2017-2018-2 20155309 South Core EXP8 Web Foundation Practice

Basic question Answer

(1) What is a form

Forms are primarily responsible for data collection functions in Web pages. There are three basic components of a form:

Form Labels: Here The bread contains the URL of the CGI program used to process the form data and the method by which the data is submitted to the server.

Form fields: Contains text boxes, password boxes, hidden fields, multiline text boxes, check boxes, radio boxes, drop-down selection boxes, file upload boxes, and so on.

(2) The browser can parse what language to run.
Html,css,javascript and other scripting languages

(3) What dynamic languages are supported by webserver
ASP language, PHP language and JSP language

Experimental process Recording

Apache

(i) Environment configuration

Apache is a Web server under Kali, which can be opened by accessing the IP address + port number + file name.

Enter vi /etc/apache2/ports.conf更改apache2 the listener port number of the command;

Enter the command to apachectl start open Apahce and use the netstat -aptn view port number to confirm that Apache is turned on correctly, as shown in:

Firefox input under Kali http://127.0.0.1:5309 can see the last experimental cloned Web page

(ii) Front-end programming

cd /var/www/html在/var/www/htmledit using the directorytest.html

In the time of the filing of this error, we follow the online to the mandatory disk.

After you open the Web page in Firefox, we will see a simple page of our own

2.Web Front End:
Javascipt Foundation

JavaScript, a web-based scripting language, has been widely used in Web application development and is often used to add a variety of dynamic features to a Web page, and all modern Web pages are written using Javascipt.

Typically, javascipt scripts are embedded in HTML to implement their own functionality.

Add the following code directly on the previous basis:

<script language="javascript">function check(Form){                 var Username =Form.user.value;                 var pwd =Form.pw.value;                  if((Username == "")||(pwd == ""))//如果用户名为空                  {                        alert("用户名或密码不能为空");                        return false;                  }  if (pwd.length > 16 || pwd.length < 6)  {    alert("密码长度应该在 6 - 16 位");    return false;  }  Form.submit();}</script>

And then we can see that the Web page becomes this form.

PHP test

To create a new PHP test file vi /var/www/html/test.php , enter the following

<?php    echo ($_GET["A"]);        include($_GET["A"]);    echo "php page 5309!<br>";?>

MySQL Basics

Openmysql/etc/init.d/mysql start

mysql -u root -pLog in as Root
After that will remind you to enter the password, but because it is used by the teacher's virtual machine, so we do not know the password, so we refer to the classmate's blog to find a solution.

Type to show databases; see basic information, be sure to add a semicolon oh, the database with a semicolon as the end of a statement.

Change the password, first select MySQL, type use mysql; , enter the update user set password=PASSWORD("新密码") where user=‘root‘; change password, to update flush privileges; .

Enter quit exit login, type again mysql -u root -p , test the new password right, OK, login successfully.

Build a database and build a table

First enter these two commands:

create database nhx1;

use nhx1；

Use the create table table name (field set list), set up a data table, a data table is a very important object in the database, a database may contain several data tables, use show tables; to view the existing data table:

create table nhx1table (userid VARCHAR(100),username VARCHAR(45),password VARCHAR(256),enabled VARCHAR(5));

To add content to a table:

insert into nhx1table(userid,username,password,enabled) values(1,‘20155309‘,‘123456‘,"TRUE");

Use the select * from 表名; data in the query table, * To query all parameter information, or to specify a parameter such as username to query.

Add new user gives all permissions, type grant all on nhx1.* to [email protected] identified by ‘20155309‘; , where Grant all gives all permissions, pc.* database PC all the tables, @localhost the MySQL server on the local computer, identfified by ' password ' to set the password.

Type mysql -u pc -p sign in with a new user, verify that the new user is successful, sign in successfully, and that the new user is successful.

Web backend: Writing PHP Web pages

In the above experiment, we have done the PHP test.

So we can directly write the code of the page

What we need to know here is that 127.0.0.1 is the IP root of the machine is the username, 20155309 is the password I set, nhx1 is the name of the database

Click Login

SQL injection

Enter in the User name input box, the ‘ or 1=1# password is entered randomly, this time the synthesized SQL query statement is
select * from lrttable where username=‘‘ or 1=1#‘ and password=‘‘

A forged user name and password can be inserted into the database via SQL injection.

First modify the back-end of the PHP code, the if ($result = $mysqli->query($query_str)) sentence is changed to if ($result = $mysqli->multi_query($query_str)) allow the execution of multiple SQL statements, so you can implement multiple SQL statements, and then enter in the User name input box ‘;insert into pc values(‘100‘,‘53‘,‘53‘,"true");# , enter a password, and then login, appear as follows.

Change PHP back, log in again with the newly inserted user, and log in successfully.

XSS attack

First, what is an XSS attack? XSS attacks, the cross site Scripting, are not confused with the abbreviation for Cascading style sheets (cascading style Sheets, CSS), which is a computer security vulnerability that often appears in Web applications. It allows malicious Web users to embed code into pages that are available to other users. For example, the code includes HTML code and client script. An attacker could bypass access control by using an XSS vulnerability-such as the Origin policy (same). This type of vulnerability is widely known as being used by hackers to write more damaging phishing attacks. For cross-site scripting attacks, the hacker consensus is that cross-site scripting attacks are a new type of "buffer overflow attack", and JavaScript is the new "ShellCode".

A total of three types:

1. A local exploit, a vulnerability that exists in the client script itself on the page. That is, a to B a link B opens a vulnerable HTML page that contains the JavaScript that is executed in the local domain of computer B.

2. Reflective vulnerability, which is similar to type A, unlike when Web clients use server-side script generation pages to provide data to users, if unauthenticated user data is included in the page without HTML entity encoding, the client code can be injected into the dynamic page. This will involve a site owner A and User B as well as hacker C.

3. Direct threats to the individual user, while type B and type C threaten to be enterprise-class Web applications. A storage vulnerability, which is the most widely used and potentially vulnerable to Web server security, that hackers upload an attack script to a Web server so that all users who access the page face the possibility of information disclosure, including the administrator of the Web server.

Type 1 directly threatens the individual user, while the objects of type 2 and 3 are enterprise-class Web applications.

Enter the user name input box to 1111</a> read the image under the/var/www/html directory, try a number of pictures, surf the internet to search, and can not get to the picture ....

I feel this is related to my own Kali machine.

Experimental experience

This experiment and Liu Nian teacher's curriculum can be said to be closely related, in the process of doing experiments, we can review the Java front-end knowledge, to tell the truth, in the process of doing, we can understand the knowledge of the last semester more in-depth, and the experiment is interesting to learn.

2017-2018-2 20155309 South Core EXP8 Web Foundation Practice