Url
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Url as PDF for free.
More details
- Words: 1,543
- Pages: 6
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
URL ﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ ﻣﻘﺪﻣﻪ ﺩﺭ ﺑﻴﻦ ﺗﻤﺎﻣﻲ ﺗﻜﻨﻴﻜﻬﺎﻱ ﻫﻚ ،ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﻳﻜﻲ ﺍﺯ ﺯﻳﺒﺎﺗﺮﻳﻦ ﺗﻜﻨﻴﻚ ﻫﺎ ﻣﻲ ﺑﺎﺷﺪ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﻮﺭﺍﺕ ﺍﺟﺮﺍﻳﻲ ﺍﺯ ﻃﺮﻳﻖ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺣﻤﻼﺕ ﺧﺮﺍﺑﻜﺎﺭﺍﻧﻪ ﭘﺮ ﺍﺯ ﺭﻳﺰﻩ ﻛﺎﺭﻳﻬﺎﻱ ﻧﺎﺏ ﻭ ﺩﺭﺧﺸﺎﻥ ﺍﺳﺖ .ﺩﺭ ﻣﻘﺎﺑﻞ ﺗﻤﺎﻣﻲ ﺗﻜﻨﻴﻚ ﻫﺎﻱ ﭘﻴﭽﻴﺪﻩ ﻭ ﻣﺸﻜﻞ ﻫﻚ ،ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﺳﺎﺩﻩ ﻭ ﺟﺰﻳﻲ ﻣﻲ ﺑﺎﺷﺪ .ﺑﻪ ﻋﻨﻮﺍﻥ ﻳﻚ ﻣﺜﺎﻝ ﺳﺎﺩﻩ ﺁﻳﺎ ﺷﻤﺎ ﻣﻲ ﺩﺍﻧﻴﺪ ﻛﻪ ﻓﻘﻂ ﺑﺎ ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﻳﻚ “ ”%%ﻣﻲ ﺗﻮﺍﻥ ﺍﻣﻨﻴﺖ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭﺏ ﺷﻤﺎ ﺭﺍ ﺑﻪ ﺧﻄﺮ ﺍﻧﺪﺍﺧﺖ؟! ﻣﻲ ﺗﻮﺍﻥ ﺍﻳﻨﮕﻮﻧﻪ ﻓﺮﺽ ﻛﺮﺩ ﻛﻪ ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﻣﺎﻧﻨﺪ ﻳﻚ ﻋﻤﻞ ﺟﺮﺍﺣﻲ ﻛﻮﭼﻚ ﺍﺯ ﻃﺮﻳﻖ ﻓﻘﻂ ﻳﻚ ﺳﻮﺭﺍﺥ ﺭﻳﺰ ﻣﻲ ﺑﺎﺷﺪ .ﺩﺭ ﺍﺑﺘﺪﺍ ﺧﻴﻠﻲ ﻇﺮﻳﻒ ﻭ ﻛﻮﭼﻚ ﺍﺳﺖ ﻭﻟﻲ ﺩﺭ ﻋﻤﻖ ﻛﺎﺭ ﺟﺰﻭ ﻋﻤﻴﻖ ﺗﺮﻳﻦ ﻭ ﭘﻴﭽﻴﺪﻩ ﺗﺮﻳﻦ ﺳﻴﺴﺘﻢ ﻫﺎ ﻣﻲ ﺑﺎﺷﺪ. URLﺑﻌﻀﻲ ﻣﻮﺍﻗﻊ ﻓﻘﻂ ﺗﻨﻬﺎ ﺭﺍﻩ ﺍﺭﺗﺒﺎﻃﻲ ﺑﺎ ﺳﻴﺴﺘﻢ ﻫﺎﻱ ﺑﺰﺭﮒ ﻭ ﭘﻴﭽﻴﺪﻩ ﺍﻱ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺍﺭﺍﻱ ﺍﻣﻦ ﺗﺮﻳﻦ ﺩﻳﻮﺍﺭ ﻫﺎﻱ ﺁﺗﺶ ﻣﻲ ﺑﺎﺷﻨﺪ! ﺩﺭ ﺍﻳﻦ ﻣﻘﺎﻟﻪ ﻓﻘﻂ ﻗﺼﺪ ﺁﻥ ﺭﺍ ﺩﺍﺭﻡ ﻛﻪ ﺩﺭﺑﺎﺭﻩ URLﺑﺤﺚ ﻛﻨﻢ ﻭ ﺍﻳﻨﻜﻪ ﺑﻪ ﻃﻮﺭ ﻛﻠﻲ URLﭼﻴﺴﺖ ؟ ﻭ ﭼﮕﻮﻧﻪ ﺑﻪ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻛﻤﻚ ﻣﻲ ﻛﻨﺪ؟ ﻭ ﻳﺎ ﺑﺪ ﺑﻪ ﻛﺎﺭ ﺑﺮﺩﻥ ﺁﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﭼﻪ ﺧﺼﺎﺭﺗﻬﺎﻱ ﺑﻪ ﺳﻴﺴﺘﻢ ﻭﺍﺭﺩ ﺷﻮﺩ؟ ﺑﺎ ﻣﺜﺎﻟﻬﺎﻱ ﻇﺮﻳﻔﻲ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻣﺒﺤﺚ ﺯﺩﻩ ﻣﻲ ﺷﻮﺩ ﺗﻮﻟﻴﺪ ﻛﻨﻨﺪﮔﺎﻥ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻭﺏ ﻭ ﮔﺮﻭﻫﻬﺎﻱ ﻛﻪ ﺩﺭ ﺯﻣﻴﻨﻪ ﺗﻜﻨﻮﻟﻮﮊﻱ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭ ﻣﻲ ﻛﻨﻨﺪ ﺑﻪ ﺧﻄﺮﻱ ﻛﻪ ﺗﺎ ﺣﺪﻱ ﺁﻧﻬﺎ ﺭﺍ ﺗﻬﺪﻳﺪ ﻣﻲ ﻛﻨﺪ ﭘﻲ ﻣﻲ ﺑﺮﻧﺪ. ﺍﻛﺜﺮ ﺣﻤﻼﺕ ﻭﺏ ﺑﺴﻴﺎﺭ ﻇﺮﻳﻒ ﺍﺳﺖ .ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﺎ ﻗﺪﻣﻬﺎﻱ ﻛﻮﭼﻚ ﺷﺮﻭﻉ ﻣﻲ ﻛﻨﻨﺪ ﻣﺎﻧﻨﺪ ﺍﻳﻨﻜﻪ ﺳﺎﻳﺖ ﻭﺏ ﭼﮕﻮﻧﻪ ﻭ ﺑﺮﺍﻱ ﭼﻪ ﺳﺎﺧﺘﻪ ﺷﺪﻩ ﺍﺳﺖ .ﻫﺮ ﺗﺤﻘﻴﻖ ﻭ ﺟﺴﺘﺠﻮﻱ ﺑﻴﺸﺘﺮ ﺩﺭ ﺳﺎﻳﺖ ،ﻧﻔﻮﺫﮔﺮ ﺭﺍ ﺑﻪ ﻗﺴﻤﺘﻬﺎﻱ ﻋﻤﻴﻖ ﺗﺮ ﺩﺍﺧﻠﻲ ﻫﺪﺍﻳﺖ ﻣﻲ ﻛﻨﺪ .ﻇﺮﺍﻓﺖ ﺍﻳﻨﮕﻮﻧﻪ ﺣﻤﻼﺕ ﺑﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﻔﻮﺫﮔﺮ ﻓﻘﻂ ﺑﻪ ﻳﻚ ﺍﺑﺰﺍﺭ ﺍﺣﺘﻴﺎﺝ
ﺩﺍﺭﺩ :ﻳﻚ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ! ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺩﺭ ﺍﻳﻨﺠﺎ ﻗﺼﺪ ﺗﻮﺿﻴﺢ ﺁﻥ ﺭﺍ ﺩﺍﺭﻳﻢ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ: -
ﺳﺎﺧﺘﻤﺎﻥ URL
-
ﺭﻣﺰﮔﺬﺍﺭﻱ URL
-
ﻛﺪﻫﺎﻱ ﺍﺳﻜﻲ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﻫﮕﺰﺍ ﺩﺳﻴﻤﺎﻝ ﻭ ﻳﻮﻧﻲ ﻛﺪ
-
Meta-characterﻫﺎ ﻭ ﺗﺎﺛﻴﺮﺍﺕ ﺁﻧﻬﺎ ﺑﺮ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ
-
ﻓﺮﻣﻬﺎﻱ HTMLﻭ ﺍﺭﺟﺎﻉ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ
ﺩﺭ ﺍﻳﻨﺠﺎ ﻓﺮﺽ ﺑﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻋﺰﻳﺰ ﺑﺎ ﭘﺮﻭﺗﻜﻞ HTTPﻭ HTMLﺁﺷﻨﺎ ﻣﻲ ﺑﺎﺷﻨﺪ.
ﺳﺎﺧﺘﻤﺎﻥ URL
WWW.WebSecurityMgz.com
1
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ URLﺩﺭ ﺍﺻﻞ ﻣﻜﺎﻧﻴﺰﻣﻲ ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﻣﻨﺎﺑﻊ ﺍﻳﻨﺘﺮﻧﺖ ﺭﻭﻱ ﻭﺏ ﻭ ﻳﺎ ﺳﺮﻭﺭﻫﺎﻱ FTPﻫﺴﺘﻨﺪ ﻭ ﺷﺎﻣﻞ ﻻﻳﻪ ﭘﺮﻭﺗﻜﻞ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻣﻲ ﺑﺎﺷﻨﺪ ﻛﻪ ﻫﺮ ﻛﺪﺍﻡ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻳﻲ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﺳﺮﻭﺭ ﻭﺏ ﻣﻲ ﺳﺎﺯﻧﺪ. ﺍﻳﻦ ﺳﺎﺧﺘﻤﺎﻥ ﻋﻤﻮﻣﻲ ﻳﻚ URLﺍﺳﺖ:
Protocol://Server/Path/to/resource?parameter
Protocol ﭘﺮﻭﺗﻜﻞ ﻻﻳﻪ .Applicationﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﺍﺳﺘﻔﺎﺩﻩ URLﻫﺎ ﺩﺭ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻣﻨﺎﺑﻊ ﺍﺯ ﺳﺮﻭﺭﻫﺎﻱ ﻭﺏ ﻣﻲ ﺑﺎﺷﺪ ( HTTP Server ) .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﭘﺮﻭﺗﻜﻞ HTTPﻣﻲ ﺑﺎﺷﺪ ﻭ ﺑﻘﻴﻪ ﭘﺮﻭﺗﻜﻠﻬﺎ ﻣﺎﻧﻨﺪ ، https pop3 ، telnet ، ldap ، ftpﻭ ﻏﻴﺮﻩ ﺑﺴﺘﮕﻲ ﺑﻪ ﺁﻥ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﺮﻭﮔﺮ ﻭ ﻳﺎ ﺳﺮﻭﺭ ﭼﻪ ﭼﻴﺰﻱ ﺭﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲ ﻛﻨﺪ.
Server ﻧﺎﻡ ﺣﻮﺯﻩ ، DNSﻧﺎﻡ Netbiosﻳﺎ ﺁﺩﺭﺱ IPﻳﻚ ﻣﻴﺰﺑﺎﻥ ﻭ ﻳﺎ ﻳﻚ ﺷﺒﻜﻪ
Path/to/resource ﻣﺴﻴﺮ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ،ﺷﺎﻣﻞ ﻧﺎﻡ ﻣﻨﺎﺑﻌﻲ ﻛﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﻧﺪ ﻭ ﺍﻳﻦ ﻣﻨﺎﺑﻊ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﻳﻚ ﻓﺎﻳﻞ ﺍﻳﺴﺘﺎ ﺑﺎﺷﻨﺪ ﻭ ﻳﺎ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﭘﻮﻳﺎ ﺧﺮﻭﺟﻲ ﺭﺍ ﺗﻮﻟﻴﺪ ﻣﻲ ﻛﻨﻨﺪ.
Parameters ﺑﻪ ﺻﻮﺭﺕ ﻋﻤﻠﻲ ،ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﻫﻨﮕﺎﻣﻲ ﺑﻪ ﻳﻚ ﻣﻨﺒﻊ ﺍﺭﺟﺎﻉ ﺩﺍﺩﻩ ﻣﻲ ﺷﻮﻧﺪ ﻛﻪ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻳﺎ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﭘﻮﻳﺎ ﺧﺮﻭﺟﻲ ﺗﻮﻟﻴﺪ ﻛﻨﺪ. ﺷﻜﻞ ١ﺍﻧﻮﺍﻉ URLﺭﺍ ﻧﺸﺎﻥ ﻣﻲ ﺩﻫﺪ URL .ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺍﻟﻒ ﺧﻴﻠﻲ ﻭﺍﺿﺢ ﻭ ﺭﻭﺷﻦ ﺍﺳﺖ .ﻓﺎﻳﻞ Monalisa.htmlﻳﻚ ﺩﺭﺧﻮﺍﺳﺘﻲ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺍﺯ ﺳﺮﻭﺭﻱ ﺑﻪ ﻧﺎﻡ www.blueballoon.com ﺷﺪﻩ ﺍﺳﺖ .ﻣﻮﻗﻌﻴﺖ ﻓﺎﻳﻞ Monalsia.htmlﺩﺭ ﻭﺏ ﺳﺎﻳﺖ
www.blueballoon.comﻣﺴﻴﺮ
/pictures/davinchiﻣﻲ ﺑﺎﺷﺪ URL .ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺏ ﻣﺜﺎﻟﻲ ﺍﺯ ﻳﻚ ﭘﺮﻭﺗﻜﻞ ﺩﻳﮕﺮ ﻣﻲ ﺑﺎﺷﺪ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺑﺎﻋﺚ ﻣﻲ ﺷﻮﺩ ﻛﻪ ﻛﺎﺭﺑﺮ ﻳﻚ ﺍﺭﺗﺒﺎﻁ FTPﺑﺮﺍﻱ ﻳﻚ ﻛﺎﺭﺑﺮ anonymousﺑﺎ ﺳﺮﻭﺭ www.blueballoon.comﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ ﻭ ﻓﺎﻳﻞ img_viewer.exeﺭﺍ ﺍﺯ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ /pub/ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ. URLﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -٢ﺝ ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﺩﺭﺧﻮﺍﺳﺘﻲ ﺭﺍ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ View.aspﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ Newsﻗﺮﺍﺭ ﺩﺍﺭﺩ .ﻳﻚ ﭘﺎﺭﺍﻣﺘﺮ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﺍﺭﺟﺎﻉ ﻣﻲ ﺷﻮﺩ ID .ﻛﻪ ﻣﺤﺘﻮﻱ ﻳﻚ ﺭﻗﻢ 820620ﻣﻲ ﺑﺎﺷﺪ.
http:// www.blueballoon.com/pictures/davinchi/monalisa.html ﻣﺴﻴﺮ ﻓﺎﻳﻠﻲ ﻛﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﺳﺖ
Server Name
Protocol
ﺍﻟﻒ ftp:// 192.168.17.33/pub/img_viewer.exe ﻣﺴﻴﺮ ﻓﺎﻳﻞ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ
ﻧﺎﻡ ﺳﺮﻭﺭ
Protocol
ﺏ http:// www.ITIran.com/News/View.asp?ID=820620 ﭘﺎﺭﺍﻣﺘﺮ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﺑﻪ ﺑﺮﻧﺎﻣﻪ
ﻣﺴﻴﺮ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ
View.aspﻛﺎﺭﺑﺮﺩﻱ
ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ
WWW.WebSecurityMgz.com
ﻧﺎﻡ ﺳﺮﻭﺭ
Protocol 2
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺣﺎﻝ ﺍﺟﺎﺯﻩ ﺑﺪﻫﻴﺪ ﻛﻪ ﺑﻪ ﭼﮕﻮﻧﮕﻲ ﺍﺭﺟﺎﻉ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻧﮕﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ.
WWW.WebSecurityMgz.com
3
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺭﻭﺍﻧﺸﻨﺎﺳﻲ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ ﺍﻳﻦ ﺩﻓﻌﻪ ﺑﺮﺍﻱ ﺯﻧﮓ ﺗﻔﺮﻳﺢ ﻣﻲ ﺧﻮﺍﻫﻴﻢ ﭘﺎﻣﻮﻧﻮ ﺗﻮ ﻛﻔﺶ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﻜﻨﻴﻢ ! ﻧﻔﻮﺫﮔﺮﺍﻥ ﭼﻪ ﻛﺎﺭ ﻣﻲ ﻛﻨﻨﺪ؟ ﺑﻪ ﺻﻮﺭﺕ ﻣﺨﺘﺼﺮ ،ﻧﻔﻮﺫﮔﺮﺍﻥ ﻗﺪﺭﺕ ﺯﻳﺎﺩﻱ ﺩﺭ ﺍﺳﺘﻘﺮﺍ ﺩﺍﺭﻧﺪ! ﻳﻌﻨﻲ ﺍﺯ ﺭﻭﻱ ﺷﻮﺍﻫﺪ ﻭ ﻣﺪﺍﺭﻙ ﻣﻮﺟﻮﺩ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺧﻴﻠﻲ ﭼﻴﺰﻫﺎ ﺭﺍ ﭘﻴﺶ ﺑﻴﻨﻲ ﻛﻨﻨﺪ! ﺁﻧﻬﺎ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺧﻮﺍﻧﺪﻥ ﺑﻌﻀﻲ ﺧﻄﻮﻁ ﺩﺭ ﺳﺎﻳﺖ ﺷﻤﺎ ﻣﺘﻮﺟﻪ ﺑﺸﻮﻧﺪ ﻛﻪ ﭼﻪ ﭼﻴﺰﻱ ﺩﺭ ﺣﺎﻝ ﺍﻧﺠﺎﻡ ﺍﺳﺖ ، ﺳﭙﺲ ﺑﺎ ﺗﺮﻛﻴﺐ ﻛﺮﺩﻥ ﺧﻴﻠﻲ ﺍﺯ ﭼﻴﺰﻫﺎﻱ ﻛﻮﭼﻜﻲ ﻛﻪ ﺑﻪ ﺩﺳﺖ ﺁﻭﺭﺩﻩ ﺍﻧﺪ ،ﺑﻪ ﻣﻜﺎﻧﻴﺴﻤﻬﺎﻱ ﺩﺍﺧﻠﻲ ﺩﻳﮕﺮ ﻧﻴﺰ ﭘﻲ ﻣﻲ ﺑﺮﻧﺪ. ﺍﺟﺎﺯﻩ ﺑﺪﻫﻴﺪ ﺑﻪ URLﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺝ ﻧﮕﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ:
http:// www.ITIran.com/News/View.asp?ID=820620 ﺍﻳﻦ URLﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻳﺎ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﻮﭼﻚ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺧﺮﻭﺟﻲ ﻫﺎﻱ ﺧﻮﺩﺵ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﭘﺎﺭﺍﻣﺘﺮﻫﺎﻱ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﺗﻮﻟﻴﺪ ﻣﻲ ﻛﻨﺪ .ﭼﻪ ﺍﻃﻼﻋﺎﺕ ﺩﻳﮕﺮﻱ ﺭﺍ ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺩﻝ ﺍﻳﻦ URLﺑﻴﺮﻭﻥ ﻛﺸﻴﺪ؟! ﺑﺎ ﺍﻭﻟﻴﻦ ﺍﺳﺘﻨﺘﺎﺝ ،ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺭﻭﻱ ﻧﺎﻡ ﻣﻨﺒﻊ View.aspﻣﺘﻮﺟﻪ ﺷﺪ ﻛﻪ ﺍﻳﻦ ﻓﺎﻳﻞ ﺑﺎ ﭘﺴﻮﻧﺪ .aspﻣﻲ ﺑﺎﺷﺪ ﺍﻳﻦ ﻓﺎﻳﻞ ﺑﻪ ﺻﻮﺭﺕ ﻣﻄﻤﺌﻦ ﻳﻚ ﻓﺎﻳﻞ ) Microsoft Active Server Page (ASPﻣﻲ ﺑﺎﺷﺪ .ﻓﺎﻳﻠﻬﺎﻱ ASP ﻧﻴﺰ ﺗﻘﺮﻳﺒﺎ ﺑﻪ ﺻﻮﺭﺕ ﺍﻧﺤﺼﺎﺭﻱ ﺭﻭﻱ ﺳﺮﻭﻫﺎﻱ IIS WEB Serverﺍﺟﺮﺍ ﻣﻲ ﺷﻮﻧﺪ.ﺑﻨﺎﺑﺮﺍﻳﻦ ﺳﺮﻭﺭ ﺳﺎﻳﺖ www.ITIran.comﺑﻪ ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩ ﻳﻚ ﻭﻳﻨﺪﻭﺯ ﺳﺮﻭﺭ NT/2000/XPﻣﻲ ﺑﺎﺷﺪ ﻛﻪ IISﺭﻭﻱ ﺁﻥ ﺍﺟﺮﺍ ﺷﺪﻩ ﺍﺳﺖ. ﺧﺐ ،ﺣﺎﻻ ﻧﮕﺎﻫﻲ ﺑﻪ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ .ﻣﺎ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﻛﺸﻒ ﻣﻲ ﻛﻨﻴﻢ .ﭘﺎﺭﺍﻣﺘﺮ ID=820620ﺩﺭ ﺍﺻﻞ ﻳﻚ ﺷﻤﺎﺭﻩ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺷﻤﺎﺭﻩ ﺍﻧﺤﺼﺎﺭﻱ ﻳﻚ ﺧﺒﺮ ﺍﺳﺖ ﻛﻪ ﺑﺎﻳﺪ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺍﻣﺎ ﻣﺤﺒﻮﺏ ﺗﺮﻳﻦ ﻭ ﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﺍﻧﺘﺨﺎﺏ ﺑﺮﺍﻱ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﺭﻭﻱ ﻭﻳﻨﺪﻭﺯ ، NT/2000/XPﻣﻌﻤﻮﻻ Microsofte SQL Serverﻭ ﻳﺎ Microsofte Accessﻣﻲ ﺑﺎﺷﺪ .ﺍﮔﺮ ﻳﻚ ﺳﺎﻳﺖ ﻛﻮﭼﻚ ﺑﺎﺷﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﻪ ﺍﺯ Accessﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻓﺎﻳﻞ View.aspﺷﺒﺎﻫﺖ ﺯﻳﺎﺩﻱ ﺑﻪ ﻓﺎﻳﻠﻲ ﺩﺍﺭﺩ ﻛﻪ ﻳﻚ SQL Queryﺑﺮﺍﻱ ﺳﺮﻭﺭ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﻣﻲ ﺳﺎﺯﺩ ﺗﺎ ﺑﻪ ﻭﺳﻴﻠﻪ ﭘﺎﺭﺍﻣﺘﺮ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﺑﺎ ﺁﻥ ﺟﺰﻳﻴﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﻧﻤﺎﻳﺶ ﺩﻫﺪ. ﺍﻣﺎ ﺑﺎ ﻧﮕﺎﻫﻲ ﺯﻳﺮﻛﺎﻧﻪ ﺗﺮ ﺑﻪ ﭘﺎﺭﺍﻣﺘﺮ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﻣﻲ ﺗﻮﺍﻥ ﺩﺭﻳﺎﻓﺖ ﻛﻪ ﺍﻳﻦ ﭘﺎﺭﺍﻣﺘﺮ ﺷﺎﻣﻞ ﺳﻪ ﻗﺴﻤﺖ ﻣﻲ ﺑﺎﺷﺪ : ID=820620
ﻛﻪ ﻧﺸﺎﻧﮕﺮ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﺍﺳﺖ ﻛﻪ ﺧﺒﺮ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺑﺮﺍﻱ ﺳﺎﻝ ٨٢ﻭ ﻣﺎﻩ ٠٦ﻳﻌﻨﻲ ﺷﻬﺮﻳﻮﺭ ﻭ ﺭﻭﺯ ٢٠ ﻣﻲ ﺑﺎﺷﺪ! ﺍﻣﺎ ﺟﺰﻳﻴﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺍﻳﻦ ﭘﺎﺭﺍﻣﺘﺮ ﻫﺎ ﻓﻬﻤﻴﺪ ﻭ ﻣﺎ ﺩﺭ ﺁﻳﻨﺪﻩ ،ﺑﻴﺸﺘﺮ ﺭﻭﻱ ﺗﻜﻨﻴﻚ ﻫﺎﻱ ﻧﻘﺸﻪ ﺑﺮﺩﺍﺭﻱ ﺍﺯ ﭘﺎﻳﻴﻦ ﺑﻪ ﺑﺎﻻ ﺑﺤﺚ ﻣﻲ ﻛﻨﻴﻢ.
WWW.WebSecurityMgz.com
4
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺭﻣﺰ ﻧﮕﺎﺭﻱ URL ﺑﻪ ﺧﻮﺩﻱ ﺧﻮﺩ ﻳﻚ URLﻫﻴﭻ ﭼﻴﺰﻱ ﻧﻴﺴﺖ ﺑﻪ ﺟﺰ ﺭﺷﺘﻪ ﻫﺎﻱ ﺍﻟﻔﺒﺎﻳﻲ ﻭ ﺑﻌﻀﻲ ﻧﺸﺎﻧﻪ ﻫﺎﻳﻲ ﺩﺭﻭﻥ ﺁﻥ! ﻣﺠﻤﻮﻋﻪ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﺍﻧﺘﺨﺎﺏ ﺷﺪﻩ ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﻳﻚ ، URLﺭﺷﺘﻪ ﻫﺎﻳﻲ ﺷﺎﻣﻞ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺯﻳﺮ ﻣﻲ ﺑﺎﺷﻨﺪ: ﺭﺷﺘﻪ ﻫﺎﻱ ﻋﺪﺩﻱ ﻭ ﺍﻟﻔﺒﺎﻳﻲ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺍﺧﺘﺼﺎﺻﻲ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻣﺨﺼﻮﺹ ﺩﻳﮕﺮ
A-Z , a-z , 0-9 “; / : @ & = + $ , < > # % * ~ ! ( ) { } | \ ^ [ ] ‘- _ .
ﺧﻴﻠﻲ ﺍﺯ ﺩﻓﻌﺎﺕ ،ﻳﻚ ﺭﺷﺘﻪ URLﺷﺎﻣﻞ ﺣﺮﻭﻑ ،ﺍﻋﺪﺍﺩ ﻭ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺭﺯﺭﻭ ﺷﺪﻩ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﻣﻌﻨﻲ
ﻣﺨﺼﻮﺹ ﺩﺭﻭﻥ ﻳﻚ URLﺩﺍﺭﺩ.ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻣﺨﺼﻮﺹ ﺩﻳﮕﺮ ﻣﻌﻨﺎﻱ ﭼﻨﺪﺍﻥ ﻣﺨﺼﻮﺻﻲ ﺑﺮﺍﻱ URL ﻧﺪﺍﺭﻧﺪ.ﺑﻪ ﻫﺮ ﺟﻬﺖ ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻌﻨﺎﻱ ﻣﺨﺼﻮﺻﻲ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ ﻭﺏ ﻭ ﻳﺎ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﺳﺖ ،ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ. ﺗﻔﺴﻴﺮ ﺑﻌﻀﻲ ﺍﺯ ﺍﻳﻨﮕﻮﻧﻪ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻣﺨﺼﻮﺹ ﺩﺭ ﺟﺪﻭﻝ ٢ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ.
WWW.WebSecurityMgz.com
5
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺟﺪﻭﻝ ﺷﻤﺎﺭﻩ ٢ ﻛﺎﺭﺍﻛﺘﺮ ﻣﺨﺼﻮﺹ
?
ﺗﻔﺴﻴﺮ ﺟﺪﺍﻛﻨﻨﺪﻩ ﺭﺷﺘﻪ ﻫﺎﻱ ﭘﺮﺳﺸﻨﺎﻣﻪ ﻫﺎ .ﺑﺨﺸﻲ ﺍﺯ URLﻛﻪ ﺩﺭ ﺳﻤﺖ ﺭﺍﺳﺖ ? ﻗﺮﺍﺭ ١
ﺩﺍﺭﺩﻳﻚ ﺭﺷﺘﻪ ﭘﺮﺳﺸﻨﺎﻣﻪ ﻣﻲ ﺑﺎﺷﺪ.
&
ﭘﺎﺭﺍﻣﺘﺮ ﺟﺪﺍﻛﻨﻨﺪﻩ .ﺑﺮﺍﻱ ﺟﺪﺍ ﻛﺮﺩﻥ ﭘﺎﺭﺍﻣﺘﺮ ﻫﺎﻱ Name=Valueﺑﻪ ﻛﺎﺭ ﻣﻲ ﺭﻭﺩ.
=
ﻧﺎﻡ ﭘﺎﺭﺍﻣﺘﺮ ﺭﺍ ﺍﺯ ﺍﺭﺯﺷﻲ ﻛﻪ ﺩﺍﺭﺩ ﺟﺪﺍ ﻣﻲ ﻛﻨﺪ.
+
ﺑﻪ ﻋﻨﻮﺍﻥ ﺟﺎﻱ ﺧﺎﻟﻲ ﺗﻔﺴﻴﺮ ﻣﻲ ﺷﻮﺩ.
:
ﺟﺪﺍﻛﻨﻨﺪﻩ ﭘﺮﻭﺗﻜﻞ .ﺁﻥ ﺑﺨﺶ ﺍﺯ ﺭﺷﺘﻪ URLﺍﺯ ﺁﻏﺎﺯ ﺗﺎ ﭘﺎﻳﺎﻥ ﻧﺸﺎﻧﻪ :ﭘﺮﻭﺗﻜﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺩﺭ ﻻﻳﻪ Applicationﺭﺍ ﻣﺸﺨﺺ ﻣﻲ ﻛﻨﺪ.
#
ﻳﻚ ﻣﻮﺿﻮﻉ ﺭﺍ ﺩﺭﻭﻥ ﻳﻚ ﺻﻔﺤﻪ ﻭﺏ ﻣﺸﺨﺺ ﻣﻲ ﻛﻨﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ URL www.acmt-art.com/index.html#gallery
ﻭ
www.acmt-
art.com/index.html#purchaseﺩﻭ ﻣﻜﺎﻥ ﻣﺘﻔﺎﻭﺕ ﺭﺍ ﺩﺭﻭﻥ ﻳﻚ ﺻﻔﺤﻪ ) (index.htmlﻧﺸﺎﻥ ﻣﻲ ﺩﻫﺪ.
% @
ﺍﻳﻦ ﻛﺎﺭﺍﻛﺘﺮ ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﻛﺪﻫﺎﻱ ﻫﮕﺰﺍﺩﺳﻴﻤﺎﻝ ﻣﻲ ﺑﺎﺷﺪ. ﻫﻨﮕﺎﻣﻲ ﻛﻪ ﺩﺭ ﺁﺩﺭﺳﻬﺎﻱ ﻣﻴﻞ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﻛﻨﻴﻢ ﺩﺭ
URLﻫﺎﻱ
mailto:ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﺷﻮﺩ .ﻫﻤﭽﻨﻴﻦ ﻫﻨﮕﺎﻣﻲ ﻛﻪ ﺑﺨﻮﺍﻫﻴﻢ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﺑﻪ ﻫﻤﺮﺍﻩ ﺍﺳﻢ ﺭﻣﺰ ﺁﻥ ﺑﻪ ﻳﻚ ﭘﺮﻭﺗﻜﻠﻲ ﻣﺎﻧﻨﺪ FTPﺍﺭﺟﺎﻉ ﺩﻫﻴﻢ.
~
ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ﺧﺼﻮﺻﻲ ﻳﻚ ﻛﺎﺭﺑﺮ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﭼﻨﺪ ﻛﺎﺭﺑﺮﻩ
ﻣﻲ
ﺑﺎﺷﻨﺪ
ﺍﺳﺘﻔﺎﺩﻩ
ﻣﻲ
ﺷﻮﺩ.
ﺑﺮﺍﻱ
ﻣﺜﺎﻝ:
http://server/~user_login_id/ﻳﺎ ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺩﻳﮕﺮ ﺑﻪ URLﺯﻳﺮ ﻧﮕﺎﻫﻲ ﺑﻴﺎﻧﺪﺍﺯﻳﺪ http://www.cs.purdue.edu/~saumil/maps :ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ saumilﺭﺍ ﺩﺭ ﻳﻚ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ﺩﺭﻭﻥ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺸﺨﺺ ﻣﻲ ﻛﻨﺪ.
ﺗﻬﻴﻪ ﻛﻨﻨﺪﻩ: ﺍﻣﻴﺮ ﺣﺴﻴﻦ ﺷﺮﻳﻔﻲ [email protected] ، ٢٧ﻣﻬﺮﻣﺎﻩ ١٣٨٢
ﻣﻨﺒﻊ: Web Hacking , Stuart McClure,Saumil Shah , Shreeraj Shah -١
- Query
WWW.WebSecurityMgz.com
6
1
URL ﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ ﻣﻘﺪﻣﻪ ﺩﺭ ﺑﻴﻦ ﺗﻤﺎﻣﻲ ﺗﻜﻨﻴﻜﻬﺎﻱ ﻫﻚ ،ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﻳﻜﻲ ﺍﺯ ﺯﻳﺒﺎﺗﺮﻳﻦ ﺗﻜﻨﻴﻚ ﻫﺎ ﻣﻲ ﺑﺎﺷﺪ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﻮﺭﺍﺕ ﺍﺟﺮﺍﻳﻲ ﺍﺯ ﻃﺮﻳﻖ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺣﻤﻼﺕ ﺧﺮﺍﺑﻜﺎﺭﺍﻧﻪ ﭘﺮ ﺍﺯ ﺭﻳﺰﻩ ﻛﺎﺭﻳﻬﺎﻱ ﻧﺎﺏ ﻭ ﺩﺭﺧﺸﺎﻥ ﺍﺳﺖ .ﺩﺭ ﻣﻘﺎﺑﻞ ﺗﻤﺎﻣﻲ ﺗﻜﻨﻴﻚ ﻫﺎﻱ ﭘﻴﭽﻴﺪﻩ ﻭ ﻣﺸﻜﻞ ﻫﻚ ،ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﺳﺎﺩﻩ ﻭ ﺟﺰﻳﻲ ﻣﻲ ﺑﺎﺷﺪ .ﺑﻪ ﻋﻨﻮﺍﻥ ﻳﻚ ﻣﺜﺎﻝ ﺳﺎﺩﻩ ﺁﻳﺎ ﺷﻤﺎ ﻣﻲ ﺩﺍﻧﻴﺪ ﻛﻪ ﻓﻘﻂ ﺑﺎ ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﻳﻚ “ ”%%ﻣﻲ ﺗﻮﺍﻥ ﺍﻣﻨﻴﺖ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭﺏ ﺷﻤﺎ ﺭﺍ ﺑﻪ ﺧﻄﺮ ﺍﻧﺪﺍﺧﺖ؟! ﻣﻲ ﺗﻮﺍﻥ ﺍﻳﻨﮕﻮﻧﻪ ﻓﺮﺽ ﻛﺮﺩ ﻛﻪ ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﻣﺎﻧﻨﺪ ﻳﻚ ﻋﻤﻞ ﺟﺮﺍﺣﻲ ﻛﻮﭼﻚ ﺍﺯ ﻃﺮﻳﻖ ﻓﻘﻂ ﻳﻚ ﺳﻮﺭﺍﺥ ﺭﻳﺰ ﻣﻲ ﺑﺎﺷﺪ .ﺩﺭ ﺍﺑﺘﺪﺍ ﺧﻴﻠﻲ ﻇﺮﻳﻒ ﻭ ﻛﻮﭼﻚ ﺍﺳﺖ ﻭﻟﻲ ﺩﺭ ﻋﻤﻖ ﻛﺎﺭ ﺟﺰﻭ ﻋﻤﻴﻖ ﺗﺮﻳﻦ ﻭ ﭘﻴﭽﻴﺪﻩ ﺗﺮﻳﻦ ﺳﻴﺴﺘﻢ ﻫﺎ ﻣﻲ ﺑﺎﺷﺪ. URLﺑﻌﻀﻲ ﻣﻮﺍﻗﻊ ﻓﻘﻂ ﺗﻨﻬﺎ ﺭﺍﻩ ﺍﺭﺗﺒﺎﻃﻲ ﺑﺎ ﺳﻴﺴﺘﻢ ﻫﺎﻱ ﺑﺰﺭﮒ ﻭ ﭘﻴﭽﻴﺪﻩ ﺍﻱ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺍﺭﺍﻱ ﺍﻣﻦ ﺗﺮﻳﻦ ﺩﻳﻮﺍﺭ ﻫﺎﻱ ﺁﺗﺶ ﻣﻲ ﺑﺎﺷﻨﺪ! ﺩﺭ ﺍﻳﻦ ﻣﻘﺎﻟﻪ ﻓﻘﻂ ﻗﺼﺪ ﺁﻥ ﺭﺍ ﺩﺍﺭﻡ ﻛﻪ ﺩﺭﺑﺎﺭﻩ URLﺑﺤﺚ ﻛﻨﻢ ﻭ ﺍﻳﻨﻜﻪ ﺑﻪ ﻃﻮﺭ ﻛﻠﻲ URLﭼﻴﺴﺖ ؟ ﻭ ﭼﮕﻮﻧﻪ ﺑﻪ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻛﻤﻚ ﻣﻲ ﻛﻨﺪ؟ ﻭ ﻳﺎ ﺑﺪ ﺑﻪ ﻛﺎﺭ ﺑﺮﺩﻥ ﺁﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﭼﻪ ﺧﺼﺎﺭﺗﻬﺎﻱ ﺑﻪ ﺳﻴﺴﺘﻢ ﻭﺍﺭﺩ ﺷﻮﺩ؟ ﺑﺎ ﻣﺜﺎﻟﻬﺎﻱ ﻇﺮﻳﻔﻲ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻣﺒﺤﺚ ﺯﺩﻩ ﻣﻲ ﺷﻮﺩ ﺗﻮﻟﻴﺪ ﻛﻨﻨﺪﮔﺎﻥ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻭﺏ ﻭ ﮔﺮﻭﻫﻬﺎﻱ ﻛﻪ ﺩﺭ ﺯﻣﻴﻨﻪ ﺗﻜﻨﻮﻟﻮﮊﻱ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭ ﻣﻲ ﻛﻨﻨﺪ ﺑﻪ ﺧﻄﺮﻱ ﻛﻪ ﺗﺎ ﺣﺪﻱ ﺁﻧﻬﺎ ﺭﺍ ﺗﻬﺪﻳﺪ ﻣﻲ ﻛﻨﺪ ﭘﻲ ﻣﻲ ﺑﺮﻧﺪ. ﺍﻛﺜﺮ ﺣﻤﻼﺕ ﻭﺏ ﺑﺴﻴﺎﺭ ﻇﺮﻳﻒ ﺍﺳﺖ .ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﺎ ﻗﺪﻣﻬﺎﻱ ﻛﻮﭼﻚ ﺷﺮﻭﻉ ﻣﻲ ﻛﻨﻨﺪ ﻣﺎﻧﻨﺪ ﺍﻳﻨﻜﻪ ﺳﺎﻳﺖ ﻭﺏ ﭼﮕﻮﻧﻪ ﻭ ﺑﺮﺍﻱ ﭼﻪ ﺳﺎﺧﺘﻪ ﺷﺪﻩ ﺍﺳﺖ .ﻫﺮ ﺗﺤﻘﻴﻖ ﻭ ﺟﺴﺘﺠﻮﻱ ﺑﻴﺸﺘﺮ ﺩﺭ ﺳﺎﻳﺖ ،ﻧﻔﻮﺫﮔﺮ ﺭﺍ ﺑﻪ ﻗﺴﻤﺘﻬﺎﻱ ﻋﻤﻴﻖ ﺗﺮ ﺩﺍﺧﻠﻲ ﻫﺪﺍﻳﺖ ﻣﻲ ﻛﻨﺪ .ﻇﺮﺍﻓﺖ ﺍﻳﻨﮕﻮﻧﻪ ﺣﻤﻼﺕ ﺑﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﻔﻮﺫﮔﺮ ﻓﻘﻂ ﺑﻪ ﻳﻚ ﺍﺑﺰﺍﺭ ﺍﺣﺘﻴﺎﺝ
ﺩﺍﺭﺩ :ﻳﻚ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ! ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺩﺭ ﺍﻳﻨﺠﺎ ﻗﺼﺪ ﺗﻮﺿﻴﺢ ﺁﻥ ﺭﺍ ﺩﺍﺭﻳﻢ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ: -
ﺳﺎﺧﺘﻤﺎﻥ URL
-
ﺭﻣﺰﮔﺬﺍﺭﻱ URL
-
ﻛﺪﻫﺎﻱ ﺍﺳﻜﻲ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﻫﮕﺰﺍ ﺩﺳﻴﻤﺎﻝ ﻭ ﻳﻮﻧﻲ ﻛﺪ
-
Meta-characterﻫﺎ ﻭ ﺗﺎﺛﻴﺮﺍﺕ ﺁﻧﻬﺎ ﺑﺮ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ
-
ﻓﺮﻣﻬﺎﻱ HTMLﻭ ﺍﺭﺟﺎﻉ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ
ﺩﺭ ﺍﻳﻨﺠﺎ ﻓﺮﺽ ﺑﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻋﺰﻳﺰ ﺑﺎ ﭘﺮﻭﺗﻜﻞ HTTPﻭ HTMLﺁﺷﻨﺎ ﻣﻲ ﺑﺎﺷﻨﺪ.
ﺳﺎﺧﺘﻤﺎﻥ URL
WWW.WebSecurityMgz.com
1
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ URLﺩﺭ ﺍﺻﻞ ﻣﻜﺎﻧﻴﺰﻣﻲ ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﻣﻨﺎﺑﻊ ﺍﻳﻨﺘﺮﻧﺖ ﺭﻭﻱ ﻭﺏ ﻭ ﻳﺎ ﺳﺮﻭﺭﻫﺎﻱ FTPﻫﺴﺘﻨﺪ ﻭ ﺷﺎﻣﻞ ﻻﻳﻪ ﭘﺮﻭﺗﻜﻞ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻣﻲ ﺑﺎﺷﻨﺪ ﻛﻪ ﻫﺮ ﻛﺪﺍﻡ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻳﻲ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﺳﺮﻭﺭ ﻭﺏ ﻣﻲ ﺳﺎﺯﻧﺪ. ﺍﻳﻦ ﺳﺎﺧﺘﻤﺎﻥ ﻋﻤﻮﻣﻲ ﻳﻚ URLﺍﺳﺖ:
Protocol://Server/Path/to/resource?parameter
Protocol ﭘﺮﻭﺗﻜﻞ ﻻﻳﻪ .Applicationﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﺍﺳﺘﻔﺎﺩﻩ URLﻫﺎ ﺩﺭ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻣﻨﺎﺑﻊ ﺍﺯ ﺳﺮﻭﺭﻫﺎﻱ ﻭﺏ ﻣﻲ ﺑﺎﺷﺪ ( HTTP Server ) .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﭘﺮﻭﺗﻜﻞ HTTPﻣﻲ ﺑﺎﺷﺪ ﻭ ﺑﻘﻴﻪ ﭘﺮﻭﺗﻜﻠﻬﺎ ﻣﺎﻧﻨﺪ ، https pop3 ، telnet ، ldap ، ftpﻭ ﻏﻴﺮﻩ ﺑﺴﺘﮕﻲ ﺑﻪ ﺁﻥ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﺮﻭﮔﺮ ﻭ ﻳﺎ ﺳﺮﻭﺭ ﭼﻪ ﭼﻴﺰﻱ ﺭﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲ ﻛﻨﺪ.
Server ﻧﺎﻡ ﺣﻮﺯﻩ ، DNSﻧﺎﻡ Netbiosﻳﺎ ﺁﺩﺭﺱ IPﻳﻚ ﻣﻴﺰﺑﺎﻥ ﻭ ﻳﺎ ﻳﻚ ﺷﺒﻜﻪ
Path/to/resource ﻣﺴﻴﺮ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ،ﺷﺎﻣﻞ ﻧﺎﻡ ﻣﻨﺎﺑﻌﻲ ﻛﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﻧﺪ ﻭ ﺍﻳﻦ ﻣﻨﺎﺑﻊ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﻳﻚ ﻓﺎﻳﻞ ﺍﻳﺴﺘﺎ ﺑﺎﺷﻨﺪ ﻭ ﻳﺎ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﭘﻮﻳﺎ ﺧﺮﻭﺟﻲ ﺭﺍ ﺗﻮﻟﻴﺪ ﻣﻲ ﻛﻨﻨﺪ.
Parameters ﺑﻪ ﺻﻮﺭﺕ ﻋﻤﻠﻲ ،ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﻫﻨﮕﺎﻣﻲ ﺑﻪ ﻳﻚ ﻣﻨﺒﻊ ﺍﺭﺟﺎﻉ ﺩﺍﺩﻩ ﻣﻲ ﺷﻮﻧﺪ ﻛﻪ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻳﺎ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﭘﻮﻳﺎ ﺧﺮﻭﺟﻲ ﺗﻮﻟﻴﺪ ﻛﻨﺪ. ﺷﻜﻞ ١ﺍﻧﻮﺍﻉ URLﺭﺍ ﻧﺸﺎﻥ ﻣﻲ ﺩﻫﺪ URL .ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺍﻟﻒ ﺧﻴﻠﻲ ﻭﺍﺿﺢ ﻭ ﺭﻭﺷﻦ ﺍﺳﺖ .ﻓﺎﻳﻞ Monalisa.htmlﻳﻚ ﺩﺭﺧﻮﺍﺳﺘﻲ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺍﺯ ﺳﺮﻭﺭﻱ ﺑﻪ ﻧﺎﻡ www.blueballoon.com ﺷﺪﻩ ﺍﺳﺖ .ﻣﻮﻗﻌﻴﺖ ﻓﺎﻳﻞ Monalsia.htmlﺩﺭ ﻭﺏ ﺳﺎﻳﺖ
www.blueballoon.comﻣﺴﻴﺮ
/pictures/davinchiﻣﻲ ﺑﺎﺷﺪ URL .ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺏ ﻣﺜﺎﻟﻲ ﺍﺯ ﻳﻚ ﭘﺮﻭﺗﻜﻞ ﺩﻳﮕﺮ ﻣﻲ ﺑﺎﺷﺪ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺑﺎﻋﺚ ﻣﻲ ﺷﻮﺩ ﻛﻪ ﻛﺎﺭﺑﺮ ﻳﻚ ﺍﺭﺗﺒﺎﻁ FTPﺑﺮﺍﻱ ﻳﻚ ﻛﺎﺭﺑﺮ anonymousﺑﺎ ﺳﺮﻭﺭ www.blueballoon.comﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ ﻭ ﻓﺎﻳﻞ img_viewer.exeﺭﺍ ﺍﺯ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ /pub/ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ. URLﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -٢ﺝ ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﺩﺭﺧﻮﺍﺳﺘﻲ ﺭﺍ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ View.aspﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ Newsﻗﺮﺍﺭ ﺩﺍﺭﺩ .ﻳﻚ ﭘﺎﺭﺍﻣﺘﺮ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﺍﺭﺟﺎﻉ ﻣﻲ ﺷﻮﺩ ID .ﻛﻪ ﻣﺤﺘﻮﻱ ﻳﻚ ﺭﻗﻢ 820620ﻣﻲ ﺑﺎﺷﺪ.
http:// www.blueballoon.com/pictures/davinchi/monalisa.html ﻣﺴﻴﺮ ﻓﺎﻳﻠﻲ ﻛﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﺳﺖ
Server Name
Protocol
ﺍﻟﻒ ftp:// 192.168.17.33/pub/img_viewer.exe ﻣﺴﻴﺮ ﻓﺎﻳﻞ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ
ﻧﺎﻡ ﺳﺮﻭﺭ
Protocol
ﺏ http:// www.ITIran.com/News/View.asp?ID=820620 ﭘﺎﺭﺍﻣﺘﺮ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﺑﻪ ﺑﺮﻧﺎﻣﻪ
ﻣﺴﻴﺮ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ
View.aspﻛﺎﺭﺑﺮﺩﻱ
ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ
WWW.WebSecurityMgz.com
ﻧﺎﻡ ﺳﺮﻭﺭ
Protocol 2
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺣﺎﻝ ﺍﺟﺎﺯﻩ ﺑﺪﻫﻴﺪ ﻛﻪ ﺑﻪ ﭼﮕﻮﻧﮕﻲ ﺍﺭﺟﺎﻉ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻧﮕﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ.
WWW.WebSecurityMgz.com
3
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺭﻭﺍﻧﺸﻨﺎﺳﻲ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ ﺍﻳﻦ ﺩﻓﻌﻪ ﺑﺮﺍﻱ ﺯﻧﮓ ﺗﻔﺮﻳﺢ ﻣﻲ ﺧﻮﺍﻫﻴﻢ ﭘﺎﻣﻮﻧﻮ ﺗﻮ ﻛﻔﺶ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﻜﻨﻴﻢ ! ﻧﻔﻮﺫﮔﺮﺍﻥ ﭼﻪ ﻛﺎﺭ ﻣﻲ ﻛﻨﻨﺪ؟ ﺑﻪ ﺻﻮﺭﺕ ﻣﺨﺘﺼﺮ ،ﻧﻔﻮﺫﮔﺮﺍﻥ ﻗﺪﺭﺕ ﺯﻳﺎﺩﻱ ﺩﺭ ﺍﺳﺘﻘﺮﺍ ﺩﺍﺭﻧﺪ! ﻳﻌﻨﻲ ﺍﺯ ﺭﻭﻱ ﺷﻮﺍﻫﺪ ﻭ ﻣﺪﺍﺭﻙ ﻣﻮﺟﻮﺩ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺧﻴﻠﻲ ﭼﻴﺰﻫﺎ ﺭﺍ ﭘﻴﺶ ﺑﻴﻨﻲ ﻛﻨﻨﺪ! ﺁﻧﻬﺎ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺧﻮﺍﻧﺪﻥ ﺑﻌﻀﻲ ﺧﻄﻮﻁ ﺩﺭ ﺳﺎﻳﺖ ﺷﻤﺎ ﻣﺘﻮﺟﻪ ﺑﺸﻮﻧﺪ ﻛﻪ ﭼﻪ ﭼﻴﺰﻱ ﺩﺭ ﺣﺎﻝ ﺍﻧﺠﺎﻡ ﺍﺳﺖ ، ﺳﭙﺲ ﺑﺎ ﺗﺮﻛﻴﺐ ﻛﺮﺩﻥ ﺧﻴﻠﻲ ﺍﺯ ﭼﻴﺰﻫﺎﻱ ﻛﻮﭼﻜﻲ ﻛﻪ ﺑﻪ ﺩﺳﺖ ﺁﻭﺭﺩﻩ ﺍﻧﺪ ،ﺑﻪ ﻣﻜﺎﻧﻴﺴﻤﻬﺎﻱ ﺩﺍﺧﻠﻲ ﺩﻳﮕﺮ ﻧﻴﺰ ﭘﻲ ﻣﻲ ﺑﺮﻧﺪ. ﺍﺟﺎﺯﻩ ﺑﺪﻫﻴﺪ ﺑﻪ URLﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺝ ﻧﮕﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ:
http:// www.ITIran.com/News/View.asp?ID=820620 ﺍﻳﻦ URLﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻳﺎ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﻮﭼﻚ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺧﺮﻭﺟﻲ ﻫﺎﻱ ﺧﻮﺩﺵ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﭘﺎﺭﺍﻣﺘﺮﻫﺎﻱ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﺗﻮﻟﻴﺪ ﻣﻲ ﻛﻨﺪ .ﭼﻪ ﺍﻃﻼﻋﺎﺕ ﺩﻳﮕﺮﻱ ﺭﺍ ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺩﻝ ﺍﻳﻦ URLﺑﻴﺮﻭﻥ ﻛﺸﻴﺪ؟! ﺑﺎ ﺍﻭﻟﻴﻦ ﺍﺳﺘﻨﺘﺎﺝ ،ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺭﻭﻱ ﻧﺎﻡ ﻣﻨﺒﻊ View.aspﻣﺘﻮﺟﻪ ﺷﺪ ﻛﻪ ﺍﻳﻦ ﻓﺎﻳﻞ ﺑﺎ ﭘﺴﻮﻧﺪ .aspﻣﻲ ﺑﺎﺷﺪ ﺍﻳﻦ ﻓﺎﻳﻞ ﺑﻪ ﺻﻮﺭﺕ ﻣﻄﻤﺌﻦ ﻳﻚ ﻓﺎﻳﻞ ) Microsoft Active Server Page (ASPﻣﻲ ﺑﺎﺷﺪ .ﻓﺎﻳﻠﻬﺎﻱ ASP ﻧﻴﺰ ﺗﻘﺮﻳﺒﺎ ﺑﻪ ﺻﻮﺭﺕ ﺍﻧﺤﺼﺎﺭﻱ ﺭﻭﻱ ﺳﺮﻭﻫﺎﻱ IIS WEB Serverﺍﺟﺮﺍ ﻣﻲ ﺷﻮﻧﺪ.ﺑﻨﺎﺑﺮﺍﻳﻦ ﺳﺮﻭﺭ ﺳﺎﻳﺖ www.ITIran.comﺑﻪ ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩ ﻳﻚ ﻭﻳﻨﺪﻭﺯ ﺳﺮﻭﺭ NT/2000/XPﻣﻲ ﺑﺎﺷﺪ ﻛﻪ IISﺭﻭﻱ ﺁﻥ ﺍﺟﺮﺍ ﺷﺪﻩ ﺍﺳﺖ. ﺧﺐ ،ﺣﺎﻻ ﻧﮕﺎﻫﻲ ﺑﻪ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ .ﻣﺎ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﻛﺸﻒ ﻣﻲ ﻛﻨﻴﻢ .ﭘﺎﺭﺍﻣﺘﺮ ID=820620ﺩﺭ ﺍﺻﻞ ﻳﻚ ﺷﻤﺎﺭﻩ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺷﻤﺎﺭﻩ ﺍﻧﺤﺼﺎﺭﻱ ﻳﻚ ﺧﺒﺮ ﺍﺳﺖ ﻛﻪ ﺑﺎﻳﺪ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺍﻣﺎ ﻣﺤﺒﻮﺏ ﺗﺮﻳﻦ ﻭ ﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﺍﻧﺘﺨﺎﺏ ﺑﺮﺍﻱ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﺭﻭﻱ ﻭﻳﻨﺪﻭﺯ ، NT/2000/XPﻣﻌﻤﻮﻻ Microsofte SQL Serverﻭ ﻳﺎ Microsofte Accessﻣﻲ ﺑﺎﺷﺪ .ﺍﮔﺮ ﻳﻚ ﺳﺎﻳﺖ ﻛﻮﭼﻚ ﺑﺎﺷﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﻪ ﺍﺯ Accessﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻓﺎﻳﻞ View.aspﺷﺒﺎﻫﺖ ﺯﻳﺎﺩﻱ ﺑﻪ ﻓﺎﻳﻠﻲ ﺩﺍﺭﺩ ﻛﻪ ﻳﻚ SQL Queryﺑﺮﺍﻱ ﺳﺮﻭﺭ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﻣﻲ ﺳﺎﺯﺩ ﺗﺎ ﺑﻪ ﻭﺳﻴﻠﻪ ﭘﺎﺭﺍﻣﺘﺮ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﺑﺎ ﺁﻥ ﺟﺰﻳﻴﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﻧﻤﺎﻳﺶ ﺩﻫﺪ. ﺍﻣﺎ ﺑﺎ ﻧﮕﺎﻫﻲ ﺯﻳﺮﻛﺎﻧﻪ ﺗﺮ ﺑﻪ ﭘﺎﺭﺍﻣﺘﺮ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﻣﻲ ﺗﻮﺍﻥ ﺩﺭﻳﺎﻓﺖ ﻛﻪ ﺍﻳﻦ ﭘﺎﺭﺍﻣﺘﺮ ﺷﺎﻣﻞ ﺳﻪ ﻗﺴﻤﺖ ﻣﻲ ﺑﺎﺷﺪ : ID=820620
ﻛﻪ ﻧﺸﺎﻧﮕﺮ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﺍﺳﺖ ﻛﻪ ﺧﺒﺮ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺑﺮﺍﻱ ﺳﺎﻝ ٨٢ﻭ ﻣﺎﻩ ٠٦ﻳﻌﻨﻲ ﺷﻬﺮﻳﻮﺭ ﻭ ﺭﻭﺯ ٢٠ ﻣﻲ ﺑﺎﺷﺪ! ﺍﻣﺎ ﺟﺰﻳﻴﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺍﻳﻦ ﭘﺎﺭﺍﻣﺘﺮ ﻫﺎ ﻓﻬﻤﻴﺪ ﻭ ﻣﺎ ﺩﺭ ﺁﻳﻨﺪﻩ ،ﺑﻴﺸﺘﺮ ﺭﻭﻱ ﺗﻜﻨﻴﻚ ﻫﺎﻱ ﻧﻘﺸﻪ ﺑﺮﺩﺍﺭﻱ ﺍﺯ ﭘﺎﻳﻴﻦ ﺑﻪ ﺑﺎﻻ ﺑﺤﺚ ﻣﻲ ﻛﻨﻴﻢ.
WWW.WebSecurityMgz.com
4
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺭﻣﺰ ﻧﮕﺎﺭﻱ URL ﺑﻪ ﺧﻮﺩﻱ ﺧﻮﺩ ﻳﻚ URLﻫﻴﭻ ﭼﻴﺰﻱ ﻧﻴﺴﺖ ﺑﻪ ﺟﺰ ﺭﺷﺘﻪ ﻫﺎﻱ ﺍﻟﻔﺒﺎﻳﻲ ﻭ ﺑﻌﻀﻲ ﻧﺸﺎﻧﻪ ﻫﺎﻳﻲ ﺩﺭﻭﻥ ﺁﻥ! ﻣﺠﻤﻮﻋﻪ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﺍﻧﺘﺨﺎﺏ ﺷﺪﻩ ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﻳﻚ ، URLﺭﺷﺘﻪ ﻫﺎﻳﻲ ﺷﺎﻣﻞ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺯﻳﺮ ﻣﻲ ﺑﺎﺷﻨﺪ: ﺭﺷﺘﻪ ﻫﺎﻱ ﻋﺪﺩﻱ ﻭ ﺍﻟﻔﺒﺎﻳﻲ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺍﺧﺘﺼﺎﺻﻲ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻣﺨﺼﻮﺹ ﺩﻳﮕﺮ
A-Z , a-z , 0-9 “; / : @ & = + $ , < > # % * ~ ! ( ) { } | \ ^ [ ] ‘- _ .
ﺧﻴﻠﻲ ﺍﺯ ﺩﻓﻌﺎﺕ ،ﻳﻚ ﺭﺷﺘﻪ URLﺷﺎﻣﻞ ﺣﺮﻭﻑ ،ﺍﻋﺪﺍﺩ ﻭ ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺭﺯﺭﻭ ﺷﺪﻩ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﻣﻌﻨﻲ
ﻣﺨﺼﻮﺹ ﺩﺭﻭﻥ ﻳﻚ URLﺩﺍﺭﺩ.ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻣﺨﺼﻮﺹ ﺩﻳﮕﺮ ﻣﻌﻨﺎﻱ ﭼﻨﺪﺍﻥ ﻣﺨﺼﻮﺻﻲ ﺑﺮﺍﻱ URL ﻧﺪﺍﺭﻧﺪ.ﺑﻪ ﻫﺮ ﺟﻬﺖ ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻌﻨﺎﻱ ﻣﺨﺼﻮﺻﻲ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ ﻭﺏ ﻭ ﻳﺎ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﺳﺖ ،ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ. ﺗﻔﺴﻴﺮ ﺑﻌﻀﻲ ﺍﺯ ﺍﻳﻨﮕﻮﻧﻪ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻣﺨﺼﻮﺹ ﺩﺭ ﺟﺪﻭﻝ ٢ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ.
WWW.WebSecurityMgz.com
5
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺟﺪﻭﻝ ﺷﻤﺎﺭﻩ ٢ ﻛﺎﺭﺍﻛﺘﺮ ﻣﺨﺼﻮﺹ
?
ﺗﻔﺴﻴﺮ ﺟﺪﺍﻛﻨﻨﺪﻩ ﺭﺷﺘﻪ ﻫﺎﻱ ﭘﺮﺳﺸﻨﺎﻣﻪ ﻫﺎ .ﺑﺨﺸﻲ ﺍﺯ URLﻛﻪ ﺩﺭ ﺳﻤﺖ ﺭﺍﺳﺖ ? ﻗﺮﺍﺭ ١
ﺩﺍﺭﺩﻳﻚ ﺭﺷﺘﻪ ﭘﺮﺳﺸﻨﺎﻣﻪ ﻣﻲ ﺑﺎﺷﺪ.
&
ﭘﺎﺭﺍﻣﺘﺮ ﺟﺪﺍﻛﻨﻨﺪﻩ .ﺑﺮﺍﻱ ﺟﺪﺍ ﻛﺮﺩﻥ ﭘﺎﺭﺍﻣﺘﺮ ﻫﺎﻱ Name=Valueﺑﻪ ﻛﺎﺭ ﻣﻲ ﺭﻭﺩ.
=
ﻧﺎﻡ ﭘﺎﺭﺍﻣﺘﺮ ﺭﺍ ﺍﺯ ﺍﺭﺯﺷﻲ ﻛﻪ ﺩﺍﺭﺩ ﺟﺪﺍ ﻣﻲ ﻛﻨﺪ.
+
ﺑﻪ ﻋﻨﻮﺍﻥ ﺟﺎﻱ ﺧﺎﻟﻲ ﺗﻔﺴﻴﺮ ﻣﻲ ﺷﻮﺩ.
:
ﺟﺪﺍﻛﻨﻨﺪﻩ ﭘﺮﻭﺗﻜﻞ .ﺁﻥ ﺑﺨﺶ ﺍﺯ ﺭﺷﺘﻪ URLﺍﺯ ﺁﻏﺎﺯ ﺗﺎ ﭘﺎﻳﺎﻥ ﻧﺸﺎﻧﻪ :ﭘﺮﻭﺗﻜﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺩﺭ ﻻﻳﻪ Applicationﺭﺍ ﻣﺸﺨﺺ ﻣﻲ ﻛﻨﺪ.
#
ﻳﻚ ﻣﻮﺿﻮﻉ ﺭﺍ ﺩﺭﻭﻥ ﻳﻚ ﺻﻔﺤﻪ ﻭﺏ ﻣﺸﺨﺺ ﻣﻲ ﻛﻨﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ URL www.acmt-art.com/index.html#gallery
ﻭ
www.acmt-
art.com/index.html#purchaseﺩﻭ ﻣﻜﺎﻥ ﻣﺘﻔﺎﻭﺕ ﺭﺍ ﺩﺭﻭﻥ ﻳﻚ ﺻﻔﺤﻪ ) (index.htmlﻧﺸﺎﻥ ﻣﻲ ﺩﻫﺪ.
% @
ﺍﻳﻦ ﻛﺎﺭﺍﻛﺘﺮ ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﻛﺪﻫﺎﻱ ﻫﮕﺰﺍﺩﺳﻴﻤﺎﻝ ﻣﻲ ﺑﺎﺷﺪ. ﻫﻨﮕﺎﻣﻲ ﻛﻪ ﺩﺭ ﺁﺩﺭﺳﻬﺎﻱ ﻣﻴﻞ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﻛﻨﻴﻢ ﺩﺭ
URLﻫﺎﻱ
mailto:ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﺷﻮﺩ .ﻫﻤﭽﻨﻴﻦ ﻫﻨﮕﺎﻣﻲ ﻛﻪ ﺑﺨﻮﺍﻫﻴﻢ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﺑﻪ ﻫﻤﺮﺍﻩ ﺍﺳﻢ ﺭﻣﺰ ﺁﻥ ﺑﻪ ﻳﻚ ﭘﺮﻭﺗﻜﻠﻲ ﻣﺎﻧﻨﺪ FTPﺍﺭﺟﺎﻉ ﺩﻫﻴﻢ.
~
ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ﺧﺼﻮﺻﻲ ﻳﻚ ﻛﺎﺭﺑﺮ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﭼﻨﺪ ﻛﺎﺭﺑﺮﻩ
ﻣﻲ
ﺑﺎﺷﻨﺪ
ﺍﺳﺘﻔﺎﺩﻩ
ﻣﻲ
ﺷﻮﺩ.
ﺑﺮﺍﻱ
ﻣﺜﺎﻝ:
http://server/~user_login_id/ﻳﺎ ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺩﻳﮕﺮ ﺑﻪ URLﺯﻳﺮ ﻧﮕﺎﻫﻲ ﺑﻴﺎﻧﺪﺍﺯﻳﺪ http://www.cs.purdue.edu/~saumil/maps :ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ saumilﺭﺍ ﺩﺭ ﻳﻚ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ﺩﺭﻭﻥ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺸﺨﺺ ﻣﻲ ﻛﻨﺪ.
ﺗﻬﻴﻪ ﻛﻨﻨﺪﻩ: ﺍﻣﻴﺮ ﺣﺴﻴﻦ ﺷﺮﻳﻔﻲ [email protected] ، ٢٧ﻣﻬﺮﻣﺎﻩ ١٣٨٢
ﻣﻨﺒﻊ: Web Hacking , Stuart McClure,Saumil Shah , Shreeraj Shah -١
- Query
WWW.WebSecurityMgz.com
6
1
