Access database security attack and defense strategy
Source: Internet
Author: User
KeywordsSecurity
Foreword: The network is not absolutely safe, this is a classic famous saying, I also need not say more! Today we'll show you how to download an Access database and prevent Access databases from being downloaded. Attack: First, play your imagination, modify the database file name, theoretically not necessarily prevent the download to modify the database name, the purpose is to prevent us from guessing the database to be downloaded. But in case we guessed the database name, we can download it directly. So this does not guarantee that 100% cannot be downloaded. Guess the common way to solve the database is to write a program to guess the database name, to determine whether the Web returned 404 errors, if the submission of an MDB file, did not return 404 errors, then guessed right, the direct download. Of course, this has some limitations, because if the database name is very complex. Generates a lot of logs. The administrator may have discovered it earlier. And the time to guess the solution will become very long. Second: The database name suffix to ASA, ASP, and so on, may not be able to prevent the download of IIS in the Asp.dll processing. asp extension file, the content is not done any processing on the direct output, but the MDB file if there is no such an ASP symbol, We directly in IE to enter the URL returned in IE data, is the MDB file data, we directly use the software such as FlashGet can download, after downloading the renamed after this can be used. Third: The database name plus "#", must be able to prevent the download some people mistakenly think: "Simply add the name of the database file before the #, and then modify the database connection file (such as conn.asp) in the database address." The principle is that the download can only identify #号前名的部分, for the back of the automatic removal. "It's safer. This is only for ordinary people can not download. Because they do not know, also did not go to understand the technology of IE coding. In the code we use% 23来 to replace the # number. So if we have a database that is: http://www.xxx.com/data/#datapro. mdb we enter directly in IE: Http://www.xxx.com/data/%23datapro.mdb You can download: four: Encrypted database Some people believe that access to the database encryption, even if the database has no way to get any information inside. This is a wrong solution. After downloading, 2 seconds code to solve the database password. The encryption mechanism for Access databases is very fragile. After encryption, the database system forms an encrypted string by "XOR" the password entered by the user with a fixed key and stores it in the area where the *.mdb file starts at the address "&h42". Use the program can easily write the crack code. There are already programs on the Web. Now I recommend a relatively old, but very practical to crack the database password program: Accesskey.exe Five: weThe database path is obtained by making the script parse error with special requests. On the network, there are many people directly using the following code to connect the database, see: .... Db_path = "data/abcd1234!@ #1po. mdb" db_string = "Provider=Microsoft.Jet.OLEDB.4.0;Data source=" & Server.MapPath ( Db_path) Set Conn = Server.CreateObject ("ADODB. Connection ") Conn.Open db_string .... Database file name is also complex enough, with the program to crack, I think no one wants to try. We can all get a direct access to his database path like this. Because this method is too dangerous, there are few people who know this method. It's not to be announced here. Once published, do not know how many sites the database will be downloaded. Wait till later. So here I only provide temporary patches. Add a word on the Conn.Open db_string: on ERROR RESUME NEXT to solve the problem. Above we introduced how to download the database. Here I'll explain some ways to prevent the database from being downloaded. One, you are using a virtual host: First in your MDB file to build a table. The table takes a field named: Notdownload bar. Build a field in the table name. Fill in the field: Oh, and then renamed the database. ASP's. Why would you name it in fact = ' a '-1 here you can randomly enter as long as it is not the correct ASP statement on the line. Because it changes the extension to. When the ASP is entered in IE. Met him will explain the code between, let him explain it. Hehe will be wrong, so the database will never be downloaded correctly do you make it safe? Oh, it's not safe. We also have to add a # number before the database name. For example: #Data. asp the # Number here is not used to prevent downloads. The process of preventing downloads has been explained. When you have multiple MDB files, and put them in the same directory. such as: A website (for security reasons, not announced) the whole station system. If we guessed the location of the Administrator MDB file and got the SQL injection vulnerability from another system, we could take the approach of access across library queries. To get the records in the Administrator library. If we add the # number in front of the library name, even if you guessed it, we are not afraid to submit: SELECT * from D:\web\data\ #data. Asp.admin SQL query statement, the system prompts an error. Because # has the effect of representing a date in the SQL syntax. Syntax error will not go to execute query criteria. (hehe, there is still a loophole in this website I use access to cross library methods to attack successfully!) I think a safer database should be the # filename. ASP and the establishment of a temporary table, the table has a field input ASP code, so that the ASP can not be the correct explanation. Second, you use the host host ownership: This method of downloading is too good to do. Oh, put your database in a directory other than IIS. Kill me, and I can't. Like your Web directory in the D:\Web\WebSite directory. Then keep the database in the D:\Web\Data directory, of course, some of the current virtual host, but also provide a dedicated data directory. Third, the settings file can not be downloaded in IIS, the database on the right key properties. Settings file can not read the closing read this article do not know how you feel, I believe that only practice will be the truth. Responsible Editor Zhao Zhaoyi#51cto.com TEL: (010) 68476636-8001 to force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title party (0 Votes) passed (0 Votes) The original text: Access database Security defense strategy return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.