Five major steps for hackers to intrude into the US Space Agency (1)

Warning this chapter deals with certain military secrets, so we blur them in some places. This article is highly risky. Do not imitate it. The purpose of this article is to help you understand VAX and VMS.

In some hacker intrusion activities, many hackers simply intrude into small, poor, and vulnerable websites, because this is nothing for those who like to stimulate hackers. In their words, intruding into those websites is just a casual game they make when their brains get tired. For these dangerous hackers, they are really interested in computers that are usually rare in important organizations and laboratories, only those things can truly stimulate the activity of their brain and nervous systems, and they can also bring up their appetite.

Among these many flavors, VAX computers and their VMS operating systems, favored by leading agencies such as NASA and CIA, have become the favorites of super hackers, these things can stimulate their ongoing research to try every tiny opportunity to intrude into these important institutions.

What Is a vax computer? What is the VMS operating system?

For more information about the hacker manual, see the following basic knowledge.

So what is a VAX computer? What is the VMS operating system? Below we will briefly introduce these mainframe core systems placed in the lab.

In 1978, DEC established its first computer system based on VAX virtual address extension (virtual address extended), a complex command computing CISC unique to the DEC computer system) architecture computers VAX11 and 780. This big guy was a basic 32-bit computer at the time, and was able to have a computing performance of up to 1 MIPS. In that age, the speed and performance of this computer were unparalleled. The value is $200,000 at that time. But apparently he is the best.

It is even more worth mentioning that VAX is a multi-user system. Its network applications include:

Communication Terminal protocol CTERM): DNA uses this protocol for virtual terminal services provided by the VMS system and can be used for any connection. It is an optional LAT protocol.

Distributed Naming Service (DNS): DNS is a Universal Naming Service for the VMS system. It allows users, files, and nodes to be named so that they can be recognized by the entire network.

Data Access Protocol (DAP): DAP is an old protocol set that provides remote file access for VMS systems. DAP will be replaced by DFS.

DFS): similar to the Network File System, a directory can be identified as shared and can be installed on a remote node.

Distributed Queue Service (DQS): this service is mainly used for print processing. This service enables VMS to work in online queue. "Job control" removes a job from the queue and transmits it to the coprocessor for processing the job.

A vax Computer-dedicated terminal can only be used on a VAX system and may be used for Internet services. Its uniqueness and incompatibility maintain its security foundation. But for a hacker who knows the VAX system very well, this is not anything. They can also use software on a PC to connect to the VAX system and try to destroy them, however, each hacker must have a terminal simulation program of VT100. Of course, this is not difficult to obtain.

So what is VMS? VMSVirtual Memory System) is a virtual Memory System, which is a special computer network operating System. However, VMS is similar to other systems, for example, its logon interface is more like a UNIX system. First, you will see a login information Username:; next, the User password: If you can enter the information correctly, then you will enter a character operating environment with a prompt $. After you log on successfully, there will be a series of prompts, including your username, your process ID, and so on. The following table: This table is invalid :)

For a hacker familiar with the operating system, he will quickly feel that the VMS system is basically the same as other operating systems such as UNIX, A good hacker can use it easily in the short term. The only difference between these systems is that command prompts are not the same. For example, if the C shell in a UNIX system needs to call a device, enter the command to call the SHELL device in the command line. In VMS, assume that the device called is historyDos with a corresponding module called Dos prompt.) In VMS, if you keep holding down the Ctrl key and enter the character B, other command processes will be stopped, all current processes will be listed, processes will be returned, and current user statistics will be reported for modification. Intrusion into VMS is essential basic knowledge.

Of course, there are still a lot of VAM system servers on the Internet, and so far this old VMS system is still very dynamic, of course, he is still not only performing blood updates, the latest VMS operating system is called Open/VMS network operating system. OpenVMS can run on VAX and Alpha hosts. Alpha is a very fast workstation system and can run Windows NT, OpenVMS, Digital UNIX, and other systems. This is what hackers dreamed of. In the earlier days, many hackers decided to give up their high salaries and go to some numb and inactive research institutions to Pursue Alpha workstations.

Currently, most of the public online VAX hosts have been in use for a long time. For example, the libraries of many American universities are all very old. But there we can learn about VAX/VMS and details, which is a great opportunity for a person who knows nothing about VAX.

Security of the VMS system

To intrude into these important organizations, hackers must understand the security of the VMS network system. Security in the VMS system has been carefully considered, because these big guys are used in some important research and military institutions, and security issues have become an important performance of VMS. For example, VMS basically has a powerful read/write control, which depends on the settings of the system administrator ). The read/write control in VMS is similar to that on Novel Netware. The following is a simple control command provided by VMS:

Time): You can control which day, which user, and the hour in which the system can be accessed. The default value is 7 days a week and 24 hours a day, just like a firewall, you can precisely control every user.

Resources): You can control the access permissions of every login user and Set permissions for each directory.

Of course, these are just a simple example of access control by the VMS system. In fact, there are multiple privileges in the VMS system and they can be used in working groups. In other words, in a VMS system, read/write control is a complex setting with many options. For this reason, few hackers can break through the system. Sometimes, this complicated setting will become a very heavy task for network administrators. Smart hackers on this planet have realized this:

The biggest advantage of a VMS system is its great flexibility. The system administrator can choose to implement or ignore such complex settings, which leaves a chance for hackers.

Attacks on a vax or a network operating system using VMS) are very different from attacks on UNIX systems, first, the password file stored in the VMS system is very different from its structure in UNIX. It is stored in the/etc/passwd file in UNIX, this file includes the defined username, password, logon information, and Working Group. In contrast, this file in the VMS system not only includes the above simple information, but also contains a lot of other information:

Every DEC host running VMS stores all User archives in one File, called SYSUAFSystem User Authorization File. For every User using this system, including the system administrator, there is a record to record the user's logon time and access permissions, and it also gives the password detailed time, password length, and all the details of the user's logon. This is really a headache for hackers.

However, this incomprehensible password file structure also has its own vulnerabilities, that is, if a hacker succeeds in obtaining the right to operate the file and modifies it, the entire system will be at risk, but this situation is unlikely.

Generally, a user can log on to the system through a program called UICUser Identification Code (user Identification Code. This is very similar to GID in UNIX systems. It identifies the login user, the user's access permissions, and the Working Group. Therefore, you can imagine that this UIC system is a unified database.