Super-brain hacker
HOME / Romantic / Super-brain hacker / Chapter List

Chapter 228 Escort

Many hackers generally do not forget their first invasion in their hacking careers, just as men and women can never forget their **.

Although Lin Hong's invasion had a lot of luck in it, it did make him experience the pleasure of the invasion.

The method of guessing the password has appeared since the birth of the computer user system. Although it is simple, it has never been outdated, and even decades later, this method is still effective.

Computer intrusion is actually an invasion of human nature. No matter how the protective measures of your computer system are in place, there will always be some users who are lucky or simply have no sense of security. Although they know that the password they set is very simple, in order to save trouble, they are lucky to think that others are not so lucky, and they can guess their own password.

So they simply set the password to the most common combinations such as "12345678" "65432", the password and nickname are the same, nickname + number, nickname + birthday... and so on.

And hackers like this kind of user. They collect these common passwords and also collect all the information of the corresponding user, such as the other party's email nickname, the other party's date of birth, and even the name and date of birth of the other party's relatives and friends.

Some hackers directly use manual guessing, such as Lin Hong this time, which compares the time and requires better luck.

And some hackers directly arrange and combine the collected information to form a list of hundreds of items, and then use the software they write to constantly try to log in. In the end, there is a high probability that the real password can be run out.

This method is called violent cracking.

If the password is just a simple combination of numbers, with a computer with good performance, it only takes a short time to try all possible combinations of numbers.

Through this invasion, Lin Hong understood why Kevin said that he was mainly aimed at the invasion of the human brain, not just the invasion of computers.

After successfully logging in to the Unix server, Lin Hong began to check what permissions his user had.

He constantly checks the contents of various files in the directory he can access, and also constantly tests the specific permissions of this user.

Although this is not an administrator account, there is a surprise that the user named eric actually has the execution permission of the GCC compiler.

This also means that Lin Hong can run his own program on this server.

So, he used the CAT command to start writing a small program.

This program is very small, but its function is not simple. If it is executed smoothly, it can successfully convert the "" symbol on the terminal to the "#" symbol, which means a great improvement of permissions.

This applet takes advantage of a local buffer overflow vulnerability in Unix.

After a crackling keyboard tapping sound, all the code of the program was written.

Lin Hong used GCC to compile, and then after fixing a few small problems, he compiled, and then typed in and executed the compiled program--

[OK!]

The prompt message in the display made Lin Hong cheer in a low voice.

"YES!"

Sure enough, the flashing prompt on the left side of the display immediately changed to the "#" symbol.

At this point, it means that Lin Hong has officially captured the fortress completely. He has the greatest authority to do whatever he wants in it.

Next, Lin Hong began to check whether there were any other users in the server at this moment. He looked at the time. It was past two o'clock in the morning. It is reasonable that the network administrator should sleep at home. If there are other logins, except for the ashes-level computer enthusiasts, there is only one possibility, that is-- Intruder.

Lin Hong began to use the command to check the current running process to see if there are any suspicious processes and users logged in now.

All kinds of information were constantly brushed up in the display. Lin Hong stared at the information, and his eyes trembled at a very fast speed, not letting go of any information.

He is the only user logged in at this moment.

After the process check, no suspicious processes were found.

Then, he began to monitor the service port.

These ports are the gates leading to the outside of the fortress. Some of them are special passages opened by the city owner (administrator), such as Gate No. 21. You can only look and transport some supplies out of this channel, but people can't come in, and what they can see is only a specific place, other places. They are all restricted areas and are strictly restricted.

And there are some that may be unknown to the city owner, perhaps the unknown secret door left by the castle during the construction period, or the back door secretly dug out by hackers.

Lin Hong saw that the open ports in this server have "2", "23", "512", "79..."

"Huh? Is port 111 also open?

Lin Hong was slightly stunned.

The other ports are fine, but there is something wrong with this 111 port.

In UNIX, port 111 is the open port of SUN's RPC (Remote Procedure Call) service, which is mainly used for internal process communication of different computers in distributed systems.

However, as far as Lin Hong knows, SUN's RPC service has a relatively large vulnerability, that is, the xdr_array function has a remote buffer overflow vulnerability in multiple RPC services, through which the vulnerability allows the attacker to obtain root permissions remotely or locally.

This is a relatively common loophole. If Lin Hong had invaded from here before, it would not take so much time at all, and there would be no need to rely on luck to enter the system.

The reason why this port was not found is that Lin Hong tested one by one from the smallest port. As a result, he lost his patience and changed the invasion strategy. Later, he was lucky enough to guess the password of one of the users.

When Lin Hong was about to continue to check to see if anyone had taken advantage of this loophole to invade it, a sentence suddenly appeared in the display.

[I didn't expect you to start to invade for so long.]

Lin Hong was slightly shocked. He immediately understood that someone was sending a message to himself, that is to say, there was at least another person on the server at this moment, and the other party was likely to be observing his behavior all the time.

Combined with the content of this sentence, he judged that the other party was Kevin, but he was not sure.

Therefore, Lin Hong had to keep silent and had decided that once he found that there was something wrong, he would immediately withdraw and go offline.

[Don't worry, it's me, the person who gives you the list.]

It's really Kevin.

When Lin Hong saw this sentence, he suddenly relaxed. He replied: [eric: It scared me and thought it was found by the administrator.]

[Ha ha, the administrator of this server is not so diligent. He got off work on time at 5:30 p.m. And this server is the computer department of Duke University, which is specially built for students to learn Unix on the computer. Although it is a little strange for you to log in now, sometimes some students log in in the early morning.]

When Lin Hong saw Kevin's words, he was immediately relieved. At the beginning, he had been worried that when he was invading, he happened to meet the administrator online, and then found that he was logging in to someone else's account to invade.

When Lin Hong told Kevin about this worry, Kevin told him a short story.

In that year, in order to invade a server, Kevin tried all kinds of ways but failed because the other party's security measures were very good.

In the end, he had to use social engineering methods, disguised as the head of the technical department by phone and fax, and asked the other party's logistics department to mail the original materials containing key technologies to the other party by express delivery.

Then, he disguised himself as a courier and came to pick up the parcel, but at that moment, he happened to meet the technical director of the other party who happened to go to the logistics department to handle the matter. He met with the other party, but in the end, he was saved by his "talent" and successfully photocopied the information.

Kevin told Lin Hong that when a hacker, he must be absolutely calm. Even if he encounters the most dangerous thing, he can't be messy, because no one can know in what direction things will go until the last minute.

[eric: How did you know that I would invade this server today?]

[I set the intrusion alert. The series of servers I gave you are relatively safe servers, either for students to practice in the university, or the administrator level is average and rarely online. As long as you invade in order, I believe that your technology can be greatly improved.]

[eric: Thank you.]

Kevin is so enthusiastic about helping himself. Lin Hong feels very grateful. It can be said that Kevin is completely his enlightenment teacher in this regard.

After Lin Hong said this, the other party did not answer for a long time.

When he was puzzled, the other party suddenly sent a message: [There is a situation, today the administrator doesn't know why it is online now. Although there is no big problem, I suggest you log out first. Because eric is usually a good student, he rarely connects to the server after two o'clock in the morning, which can easily cause administrators to doubt.

[I will help you clean up the traces.]

At the end, Kevin added another sentence.

After Lin Hong was slightly stunned, he had no time to think about it and immediately disconnected from the server. At that moment, his heart beat violently a few times.

Although it doesn't matter even if it is found, Lin Hong still feels a trace of tension uncontrollably in this atmosphere, and at the same time, there is an inexplicable sense of excitement. It's like doing something bad and suddenly being discovered.

Lin Hong thought for a moment and decided to log in the CQCQ software. Originally, Kevin would use this chat software to contact him like last time, but after waiting for a long time, there was still no news.

He really wanted to log in to that server again, but he was worried about exposing his whereabouts and being found by the other party.

Under the contradiction in his heart, Lin Hong finally put this matter behind for the time being.

He switched to the MINIX system and continued to enrich the BASH system call instructions in the LINUS system. After all, the POSIX standard books have been borrowed. Let's finish the common system calls as soon as possible.

Chapter List

Full Novel Website en.quanben5.com