09 2020 档案
摘要:#JavaScript Attacks (前端攻击) The attacks in this section are designed to help you learn about how JavaScript is used in the browser and how it can be ma
阅读全文
摘要:#Insecure CAPTCHA (不安全的验证流程) A CAPTCHA is a program that can tell whether its user is a human or a computer. You've probably seen them - colourful ima
阅读全文
摘要:#CSP Bypass(CSP 绕过) Content Security Policy (CSP) is used to define where scripts and other resources can be loaded or executed from. This module will
阅读全文
摘要:#Weak Session IDs (弱会话) Knowledge of a session ID is often the only thing required to access a site as a specific user after they have logged in, if t
阅读全文
摘要:#Cross Site Request Forgery (CSRF) CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they are curren
阅读全文
摘要:#XSS(Stored) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign a
阅读全文
摘要:#XSS(Reflected) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benig
阅读全文
摘要:#XSS(DOM) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and
阅读全文
摘要:#SQL Injection (Blind) When an attacker executes SQL injection attacks, sometimes the server responds with error messages from the database server com
阅读全文
摘要:#SQL Injection (SQL 注入) A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the applicati
阅读全文
摘要:#File Upload(文件上传) Uploaded files represent a significant risk to web applications. The first step in many attacks is to get some code to the system t
阅读全文
摘要:#File Inclusion(文件包含) Some web applications allow the user to specify input that is used directly into file streams or allows the user to upload files
阅读全文
摘要:#Command Injection (指令注入) The purpose of the command injection attack is to inject and execute commands specified by the attacker in the vulnerable ap
阅读全文
摘要:#Brute Force (爆破) Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A co
阅读全文
摘要:#Git 源码泄露 开发人员会使用 git 进行版本控制,对站点自动部署。但如果配置不当,可能会将 .git 文件夹直接部署到线上环境,这就引起了 git 泄露漏洞,我们可以利用这个漏洞直接获得网页源码。 ##确定是否存在泄漏 想要确定是否存在这个漏洞,可以通过以下方式。首先是看看有没有提示醒目地指
阅读全文
摘要:#登录框 打开网页是个登录框,首先要先根据这个网页的情景走一遍,判断是否是 SQL 注入。 现在是不能登录的,也就是说我们要先注册个账号。打开注册页面随便输入个用户名和密码注册,注意到这是需要输入生日和地址。 使用注册的用户名和密码登录,但是在选择 Manage 时网页说我不是 “admin” 管理
阅读全文
摘要:#文件上传 ##一句话木马 利用文件上传漏洞往目标网站中上传一句话木马,然后就可以在本地获取和控制整个网站目录。利用一句话木马进行入侵时需要满足木马上传成功未被查杀,知道木马的路径在哪并保证上传的木马能正常运行。一个简单的 PHP 一句话木马如下: <?php @eval($_POST['flag'
阅读全文