BB姬这个春节被肆意的肺炎疫情彻底打乱了,计划的开工也推迟了。
这2天在朋友圈频繁看到一则消息,说是境外某黑客组织计划在2020年2月13日攻击我国网络系统。
我没事就花了一点时间了解了一下详情,分享给各位。
水平有限,如有纰漏,请斧正。
===========================================
1.国内某安全厂商公众号的新闻:
===========================================
我继续找,获得信息里得知上文提到的是一个叫"Anonyous"的黑客组织。
2.Anonyous介绍(来自wiki)
匿名者(英语:Anonymous)是一种以共同理念组成的团体 ,匿名者称其不是组织,也不属于任何一个企业和政党,它只是一个理念,一个想法。比起黑客集团更像是一种社群,只要有相同想法或是理念,任何人都可以加入。其发迹于2003年,随后在政治上形成一些共识,并发起自主性或自发性行为与活动。他们因其宣传及利用拒绝服务攻击(DDoS)政府、宗教和企业网站而知名于世
匿名者至今没有证据其存在明确的组织规章或首脑,换言之任何人或一群人都能以自称匿名者的名义从事行为,无人能说其是或不是该成员。
理念
匿名者核心理念是“无名无份(匿名)”“平等地位”呼吁“网络自由”。我们是匿名者。我们是军团。我们不会原谅。我们不会遗忘。
2015年天下杂志专访一位自称匿名者创始营运阶级高层者,他回应违法争议“如果改变必须透过违法来完成,我想法律就必须被打破。”
3.twitter上的信息
我找到twitter上发的原文:
恕我孤陋寡闻,这个twitter号是否属于该组织。因为上文提过了:“匿名者至今没有证据其存在明确的组织规章或首脑”。既然这样谁去维护这个twitter账号。
据说这个组织是松散的,没有人会称是或不是该组织成员,换句话可以理解为每个人都能成为该组织成员。那么可以说是世界上最大的黑客组织。该twitter只有270 Followers是不是有点少?
我不再深究这个,继续看:
油管上的视频
标题:Op_Tibet Action Feb13 2020
可以理解为:西藏行动2020.02.13
可是该视频于2020.02.02发布,截至今天2020.02.08,观看次数仅仅464次。
这让我怀疑该组织是否有那么多人参与或者曾经参与过那么多次行动。不过视频里提到的对西藏的监控我也是有所耳闻的。如果从某方面说这次行动是正义的?有些人不提倡技术掺杂政治因素,但是政治就像水和空气弥漫在我们周围,谁又能彻底分得开呢?
附上视频地址:https://www.youtube.com/watch?v=sbKGrLw1RUc&feature
我把视频看了一下,顺便利用翻译软件翻译了以下视频内容:
greetings fellow citizens this February 13th operation Tibet will beactively supporting Tibetan independence day
同胞们,今年2月13日的西藏行动将积极支持西藏独立
the targets will be Chinese regimewebsites and corporations involved with or profiting from the mass surveillanceof Tibetans across Tibet
这些目标将是中国政府的网站和参与或从西藏各地对藏人的大规模监控中获利的公司
this action will be taken in cooperation with blackhat global team riddlerand fellow Anonymous activists supporting human rights and freedom
这一行动将与blackhat全球团队riddler和支持人权和自由的匿名活动人士合作
China has exploited Tibet as a testing ground for the installation of afacial recognition and biometric identification infrastructure which monitorsand records every move made by
中国利用西藏作为试验场,安装了面部识别和生物特征识别基础设施,监控和记录他们的一举一动
Tibetans all mobile devices are vulnerable and exposed courtesy ofstate-controlled
藏人所有的移动设备都是脆弱的,暴露在国家控制之下
Chinese tech corporations and communications monitored social mediaplatforms are scrutinized 24/7
中国的科技公司和通讯被监控的社交媒体平台被全天候监控
the extent of state intrusion is on a frightening scale each payment madecash deposited or withdrawn increasingly involved facial recognition processing
国家入侵的程度是惊人的,每一笔付款,存入或取出的现金越来越多地涉及面部识别处理
Tibetans are forced to carry a unique personal identification number CCTV
西藏人被迫携带唯一的身份证号CCTV
cameras equipped with facialrecognition technology are across virtually every street public buildings andbusiness
此外,配备面部识别技术的摄像头几乎遍布每一条街道的公共建筑和企业
in addition the police deploymobile surveillance centers
此外,警方还部署了移动监控中心
the use of artificial intelligence big data and advanced algorithms hasenabled China's government to impose a digital stranglehold over Tibet a highlyeffective and ever-present tool of oppression a key component of suchsurveillance is what's called the integrated joint operations platform
人工智能、大数据和先进算法的使用,使中国政府得以对西藏实施数字化控制。这是一种非常有效、无处不在的压迫工具
this features an app used by Chinese police and officials which tracksincredible amounts of personal data including blood type height professionreligion political affiliation and much more VI job system even records
这是一款由中国警察和官员使用的应用程序,它可以追踪数量惊人的个人数据,包括血型、身高、职业、宗教、政治信仰,以及更多的VI工作系统甚至记录
if a cell phone number has dropped or changed a notification is then sentto the Chinese authorities and police dispatched to investigate no aspect of what'sconsidered legal or normal activity escapes
如果手机号码被删除或更改,则会向中国当局发送通知,并派出警察调查任何被认为是合法或正常的活动
the intrusive scrutiny of this app including a sudden increase inelectricity use at an address which is then checked out by local Chinese regimeofficials
对这款应用的侵入性审查,包括一个地址的用电量突然增加,然后由中国地方政府官员核实
all such data feeds into a central system and is linked with othermonitoring platforms such as CCTV and Wi-Fi sniffers that extract personal datafrom people's phones as they pass through any number of public checkpoints suchmeasures have been rolled out across neighboring East Turkestan where theweaker people are also suffering under Chinese rule in China itself a hugefacial recognition network is being assembled creating what are calledintelligent public spaces
所有这些数据传输到一个中央系统和与其他监控平台,如中央电视台和无线网络嗅探器,从人的手机中提取个人资料通过任意数量的公共检查站已经推出这些措施在邻近的东突厥斯坦较弱的人也在中国统治下遭受中国本身正在组装一个巨大的面部识别网络创建所谓的聪明的公共空间
but in truth the central purpose of these systems is to allow China'ssecurity total surveillance of the population none of this gross violation ofindividual freedoms and civil liberties would be possible were it not for thoseChinese tech corporations who are collaborating with in servicing
但实际上,这些系统的核心目的是让中国能够安全、全面地监视民众。如果没有那些与中国科技公司合作提供服务的公司,就不可能出现这种对个人自由和公民自由的严重侵犯
China's government prominent amongthese are one-way sends time group face Plus+ Alibaba Baidu Tencent Holdingsand I fly tech this technology has nothing to do with advancing the convenienceor choices of the individual the marketing of 5g may suggest lightning-fastservice more data capacity and enhancing global connectivity
中国政府突出其中包括 北京旷世、阿里巴巴、百度、腾讯、控股科大讯飞与先进个人的方便或选择5 g的营销可能表明闪电般的服务更多的数据容量和增强全球连通性
but in China its implementation is about maintaining control statesurveillance and identifying any form of dissent against
但在中国,它的实施是为了维持对国家监控的控制和识别任何形式的异议
the regime it is a dream weapon for any totalitarian authority forTibetans who were already under an asphyxiation level of oppression they nowfind themselves existing behind digitized razor-wire
它是任何极权主义政权的梦想武器,对西藏人来说,他们已经处于令人窒息的压迫之下,现在他们发现自己就在数字化的铁丝网后面
their every move imprisoned and recorded by Big Data technology andartificial intelligence
他们的一举一动都被大数据技术和人工智能禁锢和记录下来
this Big Brother nightmare must be opposed in operation Tibet asks allthose opposing injustice censorship and the tyranny of China's regime to joinus this february 13th
“西藏行动”必须反对“老大哥”的噩梦,请所有反对不公正审查和中国专制政权的人在2月13日加入我们
for more information go visit thelinks below the video
更多信息请访问视频下方的链接
we are anonymous
we are legion
expect us
我们是匿名的
我们是军团
期待我们
===========================================================
原谅我英语水平差,自动翻译也不会太精准。大概意思应该可以理解。
继续更新
视频的下方放了几个url:
https://pastebin.com/qhMbxQRj
https://pastebin.com/9sGWFEKc?
https://pastebin.com/s2ynYuXQ
==========================================================
从网上查找:
Pastebin是一个非官方pastebin.com的客户端。可以使用它,查看您的存储粘贴,并创造新的你的粘贴,可以通过电子邮件,短信,在Facebook,Twitter等共享。
====================================
a。第一个url连接:
https://www.iflytek.com/
科大讯飞官网
http://www.capital.cimc.com
中集集团官网
http://www.wiseweb.com.cn/
网智天元官网
https://www.haohandata.com/
北京浩瀚深度信息技术股份有限公司官网
These Chinese companies are the main players installing and runningfacial-recognition and other intrusive technology inside Tibetare and aredeeply engaged with China's regime.
这些中国公司是在西藏境内安装和运行人脸识别和其他侵入性技术的主要参与者,他们与中国政府有着密切的联系。
They are responsible for the 24/7 mass surveillance which targetsTibetans, monitoring their public movements, controlling their lives viaID/Bio-Metric cards, and monitoring all phone calls and internet use.
他们负责对藏人进行24/7的大规模监控,监控他们的公共活动,通过身份证/生物测量卡控制他们的生活,监控所有的电话和互联网使用。
As such they attract legitimate attention to all Anonymous sisters andbrothers in solidarity with #Op_Tibet
因此,他们吸引了所有与Op_Tibet团结一致的匿名兄弟姐妹的合法注意
Research, testing on these is needed for potential actions, while anydot-gov-dot-cn site are justified targets.
研究,测试这些是需要的潜在的行动,而任何点–政府–网站是合理的目标。
#Feb13 #TibetanIndependenceDay #anons4TIBET
我们可以看到这个主要是攻击目标和为什么会成为攻击目标,不知道这几个公司的网站有没有引起重视。
============================================================
b。第二个url
第二个内容比较多,我就不贴出来了。大概就是利用各种渗透测试工具对网站进行渗透。
=====================================
c。第三个url
内容:
Top Contenders For #Op_Tibet #February 2020
https://www.iflytek.com/IP Address: 42.62.43.138 [GEO-IP] Country: China [GEO-IP] State: [GEO-IP] City: [GEO-IP] Latitude: 34.7725 [GEO-IP] Longitude: 113.7266
Web Server: iflysec.Herald/1.1 IP address: 103.108.2.141CMS: Could Not DetectCloudflare: Not Detected
PORT STATE SERVICE21/tcp closed ftp22/tcp closed ssh23/tcp closed telnet80/tcp open http110/tcp open pop3143/tcp open imap443/tcp open https3389/tcp open ms-wbt-server
Checking http://www.iflytek.comGeneric Detection results:No WAF detected by the generic detection
——————————————————————–
http://www.capital.cimc.com
IP Address: 116.7.233.136 [GEO-IP] Country: China [GEO-IP] State: Guangdong [GEO-IP] City: Shenzhen [GEO-IP] Latitude: 22.5333 [GEO-IP] Longitude: 114.1333
Web Server: Apache IP address: 61.144.248.66CMS: Could Not DetectCloudflare: Not Detected
PORT STATE SERVICE21/tcp closed ftp22/tcp closed ssh23/tcp closed telnet80/tcp open http110/tcp closed pop3143/tcp closed imap443/tcp closed https3389/tcp closed ms-wbt-server
Generic Detection results:The site http://www.capital.cimc.com seems to be behind a WAF or some sort of security solution. Reason: Blocking is being done at connection/packet level.
————————————————————————–
http://www.wiseweb.com.cn/
Web Server: Microsoft-IIS/7.5IP address: 116.255.238.39CMS: Could Not DetectCloudflare: Not Detected
Generic Detection results: The site http://www.wiseweb.com.cn seems to be behind a WAF or some sort of security solution. Reason: The server header is different when an attack is detected.The server header for a normal response is "Microsoft-IIS/7.5", while the server header a response to an attack is "Microsoft-HTTPAPI/2.0."
这是对几个网站的信息收集包括:Web Server版本、IP地址、开放端口、有无WAF防护。
=====================================
2020.2.13会发生什么呢?
[ 此貼被afeee在2020-02-08 13:54重新編輯 ]
