Riding the wind of rebirth

Chapter 1857 Top Hacker
"Suzaku has not been contaminated." Hu Tianyu did not even dare to use the company's network tools, and instead used his cell phone and Zhouzhi Communications. This was enough to explain the problem: "This is thanks to Xueshan. When she was doing routine checks on the department's incoming files, she discovered an unauthorized low-level temporary user, and then reported it through the post-event supervision process."

It is not surprising to have low-level users. The Clover Group is very large now. Whether it is a temporary user for testing or a temporary user who is a daily visitor, there will be similar licenses for them to use.

However, from an institutional perspective, no user in the system can be created out of thin air, and must be authorized by a senior user before it can be created.

There is one type of user who is an exception, and that is the guest user managed by Feng Xueshan. This type of user is issued and recovered at any time every day, and is not a key supervised user in the system. If you are a little careless and add a guest user, no one will notice it at all.

As a result, this fell into the hands of Feng Xueshan. This girl had an obsessive-compulsive disorder similar to mysophobia about her work. After discovering such a user, she didn't know whether the situation was serious or not. She looked up the management system, which stated that similar situations needed to be reported through the post-supervision process, so she reported it.

As long as the problem enters the supervision process, there will be corresponding personnel to supervise it, and as a result, the matter becomes metaphysics.

Afterwards, when the supervisor investigated this user, he found that although it was a temporary guest user, its authority was higher than his own. He did not even have sufficient authority to search the customer's activity track in the system!
When encountering such a situation, the matter should be escalated according to the system procedures. The supervisor initiated the escalation mechanism and reported it to his supervisor.

When the incident escalated to the point where even Hu Tianyu could only interview part of the story, the top management knew that the matter was serious.

This is a super user posing as a temporary visitor!
Hu Lidong's first thought was that this user should have been created by Zhou Zhi, because Zhou Zhi was the only one with such authority in the entire system.

Moreover, Zhou Zhi also had a similar criminal record. He registered a small account on the forum to influence the trend and claimed to be "going on a secret visit."

However, Hu Tianyu believes that Zhou Zhi knows what is important and what is not. Making trouble on the forum is one thing, and the internal working system of the unit is another. There are also many national scientific research projects here. Zhou Zhi always puts the security of information systems first.

Eventually, the two contacted An Chunjia, who was still working on the Xia, Shang and Zhou dynasty dating project in the capital, and the Clover Group used the ultimate user "Nuwa" for the first time.

Nuwa users are the highest-level users in the system, but are usually dead users. They can only be accessed after obtaining authorization from the majority of the company's senior management.

From a system perspective, this user is used to counter Zhou Zhi's super user. Zhou Zhi has the highest decision-making power in the company, but such decision-making power cannot be infinitely expanded and is also subject to corresponding constraints.

This kind of restriction comes from the top of the system. From the current group structure, if the three small ones unite, they can veto Zhou Zhi's decision. This right is reflected in the system, that is, the three small ones can jointly authorize and activate Nuwa to monitor and investigate all users in the system.

The fact that the Clover Group was forced to activate Nuwa also shows the seriousness of the matter.

Although this user erased all traces of his intrusion in the system after obtaining the highest authority, he still missed one point, that is, there is another user with the highest authority in the system who has a secret archiving function for key logs.

This function is purely Zhouzhi's waste of Nuwa, because Nuwa is a user who cannot use it without the joint authorization of three people below Zhouzhi, so she is a "dead user" on weekdays. It is just right for the supervision system to be able to monitor all user behaviors from high to low, so a super user is also needed to record these behaviors. Although the employees in the supervision post cannot directly operate Nuwa afterwards, and even the operation review of higher-level users needs to be authorized, they can at least see the log documents recorded by Nuwa.

The most important of these log files are the system login and logout, permission modification, and file access and modification and deletion records of users in the system. Except for the personnel in the post-supervision position, not many people in the Clover Group know about this record. This mechanism was originally used to guard against the Japanese and Korean groups working in the same unit, but it turned out to be useful at this critical moment.

With the help of Nuwa, the hacker's behavior of breaking into the account could no longer be hidden in the logs.

Hearing that this user had not taken any action to attack the system, Zhou Zhi finally breathed a sigh of relief.

The most difficult thing to defend against when dealing with hackers is not their attacks but their lurking. In fact, many hackers are only interested in breaking into the system. After breaking into the system, they will promptly clear the attack records and then exit.

They just need to know that this hacking method is feasible, so they can use it easily next time.

If the reckless operation attracts the attention of the system administrator and the loophole is plugged in time, it will be bad.

Another type is disguised lurking, such as the one now. This type of user generally covets some resources of large companies and large servers, such as storage space and computing power, and they will use these resources to complete some of their operations when necessary.

It is very rare that a system is destroyed by purely random operations. Even if this goal is to be achieved, it does not require the user to do anything reckless. The simplest way is to implant a virus to achieve the goal.

Obviously, implanting a virus would definitely alert Clover, because that's what Clover does, and their virus database is very complete. If this is done, the firewall will definitely find it.

"This person is not just an ordinary expert, he is a top hacker." Hu Tianyu also sensitively noticed that Zhou Zhi had relaxed, and said to him: "Elbow, do you remember our discussion about the NOP buffer?"

"What? Did this guy really implement the NOP sled on the Linux system?" Zhou Zhi felt incredible: "Even on our system?!"

NOP is a special instruction on the microcontroller. Its full name is No Operation, which means no operation instruction.

What is a no-operation instruction? It is a pseudo-instruction in assembly language, which perfectly explains the thoughts of Laozi and Zhuangzi, because its function is to do nothing but increase the program counter by 1.

At this point everyone will find it very strange. Since this instruction does nothing, what is the meaning of its existence in computer language?

Of course there is.

In the computer's logical operations, the "alignment" of instructions and data can effectively improve the performance of the program. At this time, an instruction is needed to fill the positions left vacant due to alignment.

For example, if an instruction takes up 3 bytes, and a NOP instruction is added, the instruction can be aligned to 4 bytes.