\u524d\u63d0\uff1a\u5728WEB\u5b89\u5168\u65b9\u9762\u7684\u5b66\u4e60\u611f\u5230\u4e86\u74f6\u9888\u548c\u8ff7\u832b\uff0c\u5bf9WEB\u65b9\u5411\u4ee5\u5916\u7684\u77e5\u8bc6\u5b58\u5728\u6b20\u7f3a\uff0c\u4e8e\u662f\u51b3\u5b9a\u901a\u8fc7\u5c0f\u8fea\u7684\u5168\u6808\u6e17\u900f\u8bfe\u7a0b\u67e5\u6f0f\u8865\u7f3a\u4e00\u4e0b\u3002<\/p>\n\n\n\n
PS.\u67e5\u8be2\u653b\u51fb\u65b9\u5f0f\u540d\u79f0\uff08ATT&CK\uff09<\/strong>\uff1ahttps:\/\/attack.mitre.org<\/a><\/p>\n\n\n\n \u5de5\u5177\u7f51\u7ad9\uff1a\uff08\u68f1\u89d2\uff09<\/strong>https:\/\/forum.ywhack.com\/<\/a><\/p>\n\n\n\n \u76ee\u7684\uff1a\u89e3\u51b3\u65e0\u56fe\u5f62\u5316\u754c\u9762&\u6570\u636e\u4f20\u8f93\u3002<\/p>\n\n\n\n \u547d\u4ee4\u90fd\u53ef\u4ee5\u5728\u68f1\u89d2<\/strong>\u4e0a\u67e5\u8be2<\/p>\n\n\n\n Linux\uff1awget<\/strong> curl python ruby perl java\u7b49<\/p>\n\n\n\n Windows\uff1aPowershell Certutil Bitsadmin msiexec mshta rund1132\u7b49<\/p>\n\n\n\n \u76ee\u7684\uff1a\u89e3\u51b3\u6570\u636e\u56de\u663e&\u6570\u636e\u901a\u8baf\u3002<\/p>\n\n\n\n \u5e94\u7528\u60c5\u666f\uff1a\u5916\u90e8\u65e0\u6cd5\u7ed5\u8fc7\u9632\u706b\u5899\u8bbf\u95ee\u5185\u7f51\u3002<\/p>\n\n\n\n \u5177\u4f53\u547d\u4ee4\u53ef\u4ee5\u7528\u68f1\u89d2\u8bbe\u7f6e\u3002<\/p>\n\n\n\n \u5185\u7f51 –> ip<\/strong>\uff08\u5185\u7f51\u53ef\u4ee5\u5411\u5916\u90e8IP\u8fdb\u884c\u8bbf\u95ee\uff09<\/p>\n\n\n\n ip !–> \u5185\u7f51<\/strong>\uff08\u9632\u706b\u5899\u539f\u56e0\u4f7f00\u5916\u90e8IP\u4e0d\u80fd\u8bbf\u95ee\u5185\u7f51\uff09<\/p>\n\n\n\n \u53cd\u5f39shell\uff1a<\/strong>\u5f53\u62ff\u5230\u4e00\u4e2a\u5185\u7f51\u673a\u5b50<\/strong>\u7684RCE\uff08\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c<\/strong>\uff09\u65f6\uff0c\u53ef\u4ee5\u901a\u8fc7RCE\u5199\u4e00\u4e2a\u53cd\u5f39\u547d\u4ee4<\/strong>\uff0c\u5f39\u4e00\u4e2ashell<\/strong>\u7ed9\u653b\u51fb\u673a<\/strong>\uff0c\u4ece\u800c\u5b9e\u73b0\u4efb\u610f\u547d\u4ee4\u6267\u884c\u4ee5\u53ca\u56de\u663e\u3002<\/p>\n\n\n\n WEB\u5e94\u7528\u7ec4\u6210\u89d2\u8272\u529f\u80fd\u67b6\u6784\uff1a\u5f00\u53d1\u8bed\u8a00\u3001\u7a0b\u5e8f\u6e90\u7801\u3001\u4e2d\u95f4\u4ef6\u5bb9\u5668\u3001\u6570\u636e\u5e93\u7c7b\u578b\u3001\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3001\u7b2c\u4e09\u65b9\u8f6f\u4ef6\u3002<\/p>\n\n\n\n \u5f00\u53d1\u8bed\u8a00<\/strong>\uff1aasp\uff0cphp<\/strong>\uff0caspx\uff0cjsp\uff0cjava<\/strong>\uff0cpython<\/strong>\uff0cruby\uff0cgo\uff0chtml<\/strong>\uff0cjavascrip<\/strong>t\u7b49\u3002<\/p>\n\n\n\n \u7a0b\u5e8f\u6e90\u7801<\/strong>\uff1a\u5f00\u53d1\u8bed\u8a00\u5206\u7c7b\u3001\u5e94\u7528\u7c7b\u578b\u5206\u7c7b\u3001\u5f00\u6e90cms\u5206\u7c7b<\/strong>\u3001\u5f00\u53d1\u6846\u67b6\u5206\u7c7b\u3002<\/p>\n\n\n\n \u4e2d\u95f4\u4ef6\u5bb9\u5668<\/strong>\uff1aIIS<\/strong>\uff0cApache<\/strong>\uff0cNginx<\/strong>\uff0cTomcat<\/strong>\uff0cWeblogic\uff0cJboos\uff0cglasshfish\u7b49\u3002<\/p>\n\n\n\n \u6570\u636e\u5e93\u7c7b\u578b<\/strong>\uff1aAccess<\/strong>\uff0cMysql<\/strong>\uff0cMssql\uff0cOracle\uff0cdb2\uff0cSybase\uff0cRedis<\/strong>\uff0cMongoDB<\/strong>\u7b49\u3002<\/p>\n\n\n\n \u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf<\/strong>\uff1aWindows\u7cfb\u5217\uff0cLinux\u7cfb\u5217<\/strong>\uff0cMac\u7cfb\u5217\u7b49\u3002<\/p>\n\n\n\n \u7b2c\u4e09\u65b9\u8f6f\u4ef6<\/strong>\uff1aphpmyadmin<\/strong>\uff0cvs-ftpd\uff0cVNC\uff0cELK\uff0cOpenssh\u7b49\u3002<\/p>\n\n\n\n SQL\u6ce8\u5165\uff0c\u6587\u4ef6\u5b89\u5168\uff0cRCE\u6267\u884c\uff0cXSS\u8de8\u7ad9\uff0cCSRF\/SSRF\/CRLF\uff0c\u53cd\u5e8f\u5217\u5316\uff0c\u903b\u8f91\u8d8a\u6743\uff0c\u672a\u6388\u6743\u8bbf\u95ee\uff0cXXE\/XML\uff0c\u5f31\u53e3\u4ee4\u7b49\u3002<\/p>\n\n\n\n PS.\u5b66\u4e60HTTP\u6570\u636e\u5305\u65f6\u5efa\u8bae\u914d\u5408Burpsuit\u6293\u5305\u6765\u7406\u89e3\u3002<\/p>\n\n\n\n \u8bf7\u6c42\u6570\u636e\u5305\uff08Request\uff09<\/strong>\uff1a\u8bf7\u6c42\u884c\u3010\u65b9\u6cd5\u5b57\u6bb5\uff08GET\uff0cPOST\uff0cHEAD\uff0cPUT\uff0cDELETE\uff09\uff0cURL\u5b57\u6bb5\uff0cHTTP\u7248\u672c\u5b57\u6bb5\u3011\uff0c\u9996\u90e8\u884c\uff0c\u5b9e\u4f53\u4f53\u3002<\/p>\n\n\n\n \u54cd\u5e94\u5305\uff08Response\uff09<\/strong>\uff1a\u72b6\u6001\u884c\uff08\u72b6\u6001\u7801\uff09\uff0c\u9996\u90e8\u884c\uff0c\u5b9e\u4f53\u4f53\u3002<\/p>\n\n\n\n PS.\u4e0d\u540c\u5bf9\u8c61\u91c7\u7528\u4e0d\u540c\u6293\u5305\u5c01\u5305\u6280\u672f\u3002<\/p>\n\n\n\n \u6293\u5305\u7684\u76ee\u7684\uff1a\u5c06\u770b\u4e0d\u89c1\u7684\u4e1c\u897f\u8f6c\u6210\u80fd\u770b\u89c1\u7684\u4e1c\u897f\u3002<\/strong><\/p>\n\n\n\n \u76f8\u5173\u5de5\u5177\u6293\u53d6HTTPS<\/strong>\u6570\u636e\u5305\u9700\u8981\u5b89\u88c5\u8bc1\u4e66\uff0c\u94fe\u63a5\u5982\u4e0b\uff1a<\/p>\n\n\n\n Charles\uff1ahttps:\/\/blog.csdn.net\/weixin_45459427\/article\/details\/108393878<\/a><\/p>\n\n\n\n Fiddler\uff1ahttps:\/\/blog.csdn.net\/weixin_45043349\/article\/details\/120088449<\/a><\/p>\n\n\n\n Burpsuite<\/strong>\uff1ahttps:\/\/blog.csdn.net\/qq_36658099\/article\/details\/81487491<\/a><\/p>\n\n\n\n WireShark<\/strong> & \u79d1\u6765\u7f51\u7edc\u5206\u6790\u7cfb\u7edf<\/strong> & TCPDump<\/strong>\u8bbe\u7f6e\u7f51\u7edc\u63a5\u53e3\uff08\u7f51\u5361\uff09\u8fdb\u884c\u6293\u5305\u3002<\/p>\n\n\n\n \u901a\u8fc7\u6d4f\u89c8\u5668\u67e5\u770b\u5143\u7d20<\/strong>\u8fdb\u884c\u76d1\u542c\u3002<\/p>\n\n\n\n APP & \u5c0f\u7a0b\u5e8f\uff1aBurpsuite\u6293\u5305\u9700\u8981\u8ba9\u7a0b\u5e8f\u8bbe\u5b9a\u4ee3\u7406\uff0c\u5fae\u4fe1\u5c0f\u7a0b\u5e8f\u4e0d\u80fd\u8bbe\u7f6e\u4ee3\u7406\uff0c\u6240\u4ee5\u6293\u4e0d\u4e86\u5fae\u4fe1\u5c0f\u7a0b\u5e8f\u7684\u5305\uff08\u53ef\u4ee5\u901a\u8fc7\u6a21\u62df\u5668\u767b\u5f55\u5fae\u4fe1\u6765\u6293\u5305\u6216\u8005\u6362\u7528Charles\u3001Fidder\uff09\u3002<\/p>\n\n\n\n \u5982\u679c\u4e0d\u662f\u6293\u53d6WEB\u76f8\u5173\u534f\u8bae\u6570\u636e\u5305\uff0c\u5219Charles\u3001Fidder\u3001Burpsuite\u5219\u6ca1\u6709\u7528\uff0c\u5e94\u6539\u7528WireShark\uff08WIN or Linux\uff09or \u79d1\u6765\u7f51\u7edc\u5206\u6790\u7cfb\u7edf\uff08Windows\uff09or TCPDump\uff08Linux\uff09\u8fdb\u884c\u5168\u5c40\u534f\u8bae\u6293\u5305\u3002<\/strong><\/p>\n\n\n\n \u6709\u4e9bAPP\u4e0d\u8d70WEB\u534f\u8bae\uff0cBurpsuite\u7b49\u8f6f\u4ef6\u6293\u4e0d\u4e86\u3002<\/p>\n\n\n\n \u901a\u8fc7WPE\u6216\u8005\u5176\u5b83\u7684\u5c01\u5305\u76d1\u542c\u5de5\u5177\u53ef\u4ee5\u6293\u53d6\u5e94\u7528\u4e2d\u64cd\u4f5c\u7684\u6570\u636e\u5305\uff0c\u4ece\u800c\u5224\u65ad\u4e0e\u8be5\u529f\u80fd\u6216\u7a0b\u5e8f\u76f8\u5173\u7684IP\u3001\u7aef\u53e3\u3002<\/p>\n\n\n\n PS.\u8fd9\u4e00\u5757\u7684\u5b66\u4e60\u662f\u7ed3\u5408\u81ea\u5df1\u5e73\u65f6\u505a\u6e17\u900f\u6d4b\u8bd5\u7684\u7ecf\u9a8c\u6765\u5b66\uff0c\u5373\u4ece\u62ff\u5230\u4e00\u4e2a\u76ee\u6807\u57df\u540d\u5f00\u59cb\u4ea7\u751f\u6e17\u900f\u7684\u76ee\u6807\u548c\u601d\u8def\u3002<\/p>\n\n\n\n \u5355\u4e2a\u7f51\u7ad9<\/strong>\u53ea\u6709\u4e00\u4e2a\u7a0b\u5e8f<\/strong>\uff0c\u5219\u5bf9\u8be5\u7a0b\u5e8f\u8fdb\u884c\u6d4b\u8bd5\uff08\u82e5\u4e3a\u9759\u6001\u7f51\u9875<\/strong>\uff0c\u4e00\u822c\u4e0d\u5b58\u5728<\/strong>\u6f0f\u6d1e\uff0c\u6709\u529f\u80fd\u624d\u6709\u6f0f\u6d1e<\/strong>\uff09\u3002<\/p>\n\n\n\n \u5355\u4e2a\u7f51\u7ad9<\/strong>\u53ef\u80fd\u5b58\u5728\u591a\u4e2a\u76ee\u5f55<\/strong>\uff0c\u6bcf\u4e2a\u76ee\u5f55\u5bf9\u5e94\u4e00\u4e2a\u7a0b\u5e8f\u3002\u5206\u522b\u5bf9\u5404\u4e2a\u76ee\u5f55\u8fdb\u884c\u6d4b\u8bd5\u3002<\/p>\n\n\n\n \u5355\u4e2a\u7f51\u7ad9<\/strong>\u53ef\u80fd\u5b58\u5728\u591a\u4e2a\u7aef\u53e3<\/strong>\uff0c\u4e0d\u540c\u7aef\u53e3\u5bf9\u5e94\u4e0d\u540c\u7a0b\u5e8f\u3002<\/p>\n\n\n\n \u4e00\u4e2a\u670d\u52a1\u5668<\/strong>\u53ef\u4ee5\u8bbe\u7f6e\u591a\u4e2a\u57df\u540d\u89e3\u6790<\/strong>\uff0c\u4e0d\u540c\u57df\u540d<\/strong>\u7ecf\u8fc7DNS\u89e3\u6790\u53ef\u4ee5\u6307\u5411\u540c\u4e00\u4e2aip<\/strong>\u3002\u901a\u8fc7FOFA\u641c\u7d22\u5f15\u64ce<\/strong>\uff08https:\/\/en.fofa.info\/<\/a>\uff09\u53ef\u4ee5\u641c\u7d22\u4e00\u4e2aip\u4e0b\u5b58\u5728\u7684\u591a\u4e2a\u7ad9\u70b9\u6216\u5b50\u57df\u540d\uff0c\u4e5f\u53ef\u4ee5\u641c\u7d22\u51fa\u4e00\u4e2a\u57df\u540d\u76f8\u5173\u7684\u5b50\u57df\u540d\u3001\u540c\u4e00\u670d\u52a1\u5668\u4e0b\u7684\u5176\u5b83\u57df\u540d\u3002\u786e\u8ba4\u6240\u6709\u7ad9\u70b9\u540e\u5206\u522b\u8fdb\u884c\u6d4b\u8bd5\u3002\uff08\u5173\u4e8efofa\u5f15\u64ce\u7684\u7528\u6cd5\u53ef\u4ee5\u53e6\u5916\u67e5\u627e\u5b66\u4e60\uff09<\/strong><\/p>\n\n\n\n WEB\u6e90\u7801\u63d2\u4ef6\uff1aWEB\u6e90\u7801\u4e2d\u542b\u6709\u7684\u63d2\u4ef6\u3002<\/p>\n\n\n\n WEB\u5e94\u7528\u63d2\u4ef6\uff1a\u4f8b\u5982phpmyadmin\uff0c\u7528\u4e8e\u7ba1\u7406\u5458\u4fbf\u6377\u7ba1\u7406\u6570\u636e\u5e93\uff0c\u4f46\u4e5f\u65b9\u4fbf\u4e86\u653b\u51fb\u8005\u653b\u51fb\u6570\u636e\u5e93\u3002<\/p>\n\n\n\n \u670d\u52a1\u5668\u5e94\u7528\uff1a\u4f8b\u5982SSH\u3001FTP\u53ef\u80fd\u5b58\u5728\u5f31\u5bc6\u7801\u6216\u793e\u5de5\u3002<\/p>\n\n\n\n \u901a\u8fc7\u7ad9\u957f\u4e4b\u5bb6<\/strong>\uff08https:\/\/tool.chinaz.com\/<\/a>\uff09\u7b49\u5de5\u5177\u67e5\u8be2\u57df\u540d\u5bf9\u5e94\u7684\u670d\u52a1\u5546\uff08\u5982\u963f\u91cc\u4e91\uff09\u548c\u5176\u4ed6\u76f8\u5173\u7684\u7f51\u7ad9\u62a5\u5907\u4fe1\u606f\uff0c\u901a\u8fc7\u7206\u7834\u6216\u793e\u5de5\u7b49\u65b9\u5f0f\u8fdb\u5165\u57df\u540d\u7ba1\u7406\u5e73\u53f0 \uff08\u963f\u91cc\u4e91\u5e73\u53f0\uff09\u4ece\u800c\u63a7\u5236\u7f51\u7ad9\u3002 <\/p>\n\n\n\n \u5229\u7528\u670d\u52a1\u5668\u672c\u8eab\u5b58\u5728\u7684\u7cfb\u7edf\u7248\u672c\u6f0f\u6d1e\u63a7\u5236\u670d\u52a1\u5668\uff0c\u4ece\u800c\u63a7\u5236\u7f51\u7ad9\u3002<\/p>\n\n\n\n \u67e5\u627e\u670d\u52a1\u5668\u7684\u8d2d\u7f6e\u5e73\u53f0\uff0c\u901a\u8fc7\u7206\u7834\u6216\u793e\u5de5\u7b49\u65b9\u5f0f\u8fdb\u5165\u670d\u52a1\u5668\u7ba1\u7406\u5e73\u53f0 \uff08\u963f\u91cc\u4e91\u5e73\u53f0\uff09\u4ece\u800c\u63a7\u5236\u7f51\u7ad9\u3002 <\/p>\n\n\n\n \u641c\u96c6\u7f51\u7ad9\u7ad9\u4e3b\u6216\u7ba1\u7406\u5458\u7684\u4e2a\u4eba\u4fe1\u606f<\/strong>\uff0c\u901a\u8fc7\u793e\u5de5\u65b9\u5f0f\u6216\u5f31\u5bc6\u7801\u83b7\u53d6\u7f51\u7ad9\u7684\u63a7\u5236\u53f0\u3002<\/p>\n\n\n\n \u7f51\u7ad9<\/strong>\u548c\u6570\u636e\u5e93<\/strong>\u653e\u7f6e\u5728\u4e0d\u540c\u7684\u670d\u52a1\u5668\u3002\u82e5\u6570\u636e\u5e93\u8bbe\u7f6e\u4ec5\u7f51\u7ad9\u670d\u52a1\u5668\u53ef\u4ee5\u8bbf\u95ee\uff0c\u5219\u65e0\u6cd5\u76f4\u63a5\u8bbf\u95ee\u548c\u6d4b\u8bd5\u6570\u636e\u5e93\u3002<\/p>\n\n\n\n \u8bbf\u95ee\u5230\u7684\u7f51\u9875\u6e90\u81ea\u4e8e\u9644\u8fd1\u7684CDN\u8282\u70b9\u7684\u7f13\u5b58\uff0c\u6ca1\u6709\u627e\u5230\u771f\u5b9e\u7684\u670d\u52a1\u5668ip\u5730\u5740\u3002\u9700\u8981\u8d8a\u8fc7CDN\u83b7\u53d6\u670d\u52a1\u5668ip\u3002<\/p>\n\n\n\n \u7528\u591a\u53f0\u670d\u52a1\u5668\u8d1f\u8d23\u4e00\u4e2a\u7ad9\u70b9\u7684\u670d\u52a1\uff0c\u9632\u6b62\u8d1f\u8f7d\u8fc7\u5927\u3002\u5373\u4f7f\u653b\u51fb\u6210\u529f\u540e\u4e5f\u53ef\u80fd\u53ea\u62ff\u5230\u4e86\u5907\u7528\u670d\u52a1\u5668\uff0c\u6ca1\u6709\u627e\u5230\u76ee\u6807\u673a\u5668\u53ca\u76ee\u6807\u6570\u636e\u3002<\/p>\n\n\n\n \u963b\u6b62SQL\u6ce8\u5165\u3001XSS\u3001\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u7b49\u9488\u5bf9\u7f51\u7ad9<\/strong>\u7684\u653b\u51fb\u3002<\/p>\n\n\n\n \u963b\u6b62\u6728\u9a6c\u8fde\u63a5\u3001\u975e\u6cd5\u8bbf\u95ee\u3001\u540e\u6e17\u900f\u7b49\u9488\u5bf9\u670d\u52a1\u5668<\/strong>\u7684\u653b\u51fb\u3002<\/p>\n\n\n\n \u6280\u672f\u6982\u8981\uff1aCMS\u8bc6\u522b\uff0c\u7aef\u53e3\u626b\u63cf\uff0cCDN\u7ed5\u8fc7\uff0c\u6e90\u7801\u83b7\u53d6\uff0c\u5b50\u57df\u540d\u67e5\u8be2\uff0cWAF\u8bc6\u522b\uff0c\u8d1f\u8f7d\u5747\u8861\u8bc6\u522b<\/p>\n\n\n\n \u7ebf\u4e0a\u5de5\u5177\u96c6\uff1a http:\/\/cool<\/a>af.com<\/a> \u5f04\u6e05\u695aWEB\u67b6\u6784\u7684\u7c7b\u578b<\/strong>\u548c\u7248\u672c<\/strong>\u540e\u5c31\u53ef\u4ee5\u641c\u7d22\u3001\u5229\u7528\u5df2\u77e5\u7248\u672c\u6f0f\u6d1e\uff08\u82e5\u5b58\u5728\uff09<\/strong>\u6216\u8005\u5bf9\u6e90\u7801<\/strong>\u8fdb\u884c\u4ee3\u7801\u5ba1\u8ba1\uff08\u8f83\u56f0\u96be\uff09<\/strong>\u3002<\/p>\n\n\n\n \u5728\u4e92\u7ad9\u7f51\uff08http:\/\/huzhan<\/a>.com<\/a>\uff09\u53ef\u4ee5\u6839\u636e\u4fe1\u606f\u627e\u516c\u5f00\u552e\u5356\u7684\u6e90\u7801\u3002<\/p>\n\n\n\n PS.\u9047\u4e8b\u4e0d\u51b3dirsearch\u5f00\u626b\u3002<\/p>\n\n\n\n \u5229\u7528\u4e91\u6089\u6307\u7eb9\u8bc6\u522b\u5e73\u53f0\uff1ahttps:\/\/www.yunsee.cn\/<\/a><\/p>\n\n\n\n \u53ef\u80fd\u5b58\u5728\u5907\u4efd\u6587\u4ef6<\/strong>\u6ca1\u6709\u653e\u5728\u7f51\u7ad9\u76ee\u5f55\u66f4\u9ad8\u7ea7\u5904\uff0c\u800c\u662f\u76f4\u63a5\u653e\u5728\u4e86\u7f51\u7ad9\u76ee\u5f55\u4e2d\u5bfc\u81f4\u4ed6\u4eba\u53ef\u4ee5\u76f4\u63a5\u8bbf\u95ee\u3002\u901a\u8fc7dirsearch\u7b49\u76ee\u5f55\u626b\u63cf\u5de5\u5177<\/strong>\u53ef\u4ee5\u626b\u4e00\u4e0b\u6709\u6ca1\u6709\u6cc4\u9732\u7684\u6587\u4ef6\u6216\u538b\u7f29\u5305\u3002<\/p>\n\n\n\n Git\u662f\u4e00\u4e2a\u5f00\u6e90\u5206\u5e03\u5f0f\u7248\u672c\u63a7\u5236\u7cfb\u7edf<\/strong>\uff0c\u6267\u884cgit init\u521d\u59cb\u5316\u76ee\u5f55\u7684\u65f6\u5019\u4f1a\u5728\u5f53\u524d\u76ee\u5f55\u4e0b\u521b\u5efa\u4e00\u4e2a.git\u76ee\u5f55\u7528\u4e8e\u8bb0\u5f55\u4ee3\u7801\u7684\u53d8\u66f4\u8bb0\u5f55\u3002\u53d1\u5e03\u4ee3\u7801\u65f6\u5982\u679c\u6ca1\u628a.git\u76ee\u5f55\u5220\u9664\u5c31\u76f4\u63a5\u53d1\u5e03\u5728\u670d\u52a1\u5668\u4e0a\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5b83\u6765\u6062\u590d\u6e90\u4ee3\u7801\u3002<\/p>\n\n\n\n \u53d1\u73b0\u7f51\u7ad9\u76ee\u5f55\u4e0b\u6709.git\u6587\u4ef6\u6cc4\u9732\u65f6\u7528\u5de5\u5177\u53ef\u80fd\u4ece\u4e2d\u83b7\u53d6\u7f51\u7ad9\u6e90\u7801\u3002<\/p>\n\n\n\n \u5229\u7528\u5de5\u5177-GitHack<\/strong>\uff1aht<\/a>tps:\/\/github.com\/lijiejie\/GitHack<\/a><\/p>\n\n\n\n \u7528\u6cd5\u793a\u4f8b\uff1a<\/strong><\/p>\n\n\n\n SVN\u662f\u4e00\u4e2a\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u7248\u672c\u63a7\u5236\u7cfb\u7edf\u3002\u4f7f\u7528SVN\u7ba1\u7406\u672c\u5730\u4ee3\u7801\u65f6\uff0c\u4f1a\u81ea\u52a8\u751f\u6210\u9690\u85cf\u6587\u4ef6\u5939.svn\uff0c\u5176\u4e2d\u5305\u542b\u6e90\u4ee3\u7801\u4fe1\u606f\u3002\u7f51\u7ad9\u7ba1\u7406\u5458\u5728\u53d1\u5e03\u4ee3\u7801\u65f6\uff0c\u82e5\u6ca1\u6709\u4f7f\u7528\u201c\u5bfc\u51fa\u201d\u529f\u80fd\uff0c\u800c\u662f\u76f4\u63a5\u590d\u5236\u4ee3\u7801\u6587\u4ef6\u5230\u670d\u52a1\u5668\u4e0a\uff0c\u4f1a\u4f7f.svn\u9690\u85cf\u6587\u4ef6\u5939\u66b4\u9732\u4e8e\u5916\u7f51\u73af\u5883\u3002\u5229\u7528\u2018.svn\/entries\u2019<\/strong>\u6587\u4ef6\u53ef\u4ee5\u83b7\u53d6\u5230\u670d\u52a1\u5668\u6e90\u7801\u3002<\/p>\n\n\n\n \u5229\u7528\u5de5\u5177-SvnHack<\/strong>\uff1ahttps:\/\/github,com\/cal<\/a>lmefeifei\/SvnHack <\/a><\/p>\n\n\n\n .DS_Store\u662fMac\u4e0bFinder\u7528\u6765\u4fdd\u5b58\u5982\u4f55\u5c55\u793a\u201c\u6587\u4ef6\/\u6587\u4ef6\u5939\u201d\u7684\u6570\u636e\u6587\u4ef6\uff0c\u6bcf\u4e2a\u6587\u4ef6\u5939\u4e0b\u5bf9\u5e94\u4e00\u4e2a\u3002\u82e5\u5c06.DS_Store\u90e8\u7f72\u5230\u670d\u52a1\u5668\uff0c\u53ef\u80fd\u9020\u6210\u6587\u4ef6\u76ee\u5f55\u7ed3\u6784\u6cc4\u9732\u3002<\/p>\n\n\n\n \u5229\u7528\u5de5\u5177-ds_store_exp<\/strong>\uff1ahttps:\/\/github.com\/liji<\/a>ejie\/ds_store_exp<\/a><\/p>\n\n\n\n swp\u5373swap\u6587\u4ef6\uff0c\u5728\u7f16\u8f91\u6587\u4ef6\u65f6\u4ea7\u751f\u7684\u4e34\u65f6\u9690\u85cf\u6587\u4ef6\uff0c\u5982\u679c\u7a0b\u5e8f\u6b63\u5e38\u9000\u51fa\u5219\u4f1a\u81ea\u52a8\u5220\u9664\uff0c\u82e5\u610f\u5916\u9000\u51fa\u5c31\u4f1a\u4fdd\u7559\uff0c\u6587\u4ef6\u540d\u4e3a.[filename].swp<\/p>\n\n\n\n \u76f4\u63a5\u8bbf\u95ee.swp\u6587\u4ef6\uff0c\u4e0b\u8f7d\u540e\u5220\u6389\u672b\u5c3e\u7684.swp<\/strong>\u5373\u53ef\u83b7\u5f97\u6e90\u7801\u3002<\/p>\n\n\n\n PHP\u73af\u5883\u7528\u4e8e\u8bb0\u5f55\u7f51\u7ad9\u6846\u67b6\u7684\u914d\u7f6e\u6587\u4ef6\uff0c\u82e5\u5b58\u5728\u5219\u76f4\u63a5\u8bbf\u95ee\/compser.json<\/strong>\u53ef\u4ee5\u83b7\u53d6\u4e00\u4e9b\u7f51\u7ad9\u6846\u67b6\u4fe1\u606f\u548cCMS\u4fe1\u606f\u3002<\/p>\n\n\n\n \u6839\u636e\u7f51\u7ad9\u7528\u6237\u4fe1\u606f\uff0c\u5728github\u4e0a\u641c\u7d22\u76f8\u5173\u8d26\u53f7\uff0c\u68c0\u67e5\u662f\u5426\u6709\u7f51\u7ad9\u6e90\u7801\u516c\u5f00\u3002<\/p>\n\n\n\n \u53ef\u4ee5\u7528\u811a\u672c\u5de5\u5177\u5bf9\u76ee\u6807Github\u8d26\u6237\u8fdb\u884c\u76d1\u63a7\uff0c\u4e00\u6709\u66f4\u65b0\u5c31\u80fd\u77e5\u9053\u3002<\/p>\n\n\n\n \u5173\u4e8e\u66f4\u8be6\u7ec6\u7684WEB\u6e90\u7801\u6cc4\u9732\u53ef\u53c2\u8003\uff1a \u67e5\u8be2\u7f51\u7ad9\u57df\u540d\u3001\u670d\u52a1\u5668\u7684\u63d0\u4f9b\u5546<\/strong>\uff1b\u67e5\u8be2\u7f51\u7edc\u67b6\u6784\uff0c\u5224\u65ad\u76ee\u6807\u670d\u52a1\u5668\u662f\u5916\u7f51<\/strong>\u670d\u52a1\u5668\u8fd8\u662f\u67b6\u8bbe\u5728\u5185\u7f51<\/strong>\u7684\u670d\u52a1\u5668\uff08\u5185\u7f51\u6620\u5c04<\/strong>\uff09\u3002<\/p>\n\n\n\n \u5229\u7528\u65c1\u6ce8<\/strong>\uff08\u540c\u670d\u52a1\u5668\u4e0b\u4e0d\u540cWEB\u5e94\u7528\u67e5\u8be2\u6280\u672f\uff09\u67e5\u627e\u7edf\u4e00IP\u670d\u52a1\u5668\u4e0b\u5b58\u5728\u7684\u5176\u4ed6\u7f51\u7ad9\uff08\u5373IP\u53cd\u67e5\uff09\u3002<\/p>\n\n\n\n \u7528\u5de5\u5177\u626b\u63cf\u76ee\u6807\u670d\u52a1\u5668\u7aef\u53e3<\/strong>\uff0c\u6536\u96c6\u76f8\u5173\u7684WEB\u5e94\u7528\u4fe1\u606f\uff08\u5bf9\u5e94\u7684\u534f\u8bae\u670d\u52a1\uff09\u5e76\u67e5\u8be2\u76f8\u5173\u53ef\u5229\u7528\u7684\u6f0f\u6d1e\u3002<\/p>\n\n\n\n \u626b\u63cf\u670d\u52a1\u5668\u6240\u5904\u7f51\u6bb5\u4fe1\u606f\uff0c\u628aC\u7f51\u6bb5\u4e2d\u5176\u4f59\u5b58\u6d3b\u4e3b\u673a<\/strong>\uff081-255\uff09\u5217\u4e3a\u5907\u7528\u76ee\u6807\u3002\u82e5\u76ee\u6807\u670d\u52a1\u5668\u627e\u4e0d\u5230\u5229\u7528\u70b9\uff0c\u53ef\u4ee5\u5c1d\u8bd5\u593a\u53d6\u5185\u7f51\u4e2d\u5176\u4ed6\u4e3b\u673a<\/strong>\uff0c\u7136\u540e\u8fdb\u884c\u6a2a\u5411\u79fb\u52a8\u3001\u5185\u7f51\u6e17\u900f\u3002<\/p>\n\n\n\n CDN\u8bc6\u522b<\/strong>\uff1a\u5229\u7528ping\u5de5\u5177\uff08\u7ad9\u957f\u4e4b\u5bb6\uff09\u68c0\u67e5\u662f\u5426\u5b58\u5728\u591a\u4e2a\u54cd\u5e94ip\u4ece\u800c\u5224\u65ad\u662f\u5426\u5b58\u5728CDN\u3002<\/p>\n\n\n\n WAF\u8bc6\u522b<\/strong>\uff1a1.\u901a\u8fc7\u56fe\u7247\u8bc6\u522bWAF\uff1b2.\u5229\u7528\u5de5\u5177\u8bc6\u522bWAF\uff08\u4e0d\u4e00\u5b9a\u80fd\u8bc6\u522b\u5230\u81ea\u884c\u5f00\u53d1\u7684WAF\uff09\u3002<\/p>\n\n\n\n WAF\u8bc6\u522b\u5de5\u5177-wafw00f\uff08WEB\u5e94\u7528\u9632\u706b\u5899\u8bc6\u522b\uff09\uff1ahttps:\/\/github.com\/EnableSecurity\/wa<\/a>fw00f<\/a><\/p>\n\n\n\n \u4e5f\u53ef\u4f7f\u7528Kali\u81ea\u5e26\u5de5\u5177\u5982Nmap\uff08\u8f83\u6162\uff09\u3001Masscan<\/a>\uff08\u8f83\u5feb\uff09\u3001lbd\uff08loading balance dective\u8d1f\u8f7d\u5747\u8861\u68c0\u6d4b\uff09\u3002<\/p>\n\n\n\n \u670d\u52a1\u5668\u9632\u706b\u5899\u8bc6\u522b\u4e00\u822c\u7528\u5728\u5185\u7f51\u8bc6\u522b\u3002<\/p>\n\n\n\n PS.\u811a\u672c\u5de5\u5177\u6240\u5f97\u7684IP\u90fd\u6709\u53ef\u80fd\u662f\u5047\u7684\u771f\u5b9eIP\u3002<\/p>\n\n\n\n \u7f51\u7ad9\u53ef\u80fd\u6cc4\u9732\u51faphpinfo\u6587\u4ef6\uff0c\u901a\u8fc7\u8bbf\u95eephpinfo\u4f1a\u63a5\u5230\u670d\u52a1\u5668\u7684\u6b63\u5411\u8fde\u63a5\uff0c\u4ece\u800c\u5728phpinfo\u754c\u9762\u5f97\u5230\u670d\u52a1\u5668\u771f\u5b9eip\u3002<\/p>\n\n\n\n SSRF\u6f0f\u6d1e\uff1a\u901a\u8fc7SSRF\u6f0f\u6d1e\uff08\u82e5\u5b58\u5728\uff09\u4f7f\u76ee\u6807\u670d\u52a1\u5668\u53cd\u5411\u8fde\u63a5\u5230\u653b\u51fb\u673a\u7684\u6307\u5b9a\u7aef\u53e3\uff08\u8fde\u63a5\u5230\u653b\u51fb\u673a\u7684WEB\u670d\u52a1\uff09\uff0c\u653b\u51fb\u673a\u76d1\u542c\u6307\u5b9a\u7aef\u53e3\uff08\u653b\u51fb\u673a\u5728\u6307\u5b9a\u7aef\u53e3\u5f00\u8bbe\u4e00\u4e2aWEB\u670d\u52a1\uff0c\u4f8b\u5982http\u670d\u52a1\uff09\u4ece\u800c\u5f97\u5230\u76ee\u6807\u670d\u52a1\u5668\u7684\u771f\u5b9eIP\uff08\u539f\u7406\u7c7b\u4f3c\u53cd\u5f39shell\uff09\u3002<\/p>\n\n\n\n \u90e8\u5206\u7f51\u7ad9\u53ef\u80fd\u53ea\u7ed9\u4e3b\u57df\u540d\u914d\u7f6e\u4e86CDN\uff0c\u5176\u5b50\u57df\u540d\u53ef\u80fd\u6ca1\u6709CDN\uff0c\u800c\u5b50\u57df\u540d\u53ef\u80fd\u548c\u4e3b\u57df\u540d\u89e3\u6790\u5230\u540c\u4e00\u4e2a\u4e3b\u673a\u3002\u6240\u4ee5\u67e5\u8be2\u5b50\u57df\u540d\u7684\u5730\u5740\u53ef\u80fd\u5f97\u5230\u76ee\u6807\u7f51\u7ad9\u7684\u771f\u5b9eIP\u3002<\/p>\n\n\n\n \u90e8\u5206\u7f51\u7ad9\u53ef\u80fd\u53ea\u7ed9\u57df\u540d\u914d\u7f6e\u4e86\u56fd\u5185CDN\uff0c\u53ea\u6709\u56fd\u5185\u4e3b\u673a\u8bbf\u95ee\u7f51\u7ad9\u65f6\u4f1a\u4f7f\u7528CDN\u3002\u5229\u7528\u56fd\u5916\u4e3b\u673a\u8fdb\u884cping\u68c0\u6d4b\u53ef\u80fd\u76f4\u63a5\u5f97\u5230\u771f\u5b9eIP\u3002\u5728\u7ebf\u5de5\u5177\uff1ahttps:\/\/tools.ipip.net\/cdn.php<\/a><\/p>\n\n\n\n \u90e8\u5206\u7f51\u7ad9\u53ef\u80fd\u6ca1\u6709\u7ed9\u90ae\u4ef6\u670d\u52a1\u5668\u914d\u7f6eCDN\u3002\u53ef\u4ee5\u901a\u8fc7\u8ba9\u670d\u52a1\u5668\u53d1\u9001\u90ae\u4ef6\u7ed9\u81ea\u5df1\u4ece\u800c\u5f97\u5230\u771f\u5b9eIP\uff08\u5927\u6982\u7387\uff09\uff1b\u7136\u540e\u914d\u5408\u7f51\u7ad9\u7684\u5907\u6848\u4fe1\u606f\uff08\u5982\u5907\u6848\u673a\u5173\u6240\u5728\u5730\uff09\uff0c\u6bd4\u5bf9\u4e24\u8005\u7684\u4fe1\u606f\u8fdb\u4e00\u6b65\u786e\u8ba4IP\u7684\u771f\u5b9e\u6027\u3002<\/p>\n\n\n\n \u5229\u7528\u5728\u7ebf\u5de5\u5177\uff08https:\/\/get-site-ip.com\uff09<\/a> \u67e5\u627e\u76ee\u6807\u7f51\u7ad9\u7684\u771f\u5b9eIP\uff08\u6709\u6982\u7387\u9519\u8bef\uff09\u3002<\/p>\n\n\n\n \u5229\u7528\u5728\u7ebf\u5de5\u5177FuckCDN\uff08https:\/\/github.com\/Tai7sy\/fuckcdn<\/a>\uff09\u914d\u7f6e\u5173\u952e\u8bcd\u3001\u8981\u626b\u63cf\u7684\u4e3b\u673a\u6216\u7f51\u6bb5\uff0c\u68c0\u6d4b\u53ef\u80fd\u85cf\u5728\u5176\u4e2d\u7684\u771f\u5b9eIP\u3002<\/p>\n\n\n\n \u901a\u8fc7\u914d\u7f6eWindows\u7684hosts\u6587\u4ef6\uff08 C:\\Windows\\System32\\drivers\\etc \uff09\u6216Linux\u4e0b\u7684hosts\u6587\u4ef6\uff08\/etc\/hosts\uff09\uff0c\u6dfb\u52a0\u5bf9\u76ee\u6807\u7f51\u7ad9\u57df\u540d\u7684\u89e3\u6790\uff0c\u4f7f\u5176\u57df\u540d\u89e3\u6790\u6307\u5411\u4e4b\u524d\u624b\u6bb5\u5f97\u5230\u7684\u771f\u5b9eIP\u4ece\u800c\u907f\u5f00CDN\u3002<\/p>\n\n\n\n ps.\u5982\u4ecaASP\u5df2\u7ecf\u9010\u6e10\u6de1\u51fa\u5b89\u5168\u89c6\u91ce\uff0c\u7528\u5904\u8f83\u5c11\u3002<\/p>\n\n\n\n ASP\u5e38\u89c1\u670d\u52a1\u5668\u642d\u5efa\u7ec4\u5408\uff1aWindows(\u7cfb\u7edf)&IIS(\u4e2d\u95f4\u4ef6)&ASP(\u8bed\u8a00)&Access(\u6570\u636e\u5e93)\uff1b\u4e3b\u8981\u4eceIIS&ASP\u5165\u624b\u3002<\/p>\n\n\n\n Access\u6570\u636e\u5e93<\/strong>\u4e00\u822c\u540e\u7f00\u540d\u4e3aasp\u3001asa\u3001mdb<\/strong>\uff0c\u5176\u4e2dmdb\u6587\u4ef6\u53ef\u88ab\u4e0b\u8f7d<\/strong>\u3002mdb\u6587\u4ef6\u653e\u5728\u7f51\u7ad9\u76ee\u5f55\u4e0b\u3002\u82e5\u914d\u7f6e\u7f51\u7ad9\u65f6\u6ca1\u6709\u4fee\u6539\u9ed8\u8ba4\u6570\u636e\u5e93\u8def\u5f84\u3001\u6587\u4ef6\u540d\uff0c\u5219\u53ef\u4ee5\u901a\u8fc7\u9ed8\u8ba4\u8def\u5f84\u4e0b\u8f7d\u6570\u636e\u5e93\u6587\u4ef6\u3002\u4f8b\u5982\uff1a\u8bbf\u95ee192.168.46.160\/database\/powereasy2006.db\uff0c\u83b7\u53d6\u5230\u6570\u636e\u5e93\u6587\u4ef6\u3002\u4e5f\u53ef\u4ee5\u901a\u8fc7\u67e5\u770b\u76f8\u5173\u6e90\u7801\u4e86\u89e3\u5176\u4ed6\u6587\u4ef6\u7684\u9ed8\u8ba4\u8def\u5f84\u3002<\/p>\n\n\n\n asp\u3001asa\u6587\u4ef6\u9ed8\u8ba4\u8bbe\u7f6e\u8c03\u7528asp.dll\u6587\u4ef6\u8fdb\u884c\u89e3\u6790\uff0c\u800cmdb\u6587\u4ef6\u6ca1\u6709\u8bbe\u7f6e\u9ed8\u8ba4\u89e3\u6790\u6587\u4ef6\uff0c\u56e0\u6b64\u53ef\u4ee5\u901a\u8fc7\u8bbf\u95ee\u76f4\u63a5\u4e0b\u8f7dmdb\u6587\u4ef6\u3002<\/p>\n\n\n\n ASP\u4e00\u822c\u642d\u914dAccess\u6570\u636e\u5e93\u4f7f\u7528\uff0c\u6240\u4ee5\u6709\u53ef\u80fd\u5b58\u5728\u76f8\u5173\u6f0f\u6d1e\u3002<\/p>\n\n\n\n \u82e5\u6570\u636e\u5e93\u6587\u4ef6\u4e3aasp\uff08\u672c\u8d28\u662f\u6570\u636e\u5e93\u6587\u4ef6\uff0c\u6539\u4e3amdb\u540e\u7f00\u5373\u53ef\u67e5\u770b\u5185\u5bb9\uff09\uff0c\u53ef\u4ee5\u5c1d\u8bd5\u5f80\u6570\u636e\u5e93\u5199\u5165\u540e\u95e8\u4ee3\u7801\uff08\u4f8b\u5982\u7559\u8a00\u677f-\u5982\u679c\u53ef\u4ee5\u7684\u8bdd\uff09\uff0c\u5176\u4e2d\u540e\u95e8\u4ee3\u7801\u53ef\u80fd\u9700\u5148\u7ecf\u8fc7\u89e3\u6790\u7f16\u7801\u3002<\/p>\n\n\n\n IIS\u77ed\u6587\u4ef6\u540d\u6f0f\u6d1e\u5b9e\u9645\u662f\u7531HTTP\u8bf7\u6c42\u4e2d\u65e7DOS 8.3\u540d\u79f0\u7ea6\u5b9a\uff08SFN\uff09\u7684\u4ee3\u5b57\u7b26\uff08\u301c\uff09\u6ce2\u6d6a\u53f7\u5f15\u8d77\u7684\u3002\u5b83\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5728Web\u6839\u76ee\u5f55\u4e0b\u516c\u5f00\u6587\u4ef6\u548c\u6587\u4ef6\u5939\u540d\u79f0\uff08\u4e0d\u5e94\u8be5\u53ef\u88ab\u8bbf\u95ee\uff09\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u627e\u5230\u901a\u5e38\u65e0\u6cd5\u4ece\u5916\u90e8\u76f4\u63a5\u8bbf\u95ee\u7684\u91cd\u8981\u6587\u4ef6\uff0c\u5e76\u83b7\u53d6\u6709\u5173\u5e94\u7528\u7a0b\u5e8f\u57fa\u7840\u7ed3\u6784\u7684\u4fe1\u606f\u3002 <\/p>\n\n\n\n \u901a\u8fc7\u76f8\u5173\u6f0f\u6d1e\u5229\u7528\u5de5\u5177\u53ef\u4ee5\u5f97\u5230\u7f51\u7ad9\u540e\u53f0\u7ed3\u6784\uff0c\u6548\u679c\u548cdirsearch\u76ee\u5f55\u626b\u63cf\u5de5\u5177\u76f8\u4f3c\u4f46\u539f\u7406\u4e0d\u540c\u3002dirsearch\u662f\u5229\u7528\u5b57\u5178\u7206\u7834<\/strong>\uff0c\u800cIIS\u77ed\u6587\u4ef6\u540d\u6f0f\u6d1e\u662f\u5229\u7528IIS\u7684\u7279\u6027\u3002<\/p>\n\n\n\n \u4f46\u8fd9\u4e2a\u6f0f\u6d1e\u6709\u7f3a\u9677\uff1a\u53ea\u80fd\u83b7\u53d6\u6587\u4ef6\u540d\u7684\u524d\u516d\u4f4d\u5b57\u7b26<\/strong>\u3002<\/p>\n\n\n\n \u5177\u4f53\u5f71\u54cd\u7248\u672c\u548c\u5229\u7528\u5de5\u5177\u53ef\u81ea\u884c\u641c\u7d22\u3002<\/p>\n\n\n\n \u4e24\u79cd\u60c5\u51b5\uff1a<\/p>\n\n\n\n \u5728IIS-5.x&6.0<\/strong>\u4e0b\uff0c\u5bf9\u4e8e\u76ee\u5f55\u540d\u79f0\u4e3a\u201cxxx.asp\u201d\u76ee\u5f55\u4e0b\u7684\u4efb\u4f55\u5185\u5bb9<\/strong>\u5305\u62ec\u201cxxx.jpg\u201d\u56fe\u7247\u6587\u4ef6<\/strong>\u90fd\u4f1a\u88ab\u5f53\u4f5casp\u6587\u4ef6\u89e3\u6790<\/strong>\u3002\u6240\u4ee5\u82e5\u53ef\u4ee5\u63a7\u5236\u5728\u670d\u52a1\u5668\u4e0a\u521b\u5efa\u7684\u76ee\u5f55\u540d\u79f0\uff08\u6709\u4e9b\u7f51\u7ad9\u652f\u6301\u7528\u6237\u81ea\u5df1\u521b\u5efa\u76ee\u5f55\uff09\uff0c\u5373\u4f7f\u4e0a\u4f20\u7684\u662f\u56fe\u7247\u4e5f\u53ef\u4ee5\u5b9e\u73b0\u6728\u9a6c\u4e0a\u4f20\u3001\u540e\u95e8\u8fde\u63a5\u3002<\/p>\n\n\n\n IIS-6.0<\/strong>\u4e0b\u4f1a\u5c06\u201c1.asp;jpg\u201d\u5f53\u4f5casp\u6587\u4ef6\u89e3\u6790\u3002\u539f\u56e0\uff1a\u6587\u4ef6\u6269\u5c55\u540d\u4ee5\u6700\u540e\u4e00\u4e2a\u201c.\u201d\u540e\u9762\u5185\u5bb9\u4e3a\u4f9d\u636e\uff0c\u6240\u4ee5\u5728\u7f51\u7ad9\u8fc7\u6ee4\u7a0b\u5e8f\u4e2d\u88ab\u7406\u89e3\u4e3a\u56fe\u7247\u3002\u800c\u5728IIS\u4e2d\u4f1a\u8ba4\u4e3a\u5206\u53f7\u201c;\u201d\u5373\u662f\u7ed3\u5c3e\uff0c\u540e\u9762\u7684\u5185\u5bb9\u4f1a\u88ab\u622a\u65ad\u3002<\/p>\n\n\n\n .aspx\u662fASP.NET \u9875\u9762\u7684\u6269\u5c55\u540d\u3002\u5b83\u65e0\u975e\u662f\u5728\u9759\u6001HTML\u7f51\u9875\u91cc\u9762\u5d4c\u5165\u4e86\u52a8\u6001\u7684\u6307\u4ee4\uff08\u8fd9\u4e9b\u52a8\u6001\u6307\u4ee4\u662f\u7531\u5404\u79cd\u811a\u672c\u8bed\u8a00\u7f16\u5199\u7684\uff0c\u662f\u7531IIS\u670d\u52a1\u5668\u4e0a\u7684\u811a\u672c\u5f15\u64ce\u6765\u6267\u884c\u7684\uff09\u800c\u5df2\u3002\u5982\u679c\u6d4f\u89c8\u5668\u8bf7\u6c42\u67d0\u5f20 ASP.NET \u9875\u9762\uff0c\u90a3\u4e48\u5728\u628a\u7ed3\u679c\u53d1\u56de\u6d4f\u89c8\u5668\u4e4b\u524d\uff0c\u670d\u52a1\u5668\u9996\u5148\u4f1a\u5904\u7406\u9875\u9762\u4e2d\u7684\u53ef\u6267\u884c\u4ee3\u7801\uff08\u5373\uff0c\u811a\u672c\u8bed\u8a00\u4ee3\u7801 \uff09\u3002<\/p>\n\n\n\n .NET\u662f\u5fae\u8f6f\u5f00\u53d1\u7684\u8bed\u8a00\u6846\u67b6\uff0c\u901a\u5e38\u7528\u5728IIS\u4e0a\uff0c\u5173\u952e\u4ee3\u7801\u5c01\u88c5<\/strong>\u5230DLL\u6587\u4ef6\u4e2d\uff0c\u4fbf\u4e8e\u5728\u522b\u7684\u6587\u4ef6\u5f00\u53d1\u4e2d\u8fdb\u884c\u8c03\u7528\uff08\u7c7b\u4f3cjava\u4e2d\u7684jar\u5305\uff09\u3002 <\/p>\n\n\n\n \u53cd\u7f16\u8bd1\u5de5\u5177\uff1aILSpy<\/p>\n\n\n\n aspx\u6587\u4ef6\u4e0b\u7684Inherits<\/strong>\u6307\u660e\u4e86\u8c03\u7528\u7684DLL\u6587\u4ef6<\/strong>\u3002\u82e5aspx\u4e0b\u4ee3\u7801\u660e\u663e\u4e0d\u80fd\u6ee1\u8db3\u9875\u9762\u5448\u73b0\u51fa\u7684\u529f\u80fd\uff0c\u5219\u53ef\u4ee5\u5728DLL\u6587\u4ef6\u53cd\u7f16\u8bd1\u540e\u5bfb\u627e\u8c03\u7528\u7684DLL\uff0c\u8fdb\u884c\u4ee3\u7801\u5ba1\u8ba1\u3002<\/p>\n\n\n\n web.config<\/strong>\uff08\u7f51\u7ad9\u914d\u7f6e\u6587\u4ef6\uff09\u4e0b\u6709\u4e00\u4e2a\u914d\u7f6e\u9879<customErrors mode=”\u72b6\u6001”><\/strong>\u3002\u82e5\u72b6\u6001\u4e3aOff<\/strong>\uff0c\u5219\u5f53\u7f51\u7ad9\u51fa\u73b0\u62a5\u9519\u65f6\u5c06\u6309\u9ed8\u8ba4\u65b9\u5f0f<\/strong>\u62a5\u51fa\u9519\u8bef\u4fe1\u606f\uff08\u53ef\u80fd\u62a5\u51fa\u62a5\u9519\u7684\u6e90\u4ee3\u7801\u3001.NET\u7248\u672c\u3001\u6587\u4ef6\u81ea\u8eab\u8def\u5f84\uff09\uff1b\u82e5\u72b6\u6001\u4e3aOn<\/strong>\uff08\u62a5\u9519\u65b9\u5f0f\u7531\u5f00\u53d1\u8005\u81ea\u5b9a\u4e49\uff09\u5219\u6309\u5f00\u53d1\u8005\u81ea\u5b9a\u4e49<\/strong>\u7684\u65b9\u5f0f\u8fdb\u884c\u62a5\u9519\u5904\u7406\uff0c\u800c\u5f00\u53d1\u8005\u6ca1\u6709\u8fdb\u884c\u81ea\u5b9a\u4e49\u7684\u8bdd\u5c06\u4f1a\u62a5\u51fa\u6e90\u4ee3\u7801\u3001\u6587\u4ef6\u8def\u5f84\uff0c\u9020\u6210\u4fe1\u606f\u6cc4\u9732\uff0c\u5371\u5bb3\u4e0d\u5927<\/strong>\u3002<\/p>\n\n\n\n \u7f51\u7ad9\u5224\u65ad\u7528\u6237\u8eab\u4efd\u7684\u4e24\u4e2a\u601d\u8def\uff1a\uff08\u540e\u53f0\u672c\u8eab\u542b\u6709\u591a\u4e2a\u529f\u80fd\u6587\u4ef6\u9875\u9762\uff09<\/p>\n\n\n\n \u4e8e\u662f\u6709\u51e0\u4e2a\u5bfb\u627e\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u601d\u8def\uff1a\uff08\u767d\u76d2\u6d4b\u8bd5\uff09<\/strong><\/p>\n\n\n\n \u82e5\u662f\u5728\u9ed1\u76d2\u6d4b\u8bd5<\/strong>\u5219\u53ef\u4ee5\u901a\u8fc7\u5199\u811a\u672c\u5de5\u5177\u627e\u51fa\u2018\u9a8c\u8bc1\u4ee3\u7801\u6587\u4ef6\u2019\u4ee5\u53ca\u6ca1\u6709\u8c03\u7528\u2018\u9a8c\u8bc1\u4ee3\u7801\u6587\u4ef6\u2019\u7684\u6587\u4ef6\uff08\u4f8b\u5982\u901a\u8fc7\u5224\u65adInherits\u7684\u503c\uff09\u3002<\/p>\n\n\n\n =\uff1a\u8d4b\u503c<\/p>\n\n\n\n ==\uff1a\u5bf9\u6bd4\uff08\u5f31\u7c7b\u578b\u6bd4\u8f83\uff0c\u4e0d\u4f1a\u6bd4\u8f83\u7c7b\u578b<\/strong>\uff09\uff1b$a = 1\uff0c$b = 1ad\uff0c$a == $b\u6210\u7acb<\/p>\n\n\n\n ===\u5bf9\u6bd4\uff08\u4f1a\u6bd4\u8f83\u7c7b\u578b<\/strong>\uff09\uff1b<\/p>\n\n\n\n \u4e24\u79cd\u65b9\u6cd5\uff1a<\/p>\n\n\n\n 1.MD5(‘QNKCDZO’)=0e<\/strong>8304…..\uff1bMD5(‘240610708’)=0e<\/strong>4620….\uff1b\uff08MD5\u78b0\u649e\uff0c\u9650==\u5f31\u6bd4\u8f83\uff09\uff1b<\/p>\n\n\n\n 2.[url]\/?name[]=1&password[]=2\uff08\u6570\u7ec4\u7ed5\u8fc7\uff0c\u5f31\u3001\u5f3a\u6bd4\u8f83\u7686\u53ef\uff09MD5\u65e0\u6cd5\u5904\u7406\u6570\u7ec4\uff0c\u4f1a\u8fd4\u56deNULL\u503c\uff0cNULL == NULL\uff0cNULL === NULL\uff0c\u90fd\u6210\u7acb\u3002<\/p>\n\n\n\n intval( )\u7528\u4e8e\u83b7\u53d6\u53d8\u91cf\u7684\u6574\u6570\u503c\uff1aintval(4.2)=4\uff1b\u5176\u5b83\u8fdb\u5236\u4f1a\u9ed8\u8ba4\u8f6c\u4e3a\u5341\u8fdb\u5236\u3002<\/p>\n\n\n\n strpos( )\u7528\u4e8e\u67e5\u627ea\u5b57\u7b26\u5728b\u5b57\u7b26\u4e2d\u51fa\u73b0\u7684\u4f4d\u7f6e\uff1b\u82e5\u76ee\u6807\u6570\u503c\u4e3a666\u53ef\u6784\u9020?num=%0a666\u3002\uff08\u5229\u7528%0a\u6362\u884c\u7b26\u8fdb\u884c\u7ed5\u8fc7\uff09<\/p>\n\n\n\n \u4ece\u6570\u7ec4\u4e2d\u627e\u5339\u914d\u9879\uff0c\u53c2\u6570\u9009\u9879strict\uff08\u5173\u6ce8\u70b9\uff09\u4e3aTRUE\u5219\u4f1a\u6bd4\u8f83\u7c7b\u578b\u3002<\/p>\n\n\n\n \u6267\u884c\u6b63\u5219\u8868\u8fbe\u5f0f\uff0c\u7528\u4e8e\u5b57\u7b26\u4e32\u5339\u914d\uff1b<\/p>\n\n\n\n preg_match\u53ea\u80fd\u5904\u7406\u5b57\u7b26\u4e32\uff0c\u4e0d\u80fd\u5904\u7406\u6570\u7ec4<\/strong>\uff0c\u6240\u4ee5\u4e5f\u80fd\u6570\u7ec4\u7ed5\u8fc7<\/strong>\uff1a\u6784\u9020 ?num[]=1\u3002<\/p>\n\n\n\n \u6700\u7b80\u5355\u7684\u4e00\u4e2a\u8fc7\u6ee4\uff1a\u5339\u914d\u5230\u76ee\u6807\u5b57\u7b26\u5219\u66ff\u6362\u6210\u6307\u5b9a\u5b57\u7b26\uff1b<\/p>\n\n\n\n \u53cc\u5199\u7ed5\u8fc7\uff1a?sql=seselectlect * from ….\uff1b\u539f\u56e0\uff1astr_replace\u4e0d\u53ef\u8fed\u4ee3\u8fc7\u6ee4\uff0c\u53ea\u80fd\u8fc7\u6ee4\u4e00\u6b21\u3002<\/p>\n\n\n\n PS.\u5728JavaWeb\u6d4b\u8bd5\u4e2d\uff0c\u5927\u90e8\u5206\u5b89\u5168\u95ee\u9898\u9700\u8981\u4ece\u6e90\u7801\u4e2d\u5206\u6790\u5404\u79cd\u4f9d\u8d56\u548c\u8def\u5f84\uff0c\u56e0\u6b64\u9ed1\u76d2\u6d4b\u8bd5\u662f\u5f88\u56f0\u96be\u7684\u3002<\/p>\n\n\n\n\u6587\u4ef6\u4e0b\u8f7d<\/h3>\n\n\n\n
\u53cd\u5f39shell<\/h3>\n\n\n\n
\u7b2c\u4e8c\u5929\uff1aWEB\u5e94\u7528\u67b6\u6784&\u6f0f\u6d1e&HTTP<\/h2>\n\n\n\n
WEB\u5e94\u7528\u67b6\u6784 <\/h3>\n\n\n\n
\u5e38\u89c1WEB\u5e94\u7528\u5b89\u5168\u6f0f\u6d1e\u5206\u7c7b<\/h3>\n\n\n\n
HTTP\u6570\u636e\u5305<\/h3>\n\n\n\n
\u7b2c\u4e09\u5929\uff1a\u6293\u5305&\u5c01\u5305<\/h2>\n\n\n\n
\u57fa\u4e8e\u7f51\u7edc\u63a5\u53e3\u6293\u5305<\/h3>\n\n\n\n
\u57fa\u4e8eWEB\u5e94\u7528\u7ad9\u70b9\u6293\u5305<\/h3>\n\n\n\n
\u57fa\u4e8e\u6570\u636e\u534f\u8bae\u6293\u5305-HTTP\/S & TCP & UDP<\/h3>\n\n\n\n
\u57fa\u4e8e\u5e94\u7528\u5bf9\u8c61\u6293\u5305-APP & \u5c0f\u7a0b\u5e8f & PC_UI<\/h3>\n\n\n\n
\u57fa\u4e8e\u7cfb\u7edf\u4f7f\u7528\u6293\u5305-\u624b\u673a\u6a21\u62df\u5668 & Win & Linux<\/h3>\n\n\n\n
\u57fa\u4e8e\u5e94\u7528\u5bf9\u8c61\u5c01\u5305-WPE\u52a8\u4f5c\u6570\u636e\u5305\u91cd\u653e\u901a\u8baf<\/h3>\n\n\n\n
\u7b2c\u56db\u5929\uff1a\u8d44\u4ea7\u67b6\u6784&\u756a\u5916\u5b89\u5168&\u8003\u8651\u963b\u788d<\/h2>\n\n\n\n
\u8d44\u4ea7\u67b6\u6784\uff08\u9488\u5bf9\u76ee\u6807\u7f51\u7ad9\uff09<\/h3>\n\n\n\n
WEB\u5355\u4e2a\u6e90\u7801\u6307\u5411\u5b89\u5168<\/h4>\n\n\n\n
WEB\u591a\u4e2a\u76ee\u5f55\u6e90\u7801\u5b89\u5168<\/h4>\n\n\n\n
WEB\u591a\u4e2a\u7aef\u53e3\u6e90\u7801\u5b89\u5168<\/h4>\n\n\n\n
\u670d\u52a1\u5668\u67b6\u8bbe\u591a\u4e2a\u7ad9\u70b9\u5b89\u5168<\/h4>\n\n\n\n
\u67b6\u8bbe\u7b2c\u4e09\u65b9\u63d2\u4ef6\u63a5\u53e3\u5b89\u5168<\/h4>\n\n\n\n
\u670d\u52a1\u5668\u67b6\u8bbe\u591a\u4e2a\u5e94\u7528\u5b89\u5168<\/h4>\n\n\n\n
\u756a\u5916\u5b89\u5168\uff08\u9488\u5bf9\u7f51\u7ad9\u6240\u5728\u670d\u52a1\u5668\uff09<\/h3>\n\n\n\n
\u57fa\u4e8e\u57df\u540d\u89e3\u6790\u5b89\u5168<\/h4>\n\n\n\n
\u57fa\u4e8e\u670d\u52a1\u5668\u672c\u8eab\u5b89\u5168<\/h4>\n\n\n\n
\u57fa\u4e8e\u670d\u52a1\u5546\u4fe1\u606f\u5b89\u5168<\/h4>\n\n\n\n
\u57fa\u4e8e\u7ba1\u7406\u4e2a\u4eba\u7684\u5b89\u5168<\/h4>\n\n\n\n
\u8003\u8651\u963b\u788d<\/h3>\n\n\n\n
\u7ad9\u5e93\u5206\u79bb<\/h4>\n\n\n\n
CDN\u670d\u52a1<\/h4>\n\n\n\n
\u8d1f\u8f7d\u5747\u8861\u670d\u52a1<\/h4>\n\n\n\n
WAF\u5e94\u7528\u9632\u706b\u5899<\/h4>\n\n\n\n
\u4e3b\u673a\u9632\u62a4\u9632\u706b\u5899<\/h4>\n\n\n\n
\u7b2c\u4e94\u5929\uff1a\u4fe1\u606f\u6536\u96c6\uff08\u4e00\uff09<\/h2>\n\n\n\n
<\/p>\n\n\n\n\u4fe1\u606f\u6253\u70b9-WEB\u67b6\u6784\u7bc7<\/h3>\n\n\n\n
\n
\u4fe1\u606f\u6253\u70b9-\u8d44\u4ea7\u6cc4\u9732\u7bc7<\/h3>\n\n\n\n
CMS\u6307\u7eb9\u8bc6\u522b\u6e90\u7801\u83b7\u53d6<\/h4>\n\n\n\n
\u5907\u4efd\u6cc4\u9732<\/h4>\n\n\n\n
Git\u6cc4\u9732<\/h4>\n\n\n\n
GitHack.py http:\/\/www.openssl.org\/.git\/<\/code><\/pre>\n\n\n\nSVN\u6cc4\u9732<\/h4>\n\n\n\n
DS_Store\u6cc4\u9732<\/h4>\n\n\n\n
SWP\u6cc4\u9732<\/h4>\n\n\n\n
composer.json\u6587\u4ef6<\/h4>\n\n\n\n
GITHUB\u6cc4\u9732\uff08\u793e\u5de5\u601d\u8def\uff09<\/h4>\n\n\n\n
\u5176\u4ed6<\/h4>\n\n\n\n
\u5e38\u89c1\u7684Web\u6e90\u7801\u6cc4\u6f0f\u6f0f\u6d1e\u53ca\u5176\u5229\u7528 – SecPul<\/a>se.COM | \u5b89\u5168\u8109\u640f <\/a><\/p>\n\n\n\n\u7b2c\u516d\u5929\uff1a\u4fe1\u606f\u6536\u96c6\uff08\u4e8c\uff09<\/h2>\n\n\n\n
\u4fe1\u606f\u6253\u70b9-\u7cfb\u7edf\u7bc7<\/h3>\n\n\n\n
\u83b7\u53d6\u7f51\u7edc\u4fe1\u606f-\u670d\u52a1\u5382\u5546&\u7f51\u7edc\u67b6\u6784<\/h4>\n\n\n\n
\u83b7\u53d6\u670d\u52a1\u4fe1\u606f-\u5e94\u7528\u534f\u8bae&\u5185\u7f51\u8d44\u4ea7<\/h4>\n\n\n\n
\u83b7\u53d6\u963b\u788d\u4fe1\u606f-CDN&WAF&\u5747\u8861\u8d1f\u8f7d&\u9632\u706b\u5899<\/h4>\n\n\n\n
\u4fe1\u606f\u6253\u70b9-CDN\u7ed5\u8fc7\u7bc7<\/h3>\n\n\n\n
\u9057\u7559\u6587\u4ef6&\u6f0f\u6d1e\u5229\u7528<\/h4>\n\n\n\n
\u5b50\u57df\u540d\u67e5\u8be2<\/h4>\n\n\n\n
\u63a5\u53e3\u67e5\u8be2\u56fd\u5916\u8bbf\u95ee<\/h4>\n\n\n\n
\u4e3b\u52a8\u90ae\u4ef6\u914d\u5408\u5907\u6848<\/h4>\n\n\n\n
\u5728\u7ebf\u5de5\u5177\u67e5\u627e\u771f\u5b9eIP<\/h4>\n\n\n\n
\u5168\u7f51\u626b\u63cfFuckCDN<\/h4>\n\n\n\n
CDN\u7ed5\u8fc7<\/h4>\n\n\n\n
\u7b2c\u4e03\u5929\uff1aWEB\u653b\u9632\uff08\u4e00\uff09<\/h2>\n\n\n\n
WEB\u653b\u9632-ASP\u5b89\u5168<\/h3>\n\n\n\n
ASP-\u6570\u636e\u5e93-MDB\u9ed8\u8ba4\u4e0b\u8f7d<\/h4>\n\n\n\n
ASP-\u6570\u636e\u5e93-\u540e\u95e8\u8fde\u63a5<\/h4>\n\n\n\n
ASP-\u4e2d\u95f4\u4ef6-IIS\u77ed\u6587\u4ef6\u540d\u6f0f\u6d1e<\/h4>\n\n\n\n
ASP-\u4e2d\u95f4\u4ef6-IIS\u6587\u4ef6\u4e0a\u4f20\u89e3\u6790\u6f0f\u6d1e<\/h4>\n\n\n\n
\u6587\u4ef6\u5939\u89e3\u6790\u6f0f\u6d1e<\/h5>\n\n\n\n
\u5206\u53f7\u622a\u65ad\u6f0f\u6d1e<\/h5>\n\n\n\n
WEB\u653b\u9632-ASPX\u5b89\u5168(.NET)<\/h3>\n\n\n\n
.NET\u9879\u76ee-DLL\u6587\u4ef6\u53cd\u7f16\u8bd1\u6307\u5411<\/h4>\n\n\n\n
.NET\u9879\u76ee-\u914d\u7f6e\u8c03\u8bd5&\u4fe1\u606f\u6cc4\u9732<\/h4>\n\n\n\n
.NET\u9879\u76ee-\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e<\/h4>\n\n\n\n
\n
\n
\u7b2c\u516b\u5929\uff1aWEB\u653b\u9632\uff08\u4e8c\uff09<\/h2>\n\n\n\n
WEB\u653b\u9632-PHP\u5b89\u5168<\/h3>\n\n\n\n
\u8fc7\u6ee4\u51fd\u6570\u7f3a\u9677\u7ed5\u8fc7<\/h4>\n\n\n\n
==\u4e0e===<\/h5>\n\n\n\n
MD5<\/h5>\n\n\n\n
if($_GET['name'] != $_GET['password']){\n if(MD5($_GET['name']) == MD5($_GET['password'])){\n echo $flag;\n }\n echo 'Wrong';\n}<\/code><\/pre>\n\n\n\nintval<\/h5>\n\n\n\n
strpos<\/h5>\n\n\n\n
in_array<\/h5>\n\n\n\n
preg_match<\/h5>\n\n\n\n
if(isset($_GET['num'])){\n $num = $_GET['num'];\n if(preg_match(\"\/0-9]\/\",$num)){\n die(\"Wrong\");\n }\n if(intval($num)){\n echo flag;\n }\n}<\/code><\/pre>\n\n\n\nstr_replace<\/h5>\n\n\n\n
$sql = $_GET['s'];\n$sql = str_replace('select','',$sql);\necho $sql;<\/code><\/pre>\n\n\n\nWEB\u653b\u9632-JAVA\u5b89\u5168<\/h3>\n\n\n\n