Attack | data | database | The number one killer of a script Vulnerability-the database download Vulnerability-is now known to more and more people. In the era of rapid updating of information technology, the loopholes are followed by various coping strategies, such as changing the suffix of the database, modifying the name of the database and so on. Many people think that as long as this can solve the problem, but the fact is often not as you wish, even if you do so will not escape the fate of the master attack. Therefore, we need to understand some of the methods of attack, to enhance their security skills.
1. Force download of a database file with a suffix named ASP and ASA
Most of the network management in order to save time, the site of the article System, forum, and other programs are directly downloaded from someone else's source program after a partial modification after use. And now many people do the ASP source program has the database suffix from the original MDB to ASP or ASA. It would have been a good thing, but in a society where the information was so inflated, the old ways had been limited in time. For ASP or ASA suffix of the database files, hackers as long as they know where they are stored, can easily be downloaded with the download software such as thunder. Figure 1 that the author uses the Thunderbolt to download the database file (note that the database suffix is ASP).
Figure 1
2. Fatal symbol--#
Many network administrators think that adding a # number in front of the database can prevent the database from being downloaded. Yes, I also thought IE was unable to download the file with the # number (ie will automatically ignore the content behind the # number). But "Chengye, Shenya," We forget that Web pages can be accessed not only through common methods, but also by using IE's coding techniques.
In IE, each character corresponds to an encoding, the encoder%23 can replace the # number. So we can still download a database file that has only modified the suffix and added the # number. For example, #data.mdb for the files we want to download, as long as we enter%23data.mdb in the browser can use IE to download the database file, thus, #号防御手段就形同虚设一般 (Figure 2).
Figure 2
3. Breaking Access encrypted database is a breeze
Some network administrators like to encrypt an Access database, thinking that it will require a password to open it even if the hacker gets the database. But the opposite is true, because Access's encryption algorithm is too fragile, so hackers just go to the internet to find a crack Access database password software, not a few seconds to get the password. There are a lot of such software online, such as accesskey.
4. Instantaneous kill--data Bauku technology
The database Bauku technology itself should be a part of the scripting hole, because it has played a pivotal role in the database download loophole, and if you are careful, the reader will find that the above techniques are assumed to be implemented with the knowledge of the database name. But most of the time we can not know the name of the database, then we may feel very frustrated, feel that can not go on, but the advent of database Bauku technology not only to sweep our frustration, but also let us really put the previous technology to use.
Many people use ASP to write data connection files, always write this (conn.asp):
......
db= "Data/rds_dbd32rfd213fg.mdb"
Set conn = Server.CreateObject ("ADODB. Connection ")
Connstr= "Provider=Microsoft.Jet.OLEDB.4.0;Data source=" & Server.MapPath (DB)
Conn. Open ConnStr
function CloseDatabase
Conn.close
Set conn = Nothing
......
This statement seems to feel no problem, and the name of the database is very strange, if there is no database Bauku technology we can guess that the probability of such a database name is almost zero. But it's such a short statement that hides infinite information. It can be said that most of the online procedures exist this loophole. We just have the address bar in the data connection file conn.asp (generally this) before the/%5c replacement can burst into the location of the database, the next thing should not need me to say? There is nothing you can do without your brains.