20155208 Xu Zihan Web Foundation of Network countermeasure technology
Experimental requirements
- Web front-end HTML
- Web Front End Javascipt
- Web backend: MySQL Foundation: normal installation, start MySQL, build library, create user, change password, build table
- Web backend: Writing PHP Web pages, connecting databases, authenticating users
- The simplest SQL injection, XSS attack test
Basic question Answer
(1) What is a form
A form is an area that contains form elements, which are elements that allow users to enter information in table consignments (such as text fields, drop-down lists, radio boxes, checkboxes, and so on), which are primarily responsible for data collection functions in a Web page, with three basic components: Form labels, form fields, form buttons;
(2) The browser can parse what language to run.
Support for HTML, XML, PHP, JavaScript, ASP and many other scripting languages.
(3) What dynamic languages are supported by webserver
Support JavaScript, ASP, PHP, Ruby and other scripting languages
Practice begins
To the second most exciting moment of the countdown, we started the countdown to the second time practice.
Install and launch Apache
If you have Apache in your Kali, then we need to reinstall a wave: Installation instructionssudo apt-get install apache2
Once installed, use the instructions to apachectl start
open it
Then look at the port usage:
Default Listener port 80 (I didn't make a change)
Then write an HTML that contains the form as the front-end login page:
Here I first wrote a simple front-end, to test the effect, if need to adjust, we then make corrections, the effect is as follows:
- Web Front end: Javascipt Basics
This is what we want to modify before the front end, to restrict the user login must enter the user name and password:
The effect is as follows:
- MySQL's various operations
To make changes to the database, you first need to open MySQL,
Enter /etc/init.d/mysql start
open mysql
service.
Then enter mysql -u root -p
, log in as root, enter the password as prompted, the default password is password, and go to MySQL:
The password can be modified: input use mysql;
, select MySQL database, input update user set password=PASSWORD("20155208") where user=‘root‘;
, change the password, (note that in MySQL all instructions are to end with a semicolon.) )
Then enter the flush privileges;
update permissions.
You can then enter show databases;
to view the permissions:
Enter the name of the create database
library, and create a database.
Input use 库名;
to use the database you just created:
Then using the create table 表名 (字段设定列表);
build data table, you can show tables;
view the established data table by entering the command
Use insert into 表名 values(‘第一个值‘,‘第二个值‘,‘第三个值‘...);
Insert data, use select * from 表名;
data from a query table:
If you want to add a new user, you can grant select,insert,update,delete on 数据库.* to 用户名@登录主机 identified by "密码";
use this command
- The establishment of back-end PHP
Start with PHP installation
sudo apt-get install php
After installation in the/var/www/html directory to create a new PHP test file, you can write a simple, before you modify:
Open PHP effects in the browser
We then make changes so that we can do more:
<?php$uname=($_GET["username"]);$pwd=($_GET["password"]);echo $uname; $query_str="SELECT * FROM xzhtable where username=‘$uname‘ and password=‘$pwd‘;";/* echo "<br> {$query_str} <br>";*/$mysqli = new mysqli("127.0.0.1", "xzh", "20155208", "xzh");/* check connection */if ($mysqli->connect_errno) { printf("Connect failed: %s\n", $mysqli->connect_error); exit();}echo "connection ok!";/* Select queries return a resultset */if ($result = $mysqli->query($query_str)) { if ($result->num_rows > 0 ){ echo "<br> Welcome login Mr/Mrs:{$uname} <br> "; } else { echo "<br> login failed!!!! <br> " ; } /* free result set */ $result->close();}$mysqli->close();?>
Then change the action in the front end to back.php
An error has occurred:
Got a half-day, did not fix, finally in Zhang Xu classmate's help, re-established a database of users, finally solved the problem:
- Implementation of SQL injection
Background statement: SELECT username,password FROM users WHERE username=‘‘ and password=(‘‘)
to be changed to select username,password from users where username=‘‘ or 1=1#‘ and password=(‘‘)
, (case is not required) in the User name box ‘or 1=1#
, enter the password, you can see the success of the login:
Because, #相当于注释符, will be the back of the content is commented out, and 1=1 is always true, so this condition is definitely established, so will log on successfully.
The XSS is also called the CSS (cross site script), which is an attack by the site. It refers to a malicious attacker inserting malicious HTML code into a Web page, and when the user browses to the page, HTML code embedded inside the web is executed for a malicious, special purpose.
In the User name input box, enter the
image to read the/var/www/html directory (this photo is prepared before), if the picture is not loaded, we first want to elevate the permissions:
OK, got my favorite durant!!!
Experimental experienceThe experiment in the middle of a mistake, resolved for a long time, a few times did not solve, finally only with the help of the students to solve the problem, it must be serious research, to fight for their own can help others.
20155208 Xu Zihan Web Foundation of Network countermeasure technology