2. Tech
  3. I am a hacker (5)

I am a hacker (5)

xiaoxiao2021-03-06  92

15. Exercise (1)

Thank you for your favorite novels, many friends say, you are a hacker article, how so life, hacker's image is unfair, you watch movies, you see other novels, hackers

Cattle? How did you say that the hacker Xiao Wang is nothing to do with me? How to be almost the guy in our unit pipeline room? How to spend so many times to say the first love of the protagonist?

This is the main purpose I want to say. I have seen too much hacker articles, and hacking movies, too fake. Now that hackers in everyone have "hero". I wrote this novel.

Just want to show you a real hacker world. Hacker is? Hackers are ordinary people in computer technology and network technologies, so many people in the world. But most

Dividend did not put his energy and technology on attacking computers, but such as the protagonist of this novel, spent his technology and energy on the attack computer, so Xiao Wang became

Hackers, the head of Xiao Wang in the article, Zhang said is just a normal computer worker. In fact, the theoretical depth, the technical level, I think Dr. Zhang is definitely better than Xiao Wang Qiang, this Xiao Wang is also

Gas.

A hacker, an ordinary person living in reality, what do they change because they are hackers? They want to marry and get married, to buy a house, to raise home. Although he has a computer skill

The fanatic enthusiasm, but they can't just know Crack all day, they are blood, they are ordinary. This is the real hacker.

All the plots and characters of this story are their own personal experience or friends' experience, or the real thing that has been seen in life. All is a living prototype. Including this paragraph

The exercise is also there. Of course, the details are also necessary. Otherwise it is not a novel. Ok, let's pull the topic, let's continue to say Xiao Wang.

Now I am going to work every day, the first thing is to open my client software, and pass back the button information of the hyper terminal of the Huali Captain computer. To be honest, Hu captain is fine like monkeys

Similar, password is regularly replaced. If you don't have a back door, it really doesn't matter. Hu captain's "persecution" of our network has never stopped. However, every time it ends with failure

. It took the rest of the two routers, basically, I got all the controls of our partial network. Every time, he changed the settings, I changed very quickly, and I started Hu captain and thought the route.

The device is faulty. I saw the engineer of Huawei service provider for several times. I must be a call for Hu. Of course, the router is definitely not bad. Of course, they will come back every time.

.

The head of Hu has been suspecting our head, because he knows that our head is to engage in network encryption technology. He suspects that our head may have a secret technology he can't know. He has no arms

I suspect me, although he also knows what I decrypted to the Public Security Bureau, but I think he thinks that I can't even have his router.

This is later, I listen to my head.

"Hu captain actually doubt that I have moved my hands and feet, although I didn't say, but I mean." The head likes to laugh at me. "

"Oh" I am smirking.

"Some people do their hands on the router, this is sure, but not me." The head looks at me.

From his gaze, I know that he knows that it is my hands and feet. The head is inner, I can't afford it. If I do something is a little smart, my head student is really before.

Along the science. Many of the apertures are published in international authority publications, I don't know much, I don't understand, I don't understand.

I am smirking. Everyone is not as illuminated. Look out, the head is actually hidden.

I have to write to my software every day. I will find some program tracking when I am nothing. A good hacker. It is definitely not able to solve the next hacker software. Basically, the hacker software that can be used online is outdated and the passers-by, dealing with the real network management, and your things don't have any effect. A true hacker has its own things. And general

It's constipation. I never released my hacker software to the Internet, and I won't tell my own vulnerability to anyone. Hackers have a technique who doesn't know these people,

Tell someone, is there any meaning?

Now I am tracking a very popular FTP Server software under Windows. The name is Server-U. I have now tracking a 4.1 version, and I have been tracking for a long time.

intermittent. To be honest, the idea of ​​this software design is very worthy. First he uses its own independent account, and there is no association at all. Avoid incompetent account settings

Safety hidden dangers. Second, he adopted a strict authority system with more permissions and fine. There is also his IP control function and speed and space limit function. Really very easy to use and safe. Basic

There is no good function. However, his efficiency and stability are relatively weak.

This software is charged. To register. Oh, this I have already abolished him. His registration code uses a very complex algorithm to change. I have not crackdown so far. but

His dynamic anti-tracking and anti-revision are very weak. So, I will jump directly from the program of the registration code. Actually, there is no different, work is normal.

My current purpose is to trace his communication part. Perhaps some vulnerabilities can be found. According to my experience, there is no program is perfect. The existence of vulnerabilities is absolute,

Do you have any ability to find it.

Tracking programs are very difficult, and it is impossible to see every piece of code. Otherwise you will definitely be exhausted. Of course, it is not impatient. I am very quiet.

I slowly read it, I will record it on my book. The human memory is limited. Must be recorded. Writing with advanced languages, now is a compile code, which you can imagine.

However, there is also a featured thing for each senior language. According to my experience, this Serve-U is written in Borland's things, not Delphi is C

Builder.

It's followed, the phone rang. At first glance, it is a police officer.

Oh, she called me, definitely a password?

I took the phone, it is sure enough.

"Hey, that password came out"

"How long?"

"Oh, in fact, it will come out for more than 2 days. Her password is 8."

It seems that the guy really pays more attention to this document, the usual password does not exceed 6 digits, but the current password is actually 8.

"Your luck is really good, you should go to the sports lottery" I have a good mood, open your joke.

"Oh, busy to organize that file. Sure enough, we think about us. Now, today I invite you to eat, really thank you very much."

"I will not kill you there," I said.

Xiaolin police officer laughed and laughed into my phone. I quickly left the ear.

"Reassured, this time I invite you to eat it. Oh, I still have something to say." She suddenly,

"5 o'clock, I will pick you up."

"Don't", I'm saying, "Don't open your bad police car, the door is not right,"

It is a laughter. "OK, OK, I don't open the police."

"Say it, don't see it," I didn't want to spend my resignation, she hangs the phone.

Put your phone and continue to track. Soon I found that Server-U had a rejection service vulnerability. Refusal service is that the program will stop service. Essentially an overflow vulnerability. Spill now

There are too many holes. No way, C is too wide. There are too many people who are not proficient with c. Just send him a special format packet, Server U will overflow and will stop service.

If I analyze it, I can perform a special overflower, let him execute my command. Oh, I fell that, I will let her do my directive.

I record this data format on my book. Below I have to study if this overflow does not let him refuse to serve, can you give me something.

I am thinking, my head calls me.

Go to the head office.

"Hehe, huh, huh, you are now celebrities" Head looks at me. "

"Oh, what is wrong, don't go," I am in my nice, and my Server-U is tight!

"No, no, the minister is a special name, others don't, you have to be happy, your own can be so appreciated, and there is also light on his face.

"Hey, I am annoying, the minister is nothing all day, every day and the public security bureau is very active," said anyway, Minister heard. Oh, I am not afraid.

"Hey, let you go to you." The head smiled and said.

I sighed and packed the notebook on the table. Say with the buddy and Yuanyuan. "The buddies have been in the headquarters to enjoy the blessings," in everyone, I left the office.

Or the office, first saw the minister, special attention is whether it is a public security bureau, so it is directly to see the minister.

Rely, this time is not a police, this time is two soldiers.

I still have not been thinking about thinking, the minister has seen me, this time, there is no one of the other departments of Hu captain. Just alone.

"Xiao Wang, come, come in, sitting" minister already knows my name, very good attitude. In fact, the greater people, the better the attitude of the subordinates. I do not know why either. Anyway

The minister is actually quite kind in my heart.

"These two are comrades of a certain military area. This time I need a little thing to participate." Minister began to introduce. "This king of our software development department, the password of the last public security bureau is he helped

Release. "

So just hold hands. To be honest, our family's three generations have no one as a soldier and as a police, so I don't know much about these uniforms, I am not very good, I don't think it is good.

feel.

I pay attention to the two people's high-ranking soldiers, a young school army, a lieutenant rank. Wearing the clothes string. Very mighty. When you have a handshake, you will obviously feel their power. soldier

It is not the same.

That young school looked at me: "Our military zone should engage in joint exercises, some of which are confrontation, this is our first time to engage in this exercise, our technical force is not enough,

In addition, we need to temporarily eliminate some technicians in other departments to assist us exercise. During the exquisite period, all of your original units are inconvenient, at the same time. Our army will also give some subsidies

These support is not a lot. We hope that you will participate. Do you agree? "

The military speaking is simple, I will understand it. I didn't talk.

The minister said: "Xiao Wang, you make our unit, we hope that you can help the army sitting some things, rest assured, you will not affect anything in the unit."

Halo, the minister said so, I don't want to go. This is not a clear, want me? If I say NO, I don't want to mix it on the unit in the unit. Is it a trouble?

"How long is it?" I asked

"For about 15 days, there will be no more than one month".

Oh, I didn't expect to be a month of the soldiers. I feel funny in my heart, **, how to break what I have encountered, these things, I will not dream about this! When the university military training, I wanted this time to confront, there should be no military training. Besides, go see what the army's information confrontation is going. Not bad.

I picked up agreed that the ministers and colleges were very happy.

"We will pick you up next week."

Then invite me to eat. I said that I still have dating. Minister, haha ​​laughing. Didn't force me.

I have been wondering our minister how today's police, tomorrow's army. How do other departments rarely find them?

Later, I learned that our minister is the cadre of the army. Everyone has their own circles, and the most familiarity of the minister is of course the police and the army. Ha ha.

16. Exercise (2)

When you get off work, the mobile phone text message is coming, it is a small forest police officer. She is waiting for me at our gate.

When I went to the gate, I saw a girl waving me. I have been looking for the police officer that wearing a police uniform. Although she agreed that I didn't wear a police uniform. However, she is in my heart.

Wearing the appearance of the police uniform. So, I subconsciously I still wear the police uniform.

That girl took a half-day hand, I noticed her. Is this not a Xiaolin Police?

She is wearing a purple casual pants today, wearing a stylish sports shoes. A stylish casual clothes on the top. The bag, there is a small little penguin on the bag, like QQ

It is like it is the kind of linux logo.

It's totally a young girl who is young, where is there a whit police officer?

"Wow, you have changed today, I almost didn't recognize" I walked over. "

"Oh, get off work. The police are also ordinary people" she is a bit not meaning. "

"How, think about it, I ask today, you have helped us very busy" she said.

"Just pull, you will set it out, it doesn't matter." I really invited guests, I am not embarrassed.

"OK, let's go."

The taxi has driven a Korean restaurant. The name is Han Wei Xuan, the place is not large, but people are relatively small, and the layout is also very elegant.

She put a roast beef, and a soy sauce soup, and a lot of things that were suffering from eight, and I didn't have to eat Korean dishes before, so she didn't have a resignation, and A few

dish.

Korean cuisine is truth, not with my taste. But this is not a focus.

The focus is, she keeps laughing at me. I am more stupid, using China to treat Korean dishes, such as what soup is in the wood bowl like a monk, I will drink it.

Lost. It is also clear that it is not good.

I didn't give him a matter of exercise, because the majority of the school didn't say it. Xiaolin police officers are now, it is still a category of others.

"I find that you have a study on the decryption encryption," she said.

"Where, where"

"There will be a lot of advice after the future."

"Your public security bureau can be a lot"

"Oh, tell the truth, although the diploma is not low, and the famous university is also a lot, but this is not as good as you."

I think she is telling the truth. Although the hacker's knowledge is used as a computer knowledge, it is not a hacker that all computer learning is good. My previous classmates, the results are more than me.

Ok. But they are analyzing, and debugging procedures is much better than me. Some people are born to be more sensitive to this thing. I am. Some people are born to this is not interested in this. Think of me like this

People who have excellent workbook doors, and people who like hacker technology are not a lot.

I know a well-known hacker software in China, and he has completed many basic courses in the university. Ha ha.

"Where are you graduating," I asked.

She hesitated and said a university name. Hey, is also a first-class famous university in China. "All the things we do all day is not high, like the situation of checking the Internet cafes. Responsible for the computer maintenance of this system, basically not much. This time, such a challenging thing

,Met. But I can't do anything. "Her face is a bit awkward.

"My dream is to become a woman hacker" she suddenly said.

I didn't respond for a long time, I really don't want to believe in this way. It's not the sentence, but her impression in my heart is relatively serious.

"Oh" I laughed.

"What are you laughing, she seems to be reacted, and it is too much to say. Then I laughed yourself.

"I am writing a Windows vulnerability detection process, I have already sent it to your mailbox." You look at it, more feed. "

On the night, I saw the WINDOWS2000 vulnerability detection procedure of Xiaolin police in the mailbox. Basically, all the things you know online. However, general protection and testing of Windows

Still very convenient, VC is written, and the interface is simple and practical. Nice. However, the real hacker is not used. Xiaolin is now a popular hacker type. Is the use of vulnerability

. The ability of their own analyzing programs is generally not very strong.

A girl can have this level, telling it, really let me accidentally.

Later, Xiaolin became a female safety expert on their public security front, which was later.

The next day, I was still sleeping late. Xiao Min came over, call me "lazy pig, open the door". I analyzed the Server-U analysis last night, let the program overflow, refused

Service is very easy. But let her overflow to execute my code, it is really not easy. I got it to 4 o'clock, there is no progress.

I saw it at 9 o'clock. Hurry and open the door. Xiao Min understood me, giving me breakfast. A small packet of small cages, a pack of pots and dumplings, all I like it. Ha ha.

I will kill all things soon. I am satisfied with the sofa, Xiao Min looks at me.

"Xiao Min, I will give you something" I am lazy.

"What" Xiaomin does not laugh today, it seems to have any trouble.

"I have to go to the army next week to take a few weeks. Oh,"

"Ah?" She didn't understand.

I explained in detail.

"So, we can't meet in a few weeks." She is somewhat lost.

"Oh, it doesn't matter, I will come back in a few weeks"

"Today my mother asked me if there is a boyfriend? Do you say what I said, she suddenly asked.

"I am not your boyfriend?" I smiled and saw him.

"But you have never said it"

"Okay, I will say that Xiao Min, love you," I deliberately put "there words, say" the tone inside. "

Xiaomin is unable to hold, laugh: "Didn't go through, I will tell you".

I am silent, I have no everything now, in addition to feelings, I really can't make any promises. In the bustling most, you don't consider these issues, it is impossible.

"小敏" I looked at her eyes and said, "I really like you, tell the truth, I can't help you. You see me now, I really can't give you an envious life. But I Gin

Force. I will work hard for our future. "

Xiao Min arrived in my arms, said in my ear: "As long as you have this sentence, I don't need to be enviable, I think it is good with you."

Her hair stroked my cheek, I think so satisfied.

I picked up the guitar, Xiao Min leaned against me, I sang the song "There is you in the life of the water, I am singing, Xiao Min is inxicated by me, I think I have the world.

Because I dreamed that you left, I woke up from crying, watching the night wind blowing the window sill, can you feel my love. . . . . I have been over, procedures, and vulnerabilities in weekends and smashing.

On Monday, I was notified to the gate. The head has also received a notice of the headquarters, let me go. I don't know what is going on. This is confidential. I also know that the peace of the peace is

Exercise, in fact, there is nothing big. However, the minister said hello, can't shook, and he did not dare to listen. I want to explain it again. Even the buddies greeted by the office have not played

I will go out.

The off-road jeep of a military license plate on the gate, there is also the lieutenant.

Warm and greeted me to get on the bus, the car will go to the military zone.

Enter the door of the military area, there is no different in the outside. But after entering, I feel very different. The green military truck is everywhere, and the busy soldier team runs.

There are a lot of military vehicles in shipping materials.

Although I don't know about the army, the fool can feel a busy atmosphere. It's a feeling of war.

"What are they doing?" I pointed to a truck on the side of the road, all of which are all armed soldiers, asking the lieutenant.

"The exercise will begin immediately. Everyone is going to pull out" Lieutenant and look down.

17. Exercise (3)

At the guest house of the troops, there is a special person to receive us. Then I sent us a military uniform. And other supplies. I am also a military training, and I will treat us as a soldier.

Those who have acquired foreign units, not only me. Anyway, I was at the same room with my room, a child, fat, short, wearing a glasses, and there were not many words. Very kindness to people. The name is Zhang Shulin. We all call him old.

Old Zhang is from a famous virus software company that specializes in viral analysis.

There are two people in the next room, one is a young guy, I heard that a famous gang of a famous hacker organization is a famous university teacher. We call him Xiaoyu.

Another is also a young people, a administrator who is more famous here. We call him Xiao Zhao.

As far as we are, all men, but also young people, old Zhang actually counts young people. Hackers seem to be young people, especially in our country. What is going on, I am not clear, anyway, the fact is just the case.

I didn't talk about technical issues when I was in the room. I don't like to say, he doesn't like to say it. To be honest, he is really a very little person.

There are more people in the next room, after all, young people, and they always hear the bails and Xiao Zhao said some hackers. For example, Chinese and American hackers are like a Chinese-Japanese hacker war. Simply happened. Generally, I don't talk, occasionally two jokes. I still prefer to be with old.

I opened a meeting in the afternoon, we went to the machine room in the military. We completely understand what is going on.

It turns out that we are not a person in the military. We are actually a party, such as we use the Blue Army and the Red Army instead of the exercise. We are actually the Blue Army invited. To put it bluntly, the gunner is mainly to deal with the problems that cannot be dealt with. Of course they have specialized information against the complex. Later I understood from the population of the army, in fact, this is usually usually in the army. When the exercise, the troops were really in the army to win their brains. Both sides will use their own relationships, requiring local support, and obtain the leader. In the past exercise, there was a special detachment, borrowed the place where the car was borrowed, and hid in a site, the people of the people sneaked into the other party's headquarters, and put the people's headquarters. ,one way or another. The director is still a victory. This is the case, the official you use means, as long as it is not illegal, the last victory is the principle. People who have done in the troops must know that this is true, and the troops are very popular with local universities. Nothing is very unique. After all, it is a training in peace. Moreover, we are all prepared soldiers, really fight, to the army, and reasonable. It is not difficult to guess that, in fact, the Red Army also invited a lot of people, because this time they first exercise confrontation. So everyone is not in the heart. Talkingin, the commander of the two sides is really not understanding. They are all how to say how to say their civilian cadres.

We went to the blue army's room, leading our captain's surname Liu. I heard that the graduates of the University of Defense Science and Technology, in the 40-year-old look. It is the rank of the colonel. Wow, the army is high. He is full of young people under the age of 30. In fact, 5 people. Most people are young or lieutenant. There are still two people being a civilian epaulette. Oh, most of these things are young people, I see that the army is no exception.

To be honest, their room is very common, all of which are clear, Tsinghua Tongfang. Later, it was the CPU of PIII800M, it seems to bought some years. Of course, there are several servers, more professional, the configuration is also relatively high. Look, the housing is hp proLiant DL of HP, put it in a single room opened in a glass, and put it inside the cabinet, look like Many expansion lines inside. I can't see it carefully. This should be bought before. There is also a Dell PowerEdge 6600, hey, this server is sure new. It is a tower. Put it inside, like a stone, the panel is all holes, the Dell's logo is eye-catching, and there is an Intel Inside sign in the lower left corner. This server performance is a fight in IBM's xseries 440. Others are nothing special. Anyway, I think it is better to be equally configured. However, it can be seen that our army is also in construction, such as that of the Dell's server is not bad. The notebook used by Liu captain is actually a violet. Ha ha. Like our unit.

Everyone introduces each other. Then Liu captager started to tell the mission.

This time our information confrontation is divided into password crack, network penetration, cyber attack. It is simple to say that the Red Army and the Blue Army network and servers are along with. Everyone's combat plans and intelligence must put them on their own servers. Protective means you want to think, but you can't break the cable, you must guarantee that Friends can communicate normally through the network. Then the two parties team began confrontation. Do you make the other party network, or steal the other party's information. Just as you are so simple. Of course, there are other confrontations, such as electronic confrontation, those who don't care about us. We only have a network.

Finally, Liu captan said safety issues. Say tomorrow official start. Let us listen to the command, pay attention to safety. It is obviously to our "militia". Ha ha.

At that time, we were 懵. what? There is also a security problem, isn't it a exercise?

Liu captan saw that we didn't understand, it said that the other person would like to be afraid of special detail to destroy our information against the team. So everyone should listen to the command of the police. Mom, it is like real. People who have not participated in the exercise may not know. Nowadays, our country's exercises are divided into several, and there is a performance type. But more is this kind of training exercise, that is the same as fighting, what is the use of what is used. I realized that I realized that I really did the same as fighting. To be honest, our army's information is really general. This is not very big when it is actually fighting, don't listen to some people. But our country's soldiers are really powerful, not saying. I am in touch with the police, in fact, I don't know what is the police. Anyway, the soldiers who give us a warning are really amazing. Hey, it is really amazing.

The next step is to discuss the security issues of our servers. This thinking is still right, now I can't attack other people, first put myself safely.

The first is what operating system is used. Their server is that Dell 6600. The original operating system is RedHat 9.0. Liu captain let everyone discuss whether he uses him. Use him safe.

Most of them agree to use RedHat 9.0. Only I am against the old.

In fact, Linux is quite unsafe to the hipster, although the UNIX design thoughts he use. But because there are too many modifications, his new version of BUG is quite. For example, there are many problems in the 2.4 core. One of the questions is to overflow a lot. Many overflows can be used to do a denial of service attack. Although the refusal service will not make the data loss, a goal now is to refuse service. Although there are not many people who can use this vulnerability, the other party must have good hands, so I think it is quite unsafe.

Old Zhang also seems to be a hipster. He said: "Linxu 2.4 kernel has a loophole for the deny service. It is recommended not to use.".

Everyone didn't dare to talk.

Liu captain said: "What is the operating system?"

In fact, my heart is thinking, the safest is to write an operating system, so that the other party may be unclear, let alone attack. Ha ha. Of course, this is obviously unrealistic.

Everyone began to discuss what operating system.

The information team, said, then we use the 2.2 kernel Linux. For example, the Debian version is not bad.

Net management Xiao Zhao said: "Simply use UNIX."

Xiaoyu said; "It is also good to use Windows."

Old Zhang said: "Use freebsd"

I said: "Use openbsd".

Everyone's opinions are what I like to use. Ha ha.

The old opinion is consistent with me. Our point is what is unique on the basis of stable and safe. Because the other party knows less, the more secure it, the more secure. It is what he analyzed will also spend longer than the system familiar with yourself.

Finally, Liu captain stood on the side of me and old. Old Zhang also agreed to use OpenBSD, more people who support UNIX, BSD is also Unix, so my opinion is adopted. Of course, the task of installing the configuration server is falling in my old man, others help check the vulnerability.

Then discuss how to communicate issues. Because our server must guarantee that Friends can get information from above. Upload information, the Combat Command is also communicating above. This is a security hazard.

Some people have filed the use of WWW communications and immediately rejected. This is very unsafeful for this hacker.

Some people have proposed FTP, which is also denied. This is also too dangerous.

In fact, they have long developed a command system, based on web. They want to use this thing. Because other departments have become used to this way.

I don't know how this system, so I didn't speak. But I don't think it will be safe. Because, I think the web system is the least unsafe. There are too many vulnerabilities. Therefore, I recommend using a set of spare systems. In case of being broken, you can use the spare solution, not completely paralyzed.

Everyone agrees.

Then, everyone says that this short time is designed for a spare system.

Old Zhang said: "Then design a self-simple FTP. You can transfer files with each other. But the client cannot use universal ftp, otherwise it is easy to be seen. Old Zhang's meaning and I don't see And. Later, the later thing proves that we prepared this spare system is very implied. So the character is handed over to the old.

Hey, almost these things are given to me and old. If you don't blame others, you will blame me and everyone say that everyone is not very familiar. Everyone can not be confused. Look out, other two, network management Xiao Zhao fuse long configuration popular Unix and Linux systems. Xiaowei Long Windows system, but unfortunately, it completely abandoned the Windows system. The soldiers of the information team have just graduated. Knowledge depth is not enough. Liu captain's knowledge is more old, and the management has been working for many years, and the details of technology are not deeply.

Old Tiandian and virus contact, in fact, the hacker program and virus programs are basically not integrated. Therefore, the bottom is solid. Details clear. I am, oh, of course, it is more experience, and it is very comprehensive, UNIX platform and Windows platform are familiar.

The division is over and started. I started to install OpenBSD on that DELL. These software have in my bag. Since just installing the server, all minimal installations are not 400m. Hey, you can say that you can fly in this calculation. Dell's server workmanship is very good. The firewall has installed one written. This also has a monitoring feature, this is what I used to defend my machine. The interface is all character interface. Turn off all ports and install the latest version of Apache. Put them in the command system. The firewall opens the 80-port. I originally wanted to change a port, but later thought, the other party is not idiot, there is no need. Simply open, simply open 80. When the command system is installed, I found that I dizzy, and their command system is written by ASP. Everyone still doesn't believe that I don't believe it, but the truth is that this command system is written by ASP. I am not saying how unsafe ASP, the key is that ASP is generally mixed with IIS, and that IIS is absolutely unsafe.

My heart is sinking down, day, if I have to worry about IIS, I see this anti-counterfeiting. Later, I realized that I didn't expect to confront when designing this command system. Said wearing, just in response to the call of the science and technology Jianjun, Liu captager also known, but now the system has been recognized above. Requires promotion, you can't afford it. I believe this. Because this kind of thing is too much. Does our unit's Hu captain is not because Flash is well used, and is it deeply appreciated?

Oh, there is no way, just download an APAHE ASP module. III I am absolutely afraid. Ha ha. After installation, test it, they have to command the system to run. But the database system for command system is used to use Windows SQL2000. Halo, it is a safe hidden danger. Immediately modified into a safe database system, I see it is not too late. As long as a Windows 2000 Server SQL2000 is installed on other machines. Then let the vulnerabilities let the small do.

Xiaolu is a certain hacker alliance to have a backbone, which has a set of windows. I saw that he was familiar with the patch, changing the configuration, and what was said.

I wrote FTP with the old manual. in fact. I have already had a program. I have to have this function. So, I have changed the original program and put it on the server. And the port does not need to be open. Because I have to go to the port. It is designed to design a client program to spend a lot of time. Because this is to use the friend army and the headquarters, it is too simple. I have to write help. We reread with VC a relatively simple interface. It is estimated that people will be able to operate.

Other brothers here are tested me to build a server. They use a variety of scanning tools, they can only see me to open 80 ports, others can't sweep. In fact, I have to have a special FTP communication with us, and can also manage remote management.

These things are written by themselves, so they are generally IP bags to detect, and they will not respond to you.

The balance has also completed the 2000 system to configure, and he is still modifying the ASP command system and makes some obvious vulnerability. Of course, some vulnerabilities are not finished. For example, SQL injection attack, I looked at it, the command system was a bit trouble. Many places do not check the input, left a lot of space for the other party. I didn't say, I know, there is no. Instead of sinner. When I hope that the other person will not use it.

Everything is ready to stop, we put our backup client COPY inside the CD, Liu captain let the correspondent will send each department. Liu Captain entered our server all the information used by the command system.

Then I said: I will pull it with the troops tomorrow. Everyone sleeps in the morning, obeying the scheduling of the police. Below to the military and tools to receive computers and tools. "

Hey, I have to receive a computer, what computer is it?

We wear a question mark of a brain, follow the information team's gods to the military, then see the bag of a layer of rectangular camouflage. Package dots than ordinary notebooks. Then a hard Bangbang is still coming out. It's still still coming, don't lie to you. At the same time, there is a small bag and is also a camouflage.

I saw this brother still came out, I thought it was not a computer. The result is opened, hey, it is a computer, laptop. And it is a violet. I didn't know the origin of the computers of the purple light. Later, I learned that this is a military notebook of purple light, VL298 military laptop. Another package is some accessories. CD, there is an external connection. and many more.

To be honest, it was the first time to contact the military laptop. It's really love. When I ran back to the dormitory, I was originally P4 1.7G mobile CPU. Oh, Zi Guang did not dare to use a desktop CPU this time.

The computer is very heavy. Take a look at the performance, 乖. Real waterproof anti-vibration. I fell on the ground, I really didn't have something.

It is said that there is no matter what to put 100 ml on the keyboard.

Later I saw the information team's buddy machine dirty, just rushed under the faucet. Cattle! It's a cow!

I remembered the "highlighting the heavy" to the SB director, and she raised the Lenovo desktop in the wild tent to command the battle. I got almost vomiting blood. Aunt, how to solve the problem of the wild power supply. That is to bring your desktop to the battle to booming a few hours, report it, can you open?

Look, my computer, this is a military computer. Self-soled battery can stick more than 8 hours. Cross is on your body, which is similar to the backbone bag. Touching and climbing, really no problem.

Reporting that too much computer, configuring the software you may need, the operating system is Windows 2000. Haha, it's okay. Personal computers are not afraid.

It's so excited that night. . . . . .

18. Exercise (4)

In the middle of the army, the army was awakened, and it was already a footsteps outside, but it was not noisy. Old Zhang shouted: "Xiao Wang, get up."

In fact, I also woke up, the feeling of military training did not completely fade in my mind. I quickly put a good clothes and back the computer. The car motor outside, the roar of the helicopter sounded into a piece. When we ran out, we stopped a camoupled Evico at the door. The 5 bodies of the information team are already above. We also went up. We have no weapons and have no helmets. But there are 10 police soldiers with the car. The camouflage oil painted on the face is very horrible. They are all pending, except for bulletproof vests, it is available. The curtains on the car are strict, the car is started. The exercise begins. We don't know where to pull us. I just hugged my notebook tight. A confused in the mind.

I don't know how long the car has been opened, I am already a bit confused. Suddenly heard someone said: arrived. I opened my eyes. The car seems to open a place in suburban counties. I don't know where it is.

When I get off, the sky is already bright. Take a look at the surrounding environment. It seems to be a school. There is a playground. Yes, it is indeed a school, I see the slogan written on the facial building: "Study hard, go up every day." It may be a primary school. There is no one in the school, maybe students have holiday. Now SARS is very powerful.

Then, our team immediately immediately led the school to the school, and seemed to see the teacher. Liu captain waited for us.

This is a big classroom, now a lot of works are placed. It seems that Liu captain has carefully arranged. I saw a new machine in the corner. But not the machine I saw in the computer room.

Then everyone, sitting down on the workbench allocated. I saw a 5-class twisted pair on every table. Looking back online, the indicator of a 24-port switch in the corner is bright. It seems to be temporary. On the switch, a Huawei router, Huawei's router, I am more familiar, I will see it at a glance.

Then Liu captager began to talk. Here is our temporary work place. Don't take anything casually, what you need to give the police even the soldiers can say it. Our characters are confrontation with the Red Army. The goal is the other party's network system. Let them be paralyzed or stealing materials. At the same time, we must defend our network system to work properly.

No password and information, please do not exist in your hand in your hand, don't use this computer to make any additional communications, because we are out of a router, and our personal operating system is relatively weak. So do not exclude the possibility of infiltration by the other party.

Let's check how we are now safe to see if there is a loophole.

So everyone will connect to the network cable. Start checking the router. The network management Xiao Zhao will go in to the router's password to go in, start setting. It seems that she is very familiar. He set the firewall very demanding restrictions, and then looked elsewhere. Didn't show any problems. Finally, the Telnet function of the router is closed. It is not allowed to log in with the TCP / TP protocol, and can only be set directly through the serial port.

I also checked him as a general server, no problem. The router is simple and solidified. So it is not so easy to have a loophole.

Then, the task is assigned, the information team is divided into two people specialize in the backup of our server. The prevention of the data from being able to recover after it is.

I am responsible for monitoring the movement of our server. Xiao Yu is responsible for monitoring the movement of the server that is too SQL2000. Xiao Zhao is responsible for the monitoring of the system. The rest of the people, in addition to the two people, other people are all looking for vulnerabilities and attacking each other.

As a police soldier comes in, the exercise is officially started. We started working.

Oh, there is no such thing as a TV, our face is dignified, and the fingers fly, and a surprise call is issued again. In the face of sweat, it is also coming slowly.

That's all lie to you, in fact, we are quite relaxed. Basically, everyone scans each other machine like usual. Nothing gains. Everyone is tired, in addition to the two buddies outside the routine, we also got together to blow the cattle.

While talking to everyone, I talked about our servers. The amount of 80 port data on the server is constantly moving, and it is clear that the other party has not restored. I swept the other machine, but I just opened an 80-port. Yes, RedHat 9.0 operating system. Ha ha.

I said to the old Zhang: "Old Zhang, the other's readhat9, you engage in an attack program, see if he can refuse to serve. Hehe"

Old Zhang Xiao smiled and did not stop in his hand. "I saw it. I am trying to do it. He just opened 80, and there is a firewall, it is not easy to refuse service."

"It's not easy, you have to do it." I laughed.

It seems that the other party is also very conservative, the less the port is opened. First, I entered the command system of the ASP. It seems that the people of their information team are comparative despise the system, and it is also more research. I have seen the information team's gods in the system. The other party's information system is to check your IP, so it is not possible to directly enter the IE. So although there are many vulnerabilities in that command system. We also have no way. The other party's WWW Server and our Server are apache. Ha ha. So the vulnerability is relatively small.

There is basically no progress in one morning. There are a few buddies who have opened several software and perform DDOS attacks. But there is no effect, and you will make the other machine slow down. We are wide, and our servers are like a drop in the bucket.

Of course, they have no way to take our server. Everyone consumes this, saying that information confrontation, in fact, the composition of confrontation is less, personal protecting her own machine. Ha ha.

In fact, the server attacking the other party is very random. The other party is inner line, and the other party has made protective measures. Basically, there is no way to adopt a general approach. Those who know that they can enter any system are basically bragging. Unless he has mastered a public vulnerability, and that vulnerability can also take attacks, this chance I feel that small is almost no.

Old Zhang has been engaged in his overflow attack procedure. I also monitor our servers and find Apache's vulnerabilities. They use the apache is the redhat comes with. Not the latest version. I know a vulnerability. But can't use it, I still don't dare. I downloaded a one-to-one Apache version using Softice tracking (although Apache offers the source program, his vulnerability is not found in the source program. Because many vulnerabilities are brought about by the C function) Vulnerability.

Xiaoyei and Xiao Zhao continue to do DDOS attacks. The data storm attack method they use. They mobilized their old black broilers. But the other party apparently presented prevention measures. The effect is not very big. But the speed of the other party is affected, which is certain.

In fact, the IP network is quite fragile. To attack a computer, as long as you open a port, even if you don't open your port, you can't get a DDOS attack from the data storm. Because you have a connection to the other party, you must consume resources. If you establish a connection with you or ask for too much information to establish a connection. No matter how powerful, you can't prevent DDOS. However, this kind of thing does not happen online. Because you may not be able to contact such a computer to attack. And this kind of attack I always think is not true hacker behavior. This is violence, not wisdom. But now is confrontation, one of our goals is DDOS, so I can't manage so much.

At noon is the meal for the warrior to give us, quite rich. There are egg soup, 3 pieces of material, and 4 basins. We all eat leisurely, not leisurely, because everyone has no progress. Our servers are also very good. I didn't see the successful connection of my IP in my monitor. I estimate that the red buddies are also like us.

Liu captain into the place and next-door communication room in our work, come and out. He needs to communicate with superiors to understand the progress of the exercise. When I went to the toilet, I went out. It is found that the warrior warrior is already mad. Everywhere is a postage and defense point.

Continue in the afternoon. Older procedures have made progress, but they have not been successful several times. Maybe his procedures are still a bit of troops. Old Zhang continued to debug. Old Zhang I admire, analyze the virus every day, practicing his solid work and toughness. He doesn't panic as a program. I rarely talk, when I passed him, he just smiled. I slowly analyze the key code of the Apache version.

The information team has a buddy and Xiao Yu Xiaozhao, continue to send a data storm to the other party and consume the resources of the other party.

Everyone is a bit very spiritual. continue working. Sleeping, we have a shop next to us.

To be honest, our days have been flat and ordinary, and everyone is so good for 4 days.

These four days, the old debugging procedure. Always toned to test. fail. But after each test, the joy on the old face is more than one point, it can be seen that there is a door. Just a matter of time.

I have always debugged me to apache, getting more and more fans. But it is getting clearer. I have found this vulnerability, but how to use a headache problem.

The buddies who engaged in DDOS attacks also insisted.

No way, we are not gods, we can't open 80 on the other side, and even if the connection between the 80-port is validated and the other party has any. The most is to get some data storm attacks.

They also have the same way to us, tell the truth, our server defense is more dead than they. We have useless linux. They use at least Linux. At least give us a hope. They are not the latest Apache, and I also give me a hope. This hopes may not be implemented for ordinary people. But I also said that I'm talking to the procedure such as the old Zhang also said that it may be great. Oh, just wait.

My heart is in peace of the breakthrough point of Apache. By the 5th day. It is a bit progressive. I found that a function called in Apache has overflow vulnerabilities. Using this vulnerability allows me to perform any command. Now what I need to do is to carefully design a packet and ask 80 ports. Let the other's Apache produce overflows, and execute the instructions I have performed. This is an absolute technology. I have to be careful. Fortunately, the other's IP check is based on ASP. Not based on the packet-based IP check, otherwise even if I know this vulnerability, it will not be connected to me.

Oh, I installed on our server is a IP package check. Not our IP, the other party has no possibilities at all. Although I actually opened my own FTP. But there is no way to scan.

Many people don't understand why I let the other Apache overflow can perform my instructions. In fact, this is the principle of overflow. As I said earlier, the person who has attacked this principle is definitely a genius. Overflow is light, let you crash, that is, refused. The weight will let you execute the instruction. Where is these instructions, there is a lot of data that exists in the request. Of course, if the other party has the function of executing the instruction. Then there are more people. Some are the backdoor installation of the designer installed. For example, IIS has a bug that can perform local commands, I suspect is actually the back door of MS installation. If you don't have this feature at all in my program, you may hardly let the other party execute the system command even if you find bugs.

I am very confident about my own server. I don't believe that the other party can attack. Unless he finds the vulnerability of Apache and OpenBSD. Otherwise it is almost no possible. Ha ha.

That night I had a good mood because analyzing Apache's progress.

At 12 o'clock, after listening to a life of a water, I'm going to sleep. I have a little thinking about it.

Xiao Min, what are you doing now, have you thought about me?

Falling on the store, soon I entered a dream. I saw that the old Zhang was very mentally debugging before going to bed.

In my sleep, I suddenly woke up by Liu captain: "I am getting up, get up, have a situation!"

A few buddies woke up. I am also, everyone has collapsed. How to pull, how to pull it. Does anyone attacked us? Oh, a brother of the outside police team is not moving, unlike.

Liu Captain continued to shout, I understood.

One machine in my heart. Hey, yesterday is still happy, now I seem to be a bit happy too early.

19. Exercise (5)

I only heard the Liu captain's collection: "Come, hurry up, everyone will check it, and one of our subordinates is the opposite side. His grandmother."

To be honest, Liu captain has always been an image in my heart. I rarely saw him so anxious.

How can we don't worry, we have been anxious, our command house is networked with our server, our command can legally access our servers, although there are some restrictions, such as password restrictions, but each other The information team's hipster, if you use our IP connection, it is easy to make it. Our ASP command system is a big safety hazard.

While pulling my computer, I asked: "What is the IP? What is the IP?"

I have seen our IP connection on my monitor screen.

I heard the IP of Liu's head, I clearly see the most frequent IP on the screen is the IP.

It seems that the other party is more embarrassing, they know that it is not possible to break under normal circumstances, using such a trick. I have to admire the thinking of the other party commander. We really didn't think. Perhaps our superiors may think of, but we have really not thought of our several people.

I can't think too much, I immediately started my management software, log in to our primary server, break that IP, and listed this IP in blacklist. Start checking if the other party has a trace of infiltration.

Fortunately, the other party seems to just connect our 80-port, which is to attack our command system, other aspects of the system, the other person has not broken. In fact, through the attack of the command system, there is no way to have too much rights in OpenBSD, this is more confident. But that Windows's SQL is hard to say. Originally Windows SQL Server is a weak link, but because the outside world cannot be directly accessed through the host and outside, if the other party cannot break through our primary server, it will not have actions, but now, the other party has broken through Our primary server, although it is only a breakthrough 80. But there is already possible to connect SQL Server.

The information team and Xiaohe Xiao Zhao found that our command system was destroyed. It seems that the other party has done a lot before we receive the news, at that time, in addition to the backup people, they are sleeping. Even if you don't sleep, we can't know, because of my IP used by others, we can't feel abnormal before we receive the message.

Everyone understands the vulnerability of our ASP command system. If you are allowed, you can attack us here. Although there are many modifications, the code is too much, have you changed?

Everyone didn't speak, Liu captain's face, go out to the next mobile phone room several times. It is estimated that all of our headquarters have found that our command system cannot be used.

I whispered to the Liu captain: "Enable the standby plan?".

Liu captain's face or iron blue, silent for a while, then went to the communication room.

Let's turn all the 80 ports all closed, and the headquarters can only transfer data through our special FTP.

Start checking the system.

My operating system is all normal, but the data loss in our SQL Server is serious, and the other party uses the SQL injection attack method, and the inside is changed. Basic data was abolished. Here more, most hackers on the Internet attacked the interactive webpage supported by the database, which is most commonly used is this SQL injection attack. This is a completely legal SQL access. So what is your firewall, what protection is no effect. The only thing is to be submitted. Almost all the forums on the Internet have this problem varying degrees. But the general people may have no energy and mind to find these vulnerabilities. But if you look carefully, you can usually be found. Lightly destroys the other party's database, and you can get the password of the other party's administrator. Although the password is added. But someone runs with a computer. It is fully possible to decipher.

Anyway, our first round is lost, and the unexpected, such dissatisfaction is lost.

We are all technically fanatics, so we admire technology attacks, we don't convince this almost no technique for technical content.

Therefore, hackers are actually helpless. There are too many things in real life to transcend technology, and only technology is in this world. Technology is not all.

I have been anxious for a while, waiting for everyone to calm down, I am a little angry. Grandma, bullying us no one? We must counterattack!

I stepively started how to use the APAHE's vulnerability. In fact, if I attack each other, I really let the other Apache refuse to serve, so that the other party is like us, command the system. However, I don't want, because, this is very easy to expose, refusing service will not lose data, and the other party should recover just a few minutes. And if they are considered, the opportunity to continue to use is very small.

No, I have to cherish this unusual vulnerability, I have to go back, I don't want to refuse the service, I want to penetrate each other.

Old face is dignified, but also debugging his procedure.

We have a nervous atmosphere for the first time. We feel the pressure of confrontation.

The gods of Xiaolian and Information began to rebuild the database system.

In fact, I doubt that the other party must have obtained the password of our ASP command system. I asked the information team's buddy: "What password algorithm is the secret code?"

They said that it is MD5.

I feel relieved. MD5 is 128-bit encryption. It is impossible to use a computer to run more than 8 or more passwords. Moreover, our password is 20. They are unlikely to run out for a few days. It is not so good that their luck is so good.

But SQL 2000 has a vulnerability that can perform local commands. There is also the possibility of a Trojan for the other party for 2000 Server.

However, now we have limited the IP, and the other's IP can't connect with us, even if the Trojan is installed.

Said them began to rebuild the database. We have backed up, so we are not a difficult thing to recover.

Soon, they a few let SQL reunite. We restart our command system.

I said to Xiaoyu: "The password must be replaced." Although I know this doesn't matter, the other party doesn't even have our machine. But now we need to be careful. Not afraid of 10,000, I am afraid.

"of course".

"Liu team, command system has recovered" small shout.

Liu captain her face slowed some. Go fast to the communication room.

Everyone saw that the system has nothing to do, the nervous atmosphere began to relax.

"Mom, the other party is really powerful, such a trick" 小余 笑.

"Oh, the soldiers don't have a tall, are we not so consumable?" Xiao Zhao said.

There is a buddy: "In fact, we should do this, we have to have the other's IP, we are actually destroying this command system is still as easy."

"If you can disguise the other's IP is just fine." A buddy said. "To disguise the other party's IP to the other party's packet, it is not difficult, but it is necessary to establish a connection with the other party, it will not work." Old Zhang said.

Everyone laughs hahaha. It's all in line, knowing that this is just what we said.

In fact, the old Zhang said that the IP communication must be connected to the other party, you can't disguise IP. Now that the IP camouflage is now in essence is a network address conversion. That is to help you communicate with someone else's machine. Directly modify the source IP address in the IP package is possible, the other party can also receive, but the other party wants to connect to you, you must feedback a message to you, you change the IP package, you can't receive the confirmation message of the other party. Of course, it will not be able to communicate with the other party. So, many people think how to change how IP wants, this is not in line with network communication principles. This can only be seen in hacker movies and hackers novels.

Our work has recovered calm. Everyone started to work according to the work of the class.

Liu captain did not progress in our work. I have said that I have to ask the specialist to capture a headquarters of the other party. We have to have the other party IP, and we can make the other person. Even if the other party can restore success, at least everyone will make a flat hand.

Old Zhang said: Wait, I am a little eyebrow here. They can let them refuse to serve.

This is of course best, and Liu captain will come to see the progress of the old Zhang every day.

I didn't say the attack method of my Apache. It is not too late to have a ripe.

In fact, everyone understands that the idea of ​​the other party's headquarters is first used, obviously the other party is prevention. We now use someone's rotten and tricks.

Everyone is busy, both sides have started to work.

I saw the outside police soldiers added more than a dozen people. Yes, if the other party knows our location, send people to put our end, our information confrontation is complete.

At the 10th day, I was experimenting overflow data at the time. It is basically eyebrow.

I heard the old Zhang and shouted: "Success!"

Everyone went around, including Liu captain.

I see that I have communicated with my own program and the other party's 80 port. But the other party did not respond. Obviously hangs.

"I just tested my overflower, the other's RedHat 9 must hang it." Old Zhang was very excited.

We all returned to our machine, tested it, yes, the other party's RedHat 9 did hang.

Liu captain has a rare smile on his face, "said, so, we finally give each lesson!"

I quickly said to the old Zhang, don't attack it first. Be careful to be discovered by the other side. We will be difficult to succeed. We have the other party's vulnerabilities in his hand, and we will use it, let it get rid of the other party.

The first battle is very enthusiastic, everyone's enthusiasm is very high. You think, it is 10 days. There is basically no breakthrough. I actually use our IP to refuse the service. Can you not happy?

While Liu captler said: "Yes, right, Xiao Wang said," I went to the communication room again, I think it is a report. Ha ha.

The other party's recovery is very fast. After 2 minutes, their system was re-working. We estimate how it may be checking.

Liu captain organized us to meet and study the next attack plan. The old face is full of laughs. I can experience the joy of success. It feels very good.

"Old Zhang, you can't use overflow, let Redhat open a new port." I said.

"There is this possibility, I dare not guarantee. The other firewall is easy to find." Old Zhang said.

"Then I will go to the wood, the one of our specialty, the firewall can not sweep out" Xiao Zhao said.

"This vulnerability allows the other party to overflow, but to execute commands, there is no possibility" and said.

"I found a vulnerability here, let me do some commands. At least the IP limit in the other ASP is limited, the problem is not big" I said. Everyone is excited. Old Zhang also glows.

"If you can get rid of the opponent's firewall, open an ordinary account, I will let him overflow to get the root right is no problem. But the action is fast. The other party's administrator is not a meal."

"Yeah, the action has already been seen fast, once we open a gap, the other party may discover immediately, so we must completely destroy the other party system with the fastest speed." Liu captan said.

If you discuss, everyone reached a consensus. Now, do not attack the other party, paralyzes each other. Then I and the old Zhang stepped up the attack program. After success, we will make a set of schemes, penetrate into the other party's information. Or thoroughly let the other system is paralyzed.

So everyone started working again. I am more and more difficult to debugging my and old procedures. Let the other party execute my order is not easy. Moreover, the program that is executed when the overflow is not too much. Only a little bit can be implemented. Therefore, performing the most useful and most exciting code is very difficult to choose.

For trials, we installed the same RedHat9 and Apache on the server and the command system for testing. You can't use the machine to do test.

With the actual experimental environment, I think the job is relaxed, I can immediately try it immediately. Even the problems did not find out at the beginning. For example, I found that I can write a program that overflows in Apache, and then incorporates some special data. Apache can write files on the server. I associate the overflow function has a Printf word, a big excitement, it seems apache Overflow on the output. And the problem is serious. But the new version has been added to this vulnerability. Apache on RedHat did not make up. Oh, heaven and help me!

20. Exercise (6)

Time is constantly passing in silence, our team's work is also moving forward in one step. Old Zhang uses a overflow vulnerability in the Linux 2.4 kernel, which has been able to stop the other party. He tried to make further use this vulnerability, trying to let the other party perform its own code, but this work is very hard. From the old black face, and because of the debugging procedure, it can be seen that the progress is not large.

I found an overflow vulnerability of Apache's 2.044 version. Due to the actual experimental environment, I have been able to use this vulnerability to write files on the server. But because of the use of overflows, I can only write very little data, not just how to write, how to write it like usually.

Xiaoyu and Xiao Zhao have tightened the monitoring of our server. The brother of the information team also said that the set of command systems, trying to find more vulnerabilities, but because the other party defines IP, we don't have a way even if we know the other's weaknesses.

I am now thinking about how to use a vulnerability to attack each other.

To be old truth, if we use our current vulnerabilities, let the other party's server stop service, not a difficult thing.

However, I have always thought that the highest level of hackers is penetrating into the other party without being discovered. We all know, if the other party stops the service, the other's data will generally not lose, and the refusal service itself is telling the other person to attack. Once the other party is fully monitored, this time, it is difficult for you to get more permissions on the other server.

I want to penetrate the other party, and now I can only pass the 80 port. This other party is difficult to find. But the other party must also monitor. They are not a fool. It is impossible to let the anti-post can't connect your connection. I believe that the other party is also monitoring.

Through the vulnerabilities you know by both sides, the possibility of success is small, even if they are successful, they will soon discover.

How to do?

My head has become bigger.

Everyone is working hard. The sign of us here is silent. There is no smoke here, and our people here don't smoke. Now that smoking does not become? Only the sound of the keyboard tap, silent, or silent.

Originally I would like to use this vulnerability of Apache to change the code of the IP qualified portion of the other party command system. However, the other's Log and monitoring systems will definitely discover. In this way, the other party will react immediately. I said, no matter how powerful, no matter whether you have a vulnerability you have, you still fight even if you are not as good as your network management. No way, the strong dragon is also difficult to fight the snake.

I tried it, using this vulnerability, I can get or write data to the other party or less than 1024 bytes of documents, my heart is in my heart.

I hesitated, I decided to take a risk. Whether this safe-cut is worth it, I have not sure it now. ignore him.

I quickly tap the keyboard and build the overflow data I want. Then trial on our server. Successful. There should be no problem, the main program I have tried many times.

I put my special data COPY on the browser, and open the main program, connect to the other party's 80-port, then I will send my overflow data, let the other Apache overflow, this time, I will put my other set The data is requested by the browser, and I don't have any of my browsers. The front 1024 bytes of the other log file appear.

I read the Apache's Access.log file, which is detailed in detail the connection information on the other party. I saw a few IPs, but the following code is 400 behind, which is obviously rejected.

Of course, I also saw a few 304 code, this is a successful connection. Obviously this is the other's IP, huh, I want this, there is a total of 10 IP, I put them in the Notepad store.

Even if I am so motion, I am discovered by the other side.

Because the brothers who have been silent for a long time suddenly spoke.

"Strange, strange, I have just established a connection with the other party, and I've been broken away ..." Old Zhang seems to say herself. However, it's so quiet, everyone heard it.

"Yeah, although I can't access the other party's web, but I can establish a connection or now I am still broken." Xiaoli also said.

"Is it, the other party now IP verification is not from ASP, but it is connected. If this is, it is more difficult." Xiao Zhao also said.

I tried it with my own procedure. Sure enough, I am now being broken soon.

It seems that the little moves I have just been discovered by the other side. This is not difficult to understand, their monitored people are not eating dry rice. They must see me in the log, I have successfully connected it once. Although this time is very short, it usually does not discover, but now it is very good, the other party is monitored, will you miss?

Now that the other party has re-changed to an IP connection verification, we have to directly attack the other party's possibility of the server is smaller. Everyone is frustrating.

"Simply, we will refuse to serve, they start, we come again, let's do it very well!" Xiao Yu held the brain and looked at the chair.

The buddies of the old and the information team stopped to rest. You have a sentence. Everyone is planning to be alone.

"Server, it seems to be can't work, we will come from their client machine, come, come to lead the address." I said with a smile.

Everyone is shocked, there is no reaction for a long time. Because the attack conditions we were just known as the IP address of the other master server. In fact, when the real fight, even if the IP address can be difficult to know. Now, I actually say this, everyone is inner, can you be amazed? I laughed and looked at everyone. After a while, everyone was around.

Everyone believes when seeing the IP address. Because they, I know that I have read the other party's log file. Because the format of that file, it is familiar with those who are proficient in the network.

I share the file. Everyone returned to the seat, while the Down file, he said: "It turned out that your guy got people's log files."

"You simply have their password files, we will run under the computer, if you are lucky, you may come out." A brother said.

"Oh, there is no way to log in to people, you know that the root password is useless." Old Zhang said.

"Just, or these IPs are really, these levels of subordinate units are much worse than they fight the team. Maybe we have made one, use him to do a springboard, enter the other party's Server, the other party is not easy to discover." Xiao Zhao Very excited.

"Don't be happy too early, can you get it difficult to say. Everyone is careful, don't grasp the attack, don't be discovered by the other party. Now I still want to engage in IP IP." I said.

"OK!" Everyone cheered, we re-saw hope.

We divide this more than a dozen IP, everyone is responsible for several IPs. Avoid several people attacking a computer.

I am responsible for 4 IP. Not a network segment, it seems that these IPs come from different places. But according to my experience, these IPs come from our region, it seems that the IP of the other party commander is correct.

I don't have to conduct scanning other machines, and the other party is equipped with a firewall. I don't want to have no idea again, I was discovered by the other party.

As long as you send a packet, it will be found by the other's firewall under normal circumstances. As long as the other party discovered that I was scanning him, he had a guard, I have to attack it very difficult.

I am thinking about how to start. I guess the Microsoft system that their clients should adopt. If so, there is a lot of vulnerabilities that can be utilized under normal circumstances.

Despite danger, nothing is not made, it is always not a way.

I decided to take a machine to test it.

I pinged that IP, huh, Time Out. Not pass. It seems that the other party either does not boot, or there is a firewall. It is not a powerless possibility, it should be an anti-firewall.

I think this time the other side's firewall should record, I am in ping his message.

I immediately launched my connection program, try connecting to the opponent's port. These ports are the ports of some firewalls. I don't know why, most firewalls have opened ports, may be the news that their company sent them? This port can be connected. And the ports of different firewalls are also different. I tried all the ports of all the firewalls I know, and the last port was finally all right. connection succeeded. My luck is always bad.

The other party uses a firewall that we are familiar with, the company's previous text editing software is very good. Oh, there is a door, the company's firewall does not dare to compliment, I already know a vulnerability. Ha ha.

Take the other party has not taken measures, let's get rid of his firewall. I immediately sent a packet in the past, this packet, dedicated to this company's firewall, a hundred trials.

Oh, sure, the other party's firewall is exited. I ping each other, has responded normally. Hurry and scan, if someone discovers that the firewall has not worked. Just trouble.

At this time, it was time to scan. I started your own command-based scanner.

The result is constant.

I judge according to the data returned.

The other party is the computer that is actually the Window98 system.

My heart began to sink.

Don't look at the problem of Windows98, let him blue screen easy, but if you want to log in again, let's put a Trojan, but it is more difficult than Windows2000.

When Windows is designed, there is no consideration to do services, and even the features of remote logins are almost imperfect.

I saw a few familiar ports, I can let him blue screen, crash, but I can't log remotely.

My luck has always been good.

My mood is frustrated. Others have no news.

It seems that before using the next IP. I have to pray for God bless.

I would like to make that computer. Think not to cause the other party to pay too much attention. That's also.

21. Exercise (7)

When I was tested about there, I didn't find the other party's computer that the other computer can penetrate. I want the other party to crash without work, it is really easy. The computer of their underlying headquarters basically didn't prepaid. Many vulnerabilities. But they didn't open service, so I can't connect, put on the wooden horse. Can't put the back door, we cannot use this program to connect the other party's server.

Oh, in fact, technology is very helpless. The success of hackers is very random. It is often seen that many people on the Internet are looking for anywhere, in fact, no matter how powerful this hacker, a system that is well-prepared, monitoring the strict system, is very difficult to invade. It is also very naive of the technical level that can be used to measure whether a black website can be used. Regardless of your technology, no matter if you can write an operating system, you have to invade the others, the usual decision is the other party's preparation, not your technical level, the technical level is just the level of the leakage. If the other party does not have a vulnerability, there will be no way.

However, there is no loophole in this world that is theoretical. Therefore, the hacker has existed this role. The existence is reasonable.

Other brothers did not find any vulnerabilities. The other party is almost all of the Window98 machine. It is too difficult to invade.

When I have dinner, everyone is very tired. Everyone is eating, there is no harvest, the result is similar to my effect.

The machines that other brothers encountered almost 98 machines. They have no way to penetrate.

To tell the truth, I am not familiar with Windows NT far from Windows 98. Because no one usually uses 98 to do a formal server. And let the 98 crash basket screen is really too easy. I have never look very much for 98.

However, if you don't configure 2000, for hackers, 98 is more secure. We are all desperate.

After dinner, I started to install a Windows98 with the old Zhang, and we all use the default installation. We want to find where you can use it.

Old Zhang and I belong to the debug level, we like to find a vulnerability, so that you can change it.

I am more despise the so-called "hackers" that I am in trouble. Now hacker has become a negative image, and these people can't get a dry system.

In fact, Hacker is not a derogatory word when the word is just produced. Even technical, or a commendatory term.

However, now many people, even the network principles don't understand, I think about the web page of people all day, and the rejection of people's servers. They are happy.

Many hacking tutorials on the Internet are beginning: Please start the scanner, just enter the ip of the XX section to the XX segment, wait for him to sweep, if you are lucky, you can see the broiler.

Halo, this is hacker? This is clearly in the Jianghu Lang, anyway, I've encountered a calculation, what the machine you are. Oh, in fact, 99% of the machine they found this is a personal computer, and there is no meaning, except as a soaking. I am hard to understand that some people can't easily enter people's machines. If you change the homepage of people, you have to change it into a yellow page. Do you say this is not a metamorphosis?

Such people are now too much, and many black and other people websites are doing these people. However, these people have almost unable to enter some websites with some technical strengths.

As for what China-American hacking, there is any Chinese-Japanese hacker war, but also boring.

Many things in this world are not technically solved. People who do these things are people who don't understand politics. The government has no statement, you jump yourself, but also "Wars", how is the result?

In fact, some real hackers in the United States have not participated. Our country is also some young people who are generally not more than 30 years. Even so, we can compare our technology a lot more than people.

I have a hacker friend in Taiwan and the United States on the Internet, and their technologies are not changing. But they have never participated in such a boring event.

I will not participate in such activities, bored, and more dangerous. Maybe the government's wind direction changes. You are the world's first black passenger, in front of politics, you are just a poor insect.

If you really patriotism, you don't want to say anything, do something practical. What is better than?

Old Zhang is a master of debugging, I see that he has started debugging the communication program of Windows 98. His action is very relaxed, it seems that it is not a substantive thing.

I am also bored in Windows98, I mainly look at the Windows98 default, what are the things related to Internet communications?

I will see the sharing first. Windows98 sharing is a popular vulnerability. Deciphering the shared password of Windows98 is simple. But the sharing is not open by default. In fact, the computers we just scan did not have a sharing, otherwise, I have been broken by us. It seems that this route is not passing.

I clicked on the network neighbor, I saw a buddy computer, I also saw the old computer.

I am right-click, select the property, select the tool, I saw the button of the web monitor. I am in my heart.

This is a computer used to monitor other network neighbors. If the other party has opened remote management, I can connect to the password, I can connect it and visit his resources.

I got a process, I tried to connect to the old computer, and I would like to prompt the password. It seems that Windows98 is open this server by default? However, if the old Zhang does not set a password, I can't monitor each other if I want to enter anything.

I quickly ran to the old man's computer.

"Old Zhang, Windows 98 opened a remote management, but before you didn't set a password, he refused to connect. We can find a way to let him accept the connection." I am excited.

Old Zhang is also excited, he knows what this means .. He quickly found that function, then set a password, I will connect it up from my computer. Of course, the password is still, I can modify the file on the other machine!

The program we connect is actually the NetWatch.exe program.

"Old Zhang, we follow this procedure, maybe you can find a loophole, 98 vulnerabilities are more famous. Ha ha".

"Good" The old Softice called again.

I also returned to my machine to start debugging.

The work of debugging procedures is really drum noise. This program is not encrypted, and it is not very difficult to track. It is annoying. At 12 o'clock, my mind began to be dull, I haven't found a vulnerability yet. I decided to sleep. Before going to bed, I saw the old Zhang, what was in the book with a stroke, he was analyzing the data structure of the program and the other party.

I woke up at 6 o'clock, can't sleep, people who engage in computer, hanging out, usually, will not sleep late. Ha ha.

Old Zhang is still sleeping, maybe in too evening yesterday, his desk with a password on his desk.

I just sat in front of the computer, I woke up, I immediately said to me: "Xiao Wang, I found that program, if I submit a large packet, remote management server program, it will hang, but Windows98 Still working properly.

"Really, after the other party overflows, can the server connect?"

"Can, and ...........................................................................................................................................................................................................................................................................................................................

My finger has begun to start the program, I put the original packet of the packet, COPY, sent a data package to the old machine. Then start the WIN98 network viewer, enter the other party's computer name, sure enough, the password basket will lose a word casually, go in!

I saw the other party's disk, I can upload the file. day!

Old Zhang, I am proud and excited, I laughed with his thumbs up.

If this is, we can connect to the other machine, then pass the back door and let the other party execute. Oh, isn't it successful? Think of this, I can't suppress an excitement!

However, I quickly found that this connection can only be connected by the other party's computer name and cannot be connected via IP. The other party's computer name and we are not a network segment, so it cannot be parsed. This connection is essentially TCP / TP, but use NetBeui, this protocol cannot be used.

It doesn't matter, I think I want. Start scan other IPs of the network segment where we attacked the IP. As long as we get one of this network segment, huh, huh, by him, we can enter the target computer.

I guess, the civilian network of the other party's headquarters. Other calculations are likely to be that their military is in use, and may be civilian. Exercise, everyone hides people. Are we not hiding in the school?

Sweeping these addresses, I didn't hesitate. The other party is impossible to have a great preparation, and people who use the computer are not necessarily a profession.

Soon, I swept a few computers. Today is not good, there is no directly to the password. But there are many machines that have no prohibited in an empty connection. Ha ha. I actually saw a 3389 port. Use the client immediately to see, a Chinese Windows2000 system. Enter the username of Administrator, look at, haha, how is my luck today? I didn't make a patch, and I didn't make it up!

This is also no wonder that ordinary people use the machine, how can it consider so much.

Nothing is hesitant, I used this vulnerability to open a super-authority account for 1 minute, huh, it doesn't matter, the other party will definitely find it. Moreover, I am enough for a few minutes, I don't dare to be interested in this computer!

I immediately put the attacker who wrote the old man, bringing the computer name of our target computer, starting attack! Then incoming, the old manifold can be connected to the program in 2000 and the other party. I quickly passed to our goal machine to our latter programs and destroy the procedures for the opponent's firewall monitoring. Then change his launch profile. Exit immediately.

When I quit, I was relieved with my little.

We look at it and immediately start attack 98 procedures, let 98 cranes, easy. When I easily knocked into the 98 violent attack program, I was relaxed in my heart.

Sure enough, very fast, the other party's computer stopped responding.

The other party failed to crash. As long as he restarted, our latter program will work.

At that time, the computer we want to enter the other party is very easy.

If so, we have to penetrate the other party's server. Ha ha.

I am very excited with the old Zhang.

I took this gap, I have some songs "slowly come", and the melancholy song floats.

I like the songs, a little vicissitudes of life.

Don't be tight, some words are just habits, you should gradually learn to be calm, happiness has a little bit, the same day is sweet, you must know how to thank you. .

Don't tighten, slowly. . . . .

22. Exercise (8)

When the song was heard. I have seen the response information of our backdoor programs on the client program that I launched with Old Zhang.

Now we basically control this machine. According to the other party's protection, they are not big to find us.

Now what we have to do is to enter their servers through this computer.

It is best not to let them find. Finally, if so, we can't do it, we will engage in violent denial of service attacks.

We use our client to connect to that computer, we have started looking at the interests of the files on their machines. We have built a proxy server directly. It is a modified proxy, and we hide his interface.

Maybe they dream do not expect that we will get the IP of the following headquarters, and it is also successfully captured, so this is actually as long as you find the proxy server that can be discovered by the process. In fact, it is not found. The key is that they have never thought about it. Many things will not find anything without any preparation. A re-savvy person will make mistakes when you are in great ideas.

With a consignment, it is not that we are so powerful, it is indeed that the other party has not thought that if they know. It is necessary to break away, it is simply raised.

The next thing is very simple.

We will pick up a keyboard capture program immediately, and started him. We need to get the password they log in to their command system.

Then, I will wait for it to be tense.

We keep watching the captured keyboard information. But there is no information available. Several of the keyboard combination, we immediately entered their host attempting to enter their command system, all failed.

Time is waiting in our anxious waiting. . . . . .

By dusk in the afternoon, we finally saw a group of strings, when we cherished the publicly entered him to the landing page, and tapped the bus.

Hahaha, finally entered!

I didn't respond to the old Zhang I for 10 seconds, and our thinking is already failed. The number of TRY is too much, and the thinking is mechanically.

After 10 seconds, we shouted, I laughed. Old Zhang is almost dancing.

You think that our desperation is finally reached. Can we not be happy?

Everyone is coming up, Liu captain came over from the next door, asked: "How to pull, how to pull?"

"Old Zhang crosses the remote management vulnerability of 98, we have entered a computer of the other party's headquarters" I am excited.

"Yeah, I have got the password of the other party to enter the command system, we can see their command system." Old Zhang looked like a child. I quickly knocked into the IP of the other party in the browser, the skilled input password, the other party's command system main menu entered everyone's eyes.

Liu captain stunned with other brothers, everyone immediately cheered.

"You have already made a proxy on their machines?" Liu captain voice a bit trembled.

"Yes". I replied.

Liu captain went to the newsroom immediately.

For a while, the Liu team came back. Let's meet. Everyone's excitement is almost overlying throughout the house.

For so long, our team finally made breakthrough progress, everyone is very happy.

Liu team began deploying the next plan.

Although the Liu team has no specific implementation, his thinking is not a general way.

"Below, we have absolute active. Just king got the IP of more than a dozen opponent's subordinate headquarters. We can use the vulnerabilities of Lao Zhang and Xiao Wang to attack, and correctly overcome more the subsidiaries of the other. Let the post-construction agent. Captify the password, we don't attack the other's primary server, we keep this state is good. We can see the other's command system, we can understand their partial action deployment, this for us The victory of the exercise can be said to be absolute.

From now on, in addition to sending a person to monitor our server, and the backup system, all the people all attacked the individual's subordinates, and then we also put all the contents and intelligence of the command system to see on the computer. Pass back. We put them on our server and let our headquarters can see. .

. . . "

Liu captan said that his command system also had permission. The subsidiary unit is not all the information can be seen, and you can only see the information related to your troops, other things that have nothing to do, they can't see it.

So only one of us, you can't get too much intelligence. We must continue to overcome more computers. The other party is not a fool, they will not let the subordinate unit know all the information, because if the subordinate unit is being connected by the other party, the consequences are unimaginable.

It doesn't matter, we seem to feel that victory is in front of you. I think other IPs should be a thing or later.

In the evening, I feel relaxed with old Zhang, I even heard the old mouth whistle and knock on the keyboard.

Other brothers are attacking other computers in the subnet where IP is located in order to take advantage of that old-standing attack program to obtain absolute permissions of the target computer.

Everyone is in line, once the method is open, no more than a multi-have tongue, each is attacking his goals.

Liu captain into the communication room and our studio into and out, and keeps back the other information from the overcome computer, then report to the superior.

Everyone is busy with nervousness.

The newspaper continued, Xiao Zhao and Xiaoyu successfully overcome a computer, and the old Zhang also overcome one. The military people of the information team are not waiting for the leisure generation, and they have successfully entered the other's computer.

By the next morning, we found more than a dozen IP overdes half. We have more and more information. The busy Liu team ran into the run.

But everyone is happy.

We can say absolute advantages in confrontation. They fight against the team, they can't find that we have gained a lot of intelligence. I guess they definitely wonder, why don't we attack their computer DDOS?

They surveillance connected all their own IP, they certainly found that we have gained their intelligence through the machines underwater. Haha

In fact, many systems have an inconspicuous place to fail, resulting in failures of the entire system. Really, in terms of computer security, any small 倏 倏 can bring fatal consequences.

Nowadays, many software designers don't know if they have questions about security, this is definitely not a good thing. Although many designers are very familiar with the language and systems he say, it is often a disaster in the implications of security issues.

For example, there are many interactive forums, in fact, most of them have such problems. They are all repaired, in the early days of the design, few people considers safety issues.

Many software features very good design, but the security issue is very poor.

My image is the deepest computer protection software called XX bodyguard. To tell the truth, I have admired, I also have to make such a procedure, but they have a very big vulnerability, which can give almost no effort. Their super user's password!

I fell. I want to designer is a master of a computer, and it is very clear to the underlying. But he is definitely a security newbie, the safety awareness is very weak, and this kind of curse!

That night, I slept very well.

In the next few days, we have been very easy, and the Liu's face is always smiling.

He keeps us a discipline, and our blue is now mastering absolute initiative.

Oh, this is of course. Now everyone is a exercise, not really desperate. Who mastered the information, it can be said that they will win.

We are now almost more than the other subordinate units. Do you say that the other party can play our basketball?

Then our days are better. Everyone has begun to relax. Even the old Zhang gave up the idea of ​​implementing attacks on the other party. This although we didn't get the control of the other party, our most important purpose was reached.

What is going on? In this way, the other party is not easy to find that we have wanted everything.

I secretly opened QQ, Wow, God, I miss so many days, Xiao Min's avatar on QQ is not stopped. There is also a small forest police officer.

Look at Xia Min gives me.

"are you fine?"

"Do you not access the Internet?"

"Why don't you come back?"

"Halo, can the phone can not be used?"

"Is there a short message to see?"

"Hey .... I miss you"

"When are you coming back?"

My nose is sobs. I have been isolated from the world for so many days. My mobile phone is placed in the military region. It is not allowed to bring it.

Xia Min, are you okay? The guitar in my family is not touched for a long time.

Then look at Xiaolin police officer.

She didn't know where I went.

She asked all technical issues.

I didn't have a reply.

Here, I have followed: "People ????"

There is nothing wrong.

I fly quickly, "I am very good, I will come back in a few days, my mobile phone can't be used, QQ is also my stealing."

Leave Xiaolin police officer: "In the business trip ...".

Then shut down QQ.

Point to open a water-wood epitaph, start to live. . . . . .

I have a little thinking home.

23. Exercise (9)

Unconsciously, I have been 20 days in the army. How much time is specifically, I don't care.

In recent days, too nervous, too excited. The debugging program is too tight, recently obtained the information of the other party command system, so that I am too excited.

I am more preferred for assembly levels. In fact, there is also a lot of tools that have been compiled into a corresponding language in a program. Most of the service programs are written in C. Some small programs under Windows, even a lot of VB written. Many procedures are generally not found to have logically vulnerabilities from source program. Because this vulnerability is mostly checked out in the test phase.

But if you directly reach the compilation instruction, some logically don't have questions, because the memory is allocated, the function you designed by BUG is mixed together. The vulnerability will appear.

The debugger is really hard. Now the new generation of peers, people who can eat this bitter is not much.

You look at the popularity of the website to study debugging and compilation, you will understand. Several sites I like to have basically striped in other situations.

I went to the army, I really didn't regret it. I met a strong person, old Zhang. Old Zhang is a real hacker. He has an incomparable endurance and solid foundation. However, I have never heard that I am boasting what I have ever black in front of me. Really, there is no one. Old short, fat, wearing deep myopia glasses. Walking on the street, you will never notice him. However, he is a real hacker. The hacker is generated from the beginning, which is not destruction, he represents a superb technology. Now those who have the data to attack others, destroy others, they are not true hackers.

Lao Zhang solid compilation, and the superb commissioning of the Windows system, I feel admired. Although, I may also be very high in the status of my heart.

In fact, there is still a little more that I admire my most admiring is the temperament of the computer worker who is revealed in his bones.

Yes, it is temperament. That kindergress, even if you don't talk, you can feel the kind of temperament!

I have always believed that the kind of quality of professional computer is definitely not a non-computer professional actor to perform. This is also an important reason why the computer workers cannot satisfy other film works.

I have seen a series of consecutive dramas "One network" is the starring of Lu Shi, as for the people's network cable, depending on an email address, enter the password to log in, then successfully obtain the password, then find it can't connect, The final conclusion is that someone else did not boot! These don't say it. It is a matter of temperament, and the land is not like a computer worker. Really unlike, that kind of temperament can not be installed.

Old Zhang is very leisurely, but even if he is leisure, we still make us feel that he is doing serious things.

He continued to study the system vulnerability of the Red Hat 9.0.

Now our basketball has achieved absolute advantages in the exercise, because our information we have learned, the basic Red Army is playing position. This is the Liu team. His face smile is very bright.

I am still going to scan the other party's servers. At the same time, I will focus on monitoring our server. I don't want our server to be infiltrated by the other party. Everything is normal, anything, it is impossible to have a miracle. Miracles typically appear in film and television works. Life is life, our server is just 80, others are based on package filter check IP, some people are worth 24 hours, the other party has no breakthrough.

I estimate that the Red Army has not been good for two days. They are sure to check how their intelligence is leaking. I believe that they may be desperately inspected in the past few days, we have penetrated.

Oh, don't be busy, believe in yourself, we are not gods, we don't penetrate your server. Just as you can't penetrate our server.

We just gave a lifetime of your headquarters.

I think they know that we don't know those IP, so thinking is not thinking in this direction. Once the thinking occurs, even if we look simple things, I think they can make them unreasonable.

Time is like this, there is two days left at the end of the exercise!

People in our group are happy, and finally can leave this house. For so many days, we have a lot of conflict, but fortunately we have a computer. For our computer fans, there is a network with a computer.

Liu team opened another meeting. This meeting is naturally different from the last atmosphere. Because we are full of victory.

The atmosphere is very relaxed, and the Liu team has arranged the deployment of the last two days.

The final task is to let the other party denial! Because the exercise is basically over. Their intelligence is basically not used, in order to prove that our strength of the detachment, we let the other party's server can't work properly, but also show our strength, let the superior know our results!

Liu team hesitated for the issue of attacking the subordinate headquarters we penetrated.

Finally, I decided to attack the computer we penetrated. And it is necessary to completely clear the back door left by our last time. Try not to leave any traces. I think Liu captain may want to keep a little secret as a next confrontation.

This thing is not complicated, but if you tell others about the answer, you have no tricks next time. It may not be a way at it!

With the mind, if their subordinate command is slightly strengthened, we do have no way to get the other party's intelligence, and it is more impossible to penetrate the other party's computer. Basically, everyone has no way.

The hacker is like this. Before you attack, no one can guarantee that it will be successful. "Flies don't focus on seamless eggs" is used to describe the relationship between hackers and websites. Although the real hacker is not a flies. Ha ha.

I am now considering how to launch a denial of service attacks directly to the other party. If you take a slap in the machine, don't say that it is possible to refuse the service. But this is bound to leave a trace for the other party. The other party is not a fool. They will definitely find the attack record from their IP, which is not to expose our means? Liu team wants us not to expose, obviously this is not good.

We now use the old-core overflow vulnerability of the red hat 9 discovered by old Zhang, and the overflow vulnerability I found. We can't directly achieve attacks. Because the other party has already made a pack filtering, it is likely to install a firewall.

Because the other party directly filters the IP package. More books don't respond to our data, so overflows, of course, no comment.

Haha, it's okay. It is necessary to refuse to serve me.

First, I use the tracert command to check the address of the router where our target opponent server is located. Since we are all areas, it is not a lot of nodes.

Direct attack router, as long as his router does not work. Hehe, the server is broken outside. Although there is no refusal service, the effect is the same for others. However, all the machines forwarded by the router cannot be online, and the face is too light is the policy. I don't want to use this trick.

In our domestic network, many people don't know, in fact, the router is a safe big risk. Since most of the "fake hackers" who like to make the destruction are not deep, and their general people cannot touch the router, so the understanding of the router is almost equal to 0, of course, can't talk more. The online attack tutorial can be used almost all attacks under Windows, so you can understand the reason. Because Windows is everywhere in our country, from this point, saying Windows is not safe, it seems that it is not very fair, the truth of the tree, I think everyone should understand. There is also a operating system in the router, is also a software, his design level, telling the truth, and is more simplicity than Windows. His designer's level, the gap is also very obvious than the designers of other operating systems.

Since he is single, it does not consider compatibility and ease of use, etc., the general administrator does not allow remote logins, and the person who knows the router is very small, so his security issues have not been shown. Sometimes occasionally crashing state, the administrator is generally reboot, but it is OK.

Also because of this, even if many router administrators are familiar with those orders, they don't know his working principle. Because routers are usually maintained by the manufacturer.

Even the Unix has a lot of vulnerabilities, what is the operating system of the router? So the loophole of the router is actually a lot. Of course, the router is generally unbearable. Because you can't log in remote, the general administrator will not open. But the vulnerability of the router refused service is really a lot. Moreover, our domestic administrators have a problem, and they often make aware of the patch of the operating system, but the patch of the OS of the router, many administrators have no management. Therefore, the possibility of reminding such a router to refuse the service is very likely.

And after you attack, administrators generally think that the general crash, most of them are Reboot. I will not find the reason at all, and I will not suspect that some people attack.

I have used a network of a company, and their routers are often dead. Later I found that their routers have denial of service vulnerabilities, which is likely to attack. But each customer calls, their administrators think may be unstable. To now, the network is often broken, each time their administrator Reboot router solves the problem.

However, use the router attack, not necessarily success, and is not the best way, so I should continue to think about it!

Perhaps, I was influenced by the thinking, I started to sweep the other IP of the subnet where our opponent's server, I hope I can find a machine in other subnets where that server is located, attack him, then let yourself and the server becomes a child. The network, this attack is much likely, such as the ARP spoof attack is very obvious to the exchange-exchanged network effect, and now there is almost no good solution. Ha ha.

I'm trying to pay attention, I started scanning, huh, huh, this subnet is obviously the army machine, the protection is more strict. It is basically not swept to a very simple loophole. However, most of them are 2000 machines, and there are a lot of ports, which gives me hope. Ha ha.

The 135 and 139 ports are almost every machine, but these two ports, the refusal service is OK, I can't do it.

You must find additional ways.

I finally found a 1433 port on a machine, huh, if I didn't guess, it should be MS SQL Server. Haha, this thing has a local command vulnerability.

Oh, if the password is deciphered by me, he is dead. . . . . .

Postscript: I looked at what I wrote today and I feel unlike novel. It is a hacking tutorial. Oh, I am really regrettable. I am almost talking about technical issues because I considering a lot of views raised by netizens.

This is not what I want. I have to gradually fade in the future, my purpose is to let people who have a little computer knowledge can understand this novel. I can like this novel.

24. Exercise (10)

When I saw the 1433 port, my heart was a bit confident.

To tell the truth, the current system and server software are getting more mature, and the loopholes are getting less, especially the WWW server, can be said that if you use a good software, security is very good. I believe that one day, hackers will be less and less.

Although it is not performed, it will become less and less like a fierce tiger.

Although, there is no view of the absolute correct program, but I still admit that the space you can use is getting less and less.

However, with the application of the database system in the network, the database's attack gradually became a new goal of the hacker attack.

To tell the truth, I can't understand the server software that actually uses MS on the Internet.

If you do a desktop, I always think that MS is No.1. Although the Mac is excellent, it is even more powerful from a general purpose. The choice of the market is definitely not messy. But if you say that you do a server, there are too many things, no matter what, MS is no.leven. Oh, ranking last.

Say the operating system, inexpensive, even free, stable, and less little Like UNIX system.

On server software, some of the world's enthusiasts have their own Apache Project, which has emerged so much. Also free, why not?

On the database software, if you have money, you will use Oracle. If you have no money, use postgreSQL, and you will use MySQL. Why is MS SQL?

MS SQL is powerful, easy to use. However, this power has hidden too many vulnerabilities. And it is a vulnerability to perform local commands, which is fatal for a system!

Special small large commercial database with MS SQL.

I was tested for Oracle, I have tested many Oracle databases, but I failed.

A network administrator must be comprehensive. Many situations are not to understand network security, understand network security and don't understand the database. Therefore, the vulnerability will appear.

MS SQL is the same as the patch is also useless. Oh, I tested, change some programs slightly, sang to attack!

"Little King, come over" old Zhang shouted me.

I have seen it in the past, huh, old Zhang, and I have just been attacking 98, thinking is the same as me. He is also sweeping the machine.

He also found too much MSSQL machine I stared.

"I am also staring at this machine" I said faintly. When the old debugging procedure, like a child, there is still a song in his mouth. However, the basics left made me not listen to what song.

"This guy is open, we decide his password to see how it? I think his password is impossible.". Old Zhang said.

"This method is stupid, if the other party does not add security strategy, the possibility of success is relatively large."

"A machine may not work, we will do more machines, how?" Oh, this is a public machine, not white. Ha ha.

"Why, do you want to engage in a cluster?" Old Zhang smiled and looked at me.

"Oh, let's try it, and the horse is active." I am interested.

"Okay, it's okay," is also interested.

Calculate, Linux system is much better than Windows. We have installed our notebooks a simplest Linux. In this way, we have 3 machines, plus that server.

Then I find a MOSIX online, this distribution is good, he can move.

Let us start everything, it is 12 o'clock in the evening.

Opened our multi-threaded SQL password test program, and then went to sleep. We have opened a total of thousands of threads, and the basic three machines have been installed in full load.

I didn't think of it, I didn't think of it, I was shouted in the morning.

I know, I know how to open my eyes: "How to pull?"

The old face is smiling, huh, I saw a bright face swaying in front of me, I can't believe it is old. Ha ha.

"The password is coming out, the password is coming out."

"Will n't so fast, huh, you lie to me."

"Really, really, come out, what is your guess code?" Old Zhang continued to laugh.

Didn't see the old Zhang so happy.

I quickly rushed to the machine, and the number of processes in our cluster software have returned to normal. That is, there is no additional process load. Obviously the password test has ended, the condition ended is of course detected, the correct password.

I skillfully knocked out the command of the password, the password is actually 123321! I am dizzy, it is no wonder that I am so happy.

"I rely!" Came, and then laughed!

The owner of this machine seems to not know how dangerous his password.

Don't laugh, if you don't have a lot of tutorials online, Wan Yu, many people passwords will not be set! This is also aware of the password.

Unfortunately, this password is too simple.

"Unfortunately, my cluster" I didn't have a password, which was a wonderful. Is it too easy to get something, feel not precious?

Take him, the purpose is to achieve it.

The following work is simple.

Use this SA account to log in to the other party's SQL Serve, and then execute a local command.

Forget it, the uploader is too much trouble.

I simply opened the other party's Telnet. Then I built a hidden account to join the Administrators group.

Change the NTLM authentication method of Telnet to 0. OK, everything goes well.

After connecting, the implementation of the local command is much easier. I saw it, the above documents were messy. Didn't see useful information. It doesn't matter, as long as you can enter the subnet of our goal. The possibility of success of our attack is much better.

Excited, I have an attack with the old discussion. The exercise is over.

"It seems that it is not a door to penetrating the other party server.

"Oh, right, the other party's server defense is too dead, they basically have an external active communication."

"Inti-service, how? What is your way to use?"

"Either use ARP or directly attack the router." I said.

"Oh, enough." Lao Zhang also thought of it.

"Liu team, can you start attack?" Old Zhang yelled.

Everyone came around.

"Of course, you can end today. Have you found the method?"

Old Zhang said to everyone to everyone, everyone has no opinion.

Liu team also puts light.

"Okay, this is the same," Liu team and everyone are all around me.

I immediately launched the ARP spoofing attack program on the Too computer we overcome. For a while, the other party's server has emerged.

This method is very effective in the local area network. For the network of hub, the success rate is almost 100%. For switch environments, administrators will have effects if they are inappropriate.

In fact, the principle is simple, because the communication of any agreement in the LAN is actually based on the physical address of the NIC. Just send some interference and error messages when you confirm the correspondence of IP and physical addresses, let the server or switch to determine the mistake, and the effect is reached.

I want to design the original newsletter, the designer did not think of this can be made!

In fact, the network is full of fragile. The current people are getting deeper on network research, and many problems that have not been considered now expose. Sometimes it really happens to solve the embarrassing situation.

Other buddies have not stopped testing the other party, and has always been Time Out. Unable to connect. The other party's server has a phenomenon.

This slant network is unable to find the reason from its own server.

Oh, they are dead.

Where do they think about in fact our attack computer and their servers in a subnet?

Nothing dramatic transformation, changed us, there is no way as we do. The only mistake is to give us several IPs. I think they are not a fool, they are definitely scanning our subnets, everyone is using the civil network. Maybe our luck is better, or the other users of our subnet do not boot or protect the protection, anyway, the other party does not penetrate into our subnet. If they are infiltrated, I can engage in ARP attacks. But until the end, our server is still normal. Obviously they did not penetrate our subnet. Otherwise, we face ARP attacks, it is difficult to have a good countermeasure in a short time.

The last victory belongs to us, the blue army.

I would like to attack the router, but I think about it back to a lot of innocent people, I finally gave up.

One of the most annoying things that is the most annoying thing is that the network suddenly breaks. I think others will not like this.

When the Liu team came from the communication room, his face was laughing. I am full of appreciation for my old eyes.

When you pull back the military in the evening, the atmosphere is completely different.

Still the camouflage Evico, but the window opened. The soldiers of the police are not waiting. Also give us a joke. Several "militia" has been very familiar with the rest of the start. In their words, there is already a "revolutionary friendship." Especially I and old. It is simply iron buddy.

Start still feel that the old movement is. But encounter a peer, and the old can absolutely use an extrovert direction.

Old Zhang smiled very much, and there is no scruple. I felt in the first time, the old Zhang was very "childlike".

I don't know why I think of this word, but I feel like this is the case. Heart has no city, technology is all of his life.

I like people like this, there are not many people now. I saw it everywhere, I didn't learn the face. People like old Zhang may not like to like it, but I really admire such a person, even though I can't do this.

I really admire the old people such as the old, this is the truth.

Inside the military, there is a neat soldier and military vehicle. But we obviously feel the atmosphere of the joy of the air.

When you come out, the tension is completely different, although the car is still those cars, people are still those people, the place is still that place. But when I left, I was separated.

Can you get a big victory, can you be unhappy?

Does anyone know that there is a part of our information against the detachment?

I thought in my heart, I looked at the soldiers whispered, and I picked a pride.

The feast is less than the feast.

The dishes in the military cafeteria are absolutely best in the big pot. Anyway, I think it is better to eat more than the things in the cafeteria, maybe it is very mood?

I feel bored on those scenes. From the head to the end, my face is stunning, attracting a group of toasting people. But I will be able to serve.

Liu team seems not high, but there is no way, his goal is too big, when we leave, Liu team is basically a silent speech.

In the evening, I didn't talk to the old Zhang, we opened the military notebook that followed us for more than 20 days, and gently used to touch its face.

I found a song, it is the first English song, I want to take tears.

The name is Sailing.

I am Sailing, I am Sailing Home Again Cross The Sea, I am Sailing Stormy Water, To BE with you, to be free.

I am Flying, I am Flying Like A Bird Across The Sky, To Be with you, to be free ..................

....................

What I heard, I heard a tragic courage, an unyielding spirit, this is also a hacker's spirit. That night, I didn't know when I was asleep. I saw myself sailing at sea. . .

25. Exercise (9)

Unconsciously, I have been 20 days in the army. How much time is specifically, I don't care.

In recent days, too nervous, too excited. The debugging program is too tight, recently obtained the information of the other party command system, so that I am too excited.

I am more preferred for assembly levels. In fact, there is also a lot of tools that have been compiled into a corresponding language in a program. Most of the service programs are written in C. Some small programs under Windows, even a lot of VB written. Many procedures are generally not found to have logically vulnerabilities from source program. Because this vulnerability is mostly checked out in the test phase.

But if you directly reach the compilation instruction, some logically don't have questions, because the memory is allocated, the function you designed by BUG is mixed together. The vulnerability will appear.

The debugger is really hard. Now the new generation of peers, people who can eat this bitter is not much.

You look at the popularity of the website to study debugging and compilation, you will understand. Several sites I like to have basically striped in other situations.

I went to the army, I really didn't regret it. I met a strong person, old Zhang. Old Zhang is a real hacker. He has an incomparable endurance and solid foundation. However, I have never heard that I am boasting what I have ever black in front of me. Really, there is no one. Old short, fat, wearing deep myopia glasses. Walking on the street, you will never notice him. However, he is a real hacker.

The hacker is generated from the beginning, which is not destruction, he represents a superb technology. Now those who have the data to attack others, destroy others, they are not true hackers.

Lao Zhang solid compilation, and the superb commissioning of the Windows system, I feel admired. Although, I may also be very high in the status of my heart.

In fact, there is still a little more that I admire my most admiring is the temperament of the computer worker who is revealed in his bones.

Yes, it is temperament. That kindergress, even if you don't talk, you can feel the kind of temperament!

I have always believed that the kind of quality of professional computer is definitely not a non-computer professional actor to perform. This is also an important reason why the computer workers cannot satisfy other film works.

I have seen a series of consecutive dramas "One network" is the starring of Lu Shi, as for the people's network cable, depending on an email address, enter the password to log in, then successfully obtain the password, then find it can't connect, The final conclusion is that someone else did not boot! These don't say it. It is a matter of temperament, and the land is not like a computer worker. Really unlike, that kind of temperament can not be installed.

Old Zhang is very leisurely, but even if he is leisure, we still make us feel that he is doing serious things.

He continued to study the system vulnerability of the Red Hat 9.0.

Now our basketball has achieved absolute advantages in the exercise, because our information we have learned, the basic Red Army is playing position. This is the Liu team. His face smile is very bright.

I am still going to scan the other party's servers. At the same time, I will focus on monitoring our server. I don't want our server to be infiltrated by the other party. Everything is normal, anything, it is impossible to have a miracle. Miracles typically appear in film and television works. Life is life, our server is just 80, others are based on package filter check IP, some people are worth 24 hours, the other party has no breakthrough.

I estimate that the Red Army has not been good for two days. They are sure to check how their intelligence is leaking. I believe that they may be desperately inspected in the past few days, we have penetrated.

Oh, don't be busy, believe in yourself, we are not gods, we don't penetrate your server. Just as you can't penetrate our server. We just gave a lifetime of your headquarters.

I think they know that we don't know those IP, so thinking is not thinking in this direction. Once the thinking occurs, even if we look simple things, I think they can make them unreasonable.

Time is like this, there is two days left at the end of the exercise!

People in our group are happy, and finally can leave this house. For so many days, we have a lot of conflict, but fortunately we have a computer. For our computer fans, there is a network with a computer.

Liu team opened another meeting. This meeting is naturally different from the last atmosphere. Because we are full of victory.

The atmosphere is very relaxed, and the Liu team has arranged the deployment of the last two days.

The final task is to let the other party denial! Because the exercise is basically over. Their intelligence is basically not used, in order to prove that our strength of the detachment, we let the other party's server can't work properly, but also show our strength, let the superior know our results!

Liu team hesitated for the issue of attacking the subordinate headquarters we penetrated.

Finally, I decided to attack the computer we penetrated. And it is necessary to completely clear the back door left by our last time. Try not to leave any traces.

I think Liu captain may want to keep a little secret as a next confrontation.

This thing is not complicated, but if you tell others about the answer, you have no tricks next time. It may not be a way at it!

With the mind, if their subordinate command is slightly strengthened, we do have no way to get the other party's intelligence, and it is more impossible to penetrate the other party's computer. Basically, everyone has no way.

The hacker is like this. Before you attack, no one can guarantee that it will be successful. "Flies don't focus on seamless eggs" is used to describe the relationship between hackers and websites. Although the real hacker is not a flies. Ha ha.

I am now considering how to launch a denial of service attacks directly to the other party. If you take a slap in the machine, don't say that it is possible to refuse the service. But this is bound to leave a trace for the other party. The other party is not a fool. They will definitely find the attack record from their IP, which is not to expose our means? Liu team wants us not to expose, obviously this is not good.

We now use the old-core overflow vulnerability of the red hat 9 discovered by old Zhang, and the overflow vulnerability I found. We can't directly achieve attacks. Because the other party has already made a pack filtering, it is likely to install a firewall.

Because the other party directly filters the IP package. More books don't respond to our data, so overflows, of course, no comment.

Haha, it's okay. It is necessary to refuse to serve me.

First, I use the tracert command to check the address of the router where our target opponent server is located. Since we are all areas, it is not a lot of nodes.

Direct attack router, as long as his router does not work. Hehe, the server is broken outside. Although there is no refusal service, the effect is the same for others. However, all the machines forwarded by the router cannot be online, and the face is too light is the policy. I don't want to use this trick.

In our domestic network, many people don't know, in fact, the router is a safe big risk. Since most of the "fake hackers" who like to make the destruction are not deep, and their general people cannot touch the router, so the understanding of the router is almost equal to 0, of course, can't talk more. The online attack tutorial can be used almost all attacks under Windows, so you can understand the reason. Because Windows is everywhere in our country, from this point, saying Windows is not safe, it seems that it is not very fair, the truth of the tree, I think everyone should understand. There is also a operating system in the router, is also a software, his design level, telling the truth, and is more simplicity than Windows. His designer's level, the gap is also very obvious than the designers of other operating systems. Since he is single, it does not consider compatibility and ease of use, etc., the general administrator does not allow remote logins, and the person who knows the router is very small, so his security issues have not been shown. Sometimes occasionally crashing state, the administrator is generally reboot, but it is OK.

Also because of this, even if many router administrators are familiar with those orders, they don't know his working principle. Because routers are usually maintained by the manufacturer.

Even the Unix has a lot of vulnerabilities, what is the operating system of the router? So the loophole of the router is actually a lot. Of course, the router is generally unbearable. Because you can't log in remote, the general administrator will not open. But the vulnerability of the router refused service is really a lot. Moreover, our domestic administrators have a problem, and they often make aware of the patch of the operating system, but the patch of the OS of the router, many administrators have no management.

Therefore, the possibility of reminding such a router to refuse the service is very likely.

And after you attack, administrators generally think that the general crash, most of them are Reboot. I will not find the reason at all, and I will not suspect that some people attack.

I have used a network of a company, and their routers are often dead. Later I found that their routers have denial of service vulnerabilities, which is likely to attack. But each customer calls, their administrators think may be unstable. To now, the network is often broken, each time their administrator Reboot router solves the problem.

However, use the router attack, not necessarily success, and is not the best way, so I should continue to think about it!

Perhaps, I was influenced by the thinking, I started to sweep the other IP of the subnet where our opponent's server, I hope I can find a machine in other subnets where that server is located, attack him, then let yourself and the server becomes a child. The network, this attack is much likely, such as the ARP spoof attack is very obvious to the exchange-exchanged network effect, and now there is almost no good solution. Ha ha.

I'm trying to pay attention, I started scanning, huh, huh, this subnet is obviously the army machine, the protection is more strict. It is basically not swept to a very simple loophole. However, most of them are 2000 machines, and there are a lot of ports, which gives me hope. Ha ha.

The 135 and 139 ports are almost every machine, but these two ports, the refusal service is OK, I can't do it.

You must find additional ways.

I finally found a 1433 port on a machine, huh, if I didn't guess, it should be MS SQL Server. Haha, this thing has a local command vulnerability.

Oh, if the password is deciphered by me, he is dead. . . . . .

Postscript: I looked at what I wrote today and I feel unlike novel. It is a hacking tutorial. Oh, I am really regrettable. I am almost talking about technical issues because I considering a lot of views raised by netizens. This is not what I want. I have to gradually fade in the future, my purpose is to let people who have a little computer knowledge can understand this novel. I can like this novel.

26. Exercise (10)

When I saw the 1433 port, my heart was a bit confident.

To tell the truth, the current system and server software are getting more mature, and the loopholes are getting less, especially the WWW server, can be said that if you use a good software, security is very good. I believe that one day, hackers will be less and less.

Although it is not performed, it will become less and less like a fierce tiger.

Although, there is no view of the absolute correct program, but I still admit that the space you can use is getting less and less.

However, with the application of the database system in the network, the database's attack gradually became a new goal of the hacker attack.

To tell the truth, I can't understand the server software that actually uses MS on the Internet.

If you do a desktop, I always think that MS is No.1. Although the Mac is excellent, it is even more powerful from a general purpose. The choice of the market is definitely not messy.

But if you say that you do a server, there are too many things, no matter what, MS is no.leven. Oh, ranking last.

Say the operating system, inexpensive, even free, stable, and less little Like UNIX system.

On server software, some of the world's enthusiasts have their own Apache Project, which has emerged so much. Also free, why not?

On the database software, if you have money, you will use Oracle. If you have no money, use postgreSQL, and you will use MySQL. Why is MS SQL?

MS SQL is powerful, easy to use. However, this power has hidden too many vulnerabilities. And it is a vulnerability to perform local commands, which is fatal for a system!

Special small large commercial database with MS SQL.

I was tested for Oracle, I have tested many Oracle databases, but I failed.

A network administrator must be comprehensive. Many situations are not to understand network security, understand network security and don't understand the database. Therefore, the vulnerability will appear.

MS SQL is the same as the patch is also useless. Oh, I tested, change some programs slightly, sang to attack!

"Little King, come over" old Zhang shouted me.

I have seen it in the past, huh, old Zhang, and I have just been attacking 98, thinking is the same as me. He is also sweeping the machine.

He also found too much MSSQL machine I stared.

"I am also staring at this machine" I said faintly. When the old debugging procedure, like a child, there is still a song in his mouth. However, the basics left made me not listen to what song.

"This guy is open, we decide his password to see how it? I think his password is impossible.". Old Zhang said.

"This method is stupid, if the other party does not add security strategy, the possibility of success is relatively large."

"A machine may not work, we will do more machines, how?" Oh, this is a public machine, not white. Ha ha.

"Why, do you want to engage in a cluster?" Old Zhang smiled and looked at me. "Oh, let's try it, and the horse is active." I am interested.

"Okay, it's okay," is also interested.

Calculate, Linux system is much better than Windows. We have installed our notebooks a simplest Linux. In this way, we have 3 machines, plus that server.

Then I find a MOSIX online, this distribution is good, he can move.

Let us start everything, it is 12 o'clock in the evening.

Opened our multi-threaded SQL password test program, and then went to sleep. We have opened a total of thousands of threads, and the basic three machines have been installed in full load.

I didn't think of it, I didn't think of it, I was shouted in the morning.

I know, I know how to open my eyes: "How to pull?"

The old face is smiling, huh, I saw a bright face swaying in front of me, I can't believe it is old. Ha ha.

"The password is coming out, the password is coming out."

"Will n't so fast, huh, you lie to me."

"Really, really, come out, what is your guess code?" Old Zhang continued to laugh.

Didn't see the old Zhang so happy.

I quickly rushed to the machine, and the number of processes in our cluster software have returned to normal. That is, there is no additional process load.

Obviously the password test has ended, the condition ended is of course detected, the correct password.

I skillfully knocked out the command of the password, the password is actually 123321! I am dizzy, it is no wonder that I am so happy.

"I rely!" Came, and then laughed!

The owner of this machine seems to not know how dangerous his password.

Don't laugh, if you don't have a lot of tutorials online, Wan Yu, many people passwords will not be set! This is also aware of the password.

Unfortunately, this password is too simple.

"Unfortunately, my cluster" I didn't have a password, which was a wonderful. Is it too easy to get something, feel not precious?

Take him, the purpose is to achieve it.

The following work is simple.

Use this SA account to log in to the other party's SQL Serve, and then execute a local command.

Forget it, the uploader is too much trouble.

I simply opened the other party's Telnet. Then I built a hidden account to join the Administrators group.

Change the NTLM authentication method of Telnet to 0. OK, everything goes well.

After connecting, the implementation of the local command is much easier. I saw it, the above documents were messy. Didn't see useful information. It doesn't matter, as long as you can enter the subnet of our goal. The possibility of success of our attack is much better.

Excited, I have an attack with the old discussion. The exercise is over.

"It seems that it is not a door to penetrating the other party server.

"Oh, right, the other party's server defense is too dead, they basically have an external active communication."

"Inti-service, how? What is your way to use?"

"Either use ARP or directly attack the router." I said.

"Oh, enough." Lao Zhang also thought of it.

"Liu team, can you start attack?" Old Zhang yelled.

Everyone came around.

"Of course, you can end today. Have you found the method?"

Old Zhang said to everyone to everyone, everyone has no opinion.

Liu team also puts light.

"Okay, this is the same," Liu team and everyone are all around me.

I immediately launched the ARP spoofing attack program on the Too computer we overcome. For a while, the other party's server has emerged.

This method is very effective in the local area network. For the network of hub, the success rate is almost 100%. For switch environments, administrators will have effects if they are inappropriate. In fact, the principle is simple, because the communication of any agreement in the LAN is actually based on the physical address of the NIC. Just send some interference and error messages when you confirm the correspondence of IP and physical addresses, let the server or switch to determine the mistake, and the effect is reached.

I want to design the original newsletter, the designer did not think of this can be made!

In fact, the network is full of fragile. The current people are getting deeper on network research, and many problems that have not been considered now expose. Sometimes it really happens to solve the embarrassing situation.

Other buddies have not stopped testing the other party, and has always been Time Out. Unable to connect. The other party's server has a phenomenon.

This slant network is unable to find the reason from its own server.

Oh, they are dead.

Where do they think about in fact our attack computer and their servers in a subnet?

Nothing dramatic transformation, changed us, there is no way as we do. The only mistake is to give us several IPs. I think they are not a fool, they are definitely scanning our subnets, everyone is using the civil network. Maybe our luck is better, or the other users of our subnet do not boot or protect the protection, anyway, the other party does not penetrate into our subnet. If they are infiltrated, I can engage in ARP attacks. But until the end, our server is still normal.

Obviously they did not penetrate our subnet. Otherwise, we face ARP attacks, it is difficult to have a good countermeasure in a short time.

The last victory belongs to us, the blue army.

I would like to attack the router, but I think about it back to a lot of innocent people, I finally gave up.

One of the most annoying things that is the most annoying thing is that the network suddenly breaks. I think others will not like this.

When the Liu team came from the communication room, his face was laughing. I am full of appreciation for my old eyes.

When you pull back the military in the evening, the atmosphere is completely different.

Still the camouflage Evico, but the window opened. The soldiers of the police are not waiting. Also give us a joke. Several "militia" has been very familiar with the rest of the start. In their words, there is already a "revolutionary friendship." Especially I and old. It is simply iron buddy.

Start still feel that the old movement is. But encounter a peer, and the old can absolutely use an extrovert direction.

Old Zhang smiled very much, and there is no scruple. I felt in the first time, the old Zhang was very "childlike".

I don't know why I think of this word, but I feel like this is the case. Heart has no city, technology is all of his life.

I like people like this, there are not many people now. I saw it everywhere, I didn't learn the face. People like old Zhang may not like to like it, but I really admire such a person, even though I can't do this.

I really admire the old people such as the old, this is the truth.

Inside the military, there is a neat soldier and military vehicle. But we obviously feel the atmosphere of the joy of the air.

When you come out, the tension is completely different, although the car is still those cars, people are still those people, the place is still that place. But when I left, I was separated.

Can you get a big victory, can you be unhappy?

Does anyone know that there is a part of our information against the detachment?

I thought in my heart, I looked at the soldiers whispered, and I picked a pride.

The feast is less than the feast.

The dishes in the military cafeteria are absolutely best in the big pot. Anyway, I think it is better to eat more than the things in the cafeteria, maybe it is very mood?

I feel bored on those scenes. From the head to the end, my face is stunning, attracting a group of toasting people. But I will be able to serve. Liu team seems not high, but there is no way, his goal is too big, when we leave, Liu team is basically a silent speech.

In the evening, I didn't talk to the old Zhang, we opened the military notebook that followed us for more than 20 days, and gently used to touch its face.

I found a song, it is the first English song, I want to take tears.

The name is Sailing.

I am Sailing, I am Sailing Home Again Cross The Sea, I am Sailing Stormy Water, To BE with you, to be free.

I am Flying, I am Flying Like A Bird Across The Sky, To Be with you, to be free ..................

...................

What I heard, I heard a tragic courage, an unyielding spirit, this is also a hacker's spirit.

That night, I didn't know when I was asleep. I saw myself sailing at sea. . .

转载请注明原文地址:https://www.9cbs.com/read-105729.html

9cbs

New Post(0)