Turing Forbidden Zone
Chapter 80
Obtaining administrator privileges on a social networking site is like a bun before dinner for both parties.
Time and Night is almost effortless, and so is Fennel.
At 3:12, both sides broke through this simple and simple website almost at the same time, and saw each other's backstage.
- This is the first step.
Next, they will dig out as much information about the other party as possible from the website, and then find the most important host among the six devices of the other party, and then invade it.
The background of the small website is also simple, and the administrator can only add, delete, modify, check everyone's dynamics, and perform operations such as site-wide broadcasting.
Shi Ye was holding a mobile phone beside him, looking at the background synchronously.
Chu Yingzong didn't pay attention at first, but later found out that he had posted a new post on the website.
[Signale: 135.1.51.1, op, f2235! op1]
After refreshing, Chu Yingzong, who saw the dynamics, was a little dazed, and turned around and asked, "What do you mean by what you posted?"
Shi Ye said: "Unit 1."
Hearing what he said, Chu Yingzong came to a sudden: what he sent was the IP address of machine No. 1, administrator account and password.
Chu Yingzong: "..."
Time and night: "?"
"Ahhhhhh!" Chu Ying was stunned, "Why did you send it out! Isn't this equivalent to giving Fennel for nothing?!"
IP, administrator account, and password are enough for Fennel to easily get the No. 1 machine.
This is equivalent to joining the enemy! !
Chu Ying held her head in her hands, and her already nervous mood almost burst on the spot.
Shi Ye was very calm, and said: "Because this roulette game should have been a one-on-one fair match, and you are an outside aid. This is not fair."
Chu Yingzong: "So in order to be fair, did you just give away a machine?"
Shi Ye: "Yeah."
Chu Ying hesitates to speak, he knows that this is Shi Ye's style and rules, Shi Ye is a man who regards rules as everything, but...
There are a total of 6 devices, and one of them was lost so easily at the beginning, which makes people feel very insecure!
Chu Yingzong: "Then have you ever thought that your right hand is injured, which is unfair? I'm only helping you to make up for your disadvantage—"
"It's not just that." Shi Ye said lightly, "In Russian roulette, having a comrade in arms is already a great psychological advantage. What's more, this person is you."
Chu Yingzong was speechless for a long time.
After a long time, he sighed.
"Oh." Chu Yingzong said, "Forget it, you are this kind of person. I just hope that next time you make such a decision, you can tell me in advance."
Shi Ye: "What will happen if I tell you?"
Chu Yingzong pinched his face severely: "I will be mentally prepared!!"
After a brief conversation, Chu Yingzong turned around again, and began to browse the background of Fennel's webpage nervously, pulling down the history records of all account logins.
But at this time, they noticed at the same time that Fennel also updated a post.
[Fennel: 142.10.2.123, gry, gq245]
"?"
Chu Ying was stunned!
Shi Ye also looked sideways, frowned slightly, and said, "Ask him what he means."
Chu Yingzong typed very fast, leaving messages under Fennel's feed.
[Signale: What do you mean? 】
[Fennel: Automatically give up one of my devices.Don't get me wrong, this isn't a surrender to you, it's just an attempt to offset your disadvantages.Now it is more than 3 o'clock in the middle of the night in Huaguo, which is not a small challenge for your work and rest, right?Also, I noticed that you used the standard version of the onion network, guess you haven't made similar bets before; and I have additional tools to prepare, which is not fair to you.To counteract the 'unfairness' here, I chose to give up one device, and that's it. 】
Chu Yingzong: "..."
Shi Ye nodded calmly: "Understood, we can continue."
Chu Ying said in a low voice: "I didn't expect him to be so principled."
Shi Ye said: "The electronic world is different from normal society. The principles here are principles, and they are unshakable objective laws."
Chu Yingzong nodded: "I seem to understand your thoughts."
Fennel has detected that their intranet is connected using the onion protocol, and the action is a step ahead of them.
But Chu Yingzong moved quickly, quickly browsed the records of Fennel's website, and quickly found the entrance of Fennel's intranet.
With tentative session requests to his gateway, they quickly caught a few packets going back and forth.
——The data packet is the content of the communication between the five devices of Fennel, which can be said to be the telegram of the opposing army.
A normal TCPIP protocol data packet, when flowing between various devices, is always in a standard format: version number, header length, service type, total package length, flag, segment offset, timestamp, protocol code, check digit , 32-bit source IP, 32-bit destination IP, options and finally user data.
However, in the Fennel data packets they intercepted, many digits of encrypted content have been passed.
The encrypted data looks disorganized, and the naked eye cannot see any meaning.
Chu Ying blurted out: "Why don't you analyze what encryption method he uses?"
"No." Shi Ye said calmly, "The low-level analysis is too time-consuming. Let the Viper do this, and we will carry out the XSS attack first."
Chu Ying Zong opened the black Viper, and then dragged several captured data packets into it, watching the Viper start to analyze automatically.
This is a general tool of Signale, which can independently analyze the ciphertext and quickly analyze the encryption method; if necessary, it can cooperate with Lyrebird to get relatively simple plaintext and key.
At the same time that the tool started to work, Chu Yingzong had already returned to the Facebook page.
After analyzing all the data on the webpage, it does not mean that it is completely useless, in fact, it can also be used for fishing!
XSS is one such attack.
Just listen to Shi Ye's dictation: "Try keyword injection."
"En." Chu Ying nodded, opened the input box of the webpage, tried to type a code in it for a while, and then sent it as a new dynamic that can only be seen by individuals for testing.
After refreshing, Chu Yingzong's code took effect at the same time as the new news appeared!
"XSS can be done!" Chu Yingzong was pleasantly surprised, "It's really a sieve website. It seems that Fennel has completely given up on defending it..."
The principle of XSS (CrossSiteScripting, cross-site scripting attack) is simple.
When a website allows user input and then displays it on the web page, the user is actually able to inject his own input into the source code of the web page.
If the programmer does not pay attention to shielding this injection when writing, then the hacker can break through his own input area, write the real code as dynamic, and enter the source code of the web page.
As for other uninformed users, once they see this post posted by hackers, their browsers will automatically think that the content of this post comes from this website—and this website is trusted, so they will Run malicious code in motion.
This process is like a dove occupying a magpie's nest. The hacker borrowed the name of the website to let all its users execute their own code.
At 3:30 in the morning, Chu Yingzong injected the carefully written XSS script into the new news.
[Signale: Hmm. 】
Although there is only a short word "um", in fact, the volume of this dynamic is several KB. The reason why it is only displayed so short is of course that the code loopholes in the web page are used to hide the subsequent content and become the source part of the code.
And the purpose of these codes is very simple: let viewers download a Trojan virus automatically!
That way, once Fennel sees the post, it might download the Trojan.
At the same time, according to the rules, Fennel also released new developments.
[Fennel: I don't know how your progress is?I've found your first springboard. 】
Seeing this news, Chu Yingzong couldn't help breathing a little faster, and said, "Why is he moving so fast? Is he already attacking one of our devices? Should I open the firewall to check the records?"
"Don't worry, it may not be true." Shi Ye calmly said, "Since the honeypot didn't call the police, we will continue to attack."
Chu Ying waited for a while, but the background Trojan was never downloaded.
Apparently, Fennel saw new developments in the injection of malicious code, but was not caught.
——Is his firewall blocking background downloads?Or is Fennel blocking the entire web page from executing code?Or does he check all inputs?
In any case, the XSS attack has not worked for the time being.
However, Viper's cracking process has already run, and it gives the analysis conclusion of the Fennel data packet.
Unfortunately, Viper did not directly decipher the original text, but it gave the encryption protocol used by the data packets.
——nDC.
This was an agreement that Chu Yingzong had obviously never heard of, and he looked at Shi Ye behind him for help: "What is this?"
Shi Ye frowned slightly, and said, "A kind of anonymous agreement."
Chu Yingzong: "...Thank you, of course I know this."
"The nDC was proposed earlier than the Onion Network, but it is not practical and has not been widely promoted." Shi Ye explained lightly, "This is a fully symmetric encryption protocol, and the process is similar to a linked list."
The anonymity principle of nDC (N-partydinningcryptographers) is stronger and more hidden than the onion network.
All devices in the nDC network, whenever they publish any data packets, always perform an XOR (exclusive OR) operation with their right device first, and then pass their own data to their left device.
After all devices list their own data packets, they perform an XOR operation as a whole, and the final result is the output data packet.
This protocol ensures that each data packet will be manipulated by at least two devices, and each device only knows its own content and does not know the content of any other device.
In other words, it basically eliminated the operating space of the inner ghost.
Even if an intruder completely controls a certain host in the network, they still cannot get any information from the data packets circulating in the intranet...
As long as the intruder does not find the real host, even if he controls all the remaining 4 hosts, it still has no effect!
It is necessary to find the real host, or simply control all 5 devices, in order to crack the entire data packet.
This is the strength of nDC, an anonymous protocol that is so expensive that it is almost impossible to commercialize it in reality.
After learning about it, Chu Yingzong took a deep breath and said, "I know why Fennel feels that he has too much advantage... This kind of prior knowledge is really unfair."
"It doesn't matter." Shi Ye said, "Since that's the case, let's break it one by one. The so-called 'Russian Roulette' still has a winning strategy."
Chu Ying asked: "You mean?"
Shi Ye said: "As long as I am fast enough, I can empty all six bullets, and he is dead."
Chu Yingzong: "..." What kind of "winning strategy" is this!UI? !
Time and Night is almost effortless, and so is Fennel.
At 3:12, both sides broke through this simple and simple website almost at the same time, and saw each other's backstage.
- This is the first step.
Next, they will dig out as much information about the other party as possible from the website, and then find the most important host among the six devices of the other party, and then invade it.
The background of the small website is also simple, and the administrator can only add, delete, modify, check everyone's dynamics, and perform operations such as site-wide broadcasting.
Shi Ye was holding a mobile phone beside him, looking at the background synchronously.
Chu Yingzong didn't pay attention at first, but later found out that he had posted a new post on the website.
[Signale: 135.1.51.1, op, f2235! op1]
After refreshing, Chu Yingzong, who saw the dynamics, was a little dazed, and turned around and asked, "What do you mean by what you posted?"
Shi Ye said: "Unit 1."
Hearing what he said, Chu Yingzong came to a sudden: what he sent was the IP address of machine No. 1, administrator account and password.
Chu Yingzong: "..."
Time and night: "?"
"Ahhhhhh!" Chu Ying was stunned, "Why did you send it out! Isn't this equivalent to giving Fennel for nothing?!"
IP, administrator account, and password are enough for Fennel to easily get the No. 1 machine.
This is equivalent to joining the enemy! !
Chu Ying held her head in her hands, and her already nervous mood almost burst on the spot.
Shi Ye was very calm, and said: "Because this roulette game should have been a one-on-one fair match, and you are an outside aid. This is not fair."
Chu Yingzong: "So in order to be fair, did you just give away a machine?"
Shi Ye: "Yeah."
Chu Ying hesitates to speak, he knows that this is Shi Ye's style and rules, Shi Ye is a man who regards rules as everything, but...
There are a total of 6 devices, and one of them was lost so easily at the beginning, which makes people feel very insecure!
Chu Yingzong: "Then have you ever thought that your right hand is injured, which is unfair? I'm only helping you to make up for your disadvantage—"
"It's not just that." Shi Ye said lightly, "In Russian roulette, having a comrade in arms is already a great psychological advantage. What's more, this person is you."
Chu Yingzong was speechless for a long time.
After a long time, he sighed.
"Oh." Chu Yingzong said, "Forget it, you are this kind of person. I just hope that next time you make such a decision, you can tell me in advance."
Shi Ye: "What will happen if I tell you?"
Chu Yingzong pinched his face severely: "I will be mentally prepared!!"
After a brief conversation, Chu Yingzong turned around again, and began to browse the background of Fennel's webpage nervously, pulling down the history records of all account logins.
But at this time, they noticed at the same time that Fennel also updated a post.
[Fennel: 142.10.2.123, gry, gq245]
"?"
Chu Ying was stunned!
Shi Ye also looked sideways, frowned slightly, and said, "Ask him what he means."
Chu Yingzong typed very fast, leaving messages under Fennel's feed.
[Signale: What do you mean? 】
[Fennel: Automatically give up one of my devices.Don't get me wrong, this isn't a surrender to you, it's just an attempt to offset your disadvantages.Now it is more than 3 o'clock in the middle of the night in Huaguo, which is not a small challenge for your work and rest, right?Also, I noticed that you used the standard version of the onion network, guess you haven't made similar bets before; and I have additional tools to prepare, which is not fair to you.To counteract the 'unfairness' here, I chose to give up one device, and that's it. 】
Chu Yingzong: "..."
Shi Ye nodded calmly: "Understood, we can continue."
Chu Ying said in a low voice: "I didn't expect him to be so principled."
Shi Ye said: "The electronic world is different from normal society. The principles here are principles, and they are unshakable objective laws."
Chu Yingzong nodded: "I seem to understand your thoughts."
Fennel has detected that their intranet is connected using the onion protocol, and the action is a step ahead of them.
But Chu Yingzong moved quickly, quickly browsed the records of Fennel's website, and quickly found the entrance of Fennel's intranet.
With tentative session requests to his gateway, they quickly caught a few packets going back and forth.
——The data packet is the content of the communication between the five devices of Fennel, which can be said to be the telegram of the opposing army.
A normal TCPIP protocol data packet, when flowing between various devices, is always in a standard format: version number, header length, service type, total package length, flag, segment offset, timestamp, protocol code, check digit , 32-bit source IP, 32-bit destination IP, options and finally user data.
However, in the Fennel data packets they intercepted, many digits of encrypted content have been passed.
The encrypted data looks disorganized, and the naked eye cannot see any meaning.
Chu Ying blurted out: "Why don't you analyze what encryption method he uses?"
"No." Shi Ye said calmly, "The low-level analysis is too time-consuming. Let the Viper do this, and we will carry out the XSS attack first."
Chu Ying Zong opened the black Viper, and then dragged several captured data packets into it, watching the Viper start to analyze automatically.
This is a general tool of Signale, which can independently analyze the ciphertext and quickly analyze the encryption method; if necessary, it can cooperate with Lyrebird to get relatively simple plaintext and key.
At the same time that the tool started to work, Chu Yingzong had already returned to the Facebook page.
After analyzing all the data on the webpage, it does not mean that it is completely useless, in fact, it can also be used for fishing!
XSS is one such attack.
Just listen to Shi Ye's dictation: "Try keyword injection."
"En." Chu Ying nodded, opened the input box of the webpage, tried to type a code in it for a while, and then sent it as a new dynamic that can only be seen by individuals for testing.
After refreshing, Chu Yingzong's code took effect at the same time as the new news appeared!
"XSS can be done!" Chu Yingzong was pleasantly surprised, "It's really a sieve website. It seems that Fennel has completely given up on defending it..."
The principle of XSS (CrossSiteScripting, cross-site scripting attack) is simple.
When a website allows user input and then displays it on the web page, the user is actually able to inject his own input into the source code of the web page.
If the programmer does not pay attention to shielding this injection when writing, then the hacker can break through his own input area, write the real code as dynamic, and enter the source code of the web page.
As for other uninformed users, once they see this post posted by hackers, their browsers will automatically think that the content of this post comes from this website—and this website is trusted, so they will Run malicious code in motion.
This process is like a dove occupying a magpie's nest. The hacker borrowed the name of the website to let all its users execute their own code.
At 3:30 in the morning, Chu Yingzong injected the carefully written XSS script into the new news.
[Signale: Hmm. 】
Although there is only a short word "um", in fact, the volume of this dynamic is several KB. The reason why it is only displayed so short is of course that the code loopholes in the web page are used to hide the subsequent content and become the source part of the code.
And the purpose of these codes is very simple: let viewers download a Trojan virus automatically!
That way, once Fennel sees the post, it might download the Trojan.
At the same time, according to the rules, Fennel also released new developments.
[Fennel: I don't know how your progress is?I've found your first springboard. 】
Seeing this news, Chu Yingzong couldn't help breathing a little faster, and said, "Why is he moving so fast? Is he already attacking one of our devices? Should I open the firewall to check the records?"
"Don't worry, it may not be true." Shi Ye calmly said, "Since the honeypot didn't call the police, we will continue to attack."
Chu Ying waited for a while, but the background Trojan was never downloaded.
Apparently, Fennel saw new developments in the injection of malicious code, but was not caught.
——Is his firewall blocking background downloads?Or is Fennel blocking the entire web page from executing code?Or does he check all inputs?
In any case, the XSS attack has not worked for the time being.
However, Viper's cracking process has already run, and it gives the analysis conclusion of the Fennel data packet.
Unfortunately, Viper did not directly decipher the original text, but it gave the encryption protocol used by the data packets.
——nDC.
This was an agreement that Chu Yingzong had obviously never heard of, and he looked at Shi Ye behind him for help: "What is this?"
Shi Ye frowned slightly, and said, "A kind of anonymous agreement."
Chu Yingzong: "...Thank you, of course I know this."
"The nDC was proposed earlier than the Onion Network, but it is not practical and has not been widely promoted." Shi Ye explained lightly, "This is a fully symmetric encryption protocol, and the process is similar to a linked list."
The anonymity principle of nDC (N-partydinningcryptographers) is stronger and more hidden than the onion network.
All devices in the nDC network, whenever they publish any data packets, always perform an XOR (exclusive OR) operation with their right device first, and then pass their own data to their left device.
After all devices list their own data packets, they perform an XOR operation as a whole, and the final result is the output data packet.
This protocol ensures that each data packet will be manipulated by at least two devices, and each device only knows its own content and does not know the content of any other device.
In other words, it basically eliminated the operating space of the inner ghost.
Even if an intruder completely controls a certain host in the network, they still cannot get any information from the data packets circulating in the intranet...
As long as the intruder does not find the real host, even if he controls all the remaining 4 hosts, it still has no effect!
It is necessary to find the real host, or simply control all 5 devices, in order to crack the entire data packet.
This is the strength of nDC, an anonymous protocol that is so expensive that it is almost impossible to commercialize it in reality.
After learning about it, Chu Yingzong took a deep breath and said, "I know why Fennel feels that he has too much advantage... This kind of prior knowledge is really unfair."
"It doesn't matter." Shi Ye said, "Since that's the case, let's break it one by one. The so-called 'Russian Roulette' still has a winning strategy."
Chu Ying asked: "You mean?"
Shi Ye said: "As long as I am fast enough, I can empty all six bullets, and he is dead."
Chu Yingzong: "..." What kind of "winning strategy" is this!UI? !
Tap the screen to use advanced tools
Tip: You can use left and right keyboard keys to browse between chapters.
You'll Also Like
-
Super God: Join the chat group after obtaining the sign-in system
Chapter 1 hours ago -
Elf: Science fiction comics, support for Bayonetta
Chapter 174 1 hours ago -
Hyperdimensional anime started from Warhammer
Chapter 264 1 hours ago -
Fairy Tail: Ten Thousand Worlds Entrustment, Supporting Jianzi at the Beginning
Chapter 183 1 hours ago -
Zongman: I really just want to lie down!
Chapter 1 hours ago -
Zongman: Loading entries, support Toosaka Rin at the beginning
Chapter 1 hours ago -
Zongman: Even if I'm reborn, I still want to live my daily life
Chapter 212 1 hours ago -
Zongman: The second dimension is really suitable for magic cultivation
Chapter 293 1 hours ago -
Yu-Gi-Oh: Stop it, this is not a duel!
Chapter 180 13 hours ago -
Type-Moon lists the top ten virtues, and the defense of Valhalla is broken
Chapter 167 13 hours ago
