readx;

Ask for a monthly pass

Lin Hong originally thought that Richard, like Kevin, belonged to the kind of person who knew about the secret plan of the US government's surveillance, but after many side knocks on his side, the other party did not show the slightest sign of knowing about this plan, and finally Lin Hong had to admit that the other party might just intuitively think so. Pen × fun × Pavilion www. ｂｉｑｕｇｅ。 info(《》网7*

Richard tells Lin that "free software is a weapon to resist evil governments and defend freedom", but Lin Hong has no sense of this, and although he feels that there is a connection, it does not seem to have reached this level.

Richard soon gathered around him a crowd of supporters of free software, who gathered around to listen to Richard's passionate speech.

Because it was a bit noisy, Lin Hong originally wanted to find another place to read books, but then the librarian came over and suggested that Richard give his lecture in another place, and the group soon left the library.

Lin Hong looked at Richard's back thoughtfully, he could already confirm that this person himself did have a convincing contagion, and he guessed that this might also be a manifestation of strong mental power, especially when facing Richard.

Shaking his head, Lin Hong continued to bury his head in reading the books on the Nine Astronomical Networks.

Time passed quickly, and Lin Hong once forgot to eat lunch.

At about four o'clock in the afternoon, he put the other books back in their place, borrowed two copies of the Posix Standard in his hand, and then walked to the rest area and contacted his left hand with a calculator.

……

In the evening, Lin Hong began to formally try to learn invasion.

His basic knowledge is already quite solid, but he lacks sufficient practice.

In addition to reading books, he also went to many technical forums to read some hacking knowledge, among which the biggest gain is the internal BBS of Blue Eagle. The latest chapter of the Templar

Because of his acquaintance with Hawkeye, he asked Arthur to help him open an account that he only used to browse the technical knowledge and documentation shared by others, and he never made a single post.

Lin Hong opened the list of server addresses that Kevin had sent him before, found the first address from it, and then switched to the ms-dos interface to start analyzing the target.

According to the order of invasion, the first step is to "step on the point", that is, to collect as much information as possible about the target that needs to be invaded, which can be the whois data of the domain name, or all the information that may exist on the website.

For example, through its domain registration information, you can find the name, address, phone number, email and other information of the contact, and through the content of the website, it is also possible to find useful information from some words published by the administrator, such as the nickname of the other party.

From the descriptions of many hackers, we can know that this step seems simple and seems to have little technology, but it is actually very important, and sometimes it can achieve unexpected results.

Lin Hong recorded the information he had gathered.

Lin Hong found an agent shared on BBS and started to invade through this proxy.

Although it was not safe, he didn't plan to do anything to sabotage it in the first place, it was purely for learning, and there was no need to make it too complicated.

Besides, he doesn't have the skills to go home now, even if he wants to be more complicated, he can't help it.

"By the way, won't my bit messenger be anonymous?"

Lin Hong suddenly came to inspiration, if he used Bit Messenger as a proxy for network service access, wouldn't he be able to achieve real anonymity?

Network access is also a flow of data, which is essentially the same as a message, so Bit Messenger can also be used as a proxy.

"Unfortunately, in order to be able to publish Bit Messenger safely, I now have to learn about network invasion."

When Lin Hong thought of this, he couldn't help but feel a little ironic. (《》网)

Next, he began to test what services were running on the server, and found that the system running on this server turned out to be UNIX, although Lin Hong had never really operated UNIX, but he was already very familiar with it, after all, minix was written in imitation of UNIX, and Lin Hong had also read a lot of UNIX books, and knew its commands very well.

Now that the target system has been determined to be UNIX, Lin Hong began to try to use some of the knowledge he has learned to continue to probe the target system, wanting to find out what services and ports the target host has opened.

He used the manual method, and the common ports were tested one by one.

However, Lin Hong also heard Arthur say that now someone has written a tool that can automatically scan ports and services, but it is only heard, and no one has shared it on the Internet.

Looking at the information of various target hosts that kept flashing out in the interface, Lin Hong had an inexplicable sense of excitement and excitement at the moment, as if he was in an unknown secret corner, while the owner was asleep, he was peeping at the information in the house, and he also wanted to make a hole in the wall and go in for a visit.

Lin Hong somewhat understands why so many people are more inclined to be cyber hackers, and this feeling of finding the other party's vulnerabilities and invading them is so wonderful that it is simply addictive.

Because it was the first invasion, Lin Hong's progress was very slow, but he carried out it very methodically, and he memorized what kind of results each of his steps would have, and there were many redundant movements, and he would not waste time in the next invasion.

"Port 21 open!"

After several probes, Lin Hong suddenly perked up.

Port 21 is usually used for FTP services.

In UNIX servers, the configuration of the FTP server software is very complex, and only experienced administrators can do this job. If the administrator's skills are not very good, it is very likely that some default settings will be retained, and these default settings are very insecure, and people often take advantage of the situation as a breakthrough to get the management of the entire server.

In Blue Eagle internal BBS, the most common way to invade is to elevate privileges through the FTP side, because many FTP external services allow anonymous users to access, and anonymous users only have the least permissions, that is, to browse the specified directory and download files.

But through specific commands and methods, hackers can elevate the privileges of anonymous users and even create a new account inside.

So, Lin Hong called up the FTP software and began to anonymously link to the target server.

It's connected!

Encouraged by this, Lin Hong began to exploit the known FTP privilege escalation vulnerability to elevate privileges so that he could create a user of his own in it and then log in.

What Lin Hong didn't expect was that this ftp server was obviously patched by the server administrator, and it was done thoroughly, he tried several known vulnerabilities that could escalate rights, and found that these vulnerabilities were all filled.

I tried a few other ways again, and the result is still the same.

The FTP service on this server is like an extremely well-defended fortress, impregnable and impregnable.

Lin Hong was not discouraged, he gave up FTP intrusion, and then began to try other completely different methods, even the uncommon remote overflow vulnerability, but the result was still to no avail

This couldn't help but make him feel a little helpless, did he encounter Waterloo in his first invasion?

The address of this server was given to him by Kevin, and he originally thought that the address in the first place would be the easiest in it, but he didn't expect it to be so difficult.

The administrator skills of this server seem to be very good, and he seems to know all the methods shared in BBS, and he has plugged these possible vulnerabilities one by one.

Invasion is a meticulous job that requires extreme patience, and Lin Hong finally has a deeper understanding of this sentence that he saw on BBS.

After taking a break for a while, Lin Hong went back and thought about the whole process for a while, and finally, he decided to try again using the most common hacking method used by novice hackers - guessing the password.

Guessing a password means guessing the password of an administrator or user by luck.

This is the method that Lin Hong is most reluctant to use, although many people have succeeded, but Lin Hong always feels that this is not a successful invasion with his own technology, it is not the right way.

But now he really can't help it, so let's try.

Lin Hong directly used tel to connect to the Unix host, and then used root login to guess the password, but the result can be imagined, failure.

Then Lin Hong used the finger command to obtain some user information.

finger is a utility used in the UNIX system to query the user's situation. The UNIX system stores the details of each user, including e-mail address, account number, real name in real life, login time, whether there are any unread letters, the last time the e-mail was read, and the messages left when they go out.

When using the finger command to query, the system will display the above information one by one on the terminal or computer.

And the most important thing is that there is also such an order under DOS.

When Lin Hong queries the IP address of the target server according to the syntax and parameters of Finger, he immediately lists all the user information in the server.

The first line contains "Login Name", "Name", "Terminal Name", "Login Time", and "Login IP".

This is followed by a total of 13 user information in this order.

Lin Hong looked all the way from top to bottom.

“sys”、“root”、“jimmy”、“nsadmin”、“bin”、“eric”……

“eric？”

After Lin Hong saw this nickname, he immediately perked up.

Because when he first started stepping on the dots, he once collected the same information as this, and the other party's email began with this nickname.

Lin Hong immediately used the information he collected to log in and guess the password for this user, and after five attempts, he finally successfully logged in!