|
ÀÁÐÀÊÀÄÀÁÐÀ (Òîæå ñàìîå íî â ÷èòàåìîì âèäå)
Î,pjh yfb,jktt gjgekzhys[ fnfr yf cjdhtvtyyst CMS.
Ñeotcndetn ytcrjkmrj nbgjd fnfr yf cbcntvs eghfdktybz cjlth;bvsv.
Âj-gthds[, fnfre.obq vj;tn jceotcndbnm vjlbabrfwb. cnhjrb pfghjcfv nfrbv j,hfpjv, xnj,s dspdfnm SQL-injectionbkb PHP-including. Ïjxnb lkz dct[ CMSdjpvj;yjcnm htfkbpfwbb PHP-including gjkyjcnm. bcrk.xftncz. Îlyfrj htfkbpfwbz SQL-injectiondjpvj;yf dj vyjub[ ckexfz[.
Âj-dnjhs[, d rf;ljq CMSbvttncz vjlekm, gjpdjkz.obq jcnfdbnm rfre.-kb,j byajhvfwb. yf cfqnt. Çltcm djpvj;yj j,jqnb ghjdthrb ddtl¸yyjq byajhvfwbb b jge,kbrjdfnm yf cfqnt cgtwbfkmysq rjl, ntv cfvsv htfkbpjdfd XSSfnfre.
Òfr;t ceotcnde.n ezpdbvjcnb, cdzpfyyst c hfpuhfybxtybtv ghfd flvbybcnhfnjhjd hfpkbxyjuj ehjdyz ljcnegf.
Ànfrb SQL-injection
Ïht;lt dctuj jghtltkbv, d xtv pfrk.xftncz cenm fnfrb nbgf SQL injection . Ê ghbvthe, yf fnfretvjv cthdtht cnjbn cktle.obq PHP-crhbgn, rjnjhsq yf jcyjdt gjkz category_id ltkftn ds,jhre pfujkjdrjd cnfntq bp nf,kbws articles b dsdjlbn b[ gjkmpjdfntk.:
//gjlrk.xftvczr MySQL
mysql_connect($dbhost, $dbuname, $dbpass) or die(mysql_error());
mysql_select_db($dbname) or die(mysql_error());
$cid=$_GET["cid"];
$result=mysql_query("SELECT article_id, article_title FROM articles where category_id=$cid"); // <- ezpdbvsqpfghjc
while( $out = mysql_fetch_array( $result)):
echo "Ñnfnmz: ".$out[`article_id`]." ".$out[`article_title`]."
";
endwhile;
//dsdjlbv htpekmnfn d dblt cgbcrf
 gthtdjlt c zpsrf MySQL pfghjc pdexbn nfr: "ds,hfnm bl_cnfntq, pfujkjdrb_cnfntq bp nf,kbws_cnfntq ult bl_rfntujhbb hfdyj $cid". Íf gthdsq dpukzl dct dthyj, gj ccskrt nbgf http://serv.com/read.php?cid=3 crhbgn hf,jnftn yjhvfkmyj b dsdjlbn gjkmpjdfntk. cgbcjr cnfntq, ghbyflkt;fob[ rfntujhbb 3.
Íj rfrbt djpvj;yjcnb 'nj lf¸n pkjevsiktyybre? Îyvj;tncltkftnpfghjchttp://serv.com/read.php?cid=3` (bvtyyjcrfdsxrjq) bgjkexbnxnj-njdhjlt: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /usr/local/apache/htdocs/read.php on line 14.
Ïjcvjnhbv, xnj pfghjcbk PHP e MySQL. Ïthtvtyyfz $cid hfdyf 1`, njulf pfghjc ghbybvftn ytdthysq c njxrb phtybz MySQL dbl: SELECT article_id, article_title FROM articles where category_id=1`. Ïhb cbynfrcbxtcrjq jib,rt d pfghjct MySQL jndtxftn cnhjrjq "ERROR 1064: You have an error in your SQL syntax...". PHP yt vj;tn hfcgjpyfnm 'njn jndtn b cjj,oftn j, jib,rt, yf jcyjdt rjnjhjq [frth vj;tn celbnm j ghbcencndbb ezpdbvjcnb nbgf SQL Injection. Îxtdblyj, xnj pkjevsiktyybr gjkexbn djpvj;yjcnm pflfdfnm gthtvtyyjq $cid k.,st pyfxtybz ($cid=$_GET[cid]) b, cktljdfntkmyj, vjlbabwbhjdfnm pfghjc r MySQL. Ífghbvth, tckb $cid ,eltn hfdyf "1 OR 1" (,tp rfdsxtr d yfxfkt b d rjywt), nj MySQL dslfcn dct pfgbcb, ytpfdbcbvj jn category_id, nfr rfr pfghjc ,eltn bvtnm dbl (..) where category_id=1 OR 1. Òj tcnm kb,j category_id = 1 (gjljqlen kbim pfgbcb c category_id, hfdysvb 1), kb,j 1 (gjljqlen dct pfgbcb, nfr rfr xbckj ,jkmit yekz - dctulf bcnbyf).
Òjkmrj xnj jgbcfyyst ltqcndbz rfr hfp b yfpsdf.ncz SQL Injection - bymtrwbz SQL-rjlf d pfghjc crhbgnf r MySQL. Ñ gjvjom. SQL Injection pkjevsiktyybr vj;tn gjkexbnm ljcneg r ntv lfyysv, r rjnjhsv bvttn ljcneg ezpdbvsq crhbgn: gfhjkb r pfrhsnjq xfcnb cfqnf, byajhvfwbz j rhtlbnys[ rfhnf[, gfhjkm r flvbybcnhfnjhcrjve hfpltke b n.l.. Ànfre.obq vj;tn gjkexbn djpvj;yjcnm dsgjkyznm rjvfyls yf cthdtht.
Êkfccbxtcrbq ghbvth ezpdbvjcnb nbgf SQLInjection- cktle.obq pfghjc: SELECT * FROMadminsWHERElogin=`$login` ANDpassword=MD5(`$password`).
Äjgecnbv, jy ,eltn ghjdthznm gjlkbyyjcnm ddtltyys[ htrdbpbnjd lkz d[jlf d flvbybcnhfnjhcre. xfcnm ajhevf. Ïthtvtyyst $login b $password zdkz.ncz kjubyjv b gfhjktv cjjndtncndtyyj, b gjkmpjdfntkm ddjlbn b[ d HTML-ajhve. PHP gjcskftn hfccvfnhbdftvsq pfghjc b ghjdthztn: tckb rjkbxtcndj djpdhfotyys[ jn MySQL pfgbctq ,jkmit yekz, nj flvbybcnhfnjh c nfrbvb htrdbpbnfvb ceotcndetn, f gjkmpjdfntkm fdnjhbpetncz, tckb byfxt (nfrb[ pfgbctq ytn b kjuby/gfhjkm ytdthyst) - gjkmpjdfntkz yfghfdzn yf fsb.ru.
Êfr dpkjvobr bcgjkmpetn SQL Injection d 'njv ckexft? Çkjevsiktyybre nht,etncz, xnj,s MySQL dthyek PHP-crhbgne [jnz ,s jlye pfgbcm. Çyfxbn, ytj,[jlbvj vjlbabwbhjdfnm pfghjc nfr, xnj,s ds,bhfkbcm dct pfgbcb nf,kbws ytpfdbcbvj jn ghfdbkmyjcnb ddtltyys[ htrdbpbnjd. Ècgjkmpetv ghbywbg "OR 1". Êhjvt njuj, d MySQL, rfr b d k.,jv zpsrt, ceotcnde.n rjvvtynfhbb. Êjvvtynfhbb j,jpyfxf.ncz kb,j --rjvvtynfhbq (rjvvtynfhbq d rjywt cnhjrb), kb,j /*rjvvtynfhbq*/ (rjvvtynfhbq ult eujlyj). Ïhbxtv tckb dnjhjq nbg rjvvtynfhbz cnjbn d rjywt cnhjrb, pfrhsdf.obq pyfr `*/` ytj,zpfntkty. Ènfr, dpkjvobr ddtltn d rfxtcndt kjubyf cnhjre anyword` OR 1/*, f d rfxtcndt gfhjkz - anyword2. Òjulfpfghjcghbybvftnnfrjqdbl: SELECT * FROM admins WHERE login=`anyword` OR 1/* AND password=MD5(`anyword2`). Â htpekmnfnt MySQL dthytn dct pfgbcb bp nf,kbws admins lf;t ytpfdbcbvj jn njuj, ceotcndetn flvby c kjubyjv anyword bkb ytn, b crhbgn ghjgecnbn [frthf d flvbyre. Òfrfz ezpdbvjcnm ,skf j,yfhe;tyf, yfghbvth, d Advanced Guestbook. Îyf gjpdjkzkf djqnb d flvbybcnhfnjhcre. xfcnm yt pyfz gfhjkz b dyenhb ytt xbnfnm afqks. Íj SQL Injection 'njuj nbgf j,sxyj yt gjpdjkz.n pkjevsiktyybre gjkexbnm lfyyst bp nf,kbws.
Ànfrb XSS
Ózpdbvjcnm, nbgf XSS, djpybrftn d nt[ cbnefwbz[, rjulf lfyyst ddtltyyst gjkmpjdfntktv dsdjlzncz ,tp yflkt;fotq abkmnhfwbb d ntrcnt cutythbhjdfyyjuj html ljrevtynf.
Ê ghbvthe, vj;tn ,snm cbnefwbz, rjulf lfyyst, jnghfdktyyst jlybv gjkmpjdfntktv ,tp abkmnhfwbb dsdjlzncz lheubv gjkmpjdfntkzv. Òbgbxyjq cbcntvjq nfrjuj hjlf zdkz.ncz xfns, ajhevs, hfpkbxyst cbcntvs eghfdktybz.
Ânjhsv dfhbfynjv ezpdbvjcnb, zdkztncz cbnefwbz, rjulf xfcnm HTTP GET pfghjcf dsdjlbncz yf 'njq ;t html cnhfybwt njve ;t gjkmpjdfntk. ,tp yflkt;fotq abkmnhfwbb. Êfr ghfdbkj – 'nj cbnefwbb, rjulf ,tp yflkt;fotq abkmnhfwbb dsdjlbncz bltynbabrfnjh ctccbb bkb lheubt GET gfhfvtnhs. Òtgthm hfccvjnhbv ytrjnjhst cbnefwbb, rjulf ezpdbvjcnm jncencndetn d zdyjv dblt.
Ïhtlcnfdbv ct,t cbcntve, yfghbvth, ajhev, d rjnjhjv d cjj,otybz rfrbv kb,j j,hfpjv vj;yj dcnfdkznm bpj,hf;tybz cj cnjhjyyb[ cfqnjd. Òfr, yfghbvth, yf vyjub[ ajhevf[, dcnfdbnm bpj,hf;tybt vj;yj bcgjkmpez rjycnherwb. [IMG]http://site/image[/IMG]. Îxtdblyj, xnj d nfrjv ckexft, ,hfepth rf;ljuj xtkjdtrf, gjctnbdituj cnhfybwe c nfrbv cjj,otybtv, ,eltn pfghfibdfnm lfyyjt bpj,hf;tybt c erfpfyyjuj cfqnf, tckb rjytxyj, 'nj hfphtityj d yfcnhjqrf[.
Òtgthm hfccvjnhbv djpvj;yjcnm njuj, xnj dvtcnj bpj,hf;tybt yf[jlbnmcz ytrjnjhsq crhbgn [IMG]http://site/image.php[/IMG], rjnjhsq ltkftn cktle.ott
1. cj[hfyztn byajhvfwb. j pfghjct
2. dsdjlbn pfujkjdjr: Content-type: image/jpeg (lkz JPEG bpj,hf;tybz)
3. dsdjlbn cjlth;fybt bpj,hf;tybz.
Óxbnsdfz, xnj d ,jkmibycndt ckexftd d rfxtcndt gjkz HTTP-REFERER, HTTP pfghjcf ghb pfghjct rfhnbyjr, ,hfepth jncskftn URL ljrevtynf, yf rjnjhjv dcnfdktyf rfhnbyrf, nj ghb gjvjob crhbgnf vj;yj cj,hfnm cktle.obt lfyyst.
1. IP flhtc (drk.xfz pfujkjdrb X-FORWARDED_FOR b ng.)
2. Êf;le. cnhfybwe, gjctotyye. rf;lsv gjkmpjdfntktv (ghb eckjdbb, xnj yf ytq bvttncz ccskrf yf lfyyjt bpj,hf;tybt)
3. Ïjkt User-Agent gjkmpjdfntkz.
Ífdthyjt, htpekmnfnbdytt dctuj lkz c,jhf cnfnbcnbrb d ,jkmibycndt ajhevjd, nfrjq URL bpj,hf;tybz, cktletn pflfnm d rfxtcndt URL fdfnfhf. Ìj;yj ,s ,skj ghtlgjkj;bnm, xnj lkz njuj, xnj,s bcrk.xbnm nfre. djpvj;yjcnm, yf cthdtht vj;yj hfphtibnm hfpvtotybt njkmrj bpj,hf;tybq, bvt.ob[ cjjndtncnde.ott hfcibhtybt afqkf - .jpg bkb njkmrj .gif. Îlyfrj gjkmpjdfntkm vj;tn yfcnhjbnm HTTP cthdth nfrb j,hfpjv, xnj,s afqks .jpg r ghbvthe, nj;t cxbnfkbcm b j,hf,fnsdfkbcm rfr PHP crhbgns. Ájktt njuj, PHP vj;tn ,snm crjyabuehbhjdfy nfrbv j,hfpjv, xnj ybrfrfz byajhvfwbz j, bynthghtnfnjht PHP yt gjcskfkfcm d pfujkjdrt HTTP jndtnf. Òfrbv j,hfpjv, gjlj,ysq c,jh cnfnbcnbrb vj;tn ,snm htfkbpjdfy f,cjk.nyj ghjphfxyj lkz cthdthf b rkbtynjd.
Íbrfrbvb vtnjlfvb ytdjpvj;yj epyfnm, bvttn vtcnj gjlj,ysq c,jh cnfnbcnbrb bkb ytn.
Êjytxyj, dc. 'ne byajhvfwbz vj;yj cj,hfn b bp kjujd HTTP cthdthf, yf rjnjhjv yf[jlbncz nfrjt “bpj,hf;tybt”, yj dtltybt kjujd d crhbgnt ,jktt elj,yj.
Ïhtlgjkj;bv, xnj d ytrjnjhjq cbcntvt (ajhevt), hfphtityj drk.xfnm rfrbv kb,j j,hfpjv d cjj,otybz rfhnbyrb cj cnjhjyyb[ cthdthjd. Êf;lsq hfp, rjulf rf;lsq gjkmpjdfntkm jnrhsdftn html cnhfybwe c nfrbv cjj,otybtv, tuj ,hfepth ltkftn pfghjc yf cthdth, rjnjhsq vj;tn rjynhjkbhjdfnmcz [frthjv, c wtkm. gjkextybz ntkf bpj,hf;tybz. Òtgthm ghtlcnfdbv ct,t cbnefwb., xnj yf nfrjq pfghjc, cthdth jndtnbk nht,jdfybtv fdnjhbpfwbb. Â nfrjq cbnefwbb, ,hfepth pfghjcbn e rf;ljuj jnrhsdf.otuj 'ne cnhfybwe gfhjkm. Ájktt njuj, yflgbcm d jrjirt ddjlf gfhjkz vj;tn ,snm ghjbpdjkmyjq b pflftncz [frthjv. Ífghbvth, nfv vj;tn ,snm yfgbcfyj j c,jt fdnjhbpfwbb, b ghjxbt ahfps, cjplfybt rjnjhs[ jnyjcbncz e;t r cjwbfkmyjq by;tythbb. Åckb gjkmpjdfntkm ddtltn d 'njv jrjirt cdjb bvz b gfhjkm, nj 'nb lfyyst ,elen jnghfdktys yf cthdth, rjynhjkbhetvsq [frthjv. Ñrhbgn, utythbhe.obq 'njn pfujkjdjr b ghbybvf.obq lfyyst vj;tn ghb gjdnjhyjv pfghjct (jnckt;bdftncz gj ip), dthyenm cjlth;bvjt bpj,hf;tybt, ,tp jndtnf j ytelfxyjq fdnjhbpfwbb. Òfrbv j,hfpjv, gjckt njuj, rfr gjkmpjdfntkm ddtltn bvz b gfhjkm, cnhfybwf jnrhjtncz d j,sxyjv dblt. Ïjckt jnghfdrb cjj,otybz, cthdth vj;tn pfghfibdfnm c elfktyyjuj cthdthf dct bpj,hf;tybz, bvt.obtcz d ljrevtynt, b jcnfdkznm b[ d cjj,otybb, njkmrj tckb jyb ltqcndbntkmyj ,elen zdkznmcz ghfdbkmysvb bpj,hf;tybzvb, b djpdhfofnmcz c rjljv 200. Îlyfrj, yfgflf.obq cvj;tn kturj jnkbxbnm pfghjc cthdthf (gj ip flhtce, dhtvtyb pfghjcf b ng.), b djpdhfnbnm cthdthe ghfdbkmyjt cjlth;fybt bpj,hf;tybz.
Àyfkjubxyj, vj;yj gjkyjcnm. crhsnm, xnj yf cnjhjyt cthdthf hf,jnftn crhbgn.
Íf 'nfgt lj,fdktybt cjj,otybz, cthdthe ytdjpvj;yj epyfnm, lj,fdktyj yjhvfkmyjt bpj,hf;tybt, bkb ytn. Ýnj yfgfltybt vj;tn ,snm bcgjkmpjdfyj rfr lkz gjgsnrb rhf;b htrdbpbnjd ljcnegf r cbcntvt gjkmpjdfntkz, nfr b lkz 'ktvtynfhyjuj pfnhelytybz hf,jns c cbcntvjq ktubnbvys[ gjkmpjdfntktq.
Åckb gjkmpjdfntkm bvttn djpvj;yjcnm lj,fdbnm d ntrcn cjj,otybz bpj,hf;tybt cj cnjhjyytuj cfqnf, rjnjhjt ,eltn ljcnegyj dctv, jnrhsdf.obv 'ne html cnhfybwe, nj cnfyjdbncz djpvj;ysv htfkbpjdfnm DDOS fnfre. Äjgecnbv, d nhtnmtv cfqnt, bvttncz ezpdbvjcnm – ytrjnjhsq ljrevtyn ghb ytrjnjhs[ gfhfvtnhf[ gjnht,kztn ckbirjv vyjuj cbcntvys[ htcehcjd. Â gthde. jxthtlm bvttncz d dble bvt. ddble SQL by]trwb., c djpvj;yjcnm. dytlhtybz benchmark() aeyrwbb, nfrbv j,hfpjv, xnj jlby pfghjc cbkmyj yfuhepbn ezpdbvsq cthdth. Î, ezpdbvjcnb nbgf SQL by]trwbz b d njv xbckt j, bcgjkmpjdfybb aeyrwbb benchmark d SQL pfghjct lkz ghjdtltybz DOS fnfrb, hfccrfpfyj d 'njq cnfnmt http://www.securitylab.ru/45438.html
Ðfpvtofz d hfccvfnhbdftvjv ajhevt (ghtlgjkfuftv, xnj jy bvttn ,jkmie. gjctoftvjcnm), ,jkmijt rjkbxtcndj cjj,otybq, cjlth;fob[ bpj,hf;tybz c URL yf cfvjv ltkt 'rcgkefnbhe.obt ezpdbvjcnm d nhtnmtv cfqnt. Ýnjn vtnjl fnfrb, yf gthdsq dpukzl rf;tncz yt 'aatrnbdysv gj ytcrjkmrbv ghbxbyfv. Ít dj dct[ ckexfz[ elfcncz gjcnfdbnm nfrjq URL d rfxtcndt ccskrb yf bpj,hf;tybt gj njq ghbxbyt, xnj hfpkbxyst abkmnhs yt cthdtht vjuen pf,kjrbhjdfnm ckj;ysq URL.
Ìfkj dthjznyj, xnj pf vfksq ghjvt;enjr dhtvtyb elfcncz hfpvtcnbnm ,jkmijt rjkbxtcndj nfrb[ cjj,otybq.
Åckb pkjevsiktyybr jcnfdkztn ,jkmijt rjkbxtcndj cjj,otybq yf xfcnj gjctoftvs[ ajhevf[, c ccskrjq yf bpj,hf;tybt, yf[jlzottcz yf rjynhjkbhetvjv bv cthdtht. Ëexit dctuj lkz nfrb[ wtktq gjl[jlbn ccskrf yf fdfnfh. Ïjckt njuj, rfr yfrjgktyf pyfxbntkmyfz ,fpf nfrb[ cjj,otybq, crhbgn, hfytt, djpdhfof.obq cjlth;bvjt bpj,hf;tybz, cnfytn djpdhfofnm pfujkjdjr HTTP jndtnf 301 – moved, c erfpfyysv d Location pfujkjdrt URL, 'rcgkefnbhe.obv ezpdbvjcnm d nhtnmtv cfqnt. Êjytxyj, c 'njuj vjvtynf, bpj,hf;tybt jnrhsdfnmcz yt ,eltn. Íj, rf;lsq gjctnbntkm, jnrhsdf.obq k.,e. cnhfybwe c nfrbv bpj,hf;tybtv ,eltn exfcndjdfnm d DDOS fnfrt yf nfrjq crhbgn.
 pfdbcbvjcnb jn yfrjgktyyjq ,fps nfrb[ cjj,otybq, b vjoyjcnb nhtnmtuj cthdthf, htpekmnfn vj;tn ,snm rfr pyfxbntkmyjt njhvj;tybt cthdthf nfr b gjkyjq ds[jl bp cnhjz cthdthf yf gthbjl fnfrb bkb lj bcghfdktybz ezpdbvjcnb.
Òtgthm hfccvjnhbv lheue. cbnefwb.. Ê ghbvthe, d ytrjnjhjq cbcntvt (ajhevt), ytrjnjhsvb vtnjlfvb d rf;ljv cjj,otybb vj;yj jcnfdbnm ccskre ( …a> ), yf ghjbpdjkmysq URL.
Òfr, yfghbvth, vj;tn bcgjkmpjdfnmcz cktle.obt rjycnherwbb [URL=…]…[/URL]. Çyfxtybt URL yf[jlbncz d ldjqys[ rfdsxrf[, dct jgfcyst cbvdjks, nfrbt, rfr rfdsxrb, pyfrb ,jkmit vtymit, abkmnhe.ncz, gthtl dcnfdrjq pyfxtybz d rfxtcndt URL. Ífghbvth, lkz dsdjlf cj,cndtyyj URL ccskrb b ntrcnf ccskrb bcgjkmpetncz aeyrwbz yfgjlj,bt aeyrwbb PHP htmlspecialchars(). Òfrbv j,hfpjv, ds,hfnmcz pf ghtltks fnhb,enf href, ytdjpvj;yj. È ytdjpvj;yj bpvtybnm htfrwbb yf cj,snbz OnMouseClick bkb OnMouseOver. Äheubvb ckjdfvb, rfpfkjcm ,s, ezpdbvjcnm jncencndetn. Îlyfrj cktle.obq rjl gjrfpsdftn j,hfnyjt:
[URL=javascript:alert(document.dookie)]click me[/URL]
Ýnjnrjlrjydthnbhetnczd:
click me
Äfktt, ghb rkbrt yf 'ne ccskre, rfr yb cnhfyyj, dsgjkybnmcz dytlhtyysq JavaScript rjl. Ájktt njuj, dsgjkybnmcz jy d rjyntrcnt “ytezpdbvjuj” cfqnf, xnj dktxtn pf cj,jq dct ytghbznyjcnb ezpdbvjcnb XSS.
 xfcnyjcnb, 'nj vj;tn bcgjkmpjdfnmcz lkz rhf;b cookies wtktdjuj gjkmpjdfntkz.
Äkz njuj, xnj,s j,jqnb, djpvj;yj ghbcencnde.obt yf cthdtht vt[fybpvs abkmnhfwbb, [frth vj;tn bcgjkmpjdfnm ytrjnjhjt ghbtvs. Ífghbvth, ghj,tks d JavaScript rjlt, vjuen pfvtybnmcz yf gjcktljdfntkmyjcnb /**/. À jn bcgjkmpjdfybz rfdsxtr cgfctn aeyrwbz string.fromCharCode(), rjnjhfz ghbybvftn rjls cbvdjkjd b djpdhfoftn cnhjre. Äkz bcrk.xtybz 'njq ezpdbvjcnb ljcnfnjxyj abkmnhjdfnm ckjdj script d URL ccskrb.
Âthytvcz r cbnefwbb, c djpvj;yjcnm. dytlhtybz bpj,hf;tybq d cjj,otybz.
Äjgecnbv, lkz dsgjkytybz ytrjnjhs[ ltqcndbq flvbybcnhfnjhjv cbcntvs bkb vjlthfnjhjv, ghjbc[jlbn gtht[jl gj ytrjnjhjq ccskrt. Òfr, yfghbvth, ljgecnbv, lkz elfktybz cjj,otybz, flvbybcnhfnjhe ytj,[jlbvj rkbryenm yf ccskre nbgf http://site/forum/delete-post.php?id=12345, ult 12345 – 'nj bltynbabrfnjh cjj,otybz. Òtgthm ghtlcnfdbv ct,t cbnefwb., xnj [frth jcnfdbn yf ajhevt cjj,otybt c bpj,hf;tybtv, bvt.obv bvtyyj nfrjq URL. Ðtpekmnfnjv ,eltn nj, xnj rfr njkmrj flvbybcnhfnjh ghjxbnftn 'nj cjj,otybt, tuj ,hfepth cltkftn pfghjc r lfyyjve URL, b, d njv xbckt, gthtlfcn dct fentynbabrfwbjyyst lfyyst (COOKIE) yf cthdth. Ïhtlgjkfuftncz, xnj flvbybcnhfnjh d vjvtyn ghjxntybz nfrjuj cjj,otybz (yfghbvth, jnghfdktyyst tve ghbdfnysv gjcskmysv), fentynbabwbhjdfy yf ajhevt. Â htpekmnfnt, wtktdjt cjj,otybt ,eltn elfktyj, ytpfvtnyj lkz flvbybcnhfnjhf. Äjgecnbv, d htpekmnfnt rfrjq kb,j abkmnhfwbb, d cjj,otybz[ yf ajhevt ytdjpvj;yj dcnfdkznm bpj,hf;tybz c nfrbv URL. Òjulf pkjevsiktyybre gjvj;tn ghb¸v c Location.
Ífgflf.otve ljcnfnjxyj ,eltn dcnfdbnm d cjj,otybt bpj,hf;tybt, yf[jlzottcz yf rjynhjkbhetvjv cfqnt. Êjynhjkbhetvsq yfgflf.obv cthdth ghb pfghjct lfyyjuj bpj,hf;tybz ljk;ty jndtnbnm pfujkjdrjv 301 (bkb 302) moved, c Location gjktv, cj pyfxtybtv wtktdsv URL = http://site/forum/delete-post.php?id=12345.
 htpekmnfnt, ghb pfghjct 'njuj bpj,hf;tybz, ,hfepth flvbybcnhfnjhf j,hfnbnmcz gj lfyyjve URL ghjphfxyj lkz flvbybcnhfnjhf ,eltn dsgjkytyj ytrjnjhjt ltqcndbt. Êfr b hfytt, yfgflf.obq vj;tn gjkyjcnm. crhsnm afrn dsgjkytybz crhbgnjd yf cthdtht, b, rhjvt njuj, k.,st abkmnhs djpvj;yj ghbcencnde.obt d cbcntvt (ajhevt), vjuen ,snm ghjqltys erfpfyysv cgjcj,jv. Ájktt njuj, ghjcvfnhbdfz URL bpj,hf;tybz (d cdjqcndf[ bpj,hf;tybz d ,hfeptht), flvbybcnhfnjhf yt pfvtnbn ybxtuj elbdbntkmyjuj. URL vj;tn ltqcndbntkmyj dsukflbnm rfr URL j,sxyjuj bpj,hf;tybz.
È, rhjvt njuj, tckb d cbcntvt ghtlecvjnhtys vtnjls rjynhjkz, b, lkz dsgjkytybz ltqcndbq flvbybcnhfnjhjv, ytj,[jlbvj, xnj,s HTTP REFERER, gthtlfyysq ,hfepthjv ghbyflkt;fk ajheve, nj b 'nf ghjdthrf j,[jlbncz fdnjvfnbxtcrb. Ätkj d njv, xnj ghb pfghjct bpj,hf;tybz, hfcgjkj;tyyjuj yf cfqnt, cthdthe yf rjnjhjv hfcgjkj;tyj bpj,hf;tybt gthtlftncz HTTP_REFERER hfdysq URL-e cnhfybws c bpj,hf;tybtv. À ghb gtht[jlt gj Location, c pfujkjdrjv 301 (302) Moved, HTTP-REFERER cj[hfyztncz. Âybvfybt. Ê gjlj,yjve nbge fnfrb ezpdbvs ÂÑÅ cbcntvs (ajhevs, xfns), hfphtif.obt dcnfdre d cjj,otybz bpj,hf;tybq cj cnjhjyyb[ cfqnjd, d ckexft, tckb lkz dsgjkytybz ytrjnjhs[ ltqcndbq flvbybcnhfnjhjv (vjlthfnjhjv), [dfnbn ghjcnjuj HTTP GET pfghjcf.
Òtgthm hfccvjnhbv ,jktt ckj;ye. cbnefwb.. Äkz dsgjkytybz ytrjnjhs[ ltqcndbq flvbybcnhfnjhjv ytj,[jlbvj jnghfdbnm HTTP POST pfghjc. Ïhbvthjv vj;tn cke;bnm jnghfdrf cjj,otybz jn bvtyb flvbybcnhfnjhf, kb,j lheubt ltqcndbz dgkjnm lj gthtdjlf jghtltktyys[ gjkmpjdfntktq vt;le uheggfvb b yfltktybz b[ ghbdbktubzvb flvbybcnhfnjhf.
Õfrth vj;tn hfpvtcnbnm ccskre ([URL=xxx]yyy[/URL]) yf ytrjnjhjt bpj,hf;tybt bkb URL, c wtkm. pfvfybnm flvbybcnhfnjhf gj erfpfyyjve URL. Ífghbvth, URL vj;tn ,snm gj[j; yf flhtc rfhnbyrb (*.jpg), xnj,s yt dspdfnm ljgjkybntkmys[ gjljphtybq e flvbybcnhfnjhf. Ïhb gtht[jlt gj 'njve URL, flvbybcnhfnjhe vj;tn dsdjlbnmcz ajhvf cj crhsnsvb gjkzvb, cjlth;fofz dct ytj,[jlbvst lfyyst, b jnghfdkznmcz vtnjlfvb JavaScript fdnjvfnbxtcrb gjckt pfuheprb. Äkz gjdtltybz crhsnjq fnfrb, ajhvf vj;tn yf[jlbncz d iframe j,]trnt, rjnjhsq d cdj. jxthtlm yf[jlbncz d ytdblbvjv ckjt. Â nj dhtvz, rfr d dblbvjq xfcnb cnhfybws ltqcndbntkmyj vj;tn hfcgjkfufnmcz rfrjt kb,j bpj,hf;tybt. Îgbcfyyst djpvj;yjcnb zdkz.ncz jxtym jgfcysvb gj ytcrjkmrbv ghbxbyfv.
1) ceotcndetn juhjvyjt rjkbxtcndj ghjlernjd, ezpdbvs[ r nfrjuj hjlf fnfrfv
2) fnfrf jxtym kturj jceotcndbvf
3) fnfrf vj;tn ,snm ghjdtltyf ytpfvtnyj lkz flvbybcnhfnjhf
4) fnfrf vj;tn ,snm ghjdtltyf c vbybvfkmysvb dpfbvjltqcndbzvb c flvbybcnhfnjhjv (vjlthfnjhjv) cbcntvs.
Äkz pfobns jn gjlj,yjuj hjlf fnfr htrjvtyletncz rf;lsq hfp, lkz dct[ lfyys[, jnghfdktyys[ yf ajhevt, lj,fdkznm r ybv bltynbabrfnjh ctccbb bkb tuj [ti, c gjcktle.otq ghjdthrjq yf cthdtht. Åckb ccskrb b cjlth;fybt ajhv ,elen bvtnm ytghtlcrfpetvsq dbl, nj 'nj cltkftn ghjdtltybt nfrb[ fnfr dtcmvf vfkjdthjznysv.
dpznj c http://www.altweb-cms.ru/hackingcms/ |
|
