Professional Documents
Culture Documents
Ni dung
Cc cng ngh s dng Cu trc ng dng web
http response
Server w/ Apache
http response
Desktop w/ Explorer
L mt stateless protocol, server khng lu gi thng tin trng thi v phin lm vic ca clients.
Port mc nh: 80
FIN ACK
6
FIN/ACK
Server
G
page.html TCP FIN TCP SYN G HTTP/1.0 s dng mt HTTP Request trn mi TCP connection
hpface.jpg
TCP FIN TCP SYN G castle.gif TCP FIN
7
Server
G
page.html G hpface.jpg G HTTP/1.1 a ra khi nim persistent HTTP, cch tip cn l s dng nhiu HTTP transfer trn mt TCP connection
castle.gif
Timeout
TCP FIN
8
HTTP Requests
Method URL Protocol Version
Headers
GET /index.html HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 Accept: text/html, */* Accept-Language: en-us Accept-Charset: ISO-8859-1,utf-8 Connection: keep-alive
Body (optional)
blank line
Dng u tin (Request line) bao gm 3 phn, phn cch bi du cch: HTTP method
10
HTTP Responses
Version Status Status Message
Headers
HTTP/1.1 200 OK Date: Thu, 24 Jul 2008 17:36:27 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Content-Length: 1846
blank line
Body <html> ... </html>
11
Dng u tin (Request line) bao gm 3 phn, phn cch bi du cch: Phin bn HTTP
12
HTTP methods:
L cc hnh ng m client c th thc hin trn mt URL server. HTTP 1.0: GET, POST, HEAD
13
GET Method dng ly resource t server C th gi tham s n resource server thng qua chui truy vn trong URL C th bookmark Cc URL th hin trn mn hnh, c th c log trong cc lch s trnh duyt (browser history), hoc trong log truy cp (access log) ca cc web server Khng nn s dng chui truy vn truyn ti cc thng tin, d liu quan trng
14
POST Gi d liu n resource Tham s nm phn body ca gi tin HTTP Request => Khng th bookmark, khng lu tr trong lch s trnh duyt cng nh log truy cp ca web server
15
URLs:
Uniform Resource Locator nh danh cho mt web resource
Cu trc mt URL:
protocol://hostname[:port]/[path/]file[?param=value]
16
1xxThng tin.
2xx Request thnh cng. 3xx Client c chuyn hng n mt resource khc. 4xx Request li. 5xx Server li.
17
401 unauthorized 403 forbidden 404 not found 500 int. server error
18
Cookies:
L k thut trong server gi d liu xung client, client lu tr v t ng gi li d liu ny trong mi request k tip n server Server pht sinh mt cookie cho clinet bng cch s dng header Set-Cookie trong gi HTTP response Set-Cookie: tracking=tI8rk7joMx44S2Uu85nSWc Client gi li d liu cookie n server thng qua header Cookie trong gi HTTP request Cookie: tracking=tI8rk7joMx44S2Uu85nSWc Cookie thng tn ti dng cc cp gi tr Name=value hoc c th l mt chui
19
Mt s ty chn thuc tnh trong header Set-Cookie : Expires: thit lp thi im cookie ht hiu lc Domain: thit lp tn min cookie c hiu lc
Thc hnh:
S dng addon Live HTTP header xem cc ni dung cookie gi v nhn gia server v client S dng addon Cookie Manager xem v chnh sa cc gi tr cookie lu trn my
20
HTTP Authentication:
Bo v ti nguyn, gii hn truy cp ng dng 3 Loi:
Basic:
Khng m ha Ti khon chng thc encode Base64, nm trong HTTP header gi n server C ch Challenge-response Giao thc Windows NTLM C ch Challenge-response MD5 checksum
NTLM:
Digest:
21
22
23
PHP
Ruby on Rails SQL XML
24
Javascript
Ajax JSON
25
26
Kin trc 3 tng tr nn khng ph hp khi ng dng web ngy cng m rng, pht trin Kin trc mi ra i, vi s xut hin ca mt tng trung gian gia web server v database: application server
27
28
29
trnh thiu st, cng nh tng tnh hiu qu, c th s dng mt s k thut, cng c :
Web spidering Suy lun t cc thng tin c S dng cc thng tin cng khai
Thc hnh: tin hnh thu thp ni dung v chc nng ca mt ng dng theo 2 cch: th cng v s dng cng c (BurpSuite)
30
31
Xc nh cc li vo ng dng
Xem cc gi HTTP Request Cc v tr cn ch :
32
33
34
35
SQL Injection
Xp th nht trong OWASP Top 10 L l hng ng dng web, khng phi li do database hay webserver L l hng lin quan n kh nng thc thi cc lnh SQL trn database thng qua ng dng web
36
37
38
39
40
41
Session hijacking
Xp th 3 trong OWASP Top 10 L mt k thut tn cng m trong k tn cng li dng nhng im yu qu trnh qun l session ca ng dng web chim hu phin lm vic ca ngi dng khc Gy tc hi nghim trng khi k tn cng c th thc hin thnh cng trn cc ti khon qun tr
42
43
Authentication:
Xp th 3 theo OWASP Top 10 K tn cng c th tn dng nhng im yu trong thit k v vn hnh ca h thng kim tra ng nhp, t c kh nng vt qua h thng kim tra m khng cn ti khon. Cc phng thc tn cng li Authentication
Bruteforce
on username, password Sniff d liu ng nhp trn ng truyn
44
45