ÂÌÃ˰²È«¹¤³ÌÊ¦ÉøÍ¸²âÊÔ³£¹æË¼Â· - ͼÎÄ

5£® ±©Á¦£¬×²¿â½øºǫ́

ÎÞÂÛÊÇǰ¶ËµÄÓû§µÇ¼»¹ÊǺǫ́µÄ¹ÜÀí½øÈ룬±©Á¦ÆÆ½â¶¼²»Ê§ÎªÒ»ÖÖÒÔʱ¼äºÍ×ÖµäΪÏûºÄµÄ·½·¨£¬»¹ÊÇÓиÅÂʽøÈëµÄ£¬ºÇºÇ¡£

²»¹ýÏà±È¶øÑÔ£¬¸ù¾ÝÍâΧ̽²âÄõ½µÄÐÅÏ¢£¬Ò²Ðí¿ÉÒÔ°ïÖúÎÒÃǺÜÇáËɵĽøÈëºǫ́¡£ ײ¿â£¬Ò²ÐíÄãÖ»Äõ½ÁËÒ»²¿·ÖÃô¸ÐÐÅÏ¢£¬µ«ÊÇÍøÂçÉÏÏÖÔÚ¿ã×ÓÂúÌì·ÉµÄ×´¿öÏ£¬×²Ò»×²ÕÒÒ»ÕÒ£¬Ëµ²»¶¨ÃÜÂë¾Í³öÀ´ÁË£¬Õâ¸ö¿É±È±©Á¦ÆÆ½â¿ìµÃ¶à¡£

6£® Èõ¿ÚÁî

×î³£¼û×îΣÏÕÒ²×îµôÒÔÇáÐÄ

7. Öмä¼þÅäÖò»µ±ÒýÆðµÄÎÊÌâ

¢Ù IISд©¶´£¨²»³£¼ûÁË£©

£¨³£¹æ¹¤¾ß¡°Àϱø¡±£©

¢Ú Ŀ¼¿É·ÃÎÊ

*8. ²Ù×÷ϵͳ¡¢Öмä¼þÎļþ½âÎöÒýÆðµÄÎÊÌ⣬

Apache test.php.xx IIS test.asp;.jpg windows .asp. asp¡õ

²»ÊÇÉîÈëµÄ»°Ì⣬ÔÚÉÏ´«Àï¹Ø×¢

9. phpÒýÆðµÄһϵÁÐÎÊÌâ

¢Ù ../../etc/passwd Ö±½ÓÉîÈë ¢Ú phpÒýÆðµÄĿ¼±éÀú

¢Û PHP ÒýÆðµÄÔ¶³ÌÎļþ°üº¬£¨googleËÑË÷Ò²¿ÉÒÔÖ±½ÓÀûÓã©

0¡Á02 Ì«¼«£ºÍâΧµ½ÄÚ²¿Ö®¼äµÄÖмä²ã£¨Ó¦Óã©

ÕÐʽ½âÊÍ

Ì«¼«£ºÓöÇ¿ÔòÇ¿£¬ÓöÈõÔòÈõ£¬È«ÊÇÓ¦ÓÃÈǵĻö Ò»£®Óû§Î´µÇ½µÄÇé¿öÏÂ

1¡¢×¢Èë

×¢ÈëµÄÀàÐÍʵÔÚÌ«¶à£¬ÀûÓû¨ÑùÖÖÖÖ£¬

¢Ù Ò³Ãæµ÷ÓÃʱºòµÄsql×¢È룬һ°ãÖ±½Ó´©É½¼×£¬sqlmapÅܳöÀ´dbsºÍ±í£¬ÓÃÀ´½øºǫ́ÓûòÕßй¶Óû§ÐÅÏ¢¡££¨DBSÊÇ·ñÍêÕû£¬ÍøÕ¾½á¹¹¿â£¬Ö±½ÓÀûÓã©

¢Ú ÍòÄÜÃÜÂëÖ®ÀàµÄsql×¢È룬½øÈëǰ¶ËÓ¦ÓûòÕߺǫ́¹ÜÀí¡£

¢Û ±¾Õ¾Ã»ÓÐ×¢Èë²»´ú±í¾Í²»ÄÜÉîÈ룬ÊÔÊÔÅÔעĨ£¬ºÇºÇ¡£Ö»ÊÇÁ÷³Ì²»Ò»ÑùÁË¡£

2¡¢XSS

XSSµÄÀàÐͲ»Ëã¶à´æ´¢ÐÍ£¬·´ÉäÐÍ£¬µ«ÊÇÀûÓþÍÊÇÖ»ÓÐÄãÏë²»µ½£¬Ã»ÓÐÄã×ö²»µ½¡£

ºÍÉîÈëÎ޹صľͲ»ËµÁË¡£

¢Ù XSSä´ò´òºǫ́£¬¶à°ëÒ²ÊÇÏë½øºǫ́ÖÖÖÖ·½·¨ÎÞ¹ûµÄÇé¿öÏ¡£¸ÅÂÊÓÐÏÞ¡£

¢Ú XSS DDoS¡£

ÁªÏµ¿Í·þ£º779662525#qq.com(#Ìæ»»Îª@)