中央大学电子计算机中心多媒体与网路应用」资讯推广课程.pptVIP

end * Reference * / / http://goo.gl/cA3a http://goo.gl/IwGbX http://goo.gl/uQ4I1 next:不要被抓到 next:X next:X next:我什麼都不知道 Open Web Application Security Project 非營利組織 works to create freely-available articles, methodologies, documentation, tools, and technologies 眾多project ：The Guide / Top 10 / WebScarab ... A4: ../../../../ A5: plurk A6:bye and hello A7:pa55wd etc A8:?type=admin A9:sniffer A10:?redirect= A6:bye and hello A7:pa55wd etc A8:?type=admin A9:sniffer A10:?redirect= how SQL works in web login page for example client web server sql server request whit id and pwd select from account where `id`=id and `pwd`=pwd return result return login success/failed * Why SQL? 廣大使用 儲存大量的網站資料 injection friendly * how injections work? 以MySQL為例子 $query = “select from account where `id`=’$id’ and `pwd`=’$pwd’$id=’ or 1=1 --  select from account where `id`=’’ -- * attack skills union blind attack * 影響 資料被偷/被改 獲得網站權限 整個網站被拿下# * how to defense safe API 過濾逃脫字元 不要直接把使用者輸入加入query 找程式掃描弱點 * Practice * Agenda 嘴砲 OWSAP Top 10 SQL injection XSS cookie session * XSS Cross Site Scripting 在別人的網站上寫程式！ * background knowledge HTTP GET HTTP POST * how to attack attack using POST/GET the “scripting” in the server strange url * how to attack javascript iframe / image * example body ? echo “Hello ”.$_GET[‘id’].”; ? /body /?id=scriptalert(“i’m Orange”)/script * what may happened? take you to bad site send your information to attacker Just For Fun! * Just For Fun Samy MySpace XSS attack Samy is my hero! Infection * Big Site also XSSable MySpace Facebook twitter Plurk ... * how to defense for server 該逃的還是要逃 找程式掃描弱點 for user 看到奇怪連結要警覺 瀏覽器 / 防毒軟體 * practice * Agenda 嘴砲 OWSAP Top 10 SQL injection XSS cookie session * background knowledge cookie session A cookie is a piece of text stored by a users web browser. A cookie can be used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplis