Let’s have a look at the development process of hacking techniques. From the perspective of technology development, in the early stage, the majority of hackers targeted the system software. On one hand, web technology development in this period is still far from being immature. On the other hand, by attacking the system software, hackers are often able to obtain root privileges. During this period, a large number of classic loopholes and the “exploit” emerged. The well-known hacker organization TESO once wrote an exploit to attack SSH and openly declared that they had attacked cia.gov (U.S. Central Intelligence Agency) by using this.
Here is some information on the exploit.
root@plac /bin >> ./ssh
linux/x86 sshd1 exploit by zip/TESO (firstname.lastname@example.org)
- ripped from
openssh 2.2.0 src
greets: mray, random, big t, sh1fty, scut, dvorak
ps. this sploit already owned cia.gov :/
**please pick a type**
Usage: ./ssh host [options]
-b base Base address to start bruteforcing distance, by default 0x1800, goes as high as 0x10000
-d debug mode
-o Add this to delta_min
0: linux/x86 ssh.com 1.2.26-1.2.31 rhl
1: linux/x86 openssh 1.2.3 (maybe others)
2: linux/x86 openssh 2.2.0p1 (maybe others)
3: freebsd 4.x, ssh.com 1.2.26-1.2.31 rhl
Interestingly, this same exploit is used in the famous movie The Matrix Reloaded.
In the early stage, the web was not a mainstream application, relatively speaking; SMTP, POP3, FTP, IRC, and other protocol-based services have the vast majority of users. Hackers mainly attacked networks, operating systems, and software; web security technologies of attacks and defense were in a very primitive stage.
Comparing system-software attacking exploits, web-based attacks generally only allow hackers to obtain low-privileged accounts.
But with the development and the rise of firewall technology, the pattern of Internet security has changed. Especially with representatives of network equipment manufacturers Cisco and Huawei beginning to pay more attention to network security, network products have ultimately changed the direction of Internet security. Firewalls and the rise of ACL technology will protect the system from being directly exposed on the Internet.
In the case of no protection, a website’s database service port will allow anyone to easily connect; with the protection of the firewall, the ACL can control security and allow access only to trusted sources. To a large extent, these measures ensure that the system software stays within the boundaries of trust, thus eliminating most sources of attacks.
The Blaster Worm of 2003 was a landmark event. Aiming at the RPC service on the Windows operating system (running on port 445), the Blaster Worm swept the world in a very short period of time, infecting millions of computers; the loss was immeasurable. After that incident, network operators implemented strict shielding of more than 135,000 port connection requests on the backbone network, which unprecedentedly increased the security of the entire Internet.
The blockade caused by network firewalls makes fewer and fewer non-web services exposed on the Internet. Besides, mature web technologies make web applications increasingly powerful, which eventually makes the Internet the mainstream platform that attracts hackers, who gradually hack the web.
In fact, during this stage of Internet security, another important branch emerged—desktop software security, or the security of the client software. Its representatives are browser attacks. A typical attack scenario is as follows: A hacker constructs a malicious web page and entices a user to use a browser to access the page. Through certain loopholes in the browser, such as buffer overflow vulnerability, the hacker executes a shell code that usually downloads a Trojan to the user’s computer. Common desktop software targets include Microsoft’s Office suite, Adobe Acrobat Reader, multimedia playback software, and compression software.