At 15 o'clock, the report meeting began, the door in front of the lecture hall opened, and two people walked in, one in front of him was polite and polite, and he looked very cultivated; The other was a fat man with a very rich smile on his face, holding a thermos water cup in his hand.

On the podium in front, the fat man holding the thermos cup smiled even more: "I am very touched by your enthusiasm with so many students today, thank you for coming here, to participate in our report meeting, to understand the development of Internet security, you are all aspiring young people with ideals and pursuits, and full of thirst for knowledge!" ”

After a pause, the fat man continued to smile: "I think many students came here today to get to know the legendary well-known hacker Cobra, so I would like to ask, among the students here, have you heard of Cobra before?" If there is any, if there is, please raise your hand! ”

The venue suddenly fell silent, and no one raised their hands, which made the people on the stage a little embarrassed.

Hu Yifei raised his hand, "I've heard of it, I've heard about it on the Wolf's Den Base Camp forum!" ”

The stage was suddenly overjoyed, this is simply a lucky star to save the scene, and then look at Hu Yifei's dress, the fat man thought about it in his heart, and secretly said that the people of this computer association really have eyes, and they cooperate well, and if they have a report meeting in the future, they will also look for them, "Congratulations to this classmate, you will get a set of new books signed by Cobra, and a set of Internet security tools collected and used by Cobra." ”

Hu Yifei was overjoyed, he didn't expect this gesture to have an unexpected gain, the tools used by Cobra should not be low-grade goods circulating everywhere on the Internet. Suddenly, many people in the venue began to regret it secretly, and some of them had heard of Cobra, but they were just embarrassed to raise their hands just now.

"This classmate, can you please tell me what you know about COBRA?" The fat man on the stage walked down and handed the microphone to Hu Yifei.

Hu Yifei thought about it and said: "COBRA is the first generation of hackers in China, both virtue and art!" ”

"Finished?"

"It's over!" Hu Yifei nodded in affirmation.

The other party was stunned for three seconds, and then put on that smile again, "This classmate said it so well, both virtue and art, the weight of these four words is not light!" So do you want to know what this virtuous and artistic Shuangxin looks like? ”

This time, the venue was very enthusiastic, and everyone shouted "yes" loudly, but unfortunately there were no prizes.

"Then I will now introduce to you the special guest of today's report meeting, the well-known hacker Cobra, the technical director of Weilan Security Technology Company, Mr. Huixin!" The fat man was passionate, and after speaking, he stretched out his big hand and pointed to the polite person on the stage.

"Hello students, thank you for coming to listen to my report!" Cobra didn't say much, just said a word, and then a shallow bow, and when he got up, he also glanced at Hu Yifei, as if the person who had heard of him was a little interested.

Hu Yifei pondered it there, it turned out that Cobra's name was Huixin, and it was the first time I had heard of this surname in the world.

The person with the water cup sat back on the podium and turned on the computer, "Everyone must want to know what Cobra has done as a well-known hacker, and they must also want to know what kind of development history Chinese hackers have, don't worry, I made a special feature for you, after reading this topic, everyone will know!" ”

The projector cast a title on the screen: "A Brief History of the Development of Chinese Hackers and Chinese Hacker Yearbook", and then the lights of the venue dimmed, the background music started, and the theme began to play.

Hu Yifei has long been in contact with many similar feature articles in the wolf's den base camp, and he is also well aware of the development history of Chinese hackers, but it is the first time to watch this form of feature film, the feature film has a large number of pictures and materials, which can not be found on the Internet, and clearly explains the important events, important people and groups in each period of the development of Chinese hackers.

The first to appear were the "thieves", who introduced excellent foreign software products in China's first prototype Internet, disseminated and exchanged registration codes.

Later, Kevin. The legendary history of Mitnik, a super hacker, was introduced into China and became the idol of many Internet youth in China, and the word "hacker" has since appeared on the Chinese Internet and has begun to be remembered by people.

Then, Trojan horses began to appear, the virus storm continued to expand, and the security prospects of the Internet were bleak, and almost everyone on the Internet was busy killing viruses at that time, the most famous of which was the CIH virus, which still makes many people smell about it.

The Indonesian anti-Chinese incident in '98 angered Chinese hackers and prompted the emergence of the earliest hacker groups in China, who attacked Indonesia's political axe website, condemned the atrocities, and forged the spirit of the first generation of Chinese hackers with the theme of "unity and strength", this group was later called the Whampoa Military Academy of China's hacker circles - "Green Corps".

The hacking tools developed by Chinese hackers themselves began to appear at this time, the famous streamer, snow tracing and random knife, the author of these tools, has a common name, he is called Xiaorong.

Time has passed another year, 99 years is the most glorious year for Chinese hackers, this year broke out the first Sino-US hacker war, the bombing of the embassy in Yugoslavia, so that the scale of the battle that took place on the Internet continues to escalate, with the brilliant results of the war, Chinese hackers have since occupied a place in the world security community, Chinese red customers took over the baton of their predecessors, and added new content to the spirit of Chinese hackers, that is, patriotism, the second generation of Chinese hackers appeared.

The patriotic Chinese hackers cleaned up the United States, and then they cleaned up Taiwan, which threw out the two-state theory, and their prestige was greatly boosted for a while. China's hacker software Trojan Binghe showed strong combat effectiveness in this battle, and directly stimulated the emergence of more excellent hacking software later, and Huang Xin, the author of Trojan Binghe, is also well remembered.

Also in this year, China's hacker camp began to diverge, Hongke is one of them, and the "Green Corps" also officially established the "China United Green Alliance" network security company at this time, taking the steps of commercialization.

After entering the new millennium, with the development of the domestic Internet, the threshold for surfing the Internet began to be lowered, and the threshold for hackers was lowered. The hackers of this period are known as the third generation of hackers, who no longer focus on technology and rely more on ready-made tools, and the clutter of personnel also makes this group start to be impetuous.

The second Sino-US hacker war after the Sino-US plane collision incident in 01 gave this manic group a blow to the head, and Chinese hackers failed to continue their glory in this war, and this war has largely become a patriotic show in the mouth of the media.

After the war, with the reflection on the spirit of hackers and the influence of the spirit of hackers, the Chinese hacker community continued to differentiate, and more schools appeared, even if the groups in the same camp, they would be deeply divided, even the "Green Corps" with the same division was split into Yanjing "Green Alliance" and Shanghai "Green Alliance".

It is precisely because of this extreme differentiation that the era of the big hacker alliance is gone, replaced by scattered small groups, which has led to the subsequent Chinese hacker group no longer has a dominant situation, and there is no longer a leader with strong appeal like Xu Rongsheng, China Ying, and Yuan Ge.

In the feature film, some other special characters are also introduced, such as Jinshan Qiu Bojun and Tencent Ma Huateng, which caused the venue to be constantly shaken, as long as the characters in the feature appear, they will be accompanied by a photo of COBRA and them.

Hu Yifei's eyes widened, he didn't expect such a low-key person as Cobra to have such a wide range of contacts in the circle.

After the feature film was played, the venue was silent for a long time, and everyone was excited about the brilliant achievements of the hackers, but also reflected and regretted.

"Alright, we're done with our feature!" The fat man with the cup laughed again, "After watching the feature film, do you all have a feeling of trying your skills, do you want to live the addiction of hackers yourself?" ”

"Yes!" Immediately, someone in the venue shouted excitedly.

"It's in vain to think about it!" The fat man laughed, "You can become a hacker by watching a feature film, I don't have any big skills!" ”

The audience also burst into laughter.

"I can't do it, but the big brother cobra next to me is very good!" The man pointed at Cobra, "Now, let's ask Brother Cobra to demonstrate the hacker's attack methods for everyone, so that everyone can see with their own eyes how terrifying the real hacker is!" The fat man deliberately dragged the last word for a long time, and immediately mobilized the atmosphere of the scene.

Cobra opened the microphone in front of him, blew on it, and said: "There are many hacker attack methods, I will mainly demonstrate two of them for you today, SQL injection attack and overflow attack, many students on the scene may not understand, it doesn't matter, I will give you some explanations." ”

Cobra turned on the computer in front of him, connected the projector, and the big screen in the venue began to display the picture on his computer, Cobra opened a web page, showing that it was a BBS, "This is a forum, take a closer look, will you feel familiar?" That's right, it's exactly the same as your Polytechnic BBS, using the same program code! ”

Now everyone's interest is up, Hu Yifei is also staring at the screen, the forum displayed on the screen is indeed very similar to the BBS of the University of Science and Technology, but the logo has been changed.

"This is the BBS that I set up on the company's backup website server, the server uses Microsoft's server system, has done the necessary security settings, installed firewalls and anti-virus software, and now I will show you how to use this forum to achieve the purpose of invading and controlling this server!"

Someone at the scene was trembling with excitement, damn it, I have to study hard, and when I learn to turn around, I will hack the school's BBS, let your fucking cafeteria meals run out of oil and water, and let you not pass the exam! Today's report meeting was really not in vain.

"99% of today's websites use databases, and the so-called SQL injection is a hacking method that takes advantage of the loophole that the website is not strict in filtering the submitted data, and inserts some data query languages when submitting data, so as to obtain the information you want." Cobra gave a brief introduction, and didn't expect the people below to understand, he demonstrated on the computer: "For example, I am visiting this page of the forum now, I added a SQL judgment statement to the URL, and the meaning of this code is also very simple, that is, to ask whether 1=1 is correct. The answer is definitely correct, so as soon as I hit enter, everyone saw it, and the page opened normally. ”

"But if I ask if 1=2 is correct, you can see again, after the URL is submitted, the web page cannot be displayed normally, and the server returns an error prompt! Why is that? Because 1=2 itself is wrong, the server will not show up if the server thinks that the URL you submitted is wrong after analysis. ”

"So what's on everyone's mind now?" Cobra suddenly asked the people at the scene.

No one answered on the spot, this is normal, the correct answer is displayed, the wrong answer is not displayed, what can this mean, can you ask some questions that 1 is equal to how many can you invade?

Cobra waited for a while, and saw that no one answered, so he smiled and said: "Think about it, if the SQL statement I submit is not to ask whether 1=1 is correct, but to ask whether the account of the forum administrator is called admin, and whether his password is 12345, then what kind of information will the webpage tell us?" ”

Suddenly, some people understood, Hu Yifei was the first to understand, damn, this is amazing, if the account of the forum administrator is really admin, then the web page will be displayed normally, if not, the web page will be wrong, try it one by one, you can always try out what the administrator's account is, and you can also try out his password.

Cobra saw that many people understood a little, so he continued: "Of course, this is just the simplest judgment statement, there are many kinds of SQL statements, there are query, there are judgment, there are addition, there are deletion, and most importantly, there are modifications. If you want to understand what SQL injection is all about, you have to learn the SQL language, which is not difficult, the language format is fixed, and you can master it in a few hours! ”

Hu Yifei was very excited, it turned out that he could master it in a few hours, and he thought it was difficult.

cobra nodded on the forum, and said: "Everyone has seen it, the administrator account of the forum is indeed called admin, this does not need to enter a query statement, the forum list is displayed, we know his account, to guess his password, it is just a matter of time, but this seems to be a bit of a waste of time, do we consider using the modification statement, can we use the sql statement to directly change his password to 12345?" ”

cobra clicked on the forum login, entered the account admin, and then entered the password 12345, when logging in, the forum prompted the password error, unable to log in, "everyone saw it, the password of the management account at this time is not 12345, now we use the method just now,Insert a sql statement behind the URL,Change its password to 12345。 ”

Crackling in the back of a URL to enter a large SQL statement, as soon as you hit enter, the web page is displayed normally, cobra said: "Now the page is displayed normally, this is to tell us, the password change is successful, if it is not successful, it will prompt an error!" ”

Cobra returned to the login interface and entered the account number and password 12345, this time everyone saw very clearly, and the login was successful, and the password had become 12345. It's amazing, isn't it?,Just add a small piece of code to the back of the usual commonplace URL.,It actually changed the administrator's password.,If you don't see it with your own eyes.,No one can believe it.。

The person surnamed Anxious raised his hand directly, "What, Brother Cobra, can you rewrite the code just now, I can write it down!" Those who don't know still think he's studious, but those who know understand that this kid must not be at ease, and he may not be holding some bad water in his stomach.

Cobra laughed: "It's okay to write ten times, but this code is not universal, I can succeed, you may not succeed." Because you also have to understand the database structure of the website, the database structure of different websites is different, and not every website has this vulnerability. For example, the website of your University of Science and Technology has fixed this vulnerability three months ago! ”

The young man was so devastated that he shrank back and said nothing.

;