After deciding to provide support to the National University of Science and Technology.
Xiaorong immediately contacted Wang Qingchen from the University of Science and Technology of China, and obtained permission from the school board of directors to intervene through Tian Liangwei.
Then when you have the same system key.
Reinforcements from the University of Science and Technology soon appeared on the ‘battlefield’, quickly gaining valuable repair time for the University of Science and Technology.
At the same time, due to adequate preparation.
Xiaorong and others not only successfully took over the battlefield, but also locked the target through the springboard in the attack path.
The other party’s IP.
At this moment.
In the network security center of Huadun Biotech, Xiaorong was introducing the entire situation to Xu Yun:
"Dr. Xu, in fact, with the current technical means, tracing the real IP is not an easy task. Many of the links are irreversible."
"For example, physically destroy a certain hardware device in the entire process, or if a hacker only attacks once, using Tor or I2P network, etc."
"As a result, the springboard host has no way to chase it, and can only rely on the operator's historical logs to find the source, which is very troublesome in practice."
"But this time the other party made a mistake, or their goal seems to be not limited to breaking into our official website."
Xu Yun glanced at him, tilted his head slightly, and said doubtfully:
"Not limited to hacking official websites? What does this mean?"
Xiaorong tapped on the keyboard a few times, then pointed at the screen and said:
"Dr. Xu, look at this."
Xu Yun looked around and saw a line of code displayed on the screen:
loalhost:8080/test?alert
"This is the JS code placed in the URL in the request parameters, which directly leads to the web server backend of the official website of the National University of Science and Technology."
Xiaorong first explained the purpose of this string of codes, and then said:
"This is a reflected XSS attack that can be used together with CSRF to form cross-site request forgery, thereby obtaining a very short administrative privilege."
"This administrative permission will intercept the JSON data that should be returned to the user, and instead send the data back to the malicious attacker, which is what we commonly call JSON hijacking."
"In other words"
"The other party not only wants to crack our official website, but also wants to obtain our database."
When Xu Yun heard this, his pupils suddenly shrank sharply.
Even though he has lived in two lifetimes, he is also a little uneasy at this time:
"Database, fuck, so cruel"
As the only university in China with two national laboratories, the University of Science and Technology of China must store unimaginable important data in the cloud.
True.
Those truly top-secret information will definitely not be connected to the Internet 24 hours a day, and the relevant defense methods cannot be broken through in a sudden attack.
But except for top secret information.
The database of USTC also contains a large number of experimental materials or related reports of associate professors, that is, associate professors or above, and academicians or below.
This kind of information may not be top secret, but it is equally valuable, and a lot of it involves cutting-edge research topics.
And unlike top-secret databases, this kind of database cannot be run offline.
Because many experimental results need to be entered in real time, and this thing does not adhere to the nine-to-five work system.
Nine or ten o'clock in the evening or two or three o'clock in the morning may be the time when results appear.
Therefore, this lower-level database must be run online and is inherently a high-risk, high-value attack target.
For example, in December 2019, the University of Giessen in Germany was attacked by hackers.
This is a top university in Germany with a long history. Wilhelm Roentgen graduated from it.
At that time, the database of Giessen University only lasted 12 minutes before it was breached, and a large amount of key information was lost.
This incident directly led to more than a dozen big names with H-index above 45 a year later choosing to leave the University of Giessen and find other places, and our local company took over three of them.
In addition, the database of Northwestern Polytechnical University has also been attacked. The specific content is too sensitive, so I won’t go into details.
So it's obvious.
This time the opponent
Great appetite.
Then Xiaorong paused and continued to explain:
"Because of this, the other party has preset multiple channels for feedback information and is preparing to transmit this data."
"We traced the source through several of the springboard machines and finally locked down two of the IPs with the most ferocious attacks."
When Xu Yun heard this, he immediately became interested and quickly asked:
"Oh? Where is it? Across the sea?"
Xiaorong shook her head, her expression seemed vaguely regretful:
“It’s a pity that maybe because the business overlap is not high, the two IPs come from Kyoto University in Neon and Xiniobium University in Tuao.”
"Neon and niobium?"
Xu Yun nodded thoughtfully.
Friends who know the Internet should all know this.
Although IP traceability on the Internet is difficult to pinpoint a specific house number, it is not difficult to trace it back to a general area after breaking through the disguise.
As for the reason why both IP addresses are from universities?
It's actually very simple.
Just like many hackers in China have been recruited, a considerable number of hackers abroad have also received career establishments.
Every one of the cybersecurity center bosses of all the top universities in the world has left more or less legends among the people.
In addition, most high-tech companies maintain a relatively close relationship with one or several top universities, such as campus recruitment or scientific research, etc.
This is what is known as the integration of industry, academia and research.
Therefore, in some shady situations, the two parties often cooperate.
Take this attack for example.
The purpose of those neon colleagues is to paralyze the academic system of the University of Science and Technology, completely disrupt the debut of Fei Huadun Biotechnology, and make them lose face.
Kyoto's target is the database of the University of Science and Technology, hoping to collect some valuable reports.
Ever since.
The two hit it off immediately.
Think of this.
Xu Yun couldn't help but look at Xiaorong. He vaguely felt that something was wrong with the well-known hacker's mood:
"Brother Rong, do you have any ideas?"
Xiaorong was silent for a moment, finally took a deep breath and said to Xu Yun:
"Dr. Xu, would you like to play a big role?"
"?"
A question mark floated above Xu Yun's head and he asked:
"What do you mean by playing big?"
Xiaorong pointed at the screen and said firmly:
"Counterattack and go back!"
Xu Yun was slightly startled when he heard this, and then his eyes widened.
Good guy.
He was still thinking about how to defend, but Xiaorong actually jumped directly to the counterattack level?
But soon.
He then understood Xiaorong’s thoughts:
If we go according to the original plan, with only Huadun Biotech + HKUST Cyber Security Center, defense should not be a big problem, but that's probably all.
But now that a new teammate like the University of Science and Technology of China has appeared, new variables suddenly appeared in the situation:
I have said before that the Cybersecurity Department of the National University of Science and Technology, which has digested the Institute of Information Technology, is actually very capable and is ranked first in the country.
This wave was just calculated without intention, and it was not a crime of war.
Therefore, if the three parties can unite
Does it seem like a counterattack is really possible?
wrong.
It should be said that it was self-defense.
This is our old tradition.
Then Xu Yun looked at Xiaorong and said:
"Brother Rong, the idea is good, but how do you know that the National University of Science and Technology will cooperate with us?"
Xiaorong smiled when he heard this, as if he thought of something interesting in the past:
"Dr. Xu, you may not know that Director Xiang and Qingchen of the Cybersecurity Center of the University of Science and Technology of China had some interactions in the past, and neither of them is convinced by the other."
"If Qingchen comes up with the idea of cooperation, Xiao Xiang won't refuse."
"Besides, from a normal psychological point of view, you are staying at home well, and suddenly someone bursts open your door with a hammer and stick to grab things. You are not a slut, so you will definitely want to take revenge."
Xu Yun thought for a moment and felt that what Xiaorong said did make sense.
Normal people are angry when they wake up, let alone being woken up by a violent beating. Not everyone is Zhang Huaiming.
So it's very fast.
He made a decision:
"In that case, Brother Rong, let's mess with him. It's okay to be disrespectful."
Xiaorong adjusted her glasses and nodded heavily:
"Don't worry, just leave everything to me."
After getting Xu Yun's permission.
Xiaorong immediately contacted the HKUST Cyber Security Center, and Wang Qingchen sent a log.
soon.
A reply came from the National University of Science and Technology.
The content is equally short, just one word:
"Dry!"
Fifteen minutes later.
The Cyber Security Center of the University of Science and Technology of China rushed over to five or six more experts who were awakened from their beds, thus forming the ultimate body of a three-party counterattack force.
Among them, the Cybersecurity Center of HKUST has the largest number of people, with a total of 33 people, led by Wang Qingchen.
Followed by the National University of Science and Technology at 19th place.
Huadun Biotechnology's cyber security department is newly built, so it has the smallest number of people, only 8 people, but there is a super boss like Xiaorong sitting in it.
To know.
The importance of individual combat power in modern network offense and defense is still very high. Without Xiang Haihua's assistance, Xiaorong could only choose to defend, but with Xiang Haihua in his corner, HKUST could launch a full-scale counterattack.
Then another five minutes passed.
The counterattack officially begins.
The target that Wang Qingchen is responsible for counterattacking is Kyoto University, which in a sense represents neon and is also an old rival.
in the past few years.
Most of the attacks on China Internet come from across the sea, but the attacks on universities mainly come from 4V, followed by Neon.
bang bang bang
Wang Qingchen's slender fingers swept over the keyboard like a pianist, leading more than 30 people from the University of Science and Technology to launch an attack.
soon.
In the invisible online world.
A huge amount of traffic was gathered together, forming a terrifying data flood.
This is a standard DDOS attack, which is also the normal process of hacker attacks.
This thing is just like fighting a first-level group in the middle lane with unlimited firepower in the telecommunications area. The technical skills are not high and it is an old routine that has been inherited.
The reason why DDOS attacks have become a mainstream attack method is largely due to its convenience.
It mainly exploits the vulnerabilities of the TCP three-way handshake protocol to launch attacks, and during the development process of more than ten years, DDOS attacks have become more and more intelligent and simplified.
Until now.
Even "script kiddies" who don't know much about technology can easily launch DDOS attacks.
Even on the web pages of some overseas websites.
Users only need to enter the IP address of the target website and select the attack time to launch a DDOS attack.
Generally speaking.
The cost of using 1,000 cloud-based botnets to conduct a DDoS attack is approximately $7 per hour.
The DDoS attack service charge is usually $25 per hour.
This means that the attacker's expected profit is about $18 per hour, and the gross profit margin is very high.
With easy operation and high profits, more people will naturally use it.
However, as a director-level expert, what Wang Qingchen used was not an ordinary DDOS attack.
He used NTP to achieve bandwidth gain, and a 20mbps port can cause a 2gbps attack effect.
So in just one minute of attack, the peak reached 251G/second.
at the same time.
Kyoto University.
Zhongsen Intelligence Laboratory. (see note)
Unlike the computer major in China, Neon’s name for the computer major is somewhat special, it’s called ‘Information Department Major’.
It includes computer information science, mathematical information science, communications information engineering and many other sub-majors.
If you insist on benchmarking.
The meaning of the word intelligence in Neon University can probably be equated to local information engineering.
Therefore, the Zhongsen Intelligence Laboratory is not a special service organization, but a genuine network security center.
The person in charge of the Zhongsen Intelligence Laboratory is named Zhongsen Shuoyi, who used to go by the code name Opti and is also one of Neon's top hackers.
When it comes to Neon's IT world, many people will raise their hands with disdain and ask, "Does Neon actually have hackers?"
Didn’t they completely collapse in 2013 when Guo Shenghua beat them in half an hour, and our national flag was posted on the neon website?
But it's a pity.
This is completely fake news.
There was no hacker war between Neon and Huaxia in 2013, and Guo Shenghua never did those things:
This is a liar that became popular through hype. It entered the game in 2018, and now it has started to hype again not long after it was released.
This so-called patron saint of the Internet in China is actually an unemployed vagrant from Guangdong Province.
I graduated from a technical secondary school and have no fixed job, so I make a living by doing part-time jobs.
Things like the establishment of Hua Meng in 2007, Ma Yun's offer of 100 million but being rejected by him, and the planting of red flags all over neon lights during the hacker war were all fabricated. There were only 400 paying members when he was arrested.
But what’s very outrageous is.
For such a scammer who has already entered the game, there are still many marketing accounts hyping it up.
For example, if you search for Guo Shenghua and Guo Shenghua was caught, exactly two kinds of content will appear.
This kind of person with a bad record relies on fabricated resumes to claim to be the patron saint of China's Internet and the godfather of hackers. It is really a humiliation to Lion, Xiaorong and all the Internet people who fought for the country. (I wrote about Xiaorong before.
Someone mentioned Guo Shenghua sometimes. I think it is necessary to educate people about this liar. This kind of villain who steals other people's honor is really shameless.)
all in all.
The Neon hacker community is far from as weak as many people believe.
In the long run, this is an opponent that cannot be ignored.
Sometimes it is not a good thing to belittle or belittle the other person too much.
At this moment.
Zhongsen said that he was sitting in front of the operating table, listening to the assistant's report with a solemn expression:
"Senior Zhongsen, the response from the Huaxia University of Science and Technology branch was much faster than we expected, and there were also reinforcements from unknown sources to assist."
"At present, the opponent has organized an efficient counterattack, and the peak attack speed has reached T3 level!"
Zhongsen said that he was not concerned about the counterattack from the "University of Science and Technology of China". This kind of hasty counterattack only needs to be able to withstand the initial period.
Kyoto University is like a vehicle that deliberately accelerates to splash water on others when passing through a pond of water. The so-called counterattack is nothing more than a stone thrown by the other party in a state of embarrassment.
As long as you dodge the first stone, the opponent will just stand by the roadside and be helpless and furious.
Therefore, compared to counterattack, Nakamori said he was more concerned about another thing, which is also his main task this time:
"What about the data? How much data was intercepted?"
When the assistant heard this, his expression suddenly froze slightly:
"Senior Nakamori, we only got more than a thousand papers."
"More than a thousand articles?"
Zhongsen Shuoyi's brows furrowed even more:
"Why so few?"
The assistant straightened up quickly and lowered his head:
"The other party directly blocked any Web requests with the "Ping-To" and "Ping-Fr" HTTP headers, forming a trap with the reinforcements. A lot of data could not be transmitted."
"Also, Senior Nakamori, during the confrontation, we seemed to have discovered a very strange situation."
"what's the situation?"
The assistant handed a form to Zhongsen Saiyi, pointed at it and said:
"You see, the handling of these scripts here is exactly the same as the 'fingertip smile' of the Chinese Red League."
"According to our judgment, there is a 90% probability that both parties will be the same person."
"Fingertip smile?"
Zhongsen was slightly stunned when he said that, and a hint of surprise appeared on his originally stern face:
"Wasn't he recruited by Huaxia Information Industry? Why did he appear at the attack site?"
Xiang Haihua was transferred from the Institute of Information Technology to the National University of Science and Technology in October this year. He had always kept a low profile before.
Although he belongs to the T1 queue in the Chinese hacker circle, there are dozens of people who are at the same level as him or even above him in ability.
In addition, the hacker circle is not very eye-catching. Neon officials must be aware of the news, but Kyoto University is lagging behind.
After all, this is not wartime, and the functions of Kyoto University are mainly at the educational level.
There is no need for an archive owned by the school, and it is impossible to update it in real time.
Therefore, after Nakamori Shuichi's question was raised, he was naturally met with silence.
Then he murmured a few times and was about to order another attack.
But the words were not spoken.
A little Baga not far away suddenly shouted:
"Senior Zhongsen, no luck, our management service provider has been compromised!"
Hear this.
Zhongsen's original words were stuck in his throat, and his mind went blank due to the impact of the news.
A few seconds later.
He rushed to the operating table and snatched his subordinate's tablet.
I only see this moment.
On the screen of the computer in front of him, countless codes were constantly being updated.
Zhongmori said that he quickly entered a few commands, but to no avail.
Three seconds later.
He suddenly understood something, made a fist with his right hand, and hit the table hard:
"Baga! The DDOS attack is a feint!"
If Wang Qingchen could hear what Zhongsen said at this time, he might respond to him in a suitable manner, "Yo Xi, you are so smart."
Just as Nakamori said.
The DDOS attack that Wang Qingchen was responsible for was actually a complete feint.
The real attacker in this whole process is actually Xiaorong, and his target is not the official website of Kyoto University, but STW, the management service provider of the seven old imperial universities.
After the Meiji Restoration, Neon established a total of nine comprehensive national universities.
Their mission has a strong imperialist and **** nature, and they have cultivated many bad guys.
Kyoto University is one of them.
Later, Neon was defeated and the word "Empire" was abolished.
However, seven of them still exist and are called the old imperial universities.
At present, due to background reasons, these seven old imperial universities are not using the campus network, but a specialized management service provider STW.TW, which carries a large amount of information transfer tasks. It belongs to a central center located at the rear, which is almost seven gourds.
Baby's vine.
Once the intruder gains network access to STW, AD Explorer can be used to find accounts with elevated privileges.
Then we can target the development and collaboration platform, which is the Seven Old Imperial University!
at the same time.
Looking at the code that kept jumping in front of him, after being furious, Nakamori Koichi had only one thought in his mind:
How dare he?
You must know that TW is the common rear area of the Seven Old Emperors.
Although the effect of being hacked is more difficult than breaking through the official website of a certain college head-on, it also means that he has to go through seven levels before he can do this!
Now Kyoto University has only lost access to STW, and not even a single byte of data has been lost.
As long as the opponent is stopped at any level, all previous efforts will be in vain.
To use the situation of Chinese units as an analogy, that is the difference in difficulty between attacking the University of Science and Technology of China and attacking the Chinese Academy of Sciences.
See this situation.
Zhongsen said that he suddenly laughed:
"One wears seven, who do you think you are?"
"If you can reach this level, you can go to the white house and plant the flag, okay?"
In fact.
Just as Nakamori Koichi thought.
When it was discovered that STW had been invaded, the network security departments of the other six former imperial universities also responded quickly.
One by one, top neon experts gathered in front of the computer.
They feel like brave Yamato samurai.
With a victory turban tied on his head and a bathrobe, he fearlessly raised his samurai sword and charged towards the enemy with a roar.
"Baga, die, die!"
But soon they discovered
The enemy on the opposite side suddenly took out Gatling and fired at them in a burst.
In just fifteen minutes.
Hokkaido University, Tokyo University, Tokyo University, Nagoya University, Osaka University, and Kyushu University had no ability to resist and were killed one after another:
At the third minute, the TW platform support panel failed.
Sixth minute.
The source code repository is broken.
Eighth minute.
Khoznadzor buffer overflow, CVE-2022-24291, CVE-2022-24292, CVE-2022-24293 three major vulnerabilities were exploited at the same time.
Thirteenth minute.
The Osaka University Cyber Security Center, almost desperate, sent out an official email from the China Unicom requesting agency.
However, when they opened the mailbox, they found that not only had the sending function been turned off, but there was another email in the sending column.
The email was sent seven minutes ago and the subject line is
【Advantageはprivateにある】.
Fifteenth minute.
Everyone took their hands off the keyboard, and the assistant desperately stopped Nakamori, who was about to have a caesarean section.
at the same time.
Native.
Looking at the compromised database in front of her, Xiaorong shook her head with unsatisfied thoughts:
"After all, it's just a joint defense line of seven universities. It doesn't even reach the level of the Ministry of Foreign Affairs, let alone a white house. It's boring."
According to his and Wang Qingchen's previous plan.
Wang Qingchen was responsible for launching a feint attack through a DDOS attack, while he went around behind to attack STW.
Xiaorong was indeed prepared for a protracted war and even drank three cans of Red Bull. After all, Neon did have a few hard ideas.
Unexpectedly, only fifteen minutes had passed, and STW was so GG.
Fortunately, he thought that if Beijing University dared to launch an attack, there might be someone capable behind it.
Real paper tiger.
Xu Yun: ""
If it were someone else who said this, he would definitely think that the other person was pretending.
But now it's Xiaorong who's saying this, so he really can't find any fault.
After all, this is the third hacker to breach the White House after Kevin Mitnick and Jonathan James (Gary McKinnon breached NASA)
Then Xiaorong thought for a while, pointed at the screen and said:
"Dr. Xu, should we leave something above?"
Then he paused and explained::
"This is actually a habit in the hacker community. For example, the original Gungun Burning Incense and the hacker organization Anonymous would deliberately leave certain marks after an attack."
"Hackers are very low-key in life, but they are often very flamboyant in their profession. From the perspective of the industry, this is a manifestation of ability."
Hearing these words, before Xu Yun could express anything, Gu Qunqing on the side said:
"Brother Rong, I don't think there is any need to do this."
"The current situation is not as good as before. The pressure on us internationally is actually very great."
"It would be nice to write something like, 'Those who offend China will be punished no matter how far away they are.' But it will put the knife in the hands of foreign media, and the gain will outweigh the loss."
Xu Yun also nodded in agreement and said to Xiao Rong:
"What Aaron said makes sense, Brother Rong. We really can't just hand over the initiative to others for our own selfish desires."
"As long as we don't say anything, Neon will have no choice but to swallow its losses. After all, we are not as greedy with database information as they are, so the other party will not be able to find out the actual IP evidence."
Seeing this, Xiaorong opened her mouth and said with some tangle:
"Well, actually, I don't have to leave some Chinese or anything. The key is that I always feel uncomfortable if I don't write something. This opportunity is not common nowadays."
"Then how about we leave some other marks, such as the mark of a Death Eater or something?"
Xu Yun's mouth twitched slightly.
Yes, this person is obsessive-compulsive again.
But then again.
Hearing what Xiaorong said, he had the urge to leave something behind. It seemed unreasonable not to leave something behind.
A few seconds later.
Xu Yun's eyes suddenly lit up:
"Hey, I have an idea!"
Hear this.
Gu Qunqing couldn't help but look at Xiaorong and asked:
"what idea?"
Xu Yun first pointed at the computer and said:
"Look, Neon has no evidence that we did it, but we can prove that they invaded us yesterday."
"So we can contact the University of Science and Technology and make it look like the system of the University of Science and Technology has also been invaded, and we can cry miserably in public opinion with the University of Science and Technology of China."
"In this case, if something happens to Neon, something will happen to China. I wonder if you have heard of this."
Speaking of which.
Xu Yun waved to the two of them, motioning to come closer to him, and then lowered his voice and said:
"That saying is that the friendship between China and Japan relies on China, the friendship between China and Japan depends on China, and the friendship between China and Japan relies on China."
ten minutes later.
On the homepage of the Seven Old Imperial Colleges, a sentence in Korean suddenly appeared:
"Axi, the whole world is my Smecta of the Republic of Korea!!"
