页都会赋予一个 IP 地址，我们就是用这个 IP 来访问百度，谷歌等网页。
但是 IP 太难记，于是出现了 DNS，全称`Domain Name Service`。
这个 DNS 是用于绑定一个域名和IP，即访问域名，DNS帮你转到绑定在该域名的 IP 上，实现网页的访问。
举例百度，百度将自己的域名 baidu.com 和其 IP 39.156.69.79 申请绑定在 DNS 上，换句话说买域名。

 那么，host 又是什么呢？简而言之，本地DNS。
优先度高于DNS，也就是说你访问一个域名，电脑会先到 host 搜索该域名有没有绑定的 IP，如果有会直接跳转到IP，如果没有它会连接到 DNS 服务器搜索相关域名的 IP。
问题来了，如果我在本地 host 文件上绑定百度域名和谷歌IP，发生什么你懂的。
不如我们试试。 

在 widows 下，host 文件位于 `C:\Windows\System32\drivers\etc`，用记事本打开并输入如下。
然后在浏览器输入baidu.com，你会看到访问谷歌。👇 
![image.png](https://files.steempeak.com/file/steempeak/june0620/3rD4trxF-image.png)

黑客就是利用这个原理来盗取用户信息，在用户撞上病毒后，强制修改host，让你访问自己他的假网页（例如假冒百度的页面）并获取你的账号信息。

想保护自己的信息没有别的方法，不乱安装，花钱买杀毒器，再一个定期确认 host 文件。
是不是很可怕呢？ 

大家晚安～

👍 slowwalker, oldstone, magicmonk, cnbuddy, june0620, bji1203, wherein, gghite, cnbuddy-reward, cnstm, yasu, jsj1215, smartvote, roseofmylife, itchyfeetdonica, wanggang, bring, dudream, lotusofmymom, shenchensucc, nokodemion, moneytron, cpt-sparrow, pagliozzo, likuang007, cherryzz, oldstone.sct, bert0, new-world-steem, andrewma, flamingirl, cnbuddy-cnstm, tresor, lucky2015, steem-agora, springflower, udabeu, real3earch, gerdtrudroepke, kimzwarch, p-translation, melaniewang, andyhsia, angelinafx, mangou007, mychoco, changxiu, tina3721, bnk, coder-bts, steemfriends, fengchao, photoholic, daath, newsnownorthwest, rull14958, tokenindustry, minloulou, kggymlife, xiaoshancun, suhunter, tumutanzi, coldhair, memeteca, and 3 others

`author`	june0620
`permlink`	it-host-q953sd
`category`	hive-105017
`json_metadata`	{"app":"peakd/2020.04.3","format":"markdown","tags":["cn","cn-curation","steemstem","dblog","cn-reader"],"image":["https://cdn.pixabay.com/photo/2015/06/18/01/46/hack-813290_960_720.jpg","https://files.steempeak.com/file/steempeak/june0620/3rD4trxF-image.png"]}
`created`	2020-04-21 13:21:51
`last_update`	2020-04-21 13:21:51
`depth`	0
`children`	0
`last_payout`	2020-04-28 13:21:51
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	9.352 HBD
`curator_payout_value`	8.122 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	929
`author_reputation`	118,592,211,436,406
`root_title`	"[IT] 修改 host，可黑你的账号？"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	96,934,715
`net_rshares`	16,515,043,695,398
`author_curate_reward`	""

properties (23)vote details (67)

voter	rshares	pct
mangou007	6,366,298,431	4.18%
slowwalker	3,366,894,051,373	50%
magicmonk	1,649,800,801,036	100%
bert0	17,983,172,322	4.18%
tumutanzi	913,588,369	50%
oldstone	2,345,913,820,974	50%
bring	70,452,044,917	100%
coldhair	892,445,338	50%
lotusofmymom	46,309,057,314	50%
shenchensucc	40,183,416,878	30%
kimzwarch	8,510,345,648	4%
june0620	1,245,717,026,702	100%
xiaoshancun	1,032,569,147	100%
minloulou	2,269,246,656	10%
flamingirl	12,514,884,582	4.18%
lindalex	580,310,326	50%
new-world-steem	17,267,373,132	23%
cnbuddy	1,280,163,812,958	100%
itchyfeetdonica	156,927,260,809	50%
nokodemion	32,369,729,658	100%
dudream	57,372,788,872	100%
mehta	538,493,530	40%
bji1203	1,126,483,299,064	100%
suhunter	961,902,227	50%
udabeu	9,531,887,501	30%
jsj1215	419,076,190,939	100%
yasu	522,315,116,938	100%
photoholic	3,622,513,797	50%
lucky2015	10,970,543,772	100%
gghite	709,721,507,680	100%
angelinafx	7,803,983,914	6%
tresor	11,526,856,658	4.18%
andrewma	13,102,697,030	50%
newsnownorthwest	2,778,485,084	55%
coder-bts	4,490,909,805	50%
wanggang	152,829,604,282	20%
pagliozzo	21,250,226,829	20%
gerdtrudroepke	8,741,376,701	15%
daath	3,361,424,410	100%
smartvote	416,949,160,020	6%
melaniewang	8,438,814,421	50%
changxiu	5,053,333,843	50%
cherryzz	20,225,737,398	50%
memeteca	810,796,340	4.18%
moneytron	30,394,536,937	100%
wherein	1,038,699,824,794	48%
steemfriends	3,990,750,955	100%
cnstm	566,099,172,627	48%
likuang007	20,924,365,402	48%
cpt-sparrow	23,713,394,048	100%
kggymlife	1,880,741,974	20%
cnbuddy-cnstm	12,502,609,614	48%
tina3721	4,865,573,237	50%
andyhsia	7,813,031,255	100%
rull14958	2,769,854,934	100%
oldstone.sct	18,343,093,250	50%
tokenindustry	2,656,094,746	80%
cnbuddy-reward	630,459,683,411	100%
roseofmylife	254,230,612,873	50%
springflower	10,439,174,186	50%
mychoco	6,250,111,816	50%
morningcare	665,176,220	50%
real3earch	9,365,603,542	100%
steem-agora	10,668,172,512	50%
p-translation	8,509,934,954	50%
fengchao	3,963,965,628	4%
bnk	4,819,308,858	4.18%