The Winner of Life Through the Second Dimension

"Everyone finds different loopholes, even if it is the same loophole, there are different methods. It's hard to tell."

"However, what I'm using is the upnp vulnerability."

"Don't tell me, you should also know that this is a service that is started by default in windowsxp, right? When a user installs windowsxp by default, the upnp service is automatically enabled, causing serious security vulnerabilities."

"And this loophole can be hacked in three ways." Uncle Gates listened intently, and what I said was something he had never heard of.

"Cough, cough, I've said so much, I'm a little thirsty, let me have a drink first."

"No no no, go on, I'll pour the water for you." Uncle Gates hurriedly went to help me pour the water.

"Well, this pretend is too cool! Who can ask the world's richest man to help you bring tea and water?"

"The first is that I can illegally obtain system-level access rights of any windowsxp (loss of system control), the principle is to use the intrusion object as the default installed windowsxp system, when I send messages containing abnormal parameters to the upnp service host at different rates When the request packet is received, it will cause access conflicts on the target machine, and most of these access conflicts are caused by the pointer being overwritten. The target host will initiate a connection according to the url in the "location" field, if the host in the url starts chargen service, then the target host will continue to allocate and release memory, thus occupying a large amount of system CPU resources, making the system paralyzed, and the firewall will become vulnerable."

"The second is to conduct a dos attack (denial-of-service), that is, to use the flood of data packets to rapidly degrade the performance of the computer system until it becomes unbearable and crashes."

"The principle is that I can send a udp packet to port 1900 of the system running the upnp service, where the address of the "location" field points to a server that provides echo services, and informs the target host network that there is a server providing echo services on the network For an upnp network device that a user needs, the target main target will enable the system's upnp service and send a download request to the server that provides the echo service. The server that provides the echo service will automatically reply with an information packet, because there is no confirmation mechanism for device information. And upnp will think this is device information and request more information files, and then the server will automatically reply with a packet, which may cause the system to enter an infinite connection infinite loop. This will cause the system cpu usage to reach 100%, Failure to provide normal services will also result in the loss of firewall functionality."

"The third is that I can conduct distributed ddos ​​attacks. Because Simple Service Discovery Protocol is a component of the upnp service, it enables a system to enumerate the available resources on newly installed devices on the upnp network. Due to the application of the ssdp protocol A design vulnerability, I just need to send a fake udp packet to a network with a large number of xp hosts, and I can force these xp hosts to attack the specified host."

"Actually, even if I don't bring up this vulnerability, they will find it two months after the release of the XP system and provide a patch download. I just moved the time forward."

Looking at Bill Gates, who was taking notes seriously, I felt an inexplicable sense of disobedience. This is more than copying other people's things and telling them later than borrowing from novels.

"Actually, you don't need to take notes. To solve this vulnerability, you only need to write the corresponding program and it can be solved, which is the so-called patch."

"I paid $100 million to buy your patch. Because the launch of the new system is next week, but now the system has such a serious loophole, we can't postpone the launch time, otherwise it will definitely affect the company's stock. make an impact.”

"No no no, I'm not going to sell this patch."

"Why? Do you think the money is too little? It doesn't matter, I'll pay $200 million."

"You misunderstood. This patch is not a precious thing. I didn't plan to use it to make money. I planned to give it to you."

"Give it to me? Are you sure you don't charge copyright fees?" (Copyright awareness in the United States is the most important in the world)

"It was originally yours, I just gave it back to you." I complained in my heart.

"Yes, no fee, we can sign a copyright transfer agreement if you don't worry. Because these patches are really just a trifle to me."

"who are you?"

"My name is Kosaka Shinsuke, and I'm a primary school student." I said coolly.

"Xinjie-kun, are you interested in working in our company? The annual salary is 200 million US dollars. Whenever you make a significant contribution to the company, you will receive cash rewards." Uncle Gates threw an olive branch to me.

"It's my turn to ask, who are you? Why do you have the right to offer such a favorable offer? You must know that a few million dollars is not a small amount." I said pretending not to know.

"I'm so sorry, I just lied to you, I am the founder of Microsoft Corporation, and concurrently the company's chairman and chief software architect, Bill Gates."

"Who is pretending to be forceful, so damn dazzling, it's really been shown!!!"

"Well, you still held the position of the world's richest man from 1995 to 2001." I complained in my heart.

"How are you thinking? Come to work at my company!" Gates said to me again.

"No, I also have my own team and my own industry in Japan."

"Oh, is it about the Internet?" Uncle Gates became interested.

"Well, I have opened a few websites, you can go and have a look if you are interested."

"Since you don't want to come over, maybe we can cooperate." Uncle Gates smiled.

ps: It took a long time to write this chapter, and it was spent on checking the information. It doesn’t matter if you don’t understand it. Even the person who wrote it can’t understand 233333. Anyway, you don’t need to understand it. That's it.

ps2: Tomorrow I should be able to end the affairs in the United States and return to Japan, and I will definitely achieve something before I go back.

ps3: One update is added today, maybe two more tomorrow.See the vote to decide.

Chapter [-] Multimillionaire (USD)

"I'm really sorry. Because it's impossible for me to stay in the U.S. for a long time, and I'll be going back to Japan when I'm cured."

"It turns out to be like this, but it doesn't matter. If you still want to go back to Japan, can I invite you and your team to join Microsoft China Research Institute?"

"You're talking about the Microsoft China Research Institute that Microsoft invested heavily in Beijing on November 1998, 11?"

"Yes, that's the one. It's the second basic research institute that my family has opened overseas, and it's also the first one in Asia. But if you join, it should be renamed Microsoft Research Asia. We promise to Each talented researcher provides long-term support, and allocates 15 billion US dollars as research funds every year. And has 45 large servers divided into 4 racks, connected by dlink24 1000m switches. Each server has exclusive 1000m network bandwidth, which facilitates real-time high-speed transmission of data.”

"The conditions are very good, but the headquarters is in China, so I can't go to China to develop."

"Don't worry about this, we will open the Second Research Institute of Asia in Japan. Now you will not refuse."

"You can if you don't have to go abroad."

"Also, if you don't mind, I'd like to hire you as an honorary technical advisor to Microsoft, with an annual salary of two million."

"Honorary advisor, as long as I don't join you, this can be considered. Then, as an honorary advisor, what should I do?"

"It's very simple, just like the literal meaning. When we encounter problems with our technology, I hope you can help me, and I won't let you do it in vain."

"This is very cool! You must know that in addition to the newly released win10 system, you are not familiar with windowsxp, and you know all the other series of systems! Whether it is a loophole, a patch, or a bug."

"In other words, as long as I publish the vulnerability before they find it, can't I package the vulnerability patch and sell it to them?"