HK054 Familiarity breeds contempt, Swallows return with first-class chicken
ACCESS Co., Ltd., also known as Access, is a company founded in 1984 and headquartered in Tokyo, Japan. It primarily engages in management consulting, software development, mobile network services, and internet browsers, among others.
Access company's flagship product Front browser has a high market share in mobile devices of Wosan country.
This network-based company applied for the right to use the supercomputer Yan at Tokyo Institute of Technology in order to take advantage of its name.
After learning the news, Shi Ke immediately searched for Aike Xin's company website through an internet search engine. From a company's website homepage, you can learn many things. For example, the company's recent situation, financial reports, and even personal passwords of company members can be glimpsed from a company's homepage!
Shi Ke entered the homepage of Aike Xin company, browsing the recent situation of the company. The development potential of this company is not bad, especially the cooperation object of Front browser, unexpectedly NTT and Sony these two giants.
After browsing for a while, Shi Ke tried to scan the vulnerabilities of Aike Xin's company website and enter the internal network. As an IT company, Aike Xin's company website indeed has its own independent server, rather than renting network services from a provider, offering server space.
Shi Ke judged the server's system and immediately drilled into the server from an unpublished vulnerability. The server of Aike Xinxin company's homepage stored a large number of files. Shi Ke browsed carefully and finally found what he was interested in.
Aike Xin company rented the supercomputer Yan's system resources are very few, they themselves have a strong server, so renting the supercomputer Yan is just to enhance the company's reputation!
Shi Ke found the login account and password of the supercomputer Yan on the web server inside Aike Xin company. It turned out that Aike Xin company had made public the account and password of the rented supercomputer Yan to every high-level executive in the company, allowing them to use the resources of the rented supercomputer at will. This was not because Aike Xin company was generous, but because their own research projects required confidentiality and could not be sent to the supercomputer Yan for processing, yet they did not want to waste the resources of the supercomputer Yan. So, they allowed high-level executives to use the resources of the supercomputer Yan at will!
This was originally a benefit of Aike Xin company, but now it has become a convenient channel for Shi Lei to invade the supercomputer Yan!
Shi Ke browsed through the web server of Aike Xin company, pondering silently in his heart, and decided to adopt the server of Aike Xin company. As a first-level hacker, he officially prepared to invade the supercomputer Yan!
Aikexin company's server is awesome!
This company has five core servers, forming a server cluster, each with a computing speed of 200 billion times per second, and the entire server cluster's computing power reaches one trillion times per second, equivalent to a small supercomputer!
In 2006, the world's supercomputer ranking, the 500th place in computing speed, was only 270 billion times. In other words, Aike Xin Company's server group is absolutely among the most advanced in the world!
After deciding to use the servers of Akamai Technologies, Shi Lei began to invade Akamai Technologies. Since Akamai's server group had reached the level of a small supercomputer, Shi Lei carefully controlled Server No. 1 and scanned for open ports on the opponent's server group.
Shi Ke has infiltrated the web server of Aike Xin company, but the web server is only used for the company's homepage and storing some unimportant files. The company's core data is all stored in a cluster of five core servers.
The calculation speed of Server No. 1 was ultimately disappointing, Shi Ke couldn't help but feel anxious in his heart, yet he could do nothing about it!
While waiting for the scan results of Server No. 1, Shi Ke fantasized about that kind of superpower in science fiction where a broken laptop could hack into satellites. If he had that kind of against-the-sky ability, how great would it be!
In hacking, intrusion, acquisition and control have different meanings. For example, a server that stores confidential files is not necessarily infiltrated into the server to obtain confidentiality.
Within the same server, there are many more permission settings, and confidential files generally also have independent passwords. Therefore, even if you obtain a confidential file, you may not necessarily get the secret, and you still need to crack the password.
As for controlling a server, that's the most difficult! Wanting to gain control of a server, especially a high-level server, is extremely challenging!
The performance of high-end servers is indeed very powerful and feels great to use. However, the security policies of high-end servers, server firewalls, are even more difficult to deal with. Moreover, there are also security guards on duty!
Although Shi Ke knew many server systems and unpublished vulnerabilities, he was not free to do whatever he wanted. Every time a hacker invaded, a network connection had to be established. After establishing the network connection, data exchange would occur. If high-level server security personnel were observing the flow of data at all times, any anomalies would be discovered. For example, if the server is like a pool full of water, and the network connection is like a pipe connected to the outside. When the server is in normal condition, there is no data exchange, just like when the pipe is not leaking water. If a hacker secretly adds a pipe to drain water from the vulnerability, can't the security personnel detect the leak?
Number one server slowly scanned out Aike Xin company, server group port open situation, Shi Lei and others have been waiting for a long time. After finding the suitable port, Shi Lei directly used Aike Xin company's web server to simulate internal communication of Aike Xin company, requesting access to the server group.
After the server group received the request from the web server, since both parties belong to the internal network of Aike Xun Company, the firewall of the server group did not block the request from the web server. Shi Lei took advantage of the normal request and smoothly infiltrated the server group through an undisclosed vulnerability!
After entering the server group, Shi Ke did not make any rash moves, but instead began to probe the composition of the server group's firewall. If he didn't deal with the firewall, it was likely that as soon as Shi Ke started cleaning up the permissions group, the firewall would sound an alarm!
Shi Ke analyzed the firewall on Server No. 1 while manually probing it. Aike's firewall was clearly not a common product, but a customized system entrusted to a network security company.
To borrow a phrase from the hacker community, free firewalls are worth nothing!
It took Shi Ke nearly two hours to basically understand the situation with the firewall. The firewall of Aike Xin was actually provided by Norton Company!
In his previous life, Shi Ke had specifically studied Norton's firewall. He was extremely familiar with each of their products. Although the firewall of Aike Xin company belonged to a customized product of Norton, its source code was also based on the development of Norton series.
Shi Ke is writing malicious programs within the server group, preparing to pierce through the firewall and make it ineffective!
The best way to break down a firewall is to grasp the server system vulnerability like a stone, enter the server, and destroy the firewall from within.
After all, the firewall's defensive capabilities against external threats are very strong, but its internal defense capabilities are relatively weak!
After spending about ten minutes, Shi Ke had compiled a malicious Trojan horse targeting Norton Firewall, and then began to sabotage the firewall from within. The specially customized Norton Firewall was still unable to escape the Norton mode, being strangled by the malicious Trojan horse written by Shi Ke from within!
The firewall's function was gradually replaced by malicious Trojan horses, the whole process was silent and did not attract the attention of security personnel.
The malicious Trojan horse strangled Norton Firewall and then started self-destruction after failing to detect the characteristic code of Norton Firewall, clearing itself from the server.
Shi Ke's hands rested on the keyboard, a triumphant smile spreading across his face. He hadn't expected it to be so smooth, and he had actually managed to get past Norton's firewall!
After typing a few lines of code on the keyboard, all permission users within the server group of Aike Xin Company were listed on Shi Lei's computer screen.
On the surface, the server group has only three super-privileged users and more than a dozen large and small privileged users. Shi Ke carefully continued to tap code into the server group's permission authentication system.
After a moment, two accounts appeared on the screen again. The permissions of these two accounts were actually above those of three super-privileged users!
"Nima, unexpectedly as sinister as Shi Tou Ge, likes to hide the real super permission users!" A look of disdain appeared on Shi Ke's face.
Hiding the real superuser account is a common trick in high-end servers. If an inexperienced hacker invades a high-end server and obtains the apparent superuser account, they will start making arbitrary changes, creating their own superuser account, and will be exposed in that instant!
Shi Ke found the hidden superuser of Aike Xin company, but he didn't touch those two superusers or create his own. Instead, he started writing code to replace the original permission system in the server group.
If using a server group system, the original permission system establishes a super permission user, even if hidden. Once the Aike Xinxing company's super permission user checks the server's permission user group, it will also expose the newly created super permission user, which is equivalent to exposing invasive behavior.
Therefore, Shi Ke needs to establish a new authority system, replacing the original authority system in the server group. In the new authority system, the two hidden superusers on the surface still have the highest authority. However, Shi Ke will actually set up an even higher-level super-privileged user, hidden within the system.
Due to the use of a new permission system, even if there were originally two super-privileged users who thoroughly checked the server's situation, as long as they didn't discover that the permission system had been replaced, they wouldn't be able to find Shi Lei's hidden super-privileged user. In general situations, security personnel would not suspect that the system had been replaced at all.
Because replacing the system is absolutely a high-difficulty task, and only Shi Lei, a world-class top hacker, can do it!
————————————————————————————————————————————
PS: Still a little short of the recommended vote target, but Shan Shan believes it can be reached!
Seeking recommendation votes~ Friends who haven't collected yet can collect now! Seeking member clicks to help Shanshan rush the click rankings!
Seeking tips, seeking comments, seeking replies in the book review section ~!
In addition, the previous small activity only had one winner, leaving a pair of couple numbers. If someone needs them, post in the book review section and we'll start another round of small activities. This time, we can give away an eight-digit Tencent number or a seven-digit YY number! If you need it, shout out in the book review section~
——
[Tip of Appreciation] Yorihana Sakura blows snow, tipped 588.
.
.
.
