20145234 Huangfei "Network countermeasure Technology" Experiment VIII, Web Foundation

Apache

• Start apachectl start Apach by command and use the netstat -aptn command to view port occupancy:

• Because the port number 80 is already occupied (the last time the experiment was set), the first modification /etc/apache2/ports.conf of the ports in 5234 after the re-open:

• Can be entered in the browser localhost：5234 to check whether the normal open, here you can see the last experiment opened the Web page, turn on normal:

A simple form page

• Write a page with a form in/var/www/html, where the last experiment webpage is located:

• Open in the browser localhost:5234/5234.html (color can check the color of your favorite colors to write in):

• Click Submit will submit the form to the specified page, because the PHP file has not yet been written, so the page cannot be found after submission:

Javascript

• Related concepts: JavaScript is a widely used scripting language for client Web development, often used to add dynamic functionality to HTML pages, such as responding to user actions.
• Document Object model, or DOM, is the standard programming interface recommended by the organization to handle extensible flag languages.
• Write a rule that validates the user name and password: (for example, the user name and password cannot be empty)

PHP test

• PHP, a nested abbreviated name, is an abbreviation for the English Super Text preprocessing language (Php:hypertext preprocessor). PHP is an HTML embedded language, PHP and Microsoft's ASP quite a bit similar, is a server-side implementation of embedded HTML document scripting language, language style has similar to C language, is now widely used by many web site programmers.

• A simple PHP test code:

• Open localhost:5234/5234php.php :

Mysql

• To /etc/init.d/mysql start Open the MySQL service with a command
• Input mysql -u root -p , and follow the prompts to enter the password, the default password is [email protected], into MySQL:

• You can use commands to show databases； View information (semicolons cannot be omitted, semicolons represent the end of a command):

• If you want to change your password, you can:
  • Input use mysql; , select MySQL Database
  • Input select user, password, host from user; , user names, passwords, and permissions are stored in the users table in the MySQL library
  • inputUPDATE user SET password=PASSWORD("新密码") WHERE user=‘root‘;
  • Input flush privileges; , update permissions
  • Input quit exit

• Log in again to find that the password has been modified successfully

Create a new table

• Use the following two commands to create a new table:

CREATESCHEMA' Name of the library table ';CREATETABLE' Name of the library table '.' Users ' (' UserID 'IntNotNullCOMMENT ', ' username ' varchar () NULL COMMENT ', ' password ' varchar (  null COMMENT ", ' enabled ' VARCHAR (5) null COMMENT ", PRIMARY  KEY (' userid ') COMMENT ');             

• Add content to the table:

use 刚刚建立的库表的表名

insert into users(userid,username,password,enabled) values(1,‘用户id‘,password("用户密码"),"TRUE");

• Now look at the information to see the new table:

Php+mysql Writing Web pages

• Landing page of the Web page:

• To implement a PHP page linked to a database:

• Web interface:

• Enter login information and log in successfully:

• If the error message is unsuccessful:

SQL injection

• SQL is a query statement, you can implement the database to increase, delete, change, check and other operations, is the direct means of manipulating database data, but the SQL statement is flawed, according to the SQL in the previous writing process can be realized, when entering some specific format of the string, will use the syntax to avoid some checks, This is usually called a "universal password."

Get Permissions

• In the User name input box, enter the ‘ or 1=1# password casually, this time the SQL query statement after the synthesis, select * from info where usrname=‘‘ or 1=1#‘ and password=‘‘ and type=‘‘ #相当于注释符, will be the back of the comments out, and 1=1 is always true, so this condition is sure to set up, so can successfully login:

• As long as you understand the SQL statement query syntax or Internet search, you can find a lot of such a universal password

Add Permissions:

• Save the user name password to the database via SQL injection:‘;insert into users(userid,username,password,enabled) values(5234,‘huangyunguang‘,password("20145234"),"TRUE");#

• Log in again, enter a new account, log in successfully

XSS attack

• XSS attacks: Cross Site scripting attacks (Scripting), which are not confused with the abbreviations of cascading style sheets (cascading style Sheets, CSS). Therefore, the cross-site scripting attack is abbreviated as XSS. XSS is a computer security vulnerability that often appears in web applications, allowing malicious Web users to embed code into pages that are available to other users. For example, the code includes HTML code and client script. An attacker could bypass access control by using an XSS vulnerability-such as the Origin policy (same). This type of vulnerability is widely known as being used by hackers to write more damaging phishing attacks. For cross-site scripting attacks, the hacker consensus is that cross-site scripting attacks are a new type of "buffer overflow attack", and JavaScript is the new "ShellCode".

• Input 20145234</a> to read the picture in the Web directory:

The picture is a bit problematic to show, but there is still a picture icon

Session Management

This step didn't work out.

20145234 Huangfei "Network countermeasure Technology" Experiment VIII, Web Foundation