Conventional WEB site intrusion methods

Web intrusion workflow:

Collect intelligence, remote attacks, remote logon, obtain WEBSHELL, obtain common user permissions, obtain super user permissions, leave backdoors, and clear logs. The main content includes target analysis, document retrieval, password cracking, log clearing, and other technologies.

1: 0 day.

2: known vulnerabilities

Including known WEB program vulnerabilities, service software vulnerabilities, operating system vulnerabilities, and EXP nday.

3: WEB application Upload Vulnerability

4: Injection Vulnerability

For programs with vulnerabilities, you can submit a piece of database query code to obtain data from abnormal users, such as the administrator ID, password, and account information, based on the results returned by the program. it even controls the database and intrude into the system through the database. this is SQL injection attacks SQLinjection ).

5: bypass (bypass)

When we intrude into a station, this station may be robust and impeccable. We can find a site with the same server as this station, and then use this Site for Elevation of Privilege, sniffing and other methods to intrude into the sites we want to intrude. A metaphor for the image. For example, you and I are safe on the first floor of my house, but your home is full of loopholes. Now there is a thief who wants to intrude into my house. He monitors my house (that is, scanning) if you find that there is nothing you can use, then this thief finds that it is easy for you to go to your home in the building of my house. He can first enter your home and then get the key of the entire building through your home (system permission) in this way, you will naturally get my key and you will be able to access my home (website)

6: COOKIE fraud

COOKIE records some of your information, such as IP address and name, sent by the website when you access the internet.
How to defraud? If we already know the XX station administrator's station number and MD5 password, but cannot crack the password, MD5 is a 16-bit encrypted password ). We can use COOKIE fraud to implement it, change our ID to the Administrator's, and change the MD5 password to another. Tools can modify the COOKIE so that we can answer the purpose of COOKIE fraud, the system thinks you are the administrator.

7: sniffer (arp)

If the target server is too powerful, you may use the previous methods to intrude into the machine in section C, and then use this machine to sniff the sensitive information of the target server, however, these two machines must be in the same domain. If they are in the same domain, they can also attack the target host through DNS spoofing, active, and passive session hijacking.

8: Social Engineering)

A mental trap, such as deception,
Social engineering usually uses conversation, deception, counterfeiting, or oral English to hide the secrets of a user's system from a valid user, such as a user name list, user password, and network structure.
In the future, a stranger MM will take the initiative to get close to you. You must be careful either when you are very handsome or if you are looking at your ideas.

1. WEB Development
2. Preventing webpage Trojan attacks starts from evaluating the security of WEB sites
3. Ten steps make you a good Web developer