QH University of male dormitory apartment.
"Now the new rules are not really one o'clock."
Yang Jiangang just start playing basketball back to see my site is now being peer-to the black hearts of some sorts. The College he also heard of hackers, the last under the others went along with publicity about the address, the other chief technology Kingson looked pretty good, he made a few posts are of quality, YANG Jian like him very much , originally was intended to find a good opportunity to talk with him, no one thought such a thing happened.
Directly to the home page of hacker to hack, and then put up a "friendship test", in Yang Jian serious this is undoubtedly a great irony, as if pumping fiercely in his face, a bang on the ear, Yang Jian is the anger was seen the burning, but he did not impulsive, immediate revenge. Has been to call themselves Chinese hackers predecessors, he expressed understanding for this behavior, like the original, he has had the experience, although they do not like arrogance, but essentially no different, we are all much to choose. Therefore, only the other's provocation Yang Jian as a child's prank, after all, hackers School just started, to fulfill them out.
But then came the news that he changed his idea, he did not actually think of hackers College attack around the same time, while the other three black out hacking sites. It seems the operation was long premeditated, the person is not as simple as we imagine.
Several college friends are like hackers launched an attack on the server, but the server did a solid like CRC in general, usually invincible iron met a few guys today, who are all Sha Yuer back. See, the other does 有两把刷子.
Yang Jian dissatisfaction each other too arrogant, Birentaishen, decided to punish hackers College shot a good kid gang, so they know how to behave to be humble, know how to respect seniors.
Write out their own tools, YANG Jian server on the other side a detailed scan, the other side of the system is Linux, but Yang Jian found almost no possible exploits. The other side of the server for only a few essential services, the port is minimal, only the 80,21,20, and a 4410 used for remote login and want to proceed from this has been impossible. Then, Yang Jian tried Linux a few common vulnerabilities, but also all patched. Then checks the other side of the FTP server, using vsftp, the FTP claims to be the world's safest and most stable FTP server, after the vulnerability has been found very little, Yang Jian tried it, he knew several vulnerabilities also make up, and that it also blocked the road.
Since the software does not work from the system and it had to start the program from the forum.
Yang Jian see a bit of this forum, the forum program, and he had not seen, evidently spent a lot of new technology inside, UI (interface) design is also more humane, should not be a forum for open source programs abroad, finished over. Since it is PHP + mysql, and Yang Jian first to try a little SQL injection, the method he used to invade PHP site has been time-tested, many sites do not pay attention to the domestic problem. Yang Jian returned results as expected, this program will prepare some of the characters to filter the sensitive, SQL injection simply will not work. Yang Jian is not surprised, he already knows very formidable opponents. He began to transform thinking, actively looking for other areas from the invasion of methods available, but those he knew he would have been a way to still have no clue.
"When will China so much out of a guy out? No reason to, ah, had never heard of such a One figure seems to come out of thin air." Yang Jian forehead sweat leaking out, the opponent is very difficult , if they invade successfully, may be subject to the other side of the ruthless revenge.
"Well, the first challenge of his own, and I only just tit for tat." Yang Jian moment concerns the heart of that wire behind and continue to look for opportunities to invade.
But this did have a master, Yang Jian has employed every means, usually a time-tested techniques that have now become a "dummy egg", he hardly was at his wits end.
Finally, a flash his mind, think there is a way to a try.
In fact, Yang Jian's accomplishments in the PHP programming is also very deep, hacking forum home program that he and several classmates together a masterpiece, and Yang Jian in which the key is responsible for most of the code. The preparation of the code, he also learned a lot. Hacker forums because they have to do, naturally particular attention to security issues, for which he dedicated to the school network security experts have consulted Professor Sun. The forum's code completion, he will be sent to Professor Sun source code a few days later, Professor Sun, a graduate student brought himself sent a email, that a number of very serious network security vulnerabilities. Typically, the programmer of network security if not profound, then these problems can easily be ignored.
"Yes, that several loopholes!" Yang Jian hearts rejoicing, while the other may have noticed some concerns about these issues.
So he find out that email, which started in accordance with the proposed loophole, one by one test, however, Yang Jian's heart gradually sink to the bottom, he was shocked to find that programmers write this forum have noticed these problems . Yang Jian wiped the perspiration from his forehead: "the last one. But ... ..." Yang Jian is really little hope, because the flaw is not a difficult note, just because they write code, but when compared careless only.
"It seems really could not break, they then concealed security issues have taken note, there is no reason to produce such low-level errors."
"Oh, well, desperate for a horse medicine." Although the heart to no hope, but he still has a trace of luck.
He opened a location slightly trembling hacker College Forum registration page, the vulnerability is the code hidden in the registration page, accurate, its principles and SQL injection is essentially the same, are due to non-coding SQL database operations strictly caused.
"Ha!" Looking at the browser that the returned results, YANG Jian burst of ecstasy, program really did not expect the existence of this forum this loophole, it seems that to go ... ... (dog feces?) Shipped!
With emotion, YANG Jian quickly to exploit the successful implementation of its own database statement, to add a database administrator with root authority, and then use the forum upload, entered, and a can upload Create users and small program with elevated privileges.
After the success of a successful invasion, YANG Jian think there is only something to calm the widespread destruction of their own inner frustrations of the gas. Finally, in the end but he was calm. This opponent is too strong, not easily offended ah.
Yang Jian much deliberation, that the services can not be too soft, or else they will begin more aggressive. So, he decided to let the College know that hackers, "Behind the people beyond," the script to modify the forum code to add some script, and then pass their latest achievements in the recent up.
"Hmmm, do not think you hackers out of the University, to no longer capable of!" Yang Jian for the latest results are very proud hearts can be said that the computer sector, a landmark feat that, "you acquire try effect. "Yang Jian know, really like to learn hacking techniques used Linux system, and his Linux system, this thing can only be effective, those who use the windows are not to worry.
Busy these, YANG Jian think the clean battlefield. But he suddenly hackers College became interested in the Forum process.
"This program can be really good then, get back, do research, Hey ... ..." Yang Jian was not sure, is because of his greed, he has been quietly eyeing Xu Yi.
No comments:
Post a Comment