从来好事天生俭,自古瓜儿苦后甜。这篇文章主要讲述Application Security Per-Engagement相关的知识,希望能为你提供帮助。
1、 an SQLi vulnerability will allow you
to do the
following
- query the database using select statement forezample users table. you might get the password or usersname
- Bypass the login page executing successfuly query results
- Execute system commands in the database in oreder compromise the web server
- Execute inserts.delete commands to manipulate the records in the database
we can append other commands after the variable and the application will be to execute it for us , my goal is to make the backend execute someting like this [nslookup [domain name variable ] & & [other command ]
文章图片
3、OWASP top 10
Injection-----> when a attacker can inject and execute a custom command in the backend because of missing sanitization,besides it ,command Injection are more like LDAP、XPath、NoSQLo XML Parsers、STMTP Header
Broken Authentication ------> a hacker finds the user\'s idntity, credentials bouth name and password or web session
Sesitive Data 、 XML External Entities \\ Broken Access Control \\ Security Misconfig \\Cross-site Scripting \\ Insecure Deserialization \\ Using Components with know vulnerability\\ Insufficient logging
4、邮件信息收集
theharverster -d [目标网络域名地址] -l [邮件地址数量] -b [使用的搜索的公共知识库] eg : theharvester -d yalong.cn -l 20 -b baidu
文章图片
文章图片
文章图片
5、 use Whois search DNS and ip register name and phone number and email
step one we can use the Whois.net the url: http:www.whois.net or another website is NetCraft the url :https://www.netcraft.com/
step two: use the command whois ,the screenshout as follow
文章图片
another wegit tools is host it can translate ip to hostname
文章图片
nslookup id find DNS
【Application Security Per-Engagement】
推荐阅读
- virtualenvwrappers 踩坑
- cordova build android Command failed with exit code EACCES
- Log4j2 - Unable to invoke factory method in class org.apache.logging.log4j.core.appender.RollingFile
- 微信如何实现自动跳转到用其他浏览器打开指定页面下载APP
- Web测试和APP测试有什么区别()
- springboot扫描不到mapper,解决方法
- 15款Windows最佳文件压缩工具下载推荐合集(哪个最好用())
- 15个Mac和Linux最佳IRC客户端下载推荐合集(你喜欢哪个())
- 21种最佳流程图和示意图软件下载推荐(免费Visio替代品合集)