Yesterday I took a look at the website traffic statistics and found that in recent months, the number of visits to an article on the site about computer network viruses has remained high. Computer network viruses have always been a concern to many people, including our customers, and hackers too. Many users talk about being perverted. Some time ago, I saw an article that said: "Currently, website intrusion has become very simple, and the threshold is getting lower and lower. Anyone can just download the intrusion tool from the hacker website, that is, Can start intrusion", then today I will talk about my understanding of website intrusion!
We can see that most of the current websites are static, that is, the suffix is .htm or .html. However, dynamic websites can also be seen, such as php, jsp, asp, but that’s it. Dynamic websites have become the target of intrusion! Because if you want to invade those static websites, the probability of success is very low unless you directly get the server where the website is located, but this is not the scope of website intrusion technology; in fact, many times, with some simple measures, you can eliminate a large number of entry-level and junior hackers, and is already relatively safe for ordinary corporate websites. Then let me talk about the most commonly used website intrusion techniques:
Injection vulnerability: The first thing we want to talk about is of course the registration vulnerability. We know that this vulnerability is the most widely used and very lethal vulnerability. It can be said that Microsoft’s official website also has an injection vulnerability.
The reason for the injection vulnerability is that character filtering is not strictly prohibited, and the administrator's account password and other related information can be obtained. Nowadays, there are many tools that can be used to guess account passwords.
Upload vulnerability: Using the upload vulnerability, you can directly obtain WEBSHELL, which is also a common vulnerability. Website intruders will add /upfile.asp after the URL, which will display: The upload format is incorrect [re-upload]. Basically, there is a long-pass vulnerability. Find a tool that can upload (DOMAIN3.5) to get WEBSHELL directly; and WEBSHELL In fact, it is just a WEB permission. You need this permission to modify other people's homepages. However, if you go to a server with poor permission settings, you can get the highest permission through WEBSHELL.
Database hacking (that is, direct downloading to the database): It is not difficult to see that some novices download a free program directly from the Internet, upload it and use it directly, and this kind of website is the main target of being hacked; using the saying on the Internet That is, "you can get the database file by crossing the character. Once you get the database file, you will directly have the permissions of the front-end or back-end of the site";
When I was still in school, the teacher told me that in order to ensure data security, the website should conduct a database penetration test after it goes online. However, since I worked in a Shenzhen website construction company, I learned that this requires professional security. company! Unless you yourself or have such a strong technical person around you!
If you want to download such a program from the Internet, it is best to change the path, and the database file ends with asp. When downloading, replace asp with MDB. If it still cannot be downloaded, there is Maybe it’s anti-downloading!
As for side notes, simply speaking, the purpose of intrusion is achieved through curves. However, DOMIAN3.5 can detect intrusions such as injection, side notes, and uploads. As for COOKIE spoofing, it actually uses tools to modify cookies (ID, md5) to deceive the system. Think that you are an administrator, so as to achieve the purpose of intrusion!
[This article is original, please indicate the source for reprinting Shenzhen website construction http://www.eims.cc/ ]
Thanks to freegn for your contribution