2017-2018-2 20155228 "Network countermeasure Technology" experiment Eight: Web Foundation

2017-2018-2 20155228 "Network countermeasure Technology" experiment Eight: Web Foundation 1. Practice Content 1.1 Web front-end HTML

Can install normally, start and stop Apache. Understand the HTML, understand the form, understand the get and post methods, and write an HTML containing the form.

1.2 Web front End Javascipt

Understand the basic JavaScript functionality and understand the DOM. Write JavaScript to verify the user name, password rules.

1.3 Web backend: MySQL Foundation: normal installation, start MySQL, build library, create user, change password, build table 1.4 Web backend: Write PHP Web page, connect database, perform user authentication 1.5 simplest SQL injection, XSS attack test

Function Description: User can login, login user name password saved in the database, login successfully display welcome page.

2. Basic question Answer 2.1 what is the form 2.2 browser can parse to run what language. 2.3 webserver supports which dynamic language 3. Practice summary and Experience 4. The practice process records the installation and use of 4.1 Apache

sudo apt-get install apache2//安装Apache2service apache2 start//启动Apache2服务gedit /etc/apache2/port.conf//编辑apache的端口配置文件

Open the port.conf file, and change the port number 80 after listen to 5228 to prevent the other processes from forming ports conflict, save exit

service apache2 restart//重启Apache2服务netstat -aptn//查看端口使用情况

cd /var/www/html//进入apache2的工作目录gedit test.txt//新建名为test的txt文件

Open a Test.txt file and write a little Something

welcome back,20155228!

Save exit

Open Browser input

127.0.0.1:5228/test.txt

You can see what you wrote before in Test.txt.

4.2 Front-end programming

Requirements: Write a simple Web page that contains a form, output the user name, password, and then submit

4.2.1 using Gedit to create a new file named login.html

4.2.2 using Gedit to create a new file named Marqueeeffect.css

div.GeneralDiv{        position:absolute;        overflow: hidden;            left:0;        top:0;        width:1366px;        height:640px; }div.Backgorund{        position: absolute;        width:100%;        height:100%;        z-index:-1;}div.Symbol{       position:absolute;       z-index:1;       left:0px;        top:0px; }div.Form{       position:absolute;       z-index:1;       left:800px;        top:200px;                width:360px;        height:240px;       background:#00ffff;       border:8px solid #000000;        color:#ffffff;              }

4.2.3 using Gedit to create a new file named Marqueeeffect.js

window.onload = function(){        var _box1 = document.getElementById("backgorund1");        var _box2 = document.getElementById("backgorund2");        var x = 0;        var y = 0;        var fun = function(){            _box1.style.left = x + ‘px‘;            _box2.style.left = x+1366+‘px‘;            x--;            y++;             if((x+1366) == 0){                x = 0;            }                                    if((y-1366) == 0){                y = 0;            }        }               setInterval(fun,40);    }

Note: These three files are to be saved in the /var/www/html directory, if you want to put in other directories, the corresponding adjustment login.html in the ScriptSrc andLinkHref

Open Browser input

http://127.0.0.1:5228/login.html

You can see the login screen

4.3 Back-end programming PHP4.3.1 PHP installation and testing

sudo apt-get install php//安装phpcd /var/www/html//进入apache2的工作目录gedit test.php//新建名为test的php文件

Open a test.php file and write a little Something

<?phpinclude($_GET["a"]);echo "<br>hello,this is /var/www/html/test.php<br>";?>

Save exit

Open a Test.txt file and change the content to

hello,this is /var/www/html/text.txt!

Save exit

Open Browser input

127.0.0.1:5228/test.php?a=/var/www/html/text.txt

You can see what you wrote earlier in test.php and Test.txt.

4.4 Database MySQL test and use

/etc/init.d/mysql start//启动mysqlmysql -u root -p//以名为root的用户的身份登录数据库[email protected]//输入用户root的默认密码

use mysql;//进入名为mysql的数据库，注意有分号select user, password, host from user;//在名为user的数据表中搜索所有user，password，host信息UPDATE user SET password=PASSWORD("123456") WHERE user=‘root‘;//重新设置名为root的用户的密码为123456flush privileges;//更新权限使修改生效quit;//退出mysqlmysql -u root –p//重新以名为root的用户的身份登录数据库123456//输入用户root的新密码

CREATE SCHEMA `database5228`;//新建一个名为database5228的数据库CREATE TABLE `database5228`.`users` (`userid` INT NOT NULL COMMENT ‘‘,`username` VARCHAR(45) NULL COMMENT ‘‘,`password` VARCHAR(256) NULL COMMENT ‘‘,`enabled` VARCHAR(5) NULL COMMENT ‘‘,PRIMARY KEY (`userid`) COMMENT ‘‘);//在数据库database5228新建一个名为user的数据表，每一条记录的内容有userid、username、password、enabled，设置主键为useridinsert into users(userid,username,password,enabled) values(1,‘20155228‘,password("123"),"TRUE");//在数据表database5228中插入一条记录userid为1、username为20155228、password为123、enabled为true

Note that this step is very important! Ignoring this step will result in the inability to connect to the database after logging in
Note that this step is very important! Ignoring this step will result in the inability to connect to the database after logging in
Note that this step is very important! Ignoring this step will result in the inability to connect to the database after logging in

grant all privileges on *.* to ‘root‘@‘localhost‘ identified by ‘123456‘ with grant option;//设置授权

4.5 Web Programming 4.5.1 using Gedit to create a new file named login.php

<?php$uname=$_GET[‘username‘];$pwd=$_GET[‘password‘];$query_str="SELECT * FROM users WHERE username=‘{$uname}‘ and password=password(‘{$pwd}‘);";$mysqli = new mysqli("127.0.0.1", "root", "123456", "database5228");/* check connection */if ($mysqli->connect_errno) {    printf("Connect failed: %s\n", $mysqli->connect_error);    exit();}echo "Connect to server successfully,please wait for a moment";/* Select queries return a resultset */if ($result = $mysqli->query($query_str)){        if ($result->num_rows > 0 ){                header("Refresh:1;url=welcome.html");        } else {                header("Refresh:1;url=failed.html");}    /* free result set */    $result->close();}$mysqli->close();?>

4.5.2 using Gedit to create a new file named welcome.html

4.5.3 using Gedit to create a new file named failed.html

Open Browser input

http://127.0.0.1:5228/login.html

You can see the login screen

User password Enter the correct interface

User Password input Incorrect interface

It is worth mentioning that the link can be set back to the login screen

4.5 SQL injection and XSS attack 4.5.1 SQL injection

Enter the following in the user name input box of the login screen, enter the contents of the Password input box freely

‘ or 1=1#

The content entered in the User name input box is sent to the background to execute the database query by placing the following statement

$query_str="SELECT * FROM users WHERE username=‘{$uname}‘ and password=password(‘{$pwd}‘);";

The input ‘ or 1=1# statement gets

select * from users where username=‘‘ or 1=1#‘ and password=md5(‘‘)‘ and password=password(‘{$pwd}‘);";

Note # represents what follows the comment

select * from users where username=‘‘ or 1=1

Because the 1=1 is always true, the verification of the account password will always result in a successful return.

4.5.1 XSS attack

To better reflect the effect, modify it before the attack login.php

<?php$uname=$_GET[‘username‘];$pwd=$_GET[‘password‘];echo $uname;$query_str="SELECT * FROM users WHERE username=‘{$uname}‘ and password=password(‘{$pwd}‘);";$mysqli = new mysqli("127.0.0.1", "root", "123456", "database5228");/* check connection */if ($mysqli->connect_errno) {    printf("Connect failed: %s\n", $mysqli->connect_error);    exit();}echo "Connect to server successfully";/* Select queries return a resultset */if ($result = $mysqli->query($query_str)) {        if ($result->num_rows > 0 ){                echo "<br> Wellcome login Mr/Mrs:{$uname} <br> ";        } else {                echo "<br> login failed <br> " ; }    /* free result set */    $result->close();}$mysqli->close();?>

User Password input Incorrect interface

Enter the following in the user name input box of the login screen, enter the contents of the Password input box freely

2015228</a>

The content entered in the User name input box is assigned to uname and then printed.

$uname=$_GET[‘username‘];echo $uname;

The input 2015228</a> statement gets

echo 2015228</a>

Will cause Background.jpg to be printed.

2017-2018-2 20155228 "Network countermeasure Technology" experiment Eight: Web Foundation