NOVEL SIMPLE Chapter 196
Chapter 195 – I Have The Advantage! (8.8K)
Chapter 195 The advantage is mine! (8.8K)
Let’s turn the clock back a little half an hour.
After deciding to provide support to UCAS.
Xiaorong immediately got in touch with Wang Qingchen of the University of Science and Technology of China, and obtained permission from the school board of directors through Tian Liangwei.
Then with the same system key.
Reinforcements from the University of Science and Technology of China soon appeared on the ‘battlefield’, quickly buying precious time for the University of Science and Technology of China to repair.
At the same time due to adequate preparation.
Xiaorong and others not only successfully took over the battlefield, but also locked on the .
The other party’s IP.
Right now.
In the network security center of Huadun Biotechnology, Xiaorong was introducing the whole situation to Xu Yun:
“Dr. Xu, in fact, under the current technical means, it is not an easy task to trace the real IP, and many links are irreversible.”
“For example, physically destroying a certain hardware device in the entire link, or if the hacker only attacks once, using Tor or I2P network, etc.”
“In this way, the springboard host has no way to chase, and can only rely on the historical logs of the operator to find the source, which is very troublesome in practice.”
“But this time the other party made a mistake. Or their goal seems to be not limited to breaking into our official website.”
Xu Yun glanced at him, turned his head slightly, and said in doubt:
“Not limited to breaking the official website? What does this mean?”
Xiao Rong tapped a few times on the keyboard, then pointed to the screen and said:
“Dr. Xu, look at this.”
Xu Yun followed the trend and saw a line of code displayed on the screen:
localhost:8080/test?name=scriptalert
“This is the JS code placed in the URL of the request parameter, which directly leads to the web server backend of the official website of the National University of Science and Technology of China.”
Xiaorong first explained the purpose of this string of codes, and then said:
“This is a reflective XSS attack, which can form a cross-site request forgery together with CSRF, so as to obtain an extremely short management authority.”
“This administrative authority will intercept the JSON data that should be returned to the user, and send the data back to the malicious attacker, which is what we commonly call JSON hijacking.”
“In other words.”
”The other party not only wants to crack our official website, but also wants to obtain our database.”
Xu Yun’s pupils shrank violently when he heard this.
Rao is a human being in two lifetimes, and he is also a little uneasy at this time:
“Database, fuck, it’s so cruel”
As the only university in China with two national laboratories, USTC must store unimaginable important data in the cloud.
True.
Those truly top-secret information will definitely not be in a 24-hour networked state, and the relevant defense methods will definitely not be broken by a surprise attack.
But except for top secret information.
There are still a large number of experimental data or related reports of deputy high school, that is, associate professor or above, academician or below, in the database of HKUST.
This kind of information may not be top secret, but it is also of high value, and quite a lot of it involves cutting-edge research topics.
And unlike the top-secret database, this kind of database cannot be disconnected from the network.
Because many experimental results need to be entered in real time, and this thing will not abide by the nine-to-five work system.
9:10 in the evening and 2:30 in the morning may be the time for the results to appear.
Therefore, this lower-level database must be operated on the Internet, which is a high-risk and high-value attack target in nature.
For example, in December 19, the University of Giessen in Germany was attacked by hackers.
This is a top German university with a long history, and Wilhelm Roentgen graduated from it.
At that time, the database of the University of Giessen was breached after only 12 minutes, and a large amount of key information was lost.
This incident directly led to a year later more than a dozen big cows with an H-index above 45 chose to leave Giessen University and apply elsewhere, and our local exchange team took three of them.
In addition, the database of Northwestern Polytechnical University has also been attacked. The specific content is too sensitive, so I won’t go into details.
So obvious.
The opponent this time
Appetite is big.
Then Xiao Rong paused and continued to explain:
“Because of this, the other party has preset multiple channels for feedback information, ready to transmit these data.”
“We traced the source through several springboard machines, and finally locked the two IPs with the most ferocious attacks.”
Xu Yun immediately became interested when he heard the words, and hurriedly asked:
“Oh? Where is it? Across the sea?”
Xiao Rong shook her head, her expression seemed to be a bit regretful:
“Unfortunately, it may be due to the low degree of business overlap. The two IPs are from the Kyoto University of Nihong and the Sydney Niobium University of Tuao.”
“Neon and Niobium?”
Xu Yun nodded thoughtfully.
Friends who understand the Internet should know it.
Although IP traceability on the Internet is difficult to pinpoint a specific house number, it is not difficult to trace back to a general area after breaking through the camouflage.
As for the reason why the two IP addresses are universities
is actually very simple.
Just as many domestic hackers have been recruited, a considerable number of foreign hackers have also obtained career establishments.
All the top university cybersecurity center bosses in the world count as one, and each of them has left more or less legends among the people.
In addition, most high-tech companies maintain a relatively close relationship with one or several top universities, such as school recruitment or scientific research.
It is also known as the integration of industry, education and research.
Therefore, in some shady occasions, the two parties often cooperate.
Such as this attack.
The purpose of those neon colleagues is to paralyze the educational administration system of the University of Science and Technology, completely make Fei Huadun’s first show in the Department of Biology, and make them lose face once.
The goal of Kyoto is the database of HKUST, hoping to collect some valuable reports.
So ever since.
The two hit it off.
Think here.
Xu Yun couldn’t help looking at Xiaorong, he vaguely felt that something was wrong with the well-known hacker’s mood:
“Brother Rong, do you have any ideas?”
Xiao Rong was silent for a moment, finally took a deep breath, and said to Xu Yun:
“Dr. Xu, would you like to play a big game?”
“?”
A question mark floated above Xu Yun’s head, and asked:
“What do you mean playing big?”
Xiao Rong pointed at the screen and said firmly:
“Counterattack back!”
Xu Yun was slightly taken aback when he heard the words, and then his eyes widened.
Good guy.
He was still thinking about how to defend, but Xiaorong jumped directly to the counterattack?
But soon.
He understood Xiaorong’s thoughts:
According to the original plan, with only Huadun Biotech + HKUST Cyber Security Center, the defense should not be a big problem, but most likely it is nothing more than that.
But now that a new teammate from the National University of Science and Technology appeared, the situation suddenly appeared a new variable:
As I said before, the Cyber Security Department of the National University of Science and Technology, which has digested the Institute of Information Technology, is actually very capable, and it is also the first queue in China.
This wave was just calculated by heart and mind, not a crime of war.
So if the three parties can unite
It seems that it is really possible to counterattack?
Not right.
It should be said to be self-defense.
This is our old tradition.
Then Xu Yun looked at Xiaorong and said:
“Brother Rong, the idea is good, but how do you know that the National University of Science and Technology will cooperate with us?”
Xiao Rong smiled when she heard the words, and seemed to think of some interesting past:
“Dr. Xu, you may not understand that Director Xiang and Qing Chen from the Cyber Security Center of the National University of Science and Technology had some intersections before, and neither of them accepted the other.”
“If Qingchen proposes the idea of cooperation, Xiaoxiang should not refuse.”
“Besides, from a normal psychological point of view, you are staying at home well, and suddenly someone with a hammer and stick breaks down your door to grab something. You are not a bad guy, so you will definitely think about revenge.”
Xu Yun pondered for a moment, and felt that what Xiao Rong said was indeed quite reasonable.
Ordinary normal people are angry when they wake up, let alone the situation of being woken up by a violent beating, and not everyone is Zhang Huaiming.
So fast.
He made a decision:
“Since that’s the case, Brother Rong, let’s mess with him. It’s okay to come and go without indecent assault.”
Xiao Rong adjusted her glasses and nodded heavily:
“Don’t worry, just leave everything to me.”
After getting Xu Yun’s consent.
Xiao Rong immediately contacted the Internet Security Center of HKUST, and Wang Qingchen sent a log.
soon.
There was a reply from the National University of Science and Technology.
The content is also short, just one word:
“Dry!”
Fifteen minutes later.
The Cyber Security Center of the National University of Science and Technology of China rushed to the five or six experts who were awakened from the bed, and thus formed an ultimate body composed of three parties to counterattack the new force.
Among them, the Cyber Security Center of HKUST has the largest number of people, with a total of 33 people, led by Wang Qingchen.
Followed by the National University of Science and Technology, 19th.
The Network Security Department of Huadun Biotechnology is newly built, so it has the smallest number of people, only 8 people, but there is a super boss like Xiaorong sitting in it.
To know.
Individual combat power is still very important in modern network offense and defense—Xiaorong, without Xiang Haihua’s assistance, can only choose to defend, but with Xiang Haihua, HKUST can launch a full-scale counterattack.
Then another five minutes passed.
The counterattack is officially launched.
Wang Qingchen is responsible for the counterattack against Kyoto University, which in a sense represents Neon, which is also an old opponent.
Over the past few years.
Most of what Huaxia Internet encounters comes from across the sea, but what colleges and universities encounter mainly comes from 4V, followed by Neon.
Papapa—
Wang Qingchen’s slender fingers swept across the keyboard like a pianist, leading more than 30 experts from the University of Science and Technology to launch an attack.
soon.
In the invisible online world.
A huge amount of traffic was brought together, forming a terrifying flood of data.
This is a standard DDOS attack, which is also the routine process of hacker attacks.
This thing is like the unlimited firepower in the telecommunications area, which must fight the first-level regiment in the middle. The technology is not high, and it belongs to an old routine that has been inherited.
The reason why DDOS attack can become the mainstream attack method is largely due to its convenience.
It mainly uses the vulnerability of the TCP three-way handshake protocol to launch attacks, and in the development process of more than ten years, DDOS attacks have become more and more intelligent and simple.
It’s now.
Even “script kiddies” who don’t know much about technology can easily launch DDOS attacks.
Even on the pages of some overseas websites.
Users only need to enter the ip address of the target website and select the attack time to initiate a DDOS attack.
Generally speaking.
The cost of a DDoS attack using a cloud-based botnet of 1,000 computers is about $7 per hour.
The DDoS attack service charge is usually $25 per hour.
This means that the attacker’s expected profit is about $18 per hour, and the gross profit rate is very high.
Easy to operate + high profit, naturally more people use it.
But as a director-level expert, Wang Qingchen is not using ordinary DDOS attacks.
He used NTP to achieve bandwidth gain, and a 20mbps port can cause a 2gbps attack effect.
So in just one minute of attack, the peak value reached 251G/s.
at the same time.
Kyoto University.
Nakamori Intelligence Laboratory. (see note)
Different from Huaxia’s computer major, Neon’s name for the computer major is a bit special, called “Information Department Major”.
It includes computer information science, mathematical information science, communication information engineering and many other subdivisions.
If you insist on benchmarking.
The meaning of the word “intelligence” in Neon University can probably be equivalent to the local information engineering.
Therefore, Zhongsen Intelligence Laboratory is not a special service agency, but a genuine network security center.
The person in charge of the Nakamori Intelligence Laboratory is named Nakamori Shuichi, who used to use the codename Optic, and is also one of the top hackers in Neon.
When it comes to the IT industry of Neon, many people will throw their hands in disdain, saying that there are hackers in Neon?
Didn’t they all collapse in half an hour in 2013 when they were beaten by Guo Shenghua, and our national flag was inserted on the Neon website?
However, it is a pity.
This is a totally fake news.
In 2013, there was no hacker war between Neon and Huaxia at all, and Guo Shenghua never did those things:
This is a liar who became famous through hype. He entered the game in 2018, and now he started to hype again not long after it was released.
This so-called patron saint of the Internet in China is actually an unemployed vagrant in Guangdong Province.
Graduated from technical secondary school, has no fixed job, and makes a living by doing part-time jobs.
The establishment of Huameng in 2007, the rejection of Ma Yun’s 100 million offer, and the placement of red flags all over the neon lights during the hacker war were all fabricated. There were only 400 paid members when they were arrested.
However, it is outrageous.
Such a liar who has already entered the game, there are still many marketing accounts to hype.
For example, if you search for Guo Shenghua and Guo Shenghua was arrested, there are completely two kinds of content.
This kind of person with all kinds of bad records relies on fabricated resumes to claim to be the patron saint of China’s Internet and the godfather of hackers. (Someone mentioned Guo Shenghua when I was writing Xiaorong before. I think it is necessary to popularize this liar. This kind of villain who steals other people’s honor is really shameless.)
all in all.
Neon’s hacker scene is far less weak than many people believe.
In the long run, this is an opponent that cannot be ignored.
Sometimes it is not a good thing to belittle or belittle the other party too much.
Right now.
Nakamori said that he was sitting in front of the console, listening to the assistant’s report with a solemn expression:
“Senior Nakamori, the Huaxia University of Science and Technology branch responded much faster than we expected, and there are also reinforcements from unknown sources.”
“At present, the opponent has organized an efficient counterattack, and the peak attack speed has reached the T3 level!”
Nakamori said that he didn’t care much about the counterattack of the “University of Science and Technology of China”. This kind of hasty counterattack only needs to resist the initial burst.
Kyoto University is like a vehicle that deliberately speeds up and splashes water on others when passing a pond of water. The so-called counterattack is just a stone thrown by the opponent in a panic.
As long as you avoid the first stone, you can only stand by the side of the road and be furious.
So rather than fighting back, Nakamori said he cared more about another thing, which was also his main task this time:
“What about the data? How much data is withheld?”
The assistant froze when he heard the words:
“Senior Nakamori, we only got more than a thousand papers.”
“More than a thousand articles?”
Nakamori said that his brows tightened even more:
“Why so few?”
The assistant straightened up quickly and lowered his head at the same time:
”The other party directly blocked any web requests with the “Ping-To” and “Ping-From” HTTP headers, forming a flanking interception posture with the reinforcements, and a lot of data could not be transmitted.”
“In addition, Senior Nakamori, we seem to have discovered a very strange situation during the confrontation.”
“what’s the situation?”
The assistant handed a form to Nakamori Shuoyi, pointed at the top and said:
“Look here. The handling of these scripts here is exactly the same as that “fingertip smile” of the Huaxia Hongmeng.”
“According to our judgment, there is a 90% probability that the two parties will be the same person.”
“Fingertip smile?”
Nakamori said that he was slightly taken aback, and a trace of surprise appeared on his originally stern face:
“Didn’t he be recruited by Huaxia Xingong? Why did he appear at the attack point?”
Xiang Haihua was just transferred from the Institute of Information Technology to UCAS in October this year, and he has been keeping a low profile before.
Although he belongs to the T1 queue in the Chinese hacker circle, there are dozens of people who are at the same level as him or even above him in ability.
In addition, the hacker circle is not very eye-catching. The Neon official must know the news, but the Kyoto University is a little behind.
After all, this is not wartime, and the function of Kyoto University is mainly at the educational level.
The archives owned by the school are unnecessary and impossible to update in real time.
Therefore, after Nakamori Shuichi’s question was raised, he was naturally silent.
Then the corner of his mouth muttered a few times, and he was about to order another attack again.
However, the words did not come out.
A little Baga not far away suddenly shouted:
“Senior Nakamori, it’s bad, our management service provider has been breached!”
Hear this statement.
Nakamori’s original words stuck in his throat abruptly, and his mind was blanked by the news.
After a few seconds.
He dashed to the side of the console and snatched his subordinate’s tablet.
I saw this moment.
On the screen of the computer in front of him, there are countless codes that are constantly updating.
Nakamori said that he entered a few commands quickly, but it didn’t work.
Three seconds later.
He suddenly understood something, clenched his fist with his right hand, and hammered heavily on the table:
“Baga! The DDOS attack is a feint!”
If Wang Qingchen could hear what Nakamori said at this time, maybe he would respond to him with “Yo Xi, you are so smart”.
As Nakamori said.
The DDOS attack that Wang Qingchen was in charge of was actually a complete feint.
The real main attacker of the whole route is actually Xiao Rong, and his target is not the official website of Kyoto University, but STW, the management service provider of the seven old Imperial Universities.
After the Meiji Restoration, Nihong established a total of nine comprehensive national universities.
Their mission has a strong imperialist and corrupt nature, and has cultivated many bad Baga.
Kyoto University is one of them.
Later, Neon was defeated and the word Empire was abolished.
But seven of them still exist, and they are called the old ones.
Currently, due to background reasons, the seven old imperial universities are not using the school intranet, but a dedicated management service provider STW.
STW carries a large number of information transfer tasks, and belongs to a center located at the rear, which is almost the vines of seven gourd babies.
Once the intruder gains STW’s network access, ADExplorer can be used to find accounts with higher privileges.
Then you can target the development and collaboration platform, which is the seven old imperial universities!
at the same time.
Looking at the jumping code in front of him, after being furious, Nakamori Shuichi had only one thought in his mind:
How dare he?
To know.
STW is the common rear of the seven old emperors.
Although the effect of being hacked is better than breaking through the official website of a certain college head-on, it also means that he has to pass seven levels before he can do this!
Now Kyoto University just lost access to STW, not a single byte was lost in terms of data.
As long as the opponent is stopped at any level, all previous efforts will come to naught.
Using the situation of the Huaxia unit as a metaphor, that is the difference in difficulty between attacking the University of Science and Technology of China and the Chinese Academy of Sciences.
See this scenario.
Nakamori suddenly laughed:
“One wears seven, who do you think you are?”
“If you can reach this level, you can go to the white house to plant flags, okay?”
Actually.
Just as Nakamori Shuichi thought.
When it was discovered that STW was being invaded, the network security departments of the other six old Imperial Universities also responded quickly.
A number of neon top experts gathered in front of the computer.
They feel like brave Yamato samurai.
With a must-win turban tied on his head, wearing a bathrobe, he raised his samurai sword fearlessly, and rushed towards the enemy screaming.
“Baga, die, die!”
But soon they found
The enemy on the opposite side suddenly pulled out Gatling, shooting at them.
In just fifteen minutes.
Hokkaido University, Dongda University, Tokyo University, Nagoya University, Osaka University, and Kyushu University had no ability to resist, and were “killed” one after another:
The third minute.
STW platform support panel is invalid.
The sixth minute.
Source code repository broken.
Eighth minute.
Khoznadzor buffer overflow, CVE-2022-24291, CVE-2022-24292, CVE-2022-24293 three major vulnerabilities were broken at the same time.
Thirteenth minute.
The almost desperate Osaka University Network Security Center sent an official e-mail from China Unicom requesting agency.
However, when they opened the mailbox, they found that not only had the sending function of the mailbox been turned off, but there was still another email in the sending column.
The mail was sent seven minutes ago and the subject is .
【Advantage は私にある】.
Fifteenth minute.
All hands left the keyboard, and the assistant desperately stopped Nakamori who was about to have a caesarean section.
at the same time.
Native.
Looking at the compromised database in front of him, Xiao Rong shook his head with unsatisfied feelings:
“After all, it is only the joint defense line of seven colleges and universities. It has not even reached the level of the Ministry of Foreign Affairs, let alone a white house. It is boring.”
According to the previous plan between him and Wang Qingchen.
Wang Qingchen was in charge of launching a feint attack through DDOS attack, while he went around behind to attack STW.
Xiao Rong was indeed prepared for a protracted battle before, and even drank three cans of Red Bull. After all, Neon did have a few hard ideas.
As a result, I didn’t expect that STW would just GG after fifteen minutes.
Fortunately, he thought that Beijing University dared to launch an attack, and there might be some capable people behind it.
True paper tiger.
Xu Yun: “.”
If someone else said this, then he would definitely feel that the other party was pretending to be X.
But it is Xiao Rong who is saying this right now, so he really can’t find any faults.
After all, this is the third hacker to attack the White House after Kevin Mitnick and Jonathan James (Gary McKinnon attacked NASA)
Then Xiaorong thought for a while, pointed to the screen and said:
“Doctor Xu, do we want to leave something on it?”
Then he paused and explained:
“This is actually a habit of the hacker community. For example, in the beginning, there was a hacker organization called ‘Anonymous’. After the attack, they would deliberately leave certain signs.”
“Hackers are very low-key in life, but they often appear to be very public in their profession. From the perspective of the industry, this is a manifestation of their ability.”
Hearing these words, before Xu Yun could say anything, Gu Qunqing on the side said first:
“Brother Rong, I don’t think it’s necessary to do this.”
“It’s not as good as before. We are under a lot of international pressure.”
“If you write something like ‘Those who offend China will be punished even if they are far away’, it will be a bit cool, but if you hand the knife to the hands of foreign media, then the loss outweighs the gain.”
Xu Yun also nodded in agreement, and said to Xiao Rong:
“Aaron is right. Brother Rong, we really can’t just hand over the initiative to others for our own selfish desires.”
“As long as we don’t tell them, Neon can only swallow the loss. After all, we are not as greedy as they are for the information in the database, so the other party will not be able to find out the actual IP evidence.”
Xiao Rongjian said that he opened his mouth, and said with some confusion:
“Well, actually, I don’t have to leave some Chinese or something. The key is that I always feel uncomfortable if I don’t write something. This opportunity is not common nowadays.”
“Then why don’t we leave some other marks, such as the marks of Death Eaters?”
Xu Yun’s mouth twitched slightly.
Yes, this one is obsessive-compulsive again.
But then again.
Hearing what Xiao Rong said, he also had the urge to keep something, and it seems really unreasonable not to keep something like this.
After a few seconds.
Xu Yun’s eyes suddenly brightened:
“Hey, I have an idea!”
Hear this statement.
Gu Qunqing couldn’t help but exchanged glances with Xiaorong, and asked:
“what idea?”
Xu Yun first pointed to the computer and said:
“Look, there is no evidence from Neon that we did this, but we can prove that they invaded us yesterday.”
“So we can contact the University of Science and Technology, make a false impression that the University of Science and Technology’s system has also been invaded, and cry miserably in public opinion with the University of Science and Technology of China.”
“In this way, something happened to Neon, and something happened to Huaxia. There is a saying that I don’t know if you have heard it.”
Speaking of which.
Xu Yun waved to the two of them, motioning to approach him, then lowered his voice and said:
“That sentence says that friendship between China and Japan depends on Huaxia, friendship between China and Japan depends on China, and friendship between China and Japan depends on stealing the country”
ten minutes later.
On the homepage of the seven old imperial universities, a sentence in Korean suddenly appeared:
“Ashi, the whole world is my Smecta of the Republic of Korea!”
Note:
The Nakamori Intelligence Laboratory is my fiction, but another laboratory that actually exists in Kyoto is indeed sponsored by Kao, and there have been some intrusion scandals~
(end of this chapter)