tailieunhanh - Hacking Exposed ™ Web 2.0 phần 2
Cuốn sách này sẽ không đầy đủ mà không thảo luận về một số cuộc tấn công tiêm cũ phổ biến, chẳng hạn như SQL injection và tiêm lệnh, và các vấn đề tiêm mới hơn, chẳng hạn như tiêm Các cuộc tấn công tiêm dựa trên một vấn đề duy nhất tồn tại trong nhiều công nghệ: cụ thể là, | This page intentionally left blank Copyright 2008 by The McGraw-Hill Companies. Click here for terms of use. 4 Hacking Exposed Web Injection attacks were around long before Web existed and they are still amazingly common to find. This book would be incomplete without discussing some older common injection attacks such as SQL injection and command injection and newer injection issues such as XPath injection. HOW INJECTION ATTACKS WORK Injection attacks are based on a single problem that persists in many technologies namely no strict separation exists between program instructions and user data also referred to as user input . This problem allows for attackers to sneak program instructions into places where the developer expected only benign data. By sneaking in program instructions the attacker can instruct the program to perform actions of the attacker s choosing. To perform an injection attack the attacker attempts to place data that is interpreted as instructions in common inputs. A successful attack requires three elements Identifying the technology that the web application is running. Injection attacks are heavily dependent on the programming language or hardware possessing the problem. This can be accomplished with some reconnaissance or by simply trying all common injection attacks. To identify technologies an attacker can look at web page footers view error pages view page source code and use tools such as nessus nmap THC-amap and others. Identifying all possible user inputs. Some user input is obvious such as HTML forms. However an attacker can interact with a web application in many ways. An attacker can manipulate hidden HTML form inputs HTTP headers such as cookies and even backend Asynchronous JavaScript and XML AJAX requests that are not seen by end users. Essentially all data within every HTTP GET and POST should be considered user input. To help identify all possible user inputs to a web application you can use a web proxy such as WebScarab .
đang nạp các trang xem trước