"Cyber Confrontation" EXP8 Web-based practice

20155336 "Cyber Confrontation" EXP8 Web Foundation Practice One, basic question answer

• 1. What are forms
  • A form is an area that contains form elements, which are elements that allow users to enter information in table consignments (such as text fields, drop-down lists, radio boxes, checkboxes, and so on), which are primarily responsible for data collection functions in a Web page, with three basic components: Form labels, form fields, form buttons;
• 2. Browser can parse what language to run
  • The common use of HTML, XML, and the PHP language, the JavaScript language, and the Python language are all involved in this experiment.
• What dynamic languages are supported by 3.WebServer
  • JavaScript, ASP, PHP, Ruby and other languages.

Second, the experimental process record

• 1.Web Front-end HTML
  • Enter command apachectl start to open APAHCE, but start open failed
  • I thought it might be that the port was occupied, and then I looked at the port occupancy and killed the port and tried to open it again. This is a success.
  • Enter in the browser, localhost:80 stating that our Apache works correctly:

  - 这里我有一个很大的疑问，因为上次实验我克隆的是谷歌的网址，但是这次输入localhost:80，却显示的是QQmail....，就是特别神奇，我不知道问题出在了哪里，不过同学告诉我说，这个应该没有什么大的问题~~~我也就继续往下做了

  • Enter the Apache working directory /var/www/html , create a new hgy.html file, and write an HTML that contains a form that allows you to enter a username and password to implement the login.
  • Open on the web is like this

  但是出现了乱码，百度了一下说是不能出现中文~~

• 2.Web Front End: Javascipt Basics

  • JavaScript, a web-based scripting language, has been widely used in Web application development and is often used to add a variety of dynamic features to a Web page, and all modern Web pages are written using Javascipt.
  • Typically, javascipt scripts are embedded in HTML to implement their own functionality.
  • Add the following code directly on the previous basis
  • And then you'll see the following effect

• 3.MySQL Foundation

  • Turn on MySQL/etc/init.d/mysql start
  • mysql -u root -pLog in as root. But because do not know the teacher's initial password, so just start unable to log in, and then through the query, in the MySQL folder, find the code document, add a line in skip-grant-tables it, and then restart the virtual machine, when entering the password, directly hit enter on it.
  • Use Show databases to view basic information:
  • Now, change the password.
    • use mysql;
    • select user, password, host from user;Displays user names, passwords, and permissions that are already in the MySQL library
    • UPDATE user SET password=PASSWORD("123456") WHERE user=‘root‘;Change the password of the user name root
    • flush privileges;Update permissions.
    • quitExit
    • Re-Loginmysql
  • Create a database and a new table. The command is as follows:
    • create databaseHgy;
    • useHgy;
  • Use create table 表名 (field set list), set up a data table, a data table is a very important object in the database, a database may contain several data tables, use show tables; to view the existing data table:
    • create table hgytable (userid VARCHAR(100),username VARCHAR(45),password VARCHAR(256),enabled VARCHAR(5));
  • To add content to a table:
    • Insert into hgytable (userid,username,password,enabled) VALUES (1, ' 20155336 ', ' 123456 ', "TRUE");
    • Insert into hgytable (userid,username,password,enabled) VALUES (2, ' qwer ' 123456 ', "TRUE");
  • Enter select * from Gyl; View the current information in the table:

• 4.Web Backend: PHP Web page

  • /var/www/htmlCreate a new hgu.php test file in the directory
  • After the simple test is complete, we begin to use PHP and MySQL combine the previously compiled login Web pages for simple user authentication, write hgy.php, and the code is as follows:

  - 127.0.0.1是本机地址;root是MySQL的用户名;123456是密码；HGY是数据库名称

  • Change the Action property of the form in the code of the previously compiled login page hgy.html from # to HGY.php , that is, jump to it after logging in HGY.php , and then enter localhost:80/hgy.html your login page in Firefox.
  • Enter the username and password in the table and login for user authentication.

• 5.SQL Injection
  • SQL injection, by inserting a SQL command into a Web form to submit or entering a query string for a domain name or page request, eventually achieves a malicious SQL command that deceives the server. Specifically, it is the ability to inject (malicious) SQL commands into the background database engine execution using existing applications, which can be obtained by entering (malicious) SQL statements in a Web form to a database on a Web site that has a security vulnerability, rather than executing the SQL statement as the designer intended. SQL injection is the execution of a malicious string entered by the user as an "SQL" statement
  • Enter the password in the User name input box and enter it ‘ or 1=1# randomly, this time the synthesized SQL query statement is select * from users where username=‘‘ or 1=1#‘ and password=md5(‘‘) because 1=1 is true, then must be boarded.
  • We can also save the user name and password in the database via SQL injection, but we need to modify the previous code, because if ($result = $mysqli->query($query_str)) this statement does not allow multiple SQL statements to execute in the previously compiled code, so it can be implemented to if ($result = $mysqli->multi_query($query_str)) execute multiple SQL statements.

  • We can also save the user name and password in the database via SQL injection, but we need to modify the previous code, because if ($result = $mysqli->query($query_str)) this statement does not allow multiple SQL statements to execute in the previously compiled code, so it can be implemented to if ($result = $mysqli->multi_query($query_str)) execute multiple SQL statements.

  • Enter in the User name box ‘;insert into hgytable values(‘3‘,‘5336‘,‘20155336‘,"TRUE");# in the database can directly insert a forged user name, password, the next time you can use a forged user name password to login to the site

• 6.XSS attack

  • XSS represents the Cross site Scripting (multi-site scripting attack), which controls user viewers by inserting malicious scripts. An attacker could bypass access control by using an XSS vulnerability-such as the Origin policy (same). This type of vulnerability is widely known as being used by hackers to write more damaging phishing attacks. For cross-site scripting attacks, the hacker consensus is that cross-site scripting attacks are a new type of "buffer overflow attack", and JavaScript is the new "ShellCode".

  • In the login user name entered: 5336</a> , read the /var/www/html picture under the directory, but just start permissions enough, display the picture failed, through the Feng Jia classmate's blog, sudo chmod 777 1.jpg let the picture get the highest permission, can be displayed in the Web page:

Three, the experiment summary and experience

本次实验难度个人感觉应该在网页的联通和测试上，代码是一项很大的问题，之前虽然有学过这个web前端的知识，但是也忘得差不多了，这次很多的问题都存在于代码的编写上，感觉了攻克了代码问题实验也就好解决许多了，借助了老师和同学的代码，很多问题仔细研究就会解决出来。就比如乱码的问题呀，还有图片显示不出来的原因呀，等等问题都会慢慢慢慢的解决，不过就是刚开始的那个跳转到QQmail的那个问题，我到现在都还没用解决，就觉得很神奇，查看了实验七我添加的网址里面，除了百度就是熊猫直播，我还把里面的邮箱网址删掉了，这边还是直接跳转到了邮箱的网页。。最最后~~~~真的好废眼睛...不过再坚持一下 实验总会一个个个个个个个个个个个个个个的做完，比较就剩最后一个实验了，马上就要say byebye惹。加油小虎子！！

"Cyber Confrontation" EXP8 Web-based practice