Vulnerabilities shafukan. Yanar dubawa. Shirin ya duba shafin for vulnerabilities

yanar tsaro batun ya ba ta kasance a matsayin m kamar yadda a cikin 21st karni. Hakika, wannan ne saboda da m baza na Internet a kusan dukkan masana'antu da kuma filayen. Kowace rana, hackers kuma tsaro masana samu 'yan sabon vulnerabilities shafukan. Mafi yawa daga cikinsu nan da nan rufaffiyar masu da developers, amma wasu kasance kamar yadda yake. Wanda aka yi amfani da maharan. Amma yin amfani da wani hacked site iya haifar da babban lahani biyu da masu amfani da sabobin a kan wanda shi ne housed.

Iri shafukan vulnerabilities

Idan ka ƙirƙiri Web shafukan amfani da wani yawa related lantarki fasahar. Wasu akwai nagartaccen da kuma lokaci-jarraba, da kuma wasu masu sabon, kuma ba a sawa. A cikin wani hali, akwai yalwa da irin shafukan da vulnerabilities:

• XSS. Kowane site yana da kananan form. Suna taimaka masu amfani shiga data da kuma samun sakamakon, rajista ne da za'ayi ko aika saƙonni. Canzawa a cikin nau'i na musamman dabi'u iya fararwa da kisan wani script, wanda zai iya sa wani take hakkin da mutunci da shafin da kuma compromising data.
• SQL-allura. A sosai na kowa da kuma tasiri hanyar sãdu zuwa sirri bayanai. Wannan zai iya faruwa ko dai ta hanyar da address bar, ko via da form. A tsari ne da za'ayi yaron da dabi'u da cewa ba za a iya tace rubutun da kuma tambayi cikin database. Kuma tare da ta dace ilimi shi zai iya sa wani tsaro warwarewarsu.

• HTML-kuskure. Kusan guda a matsayin cewa daga cikin XSS, amma ba saka rubutun code, kuma HTML.
• A shigewa na shafukan hade da jeri na fayiloli da kuma kundayen a default wurare. Ga misali, da sanin tsarin da shafukan yanar gizo, za ka iya isa gwamnati panel code.
• Ƙarancin kariya daga saitin da tsarin aiki a kan uwar garke. Idan wani, da shigewa ne ba, sa'an nan da attacker ya kamata su iya kashe sabani code.
• Bad kalmomin shiga. Daya daga cikin mafi bayyananne vulnerabilities shafukan - amfani da rauni dabi'u don kare su da asusun. Musamman ma idan shi ne mai gudanarwa ba.
• Buffer ambaliya. Yana amfani a lokacin da ya maye gurbin data daga ƙwaƙwalwar ajiya, sabõda haka, za ka iya sa nasu sabawa. Yana faruwa a lokacin da hannu biyu ajizai software.
• Maye gurbin sassan your site. Recreating ainihin kwafin na yanar ta shiga a ga mai amfani wanda ba za a iya zargin wani abin zamba da kuma shigar da keɓaɓɓen bayani, bayan wasu lokaci wucewa attacker.
• Musu daga sabis. Kullum wannan lokaci da aka fahimta da kai hari a kan uwar garke a lõkacin da ta sami wani babban yawan buƙatun cewa ba zai iya rike, da kuma kawai "saukad" ko zama kasa bauta wa wadannan masu amfani. A shigewa ta'allaka ne da cewa wani IP tace ba kaga yadda ya kamata.

Shigewa Scan Site

Tsaro kwararru gudanar da wani musamman duba da yanar gizo hanya ga kurakurai da kuma lahanin da za a iya kai wa ga fatattaka. Irin wannan tabbaci site kira pentesting. A tsari na nazarin tushen code amfani da CMS, gaban m kayayyaki da kuma wasu masu ban sha'awa da gwaje-gwaje.

SQL-allura

Wannan irin gwajin site kayyade ko da rubutun tace da Karbar dabi'u a cikin shirye-shiryen da buƙatun da database. Gudanar da sauki gwajin na iya zama da hannu. Yadda za a sami SQL shigewa a shafin? Wanda za a tattauna.

Alal misali, akwai wani site na-sayt.rf. A ta gaban page yana da wani kasida. Za a cikinta, za ka iya samu a cikin address bar wani abu kamar na-sayt.rf /? Product_id = 1. Shi ne wata ila cewa wannan shi ne wani request ga database. Don samun site vulnerabilities iya farko kokarin musanya a jere guda quote. A sakamakon haka, ya zama nawa-sayt.rf /? Product_id = 1 '. Idan ka latsa "Shigar da" button a kan page, wani kuskure sakon, da shigewa wanzu.

Yanzu za ka iya amfani da daban-daban zabin ga zabin da dabi'u. Used hade aiki ware, commenting da yawa wasu.

XSS

Wannan irin yanayin shigewa iya zama na biyu iri - aiki da kuma m.

Active yana nufin bullo da wani yanki na code a cikin database ko a cikin fayil a kan uwar garke. Shi ne mafi hatsari da kuma unpredictable.

M yanayin ya shafi luring da aka azabtar da wani takamaiman adireshin shafin da cewa yana dauke qeta code.

Amfani da XSS attacker iya sata Cookies. Kuma suka iya ƙunsar muhimmanci bayanan mai amfani. Ko da more dire sakamakon ya sata zaman.

Har ila yau, attacker iya amfani da rubutun a kan site haka kamar yadda ta samar a lokacin da aika shi ya ba mai amfani da bayanai kai tsaye a hannun wani attacker.

Aiki da kai na search tsari

A cibiyar sadarwa zai iya samun mai yawa ban sha'awa shigewa Scanners shafin. Wasu zo shi kadai, wasu zo da dama irin wannan da kuma garwaya a cikin wani aure image, kamar Kali Linux. Zai ci gaba da samar da wani bayyani daga cikin rare kayan aikin zuwa sanya aiki da kai kan aiwatar da tattara bayanai game da vulnerabilities.

Nmap

A mafi sauki website shigewa na'urar daukar hotan takardu da za su iya nuna bayanai kamar da tsarin aiki amfani da tashoshin jiragen ruwa da kuma ayyuka. Hankula aikace-aikace:

nmap -sS 127.0.0.1, inda a maimakon na gida IP address wajibi ne a musanya da real gwajin site.

Kammalawa rahoton a kan abin da sabis suke gudana a kan shi, kuma wanda tashoshin jiragen ruwa ne bude a wannan lokaci. Bisa ga wannan bayani, za ka iya kokarin amfani da riga gano shigewa.

Ga 'yan makullin don wani nmap scan nuna bambanci:

• -A. M scan cewa jefar da yawa bayanai, amma zai ɗauki babba lokaci.
• -O. Yana yana kokarin gano tsarin aiki amfani da kan uwar garke.
• -D. Spoof wani IP address daga wanda wani rajistan shiga aka yi da shi a lõkacin da ka duba ba shi yiwuwa zuwa uwar garken rajistan ayyukan domin sanin inda harin ya faru.
• -p. Cikin kewayon mashigai. Dubawa da dama da sabis na bude.
• -S. Yana ba ka damar saka da daidai IP address.

WPScan

Wannan shirin ne don duba shafin for vulnerabilities kunshe a Kali Linux rarraba. Tsara don duba yanar gizo albarkatu a kan WordPress CMS. aka rubuta a Ruby, don haka gudu kamar wannan:

yaƙutu ./wpscan.rb --help. Wannan umurnin zai nuna duk zaɓuɓɓukan da akwaisu da haruffa.

umurnin da za a iya amfani da su gudanar da wani sauki gwajin:

yaƙutu ./wpscan.rb --url some-sayt.ru

A general WPScan - kyawawan sauki don amfani mai amfani to jarraba ku site a kan "wordpress" vulnerabilities.

Nikto

Shirin site dubawa for vulnerabilities, wanda shi ne ma samuwa a Kali Linux rarraba. Yana bayar da iko da damar domin duk da sauki:

• Scan yarjejeniya tare da HTTP da HTTPS.
• jingine yawa gina-ganewa kayayyakin aiki;
• mahara tashar jiragen ruwa scanning, ko da a cikin wadanda ba misali iyaka.
• goyi bayan yin amfani da wakili sabobin.
• yana yiwuwa a yi da connection toshe-ins.

Don fara nikto bukatar da tsarin da aka shigar Perl. A sauki bincike da aka yi kamar haka:

Perl nikto.pl -H 192.168.0.1.

A shirin za a iya "ciyar da" wani rubutu fayil cewa ya bada jerin sunayen Web adireshin uwar garken:

Perl nikto.pl -H file.txt

Wannan kayan aiki zai ba kawai taimaka tsaro kwararru da za su gudanar Pentest, amma cibiyar sadarwa ma'aikata da kuma albarkatun don kula da kiwon lafiya shafukan.

Burp Suite

A sosai iko kayan aiki don duba ba kawai da shafin, amma saka idanu na wani cibiyar sadarwa. Ya mai gina-a aiki na gyara buƙatun suka wuce a kan gwajin uwar garke. Smart na'urar daukar hotan takardu iya ta atomatik nemi da dama iri vulnerabilities a lokaci daya. Yana yiwuwa a cece sakamakon na yanzu ayyukan, sa'an nan ci gaba da shi. Sassauci ga ba kawai amfani da ɓangare na uku toshe-ins, amma kuma rubuta naka.

The mai amfani na da aka zana mai amfani da ke dubawa, wanda shi ne babu shakka m, musamman ga novice masu amfani.

SQLmap

Kila ya fi dace da iko kayan aiki domin neman SQL da XSS vulnerabilities. Jerin da abũbuwan amfãni za a iya bayyana a matsayin:

• Support kusan kowane irin database gudanar da tsarin.
• da ikon yin amfani da shida na asali hanyoyi domin sanin aikace-aikace da kuma SQL-allura.
• Masu amfani busting yanayin, su hashes, kalmomin shiga da kuma sauran bayanai.

Kafin yin amfani da SQLmap yawanci farko samu wani m site via wani dork - blank tambaya search engines ya taimake ka sako daga kiyasta albarkatun dole yanar gizo.

Sa'an nan da adireshin shafin da aka canjawa wuri zuwa ga shirin, kuma shi Ya Duba. Idan nasara, da definition shigewa mai amfani iya kanta da kuma ta yin amfani da samun cikakkiyar dama ga hanya.

Webslayer

A kananan mai amfani cewa ba ka damar kai farmaki zaluncin karfi. Iya "zaluncin karfi" siffofin rayuwa, da zaman sigogi na shafin. Yana goyon bayan Multi-Threading, wanda rinjayar da yi ne m. Zaka kuma iya zabi kalmomin shiga recursively nested shafukan. Akwai wani wakili goyon baya.

Resources don dubawa

A cikin cibiyar sadarwa akwai da dama kayayyakin aiki, don gwada shigewa na online shafukan:

• coder-diary.ru. Simple site ga gwaji. Kamar shigar da adireshin, da hanya da kuma danna kan "Duba". The search iya daukar lokaci mai tsawo, don haka ba za ka iya saka da adireshin imel ɗinka don su zo a karshen sakamakon kai tsaye a cikin aljihun tebur gwajin. Akwai game da 2,500 da aka sani vulnerabilities a cikin shafin.
• https://cryptoreport.websecurity.symantec.com/checker/. Online Service rajistan ga SSL da kuma TLS takardar shaidar daga kamfanin Symantec. Yana bukatar kawai adireshin, hanya.
• https://find-xss.net/scanner/. The aikin ne mai raba PHP fayil sikanin yanar for vulnerabilities ko ZIP archive. Za ka iya saka da iri fayiloli da za a leka da kuma alamomi, wanda ake kare ta data a cikin rubutun.
• http://insafety.org/scanner.php. Scanner to gwada shafukan a kan dandamali "1C-Bitrix". Simple kuma da ilhama ke dubawa.

A algorithm for scanning for vulnerabilities

Kowace cibiyar sadarwa tsaro gwani aikin wani rajistan shiga a kan wani sauki algorithm:

1. A farko shi da hannu ko ta hanyar yin amfani da mai sarrafa kansa kayan aikin tantance ko akwai wani online shigewa. Idan a, to, shi kayyade su da irin.
2. Dangane da nau'in ba shigewa gina kara motsa. Alal misali, idan muka san CMS, sa'an nan zabi da ya dace Hanyar hari. Idan wani SQL-allura, da aka zaɓa queries da database.
3. Babban maƙasudin ne kafin su sami gatan damar yin amfani da administrative panel. Idan shi ba zai yiwu ba a cimma irin wannan, watakila yana da daraja a gwada kuma samar da wata karya adireshin da gabatarwar da rubutun tare da m canja wuri na azabtar.
4. Idan wani hari ko shigar azzakari cikin farji kasa, shi ya fara tattara bayanai: suna can mafi shigewa wanda lahani ne ba.
5. Bisa ga bayanan tsaro gwani ya ce site mai shi game da matsaloli da kuma yadda za a magance su.
6. Vulnerabilities ana shafe ta da hannuwansa a ko da taimako na ɓangare na uku Masters.

A 'yan aminci tips

Waɗanda suke, kai tasowa da kansa website, zai taimake wannan sauki tukwici da dabaru.

Mai shigowa data dole ne a tace don haka da cewa rubutun ko queries ba zai iya gudu tsaya-shi kadai ko ba data daga database.

Yi amfani da hadaddun da karfi kalmomin shiga don samun damar da gwamnati panel, domin kauce wa wani zai yiwu zaluncin karfi.

Idan yanar dogara ne a kan wani da CMS, kana bukatar zaran tabbatar plugins, shaci da kayayyaki na iya zama akai-akai sabunta shi da kuma amfani. Kada obalodi da shafin tare da ba dole ba gyara.

Sau da yawa duba uwar garke rajistan ayyukan ga wani m aukuwar ko ayyuka.

Duba ka site da dama Scanners da kuma ayyuka.

A daidai uwar garken sanyi - da key ta zuwa barga da lafiya aiki.

Idan zai yiwu, yi amfani da wani SSL takardar shaidar. Wannan zai hana interception na sirri ko na sirri data tsakanin uwar garken da kuma mai amfani.

Instruments for tsaro. Shi ya sa hankali ka shigar ko ka haɗa da software don hana intrusion da waje barazana.

ƙarshe

A labarin da ya juya tabbatacce muhallinsa, amma ko da shi bai isa ya bayyana a daki-daki, duk fannoni na cibiyar sadarwa tsaro. To jimre da matsalar da bayanai tsaro, ya zama dole su yi nazarin da yawa kayan da umarnin. Kuma ma su koyi wani gungu na kayan aikin da fasahar. Za ka iya neman shawara da kuma taimako daga masu sana'a da kamfanonin da cewa kware a Pentest da kuma duba yanar gizo albarkatu. Ko da yake wadannan ayyuka, kuma za su juya zuwa mai kyau adadin, duk wannan site tsaro na iya zama fiye da tsada a tattalin arziki da sharuddan da a reputational.