20155333 "Cyber Confrontation" EXP8 Web Foundation

20155333 "Cyber Confrontation" Exp8 the foundation of Web Foundation

(1) What is a form?

• Forms are primarily responsible for data collection functions in Web pages.
  There are three basic components of a form:
• Form labels, which contain the URL of the CGI program used to process the form data and how the data is submitted to the server.
• form fields, including text boxes, password boxes, hidden fields, multiline text boxes, check boxes, radio boxes, drop-down selection boxes, file upload boxes, and so on.
• form buttons, including the Submit button, reset button, and General button, are used to transfer data to CGI scripts on the server or to cancel input, and you can use form buttons to control other processing tasks that define the processing script.

(2) What language does the browser have to parse and run?

• Browser only understand HTML, CSS, JS and so on
  Other server-side dynamic scripts, such as PHP, JSP, and so on, the parsing work is done on the server. The browser can view the contents of PHP and other files because the server has a PHP parser, such as apache+php, when the browser requests a PHP file, the parser will be the PHP file logic processing and compiling, The compiled result is then converted into an HTML source to be sent to the browser for presentation.

(3) What dynamic languages does webserver support?

• PHP, ASP, NET, Java, Ruby and many other dynamic development languages.

  Practice Web Front End: HTML

  Using the sudo apt-get install apache2 Apache server installation

Installation Error!

Use ps -A | grep apt to see which processes are related to "apt" and show no processes.
Install againsudo apt-get install apache2

Installation is successful!
Use service apache2 start open Apache Service

Enter in Firefox 127.0.0.1:80 , display the Apache default webpage, the server is open normally

Using the cd /var/www/html working directory into Apache, vi form1.html create a new HTML file containing the form, and write a simple login page with the following code:

Open in Browser:

Web Front End: Javascipt

On form1.html basis, add a piece of JavaScript code to determine whether the user fills in the user name and password. The modified form3.html is as follows:

In browser access file:///var/www/html/form3.html , if you do not fill in the user name or password to submit, you will be prompted.

Web back end: MySQL Basics

Input to /etc/init.d/mysql start turn on MySQL service

Enter mysql -u root -p with root access, default password:password

Input update user set password=PASSWORD("新密码") where user=‘root‘; , change password

Input flush privileges; , update permissions

Exit the database and log back in with the new password

Use to create database 库名; build a database

Use show databases; to view existing databases

Using use 库名; a database created with use

Using the create table 表名 (字段设定列表); Build data table

Use show tables; to view existing data tables

Using insert into 表名 values(‘值1‘,‘值2‘,‘值3‘...); Insert Data

Working with select * from 表名; data in a query table

Use grant select,insert,update,delete on 数据库.* to 用户名@登录主机(可以是localhost,也可以是远程登录方式的IP) identified by "密码"; to add new users to MySQL

Sign out with a new user name and password after adding new users

Login success, instructions to increase the success of new users!

Web backend: Writing PHP Web pages

/var/www/htmlCreate a new PHP test file in the directory test.php and get a quick look at some of its syntax

<?phpecho ($_GET["a"]);include($_GET["a"]);echo "This is huan php test page!<br>";?>

Enter in the browser to localhost:80/lzw_test.php?a=/etc/passwd see the contents of the/etc/passwd file

Using PHP and MySQL in conjunction with the previous compiled login page for simple user authentication, the modified login.php code is as follows:

<?php$uname=$_POST["username"];$pwd=$_POST["password"];echo $uname;$query_str="SELECT * FROM form3 where username=‘$uname‘ and password=‘$pwd‘;";$mysqli = new mysqli("127.0.0.1", "huan", "20155333", "huan");/* check connection */if ($mysqli->connect_errno) {    printf("Connect failed: %s\n", $mysqli->connect_error);    exit();}echo "connection ok!";/* Select queries return a resultset */if ($result = $mysqli->query($query_str)) {    if ($result->num_rows > 0 ){            echo "<br> Welcome login Mr/Mrs:{$uname} <br> ";    }     else {        echo "<br> login failed!!!! <br> " ; }    /* free result set */    $result->close();}$mysqli->close();?>

Enter your login page in the browser and localhost:80/form3.html enter username and password in the table for user authentication.

SQL injection, XSS attack SQL injection

In the User name input box input ‘ or 1=1# , password arbitrary input, can login success

This is because the input user name and code in the combination of the SELECT statement to become select * from users where username=‘‘ or 1=1#‘ and password=‘‘ , #相当于注释符, will be the following comments out, and 1=1 is always true, this condition forever, regardless of whether the password is entered correctly, can be successfully landed.

XSS attack

Put a picture in the /var/www/html directory, enter the user name input box, the password is arbitrary, you can read the picture.

Practice Summary and experience

The experiment was done quite well (presumably the virtual machine looked at it as a second-to-last experiment), probably because I had learned about Web programming and database-related knowledge, so it was not as difficult as I thought. Also remind us not to think that the knowledge learned after the test is useless, they may be used in the new curriculum.

20155333 "Cyber Confrontation" EXP8 Web Foundation