Teach you how to see if a Web site has a vulnerability!!!
Loopholes
Recently, many websites have been attacked by various kinds of attacks, the motives of hackers are different, the target of hacker attacks is also uncertain, as a corporate network management, or CEO are you worried about your site also suffered the same fate?
What kind of site is easily hacked?
Some people say, I am a low-key point, do not offend people, naturally no one black me. In fact, even if you do not have competitors to hire people to black you, there will be curious or practice techniques of boring hackers want to invade your station to explore the real.
So, what kind of station is easy to be hacked. Not a bad person's station, but a flawed website.
Whether your station is a dynamic site, such as ASP, PHP, JSP this form of site, or static site, there is the possibility of intrusion.
Is there a loophole in your website? How do I know if your website has a loophole?
Ordinary hackers mainly through the upload of loopholes, Bauku, injection, side-note and several other ways to invade nearly 70% of the site. Of course, there is a higher level of intrusion, some hackers to find an intrusion point and follow up a website for several months. Let's focus on these easily hacked sites first.
1. Upload Vulnerability
This vulnerability in the DVBBS6.0 era by hackers to use the most rampant, the use of upload vulnerabilities can be directly webshell, the threat level is super high, now the intrusion is also a common vulnerability to upload vulnerabilities.
Vulnerability Explanation:
In the address bar of the site after the URL plus/upfile.asp if the display upload format is incorrect [re-upload] Such words 80% is an upload vulnerability to find a tool can be uploaded directly can get Webshell.
Tool Description:
Upload Tool, Veteran's upload tool, DOMAIN3.5, both software can achieve the purpose of uploading, with NC can also be submitted.
Expert troubleshoot:
What is Webshell? Many people do not understand, here is simple to say, in fact, Webshell is not anything esoteric, is a web of permissions, can manage the Web, modify the content of the page, such as permissions, but there is no special high permissions, (this look at the administrator's settings) general modification of other people's homepage most of them need this permission, Contact the Web Trojan friends may know (such as the veteran's webmaster Assistant is the Web Mumahaiyang 2006 is also a Web Trojan) We upload the vulnerability of the final transmission is this thing, sometimes encountered the right to set a bad server can be webshell to get the highest permissions.
Expert reminder:
Most of the site's programs are on the basis of public programs modified, there will always be loopholes in the program. Smart webmaster should learn to master the above tools, and constantly focus on the latest vulnerabilities of their Web applications. and use the above tools to self-detect to ensure that the site security.
2, Bauku:
Many sites have this vulnerability to exploit. Very dangerous!
Vulnerability Explanation:
Bauku is the commit character to get the database file, got the database file hacker directly has the site of the foreground or the background permission. For example, a station address is http://www. xxx.com/dispbbs.asp?boardid=7&id=161, hackers can put Com/dispbbs in the middle of/change to%5c, if there is a loophole directly to get the absolute path of the database, with thunder what download down can be. Another way is to take advantage of the default database path http://www.xxx.com/followed by conn.asp. If you do not modify the default database path, you can also get the path to the database (note: here/also change to%5c).
Expert troubleshoot:
Why switch to%5c: Because in ASCII/equals%5c, sometimes the database name/#abc is encountered. Why can't the MDB? Here need to change the # to%23 can be downloaded, why I burst out of the database file is to. What should I do when ASP ends? This can be downloaded at the time of the download. The ASP is replaced by an. MDB so that it can be downloaded if it is not yet possible to download the anti-download.
Expert reminder:
Databases are always the most interesting thing for hackers. Database security is not a comprehensive consideration for every programmer when it comes to programming. should be on-line, to find a professional security company testing database penetration testing to ensure database security.
3. Injection vulnerability:
This loophole is now the most widely used, the damage is also a big loophole, it can be said that Microsoft's official website is also an injection of loopholes.
Vulnerability Explanation:
Injection vulnerability is caused by the character filter is not strictly prohibited, you can get the administrator's account password and other relevant information.
Expert troubleshoot:
Let me introduce how to find a loophole such as this URL http://www.xxx.com/dispbbs.asp?boardid=7&id=161 After the end of the id= number of stations we can manually add a and 1=1 to see if the normal page is displayed plus A and 1 = two see if the return to normal page description is not a vulnerability if the return error page describes an injection vulnerability. If Add and 1=1 return error page description also no loopholes, know the site there is no loophole I can use the door
Tool Description:
Can be hand-guessed can also use tools now more tools (NBSI NDSI AH D domain, etc.) can be used to guess the account password, suggest you use tools, manual comparison cumbersome.
Expert reminder:
The web site of a large company should be conducted by a senior programmer who understands security programming, and after the development is on-line, a specialist company should be asked to conduct security testing. To ensure that the program is safe and reliable!
4. Side note:
We invade a station may be strong and invulnerable to this station, we can find and this station the same server site, and then use this site with power, sniffing and other methods to invade the site we want to invade. Make an image metaphor, such as you and I are neighbors, my home is very safe, and your home, but it is easy to go in to steal things. Now there is a thief want to invade my home, he to my home to do the exploration, casing, found it difficult to enter my home, then this thief found your home and my family is a neighbor, through your home can easily into my home. He can enter your home first and then enter my home through your balcony.
Reprint teaches you how to see if a website has a loophole!