readx;

As a matter of fact, many people were disappointed by this network information security confrontation exercise. Pen "Fun" Pavilion www.biquge.info

According to their original assumptions, the two sides of the exercise, like other exercises, should be able to fight back and forth, and I will destroy one of your servers; You get rid of my computer; I put a few big letters on your monitor, and you put a flag representing the occupation in my website.......

After all, the attack and defense of network information security sounds very awesome, and it should live up to its name.

And this time, after their acting began, the two sides were too leisurely, tossing and turning in front of the computer every day, not knowing what they were doing at all, and without any success and performance.

It's really a big disappointment for many people.

What kind of information security confrontation is this? How does it feel like you're playing at home? Not at all. So many days have passed, and nothing has come of it at all.

Many people are already wondering whether such an exercise is necessary.

It was in this tone that the Blues finally masterminded the invasion.

According to their original plan, they actually wanted to make good use of this breakthrough point, after all, the Red Army was too tightly defended, and they were almost not given any opportunity to take advantage of, and it was impossible to break through from the server.

In the past few days, Li Yushan and Ding Huahui have been studying how to make good use of this loophole, but they have not come up with any good ways to make the other party's system crash at most, and destroy one of the system files, so that it cannot be turned on. If you want to do anything more, you can't do anything.

Due to the pressure from above, the captain of the Blue Army's information confrontation brigade also had to talk to Li Yushan about the situation, and later, they decided to make some achievements first. Anyway, this exercise is to consider the overall results. It's not that you have to get the opponent's battle plan to win, as long as you do it better than the opponent.

They also carefully studied how to make the results.

It's definitely not okay to be too secretive, such as directly hanging up a certain software or service on the other party's server or computer. Reboot, none of them are very suitable.

Because this change is only reflected in it. The other party easily repaired it, attacked the other party, and didn't even make a sound, no one knew.

If you want to produce results, you must let the people in the referee department see it.

So, they designed such a game, complained about their violation of the rules, and then when the referee reviewed it, they hung up the opponent's machine to get extra points.

I have to say. Their plan went smoothly and achieved the desired goal.

Since this was the first obvious result achieved since the beginning of the exercise, the Blue Army's information security confrontation team was praised by the top management.

The Blues were cool, but the Reds were depressed.

It's just an innocuous attack. However, very remarkable results have been achieved, and if the previous situation continues, and neither side can help the other, after the exercise is over, the Red Army will definitely lose the exercise.

Captain Qian sighed and said, "Lao Wang." Comrade Lin Hong, the top priority now is to make some achievements for the above to see, first increase some impression points, and recover the lost points. ”

Lin Hong and Lao Wang glanced at each other, and they both saw helplessness in each other's eyes.

Lin Hong shrugged: "Captain Qian, you still have to take your time in this matter." It's easy to let them hang up on a particular machine, but it doesn't make much sense. It's as if the guerrillas are never a substitute for the main forces. ”

"Lin Hong is right." Lao Wang nodded thoughtfully, "Let them go to guerrillas, we are accumulating strength to give them a fatal blow." ”

Captain Qian also knew that he was a little anxious.

Hearing both of them say this, his heart was also a lot calmer, and he nodded: "Then please leave it to the two of you." I was so stressed that I was asked to report every half hour, but I couldn't help it. As he spoke, he pointed his finger in the direction upward.

Lin Hong and Lao Wang are the key figures in their team, and Captain Qian can only count on the two of them.

The information of their troops against the officers and men is basically novices, either they have just graduated from school and just joined the army, or they have been transferred from other branches of the military, and they cannot be counted on at all.

After a few more words, Lin Hong and Lao Wang came out of the office.

"I didn't expect them to do something like this." Lao Wang shook his head, a little puzzled, "Do they really think that they can win the exercise with this trick?" ”

Lin Hong smiled: "I see, it's definitely not the will of those people in Tsinghua, and it may be that they were under pressure from above to make such a play." ”

When I returned to the computer room, I saw Liu Hui working in front of the computer, repairing the system for one of the computers, Lin Hong and Lao Wang, neither of them, nor did they care, and asked him to continue to toss around.

Returning to his seat, Lin Hong said to Lao Wang next to him: "It seems that we are going to speed up." Wang, how is your worm written? ”

"Still won't work." Lao Wang shook his head, "If you want to add the data upload module, the size of the worm is too large, it lacks secrecy, and it is easy to be discovered by the other party before it plays a role." Although I know all the parts, it is still a bit difficult for me to integrate them, and I am afraid that I will not be able to solve them in a short time. ”

"That's ......," Lin Hong thought for a moment, "Why don't you wait until I'm done with this at hand and study it together?" ”

"Okay! You're pretty much done with the spill research, right? ”

Lin Hong nodded: "Well, it's coming, there is still a key step." ”

He has successfully found a way to exploit this overflow vulnerability by successfully causing Apache to overflow and execute the specified code.

However, there is one thing he must be able to get Apache to reboot once to be able to do so.

But how do you get Apache to restart?

Lin Hong searched in his mind and finally found a feasible plan.

Not only does he want to make Apache restart, but he can also directly restart the opponent's OpenBSD, so that he can kill two birds with one stone, and it can also be regarded as an obvious attack result.

However, he knows that this method can only be used once, and after the other party finds out the reason, he will definitely plug this loophole.

After the work on his side was done, he began to come to Lao Wang's place to help read his worm code.

The code of this worm is a typical worm on the Internet, which can self-replicate and infect, and like its super worm, it can search for information.

The problem now is that the worm can't exploit the OpenBSD vulnerability for the time being, and the other party has to execute its code once before it can successfully infiltrate the system.

From this point of view, it is more like a Trojan horse.

"We have only one goal, and that server is that." Lin Hong reminded, "Its infection function, simply remove it, there is no meaning here at all." ”

When Lao Wang heard this, he immediately felt that this was indeed the case, he had thought a little wrong before, and always wanted to transform the worm code, but he didn't consider this situation.

"The time after infection is definitely relatively short, so it's best to be able to copy the data in a very short period of time and then send it back unknowingly." Lin Hong continued to recount his idea, "In order to exploit my vulnerability, the other party's machine must be restarted, that is, the process of copying must be completed within the period of restart. At that time, the other party will definitely check the process in the entire system in detail, that is to say, this program, after copying the target data, must enter a state of suspended animation and escape the other party's inspection. ”

The only way to do this is to hide the process, or disguise it as a system process.

Lao Wang is also familiar with this, first let the process go to sleep, and then activate it at a specific time.

Lin Hong continued to talk about his thoughts, and under his inspiration, Lao Wang gradually modified and improved the worm.

Finally, when it comes to the most critical place, that is the upload of data.

“…… The data is divided into file fragments, like IP packets, and finally reassembled at the destination to achieve file transfer. Lin Hong said his solution.

"This ......" For this, Lao Wang looked embarrassed, he didn't know much about this part, which was where his weakness lies, "This part can only be done by you." ”

Lao Wang gave up his seat and motioned for Lin Hong to take a seat.

Lin Hong was not polite, sat down directly, and then continued to write code below.

He writes quickly and smoothly, as if the previous code was written by himself, and there are no obstacles at all.

This part of the content, Lin Hong has long studied, when the official version of the bit messenger was released, it has been integrated into the file sharing function, which introduces the concept of "envelope", the principle of which is to divide the file into countless small pieces, and then download these small pieces of files from the distributed P2P network, so as to achieve the effect of acceleration.

In addition, this principle is also used by his super worm.

This time it was only for one computer, and the functions were relatively simple, so Lin Hong quickly wrote this part of the code. He writes very succinctly, and he usually does it in one line when others have to divide it into multiple lines of code.

This is exactly the difference between an old bird and a rookie.

To complete the same function, the code of the old bird is concise and efficient, while the code of the novice rookie is more redundant.

Lao Wang is an old bird, he thinks that his code can be written quite well, but when he saw Lin Hong's code, he suddenly felt that he was still a child.

"How many years have you been working with computers?" Lao Wang couldn't help but ask.

Lin Hong glanced up at him, smiled, knowing that his self-confidence had been hit to a certain extent, he said, "I have been learning programming for seven or eight years. ”

Hearing this, Lao Wang felt a little comforted.