statement: The main purpose of this article is to interpret and popularize the relevant computer software and hardware, network security, etc. that appear in the play and the author's own professional knowledge. There is no hostility to the actors and the play. Here, I would like to thank this drama for spreading knowledge about network security to the public.
simple character relationship
web drama "Are you safe? ”
I didn’t watch the whole drama in advance, I just watched one episode so far. I don’t know whether the whole drama consists of multiple independent stories, or the whole drama revolves around one main story line. Anyway, the author's purpose is not to introduce the plot. Let's take a brief look at the characters and their relationships in the first episode:
- Qin Huai, the male protagonist, the righteous hacker ( Hongke )
- Ms. Xia, suspected her husband was cheating, and asked for help to collect evidence
- Mr. Shi, Ms. Xia's husband, an executive of a listed company
- disguised himself as a hacker who seduced Mr. Shi
Without further ado, let's go straight to the topic and take a look at the scenes with "black technology" in the first episode .
Power Bank steals mobile phone information
This episode begins with the story of people who revel in the bar after using the modified power bank, and the mobile phone information is stolen by the malicious software in the power bank. After the
power bank is modified by
, the criminals collect the power bank, and then open the power bank one by one, and copy the information stolen by the malware to the computer.
read the storage device in the power bank
Here, we see that the way to display the information in the center is to make this stolen information into a U disk, the Trojan software must be installed here, and then the data of the mobile phone connected to the mobile phone , and finally plug in the computer to upload the data.
User information transmission
Let's take a look at this interface for transmitting information. The code on the left is the source code of the HTML page; The title is written SYS_DATABASE, which translates as "system database".
to turn off USB debugging
said at the end of the film that "make sure the USB function of the mobile phone is turned off", which means to turn off the USB developer debugging function, which is usually turned off by default on Android phones.
popular science interpretation: On the whole, it is possible to steal user data from the power bank, but only if the Android phone has an Android phone and the USB debugging function is turned on; at present, the Apple phone is relatively safe, unless it is a random flash machine; the last user information The interface of transmission is basically made up by the director.
Chef Lu reminds: If you are using an Android phone, please search the Internet for your own phone model how to enable the USB "charging only" function, enabling the "charging only" function when using a third-party power bank can largely avoid the trick.
Qinhuai's computer was hacked
14 minutes and 10 seconds, when Qinhuai was giving a speech on network security, the computer was hacked, showing many expressions, and being mocked "You are my grandson".
The personal computer was hacked
After that, there are scenes of hackers launching code attacks:
The scene of hacking code attacks
This is not called code in theory, not even the most basic HTML tag , but CSS style sheet - control the web page Graphic layout, text size and color, etc.
Popular Science Interpretation: Personal computers are attacked in real time online, and the possibility of remote login is that the virus has been implanted into Trojan software; if it is the Trojan prepared in advance, what code is the hacker still typing online? Is it online? Replacing the emoji and taunting text in the Trojan horse? All I can say is that this is a bit of a mess, probably because the plot needs it.
Chef Lu reminds: Check whether the remote desktop port of your computer is enabled, it is closed by default, if it is not necessary, turn it off; check the path settings->Network->Windows Firewall ->Advanced settings->Inbound Rules, pull to the bottom.
Check whether the remote desktop port is enabled
Internet capture
9 minutes 08 seconds to 10 minutes 50 seconds, Qin Huai provided Ms. Xia with 4 so-called "Internet capture" methods:
- WeChat steps, to see whether a person works in the company or Walking outdoors
- sharing shopping links, fishing
- Baidu network disk backup, uploading photos, call records, contacts and other mobile phone information , 1, 3, and 4 are easy to understand, and focus on 2, share shopping links. Generally, when we share shopping links, there will be rebates, but regular APPs will not display the user information that clicks on the sharing link or purchases through the sharing link to the sharer, because this belongs to the user's private data; however, having said that, sharing If the outgoing link is a webpage made by Qinhuai, it is completely transparent. Whoever clicks it can be recorded at the time, minutes and seconds. This is the big data statistics of user behavior.
Chef Lu reminds: Try not to authorize your address book to an unknown app. If you encounter a criminal who collects your address book, not only is you at risk of being defrauded, but the contacts in your address book are also at risk of being defrauded possible.
BitLocker encrypts the drive
24 minutes and 43 seconds into the scene: Qinhuai got the USB flash drive and wanted to open it, but was prompted to enter a password, and the USB flash drive was encrypted with BitLocker.
BitLocker-encrypted drive
Qin Huai obtained the password by brute force cracking to see the contents of the U disk: Dkxwmd07
brute force cracking
This interface looks very cool, but I really can't see the language of the "code" in the upper left corner, it feels like it will be cracked soon Yes, the uppercase suit! After
cracked the U disk
U disk cracked, see the name is KINGSTON, Kingston , and then Qinhuai opened the folder asfsdgfnhdrwae where the video is stored, this name is very funny and does not match the identity of a hacker.
The video stored in the cracked U disk
popular science interpretation: BitLocker is an encryption method that comes with Windows. Note that the encryption here is just like the name of Locker, just adding a lock to the disk, not encrypting the files inside; Qin Huai's software for brute-forcing passwords is a bit tricky, because after all, he doesn't even know how many digits the password is.
Chef Lu reminds: If your computer needs to be sent for repair and the data in the hard disk do not want to be seen by others, you can use the BitLocker that comes with Windows to lock the disk, but be sure to remember the password, otherwise the hard disk cannot be unlocked and can only be formatted melted.
Postscript
This episode is basically the same as the computer-related knowledge shots. If you think the author's interpretation method is interesting and can answer some doubts in your heart, or if you can learn some little knowledge from it, I hope to hear from you. Feedback - like and comment, I will continue to update.
