几种平常的漏洞种类以及代码审计器具
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;">前言</strong></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计是在经过黑盒测试完毕,<span style="color: black;">亦</span><span style="color: black;">便是</span><span style="color: black;">检测</span>应用的基本功能<span style="color: black;">是不是</span>符合<span style="color: black;">制品</span>业务需求下进行的。<span style="color: black;">必须</span>有<span style="color: black;">必定</span>的编码<span style="color: black;">基本</span>以及对漏洞形成原理的基本认知,<span style="color: black;">经过</span><span style="color: black;">工具</span><span style="color: black;">或</span>经验检测代码中可能<span style="color: black;">显现</span>的bug,并在<span style="color: black;">区别</span>平台(windows,linux),<span style="color: black;">区别</span>PHP版本下测试。<span style="color: black;">例如</span>PHP的<span style="color: black;">非常多</span>新版本会对<span style="color: black;">有些</span>指令废弃删除,<span style="color: black;">然则</span>在旧版本中却能<span style="color: black;">运用</span>,而该版本下的指令即有可能会被人<span style="color: black;">发掘</span>漏洞。</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;">PHP核心配置</strong></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">PHP配置<span style="color: black;">针对</span>大<span style="color: black;">都数</span>人都是<span style="color: black;">经过</span>php.ini设置,但其实是有配置范围的,<span style="color: black;">例如</span><span style="color: black;">有些</span>指令配置只能<span style="color: black;">经过</span>php.ini配置,<span style="color: black;">亦</span>有<span style="color: black;">有些</span><span style="color: black;">能够</span>在PHP脚本中设置,<span style="color: black;">经过</span>ini_set()函数,<span style="color: black;">仔细</span><span style="color: black;">能够</span><span style="color: black;">查找</span>PHP_INI.*的列表和ini_set使用<span style="color: black;">办法</span>。</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;">代码审计<span style="color: black;">工具</span></strong></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">1.seay源代码审计<span style="color: black;">工具</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="//q6.itc.cn/images01/20240527/cb8a2960a74b451c91bd4aefbd1147b2.png" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">2. HackBar漏洞验证辅助(火狐浏览器扩展)</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="//q8.itc.cn/images01/20240527/92fc80f2db8c4c79bcd90417d6c6e16b.png" style="width: 50%; margin-bottom: 20px;"></p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;">代码审计思路</strong></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">1. 查看<span style="color: black;">敏锐</span>函数<span style="color: black;">跟踪</span>参数</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">2. <span style="color: black;">所有</span>通读一遍源码<span style="color: black;">认识</span><span style="color: black;">规律</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">3. 按功能点审计<span style="color: black;">跟踪</span></p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;"><span style="color: black;">平常</span>的几种漏洞类型</strong></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">1. SQL注入</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">2. XSS漏洞(跨站脚本攻击)</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">3. CSRF漏洞(跨站请求伪造)</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">4. 文件操作漏洞</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">5. 代码执行漏洞</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">6. 命令执行漏洞</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">7. 变量覆盖漏洞</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">8. 业务<span style="color: black;">规律</span>漏洞</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">9. 越权与提权</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">10. 二次注入</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;">小结&待续</strong></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">因为</span>在代码审计中会<span style="color: black;">触及</span>到<span style="color: black;">非常多</span>知识点,<span style="color: black;">因此</span><span style="color: black;">这儿</span>只先总结一个引文。<span style="color: black;">认识</span>几种<span style="color: black;">平常</span>的漏洞类型,而这些漏洞<span style="color: black;">亦</span>都有特定的例子<span style="color: black;">能够</span>挖掘,<span style="color: black;">必须</span>在工作或学习中<span style="color: black;">持续</span><span style="color: black;">累积</span>分析,并且找到最好的防范<span style="color: black;">方法</span><span style="color: black;">处理</span>。<span style="color: black;">例如</span>程序中<span style="color: black;">必须</span><span style="color: black;">重视</span>接收与输出。获取用户提交过来的数据或操作,都说:”不要相信用户的任何操作”。用户可能只是一个脚本,自然就存在XSS,爆破,CSRF,操作越权等等的<span style="color: black;">危害</span>。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">而输入可能<span style="color: black;">是由于</span><span style="color: black;">咱们</span>接收完用户输入直接反射性输出或把接收数据存储后再<span style="color: black;">按照</span>业务<span style="color: black;">规律</span>存储型输出。<span style="color: black;">因此</span>每一个函数或<span style="color: black;">办法</span>编写时对参数的校验过滤以及返回值的转换处理等等都必不可少。而应用的功能点<span style="color: black;">例如</span>评论,登陆注册,找回<span style="color: black;">暗码</span>,获取验证码,上传文件<span style="color: black;">照片</span>,提现抽奖,积分等都最会是别人盯上找漏洞的<span style="color: black;">地区</span>,除了<span style="color: black;">经过</span>限制次数,IP防止暴力登陆<span style="color: black;">常常</span>还<span style="color: black;">不足</span>。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">单说获取IP<span style="color: black;">位置</span>,HTTP_CLIENT_IP,HTTP_X_FORWARDED_FOR,REMOTE_ADDR都<span style="color: black;">能够</span>获取,而前两者<span style="color: black;">能够</span><span style="color: black;">运用</span>http header伪造,<span style="color: black;">此时</span>候<span style="color: black;">针对</span>一个IP的真实性<span style="color: black;">必须</span>比较一下这三种获取方式的<span style="color: black;">区别</span>点再来实现功能。还有验证码,有<span style="color: black;">照片</span>验证,滑动验证,语音验证,短信验证等,但网上<span style="color: black;">亦</span>存在<span style="color: black;">照片</span>识别,打码平台相应的<span style="color: black;">工具</span>。只能说防范手段在升级,漏洞<span style="color: black;">亦</span>在<span style="color: black;">持续</span>升级,代码审计必不可少。<a style="color: black;"><span style="color: black;">返</span></a>回<span style="color: black;">外链论坛:www.fok120.com</span>,查看<span style="color: black;">更加多</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">责任编辑:网友投稿</span></p>
楼主发的这篇帖子,我觉得非常有道理。
页:
[1]