日韩天天综合网_野战两个奶头被亲到高潮_亚洲日韩欧美精品综合_av女人天堂污污污_视频一区**字幕无弹窗_国产亚洲欧美小视频_国内性爱精品在线免费视频_国产一级电影在线播放_日韩欧美内地福利_亚洲一二三不卡片区

Web服務(wù)器的安全和攻擊防范(8)_Windows教程

編輯Tag賺U幣
教程Tag:暫無Tag,歡迎添加,賺取U幣!
偽造Web請(qǐng)求(二)

  注意b的值必須以URL編碼格式輸入。要將字符串進(jìn)行URL編碼,可以使用一個(gè)簡單的PHP程序,例如: 




kris@valiant:~/www <   cat urlencode.php
#! /home/kris/bin/php -q
<  ?php
  print urlencode($argv[1])."n";
? >
kris@valiant:~/www <   ./urlencode.php "this is a test"
this+is+a+test

  發(fā)送HTTP POST請(qǐng)求只是稍微復(fù)雜一點(diǎn):現(xiàn)在應(yīng)該在這個(gè)請(qǐng)求中包含一個(gè)合法的Content-Type頭以及正確的內(nèi)容長度字節(jié)數(shù)。下面是具體過程: 




kris@valiant:~/www <   telnet valiant 80
Trying 193.102.57.3...
Connected to valiant.koehntopp.de.
Escape character is '^]'.
POST /~kris/test.php HTTP/1.0
Host: valiant.koehntopp.de
Referer: http://www.attacker.com/die_sucker_die.html
Content-Type: application/x-www-form-urlencoded
Content-Length: 16

b=this+is+a+test
HTTP/1.1 200 OK
Date: Sat, 08 Apr 2000 06:55:11 GMT
Server: Apache/1.3.9 (Unix)  (SuSE/Linux) PHP/4.0RC2-dev
mod_ssl/2.4.7 OpenSSL/0.9.4
X-Powered-By: PHP/4.0RC2-dev
Connection: close
Content-Type: text/html

The value of b is this is a test
The value of HTTP_REFERER is
http://www.attacker.com/die_sucker_die.html
Connection closed by foreign host.

來源:網(wǎng)絡(luò)搜集//所屬分類:Windows教程/更新時(shí)間:2013-04-15
相關(guān)Windows教程