CSEC Missions CSEC任务(原文)
CSEC Invitation
1, Hack "CSEC Invitation Gauntlet".
2, Read "CONTINUE.txt" at /home/Test.
3, Scan network.
4, Hack "CSEC Gauntlet 02".
5, Read "CONTINUE.txt" at /home/Test.
6, Hack "CSEC Gauntlet 03".
7, Download "WebServerWorm.exe" at /home/Gift.
8, Read "Invitation_Passwords" at /home/Test. Remember the password.
9, Reply with the password.
CSEC Invitation - Affirmation
1, Hack "www.cfc".
2, Scan network.
3, Hack "CFC Corporate Mainframe".
4, Read "11_Secret_Herbs_And_Spices.txt" at /home/training_files.
5, Scan network
6, Hack "CFC Records Repository".
7, Download "Seasoning_Order_Placement_Template_Pt1.docx" and "Seasoning_Order_Placement_Template_Pt2,docx".
8, Upload the 2 files to "CSEC Public File Drop".
CSEC Invitation - Attenuation
(This is what you get if you finished /el missions)
1, Hack "www.cfc".
2, Scan network.
3, Hack "CFC Corporate Mainframe".
4, Read "11_Secret_Herbs_And_Spices.txt" at /home/training_files.
5, Scan network
6, Hack "CFC Records Repository".
7, Download "Seasoning_Order_Placement_Template_Pt1.docx" and "Seasoning_Order_Placement_Template_Pt2,docx".
8, Upload the 2 files to "CSEC Public File Drop".
CSEC Invitation - Congratulations
1, Log in to "CSEC Assets Server" as admin.
2, Download "SQL_MemCorrupt.exe" at /bin/SQL_Mem_Corrupter (you don't need this if you already have "SQLBufferOverflow.exe") and "Sequencer.exe" at /bin/Sequencer.
3, Now it's time for CSEC missions....
Rod of Asclepius
1, Hack "Universal Medical".
2, Search for "Jonas Sandburg".
3, Click "e-mail this record", and send the record to "gila@jmail".
Binary Universe(ity)
1, Hack "International Academic Databse".
2, Search for "John Stalvern".
3, Click "Add Degree".
4, Add the following information: "Manchester Univeristy" "Masters in Digital Security" "3.1"
5, Click "Save and Return".
6, Delete logs!!
Ghosting the Vault
1, Hack "CSEC Crossroads Server".
2, Download "encrypt_source.dec" at /home.
3, Hack "DEC Solutions Web Server".
4, Scan network.
5, Hack "DEC Solutions Mainframe".
6, Download "Decypher.exe" at /Staff/A.Carey.
7, Connect to your main PC, then go to /home.
8, Decrypt "encrypt_source.dec". (Use this command:)
9, Upload "encrypt_source.cs" to CSEC Public File Drop".
Imposters on Death Row
1, Hack "Death Row Records Database".
2, Go to /dr_database/records.
3, Remove Joseph Felman's record. (Use this command:)
Bit's disappearance Investigation
1, Hack "Bitwise Relay 01".
2, Read Home_Base.txt at /home.
3, Connect to "Bitwise Drop Server", and hack it.
4, Download "READ_all_hackers.txt" at /Drop/Uploads.
5, Upload "READ_all_hackers.txt" to "CSEC Public File Drop".
Through the Spyglass
1, Hack "Joseph Scott's Battlestation".
2, Download "DECHead.exe" at /home/work.
3, You'll get a new email once you realy, now connect to "CSEC Crossroads Server".
4, Download "CSEC_encode_1.dec" at /home.
5, Connect to your main PC, then analyze "CSEC_encode_1.dec" with "DECHead.exe". (Use this command:)
6, You'll find an IP address for "Macrosoft Workhorse". Connect to it and hack it.
7, Read "3345633.log" at /WORKLOGS, the password is there.
Red Line
You don't need to hack this server completely! Just attempting to hack it is enough!
1, Connect to "CCC Hacksquad Filedump".
2, As soon as you start hacking, you will enter "emergency recovery mode". Now you should change your IP address quickly.
3, Connect to "ISP Management System". (Use this command:)
4, Hack "ISP Management System".
5, Click "Search for IP", then type your current IP address. (It should be shown at bottm-left corner.)
6, Click "Assign New IP", your PC will restart immediately.
7, Reply the email.
Some tips for hacking this one completely:
*EASIEST WAY to beat it: Just keep hacking the server even if you enter the emergency recovery mode. Each command will reset the warning message and you will be able to finish hacking.
* If you want to download the files in this server, you can do it while emergency recovery mode. You'll need to type commands really quickly though.....
Wipe the record clean
1, Hack "International Academic Detabase", or just log in as admin if you've done this before.
2, Search for "Jacob Stevens".
3, Click "Delete", then "Confirm".
4, Delete logs before you disconnect!
Jailbreak
1, Hack "Sal_Home_Workstation".
2, Scan for his eos device.
3, Log in to "Elanor Helleran's ePhone 4s" as admin.
4, Read "ids.txt" at /eos/notes, and remember the registration ID.
5, Reply with the registration ID.
A Convincing Application
1, Log in to "CSEC Crossroads Server" as admin.
2, Download "FOF_Screenplay.doc" at /home.
3, Analyze "T2_Screenplay.dec" with "DECHead.exe". You'll get an IP address.
4, Hack "Jason's LackBook Pro".
5, Go to /home/scripts, and upload "FOF_Screenplay.doc" from your PC.
Unjust Absence
1, Log in to "CSEC Assets Server" as admin.
2, Download "template.txt" at /home/Templates/DeathRowDatabaseTemplate.
3, Connect to your main PC, and open "template.txt" at /home.
4, Edit "template.txt".
Use these commands:
5, Rename "template.txt" to .
6, Connect to "Death Row Records Database", and hack it or log in as admin if you have already hacked it.
7, Go to /dr_database/records, and upload the file, .
Two Ships in the night
1, Connect to "CSEC Crossroads Server", and find "C_EXE_contact.dec" at /home.
2, Decrypt "C_EXE_contract.dec" with "Decypher.exe". (Use this command:)
3, Download "C_EXE_contact.txt". ()
4, Upload "C_EXE_contact.txt" to "CSEC Public File Drop".
Project Junebug
1, Hack "Universal Medical".
2, Search for "Elliot Whit".
3, Send his record to your email address. (Click "e-email this record" then "Specify Address".)
4, Go to your Jmail inbox, and read Elliot's record. You will find 2 IP addresses here.
5, Connect to "Kellis Biotech Client Services", and hack it.
6, Optional, but necessary if you wanna know what you're doing: Read all news on "Kellis Biotech News".
7, Scan network
8, Hack "Kellis Biotech Prodection Asset Server".
9, Download "KBT_PortTest.exe" at /home/Production/Output. This software will allow you to hack port 104.
10, Now go back to "kellis Biotech Client Services", and read "#0E0015_-_Pacemaker_v2.44_Firmware_and Patching" at /MsgBoard/listings. You'll find an IP address here.
11, Connect to "Eidolon Soft Production Server", and hack it.
12, Read "Eidolon_Security_Notes.txt" at /projects/Internal. Remember the user name and the password.
13, Download "PacemakerFirmware_Cycle_Test.dll" at /projects/KellisBT/Tests.
14, Connect to "KBT-PM 2.44 REG#10811", and hack it.
15, Go to /KBT_Pacemaker, and upload "PacemakerFirmware_Cycle_Test.dll" there.
16, Click "View Monitor".
17, Log in as EAdmin. ()
18, Click "Administrate Firmware".
19, Choose "PacemakerFirmware_Cycle_Test.dll", then click "Activate This Firmware".
20, Now watch his heart beat....
21, RIP
英语水平还是要有点的,腾讯安全实验室玄武安全实验室掌门人TK教主说过:大多数的网络安全技术都是外国人发现的,而中国人懂得的更多是运用。
所以,你想成为一名流弊的黑客,基本英文的文献与交流是要能看懂的。
黑客就像计算机幽灵一样,来无影去无踪。很多朋友对他们的高超技术羡慕不已,都想知道成为一名黑客,都需要掌握哪些基本技能。其实,总结起来也就以下十项基础技能。
1、专业英语计算机最早诞生于美国,天生自带“英文”属性。虽然我们普通人可以使用简体中文,但人和计算机的交互命令全部都是英文命令。如果你连英文都不过关,那基本就谈不上当黑客了,尤其是计算机专业英语。
同时,最新的计算机技术资料基本都是英文版本的。等到翻译成中文,需要延后蛮长一段时间(1个月到1年不等)。而对于计算机漏洞来说,从发现开始计时,越往后越无效。因为安全厂商早就开始全面修补漏洞了。所以,黑客的英文必须好,而且经常浏览国外有名的英文网站。
2、网络协议黑客之所以叫做黑客,就是因为他们“隐身”于计算机网络世界中。他们对各种网络协议都非常精通,并且能够熟练使用各种网络工具。这里说的精通不是懂得配置和优化,而是非常精通其工作原理。比如:
OSI七层网络模型中网络数据传输的各种封装,包括数据帧、数据包、报文段等。黑客经常需要通过网络扫描嗅探,也需要通过篡改数据来进行伪装。TCP传输的三次握手、传输窗口、重传机制。黑客可以利用这些机制的弱点来制造麻烦。目前安全防御最难对付的就是DDOS攻击。MAC地址、ARP、静态路由、动态路由、VPN、VLAN、NAT等工作机制。黑客可以通过入侵网络设备来窃取重要的数据。IPv4、IPv6的规划、寻址技术,这是计算机在互联网上的身份证。黑客必须了解得明明白白。DHCP、DNS、RDP、SSH、FTP、telnet、SCP等常见的网络应用。黑客经常利用这些常见的网络应用的漏洞来达到入侵的目的。其他网络技术操作系统是计算机的基础软件,而Linux系统又是服务器端使用较多的操作系统。作为一个合格的黑客,自然需要精通linux系统的基础知识。同时,由于linux的开放性,很多攻击性强的黑客工具都是在linux下开发出来的。黑客如果对linux不熟悉,就连驾驭黑客工具都比较费劲,更谈不上入侵了。当然,这里并不是说windows系统就不需要掌握,只是linux显得更为重要一点罢了。windows毕竟在桌面终端上使用也是很广泛的。
4、社会工程学社会工程学是指通过各种社会机制(包括伪装身份沟通)来获得信息的手段。很多人觉得这个和黑客技术没啥关系,感觉更像是小偷、骗子之类的。其实不然,社会工程学是黑客攻击的常用手段。他们可以伪装成单位的维修电工,将机房的全部电力切断。也可以通过伪装维护人员致电来获取系统的远程登录账号、密码。这可比暴力破解密码来得轻松很多。所以,现在的网络安全也包括提高人们的安全意识。
5、数据库技术数据库是业务系统存储重要数据的场所,而很多黑客的攻击目的就是为了获取有用的数据。所以,黑客必须掌握市面上主流的数据技术,比如:oracle、db2、mysql、ms-sqlserver等等。同时,数据库周边的相关软件技术也是黑客需要掌握的,比如:备份软件。
6、web应用web应用因为是对互联网提供服务,通常是黑客攻击的首要目标。因为它是完全公开暴露在互联网上的应用,所以比较容易被攻击。黑客攻击成功后,可以通过web服务器一步一步突防到核心业务系统。很多不注重安全的中小企业,经常会碰到网站被篡改、被挂马。这些都是黑客行为所致。黑客通常非常熟悉HTML、ASP、JSP、PHP等语言。
7、加解密信息加密原本是“间谍”为了交换信息最常用的手段,但现在的网络中已经普遍使用加密传输、数据加密等技术。黑客们在长期的破解加密的过程中,也学会了利用加密系统。比如:这些年流行的勒索病毒就是黑客将用户的重要数据进行了高强度加密,导致用户无法读取这些数据不得不缴纳“解密费”。所以,黑客对加密和解密技术也是必须掌握的,不然很难突破用户的安全体系。包括:对称加密的DES、AES;非对称加密的RSA、DSA;散列算法SHA和MD5等。
8、编程技术编程技术是计算机软件开发的必要技术。黑客们虽然不自己开发商业软件,但为了成功入侵系统,高级一点的黑客都会自己开发入侵工具。他们一般都擅长cgi、perl、php、python等脚本语言或者编程方法,可以轻松用这些工具来编写代码。
9、逆向工程逆向工程通常用于破解商业软件,而黑客则可以通过逆向工程来发现软件的漏洞。当然,黑客也可以通过逆向工程对现有病毒或者恶意软件中的功能进行升级或者重构,形成新的强攻击力的恶意软件。
10、“隐身”技术真正的黑客除了成功入侵系统外,还需要消除自己的入侵痕迹,做到网络“隐身”。因为,计算机系统、网络系统、安全设备都有完备的日志系统,他们会记录一切对系统的操作。黑客如果无法消除自己的访问痕迹,就算成功入侵了也很容易被安全部门抓获。所以,黑客必须非常清楚网络的数字取证技术,要知道如何规避自己被取证。
总结黑客和安全既是相互对立的,也是相互转换的。以上技术本身并无对错,但如果用于黑客攻击就是违法行为。如果用于安全防御,那就是有益的行为。请技术男们不要轻易去从事黑客攻击。