Professional Documents
Culture Documents
Tan Cong Va Phong Thu Ung Dung WEB
Tan Cong Va Phong Thu Ung Dung WEB
LI M U
Cng vi s pht trin ca cng ngh thng tin, cng ngh mng my tnh v s
pht trin ca mng internet ngy cng pht trin a dng v phong ph. Cc dch v
trn mng thm nhp vo hu ht cc lnh vc trong i sng x hi. Cc thng tin
trn Internet cng a dng v ni dung v hnh thc, trong c rt nhiu thng tin
cn c bo mt cao hn bi tnh kinh t, tnh chnh xc v tnh tin cy ca n.
Bn cnh , cc hnh thc ph hoi mng cng tr nn tinh vi v phc tp hn. Do
i vi mi h thng, nhim v bo mt c t ra cho ngi qun tr mng l ht
sc quan trng v cn thit. Xut pht t nhng thc t , chng ta s tm hiu v cc
cch tn cng ph bin nht hin nay v cc phng chng cc loi tn cng ny.
Chnh v vy, thng qua vic nghin cu mt s phng php tn cng v cch bo
mt cc la tn cng ny, mnh mong mun gp mt phn nh vo vic nghin cu v
tm hiu v cc vn an ninh mng gip cho vic hc tp v nghin cu.
1. L do chn ti
Trong nhng nm gn y, Vit Nam ngy cng pht trin v nht l v mt cng
ngh thng tin. c bit l v ng dng web, hu nh mi ngi ai cng tng nghe v
lm vic trn ng dng web. Website tr nn ph bin v tr thnh mt phn quan
trng ca mi ngi v nht l cc doanh nghip, cng ty. Bn cnh l do an ton
bo mt cho ng dng web lun l vn nan gii ca mi ngi.V vy chng ta s
i tm hiu ng dng web v cch thc tn cng v bo mt web.
2. Mc tiu
Gip chng ta c th hiu hn v cc ng dng website, cc mi e da v vn
an ton thng tin khi chng ta lm vic trn ng dng web hng ngy, hiu r hn v
cc k thut tn cng v bo mt web.
3. Phm vi
Tm hiu cc k thut tn cng ph bin nht hin nay nh SQL Injection, Denial
Of Service, Local Attack,Cch bo mt, phng th cc loi tn cng ph bin trn
mt cch tng quan nht
MC LC
Trang 2
Trang 3
Trang 4
cng ty. Khng phi lc no bn cng cng ty, vi phn mm vit trn nn web, bn
c th vo kim tra, iu hnh bt c u, thm ch bn ch cn mt chic in thoi
chy c trnh duyt nh IPhone m khng cn n mt chic my tnh.
Trang 5
Trang 6
Trang 7
Trang 8
Trang 9
Trang 10
Trang 11
Trang 12
Trang 13
Trang 14
Trang 15
cc
my
tnh
khc
trong
mng.
ca
mc
tiu
trong
nhy
mt.
Trang 16
xc
thc)
Trang 17
Trang 18
Agent -Handler
IRC - Based
Client Handler
Client Handler
Communication
Communication
TCP
UDP
ICMP
TCP
UDP
Secret/private
channel
Public channel
ICMP
Handler
Agent
Attacker
Handler
Agent
Handler
Agent
Handler
Agent
Agent
Victim
Hnh 3. Kin trc attack-network kiu Agent Handler
Tav4 Bkav Forum
Trang 19
Trang 20
Attacker
IRC NETWORK
Agent
Agent
Agent
Agent
Agent
Victim
Hnh 4. Kin trc attack-network ca kiu IRC-Base
- IRC Based net work cng tng t nh Agent Handler network nhng m hnh
ny s dng cc knh giao tip IRC lm phng tin giao tip gia Client v Agent
(khng s dng Handler). S dng m hnh ny, attacker cn c thm mt s li th
khc nh:
Cc giao tip di dng chat message lm cho vic pht hin chng l v cng kh
khn
IRC traffic c th di chuyn trn mng vi s lng ln m khng b nghi ng
Khng cn phi duy tr danh sch cc Agent, hacker ch cn logon vo IRC server l
c th nhn c report v trng thi cc Agent do cc channel gi v.
Sau cng: IRC cng l mt mi trng file sharing to iu kin pht tn cc Agent
code ln nhiu my khc.
2.2.2.3. Phn loi tn cng kiu DDOS
- Nhn chung, c rt nhiu bin th ca k thut tn cng DDoS nhng nu nhn di
gc chuyn mn th c th chia cc bin th ny thnh hai loi da trn mch ch
tn cng: Lm cn kit bng thng v lm cn kit ti nguyn h thng
Trang 21
Bandwith
DeleptionDeleption
Flood Attack
Resource Deleption
Amplification
Protoco
l
Attack
Exploit
Malformed
Paclket
attack
Attack
UDP
ICMP
Smuft
Flaggle
attack
Attack
TCP
SYS
Attack
PUSH
IP @
+ACK
Attack
IP Packet
Options
Attack
SYN
Rando
m
Static
Spoof
Direct
Loop
Port
Source
Attack
Attack
Attack
Attack
Port
Attack
Spoof
Spoof
Spoof
Spoof
source
source
source
source
Attack
Trang 22
Trang 23
VICTIM
Amplifier
Trang 24
TCP
TCP
SYN/ACK
Client
ACK
Client Port
80
Server
1024-65535
Trang 25
Server
Attacker/Agent
Server
SYN
SYN
SYN/ACK
SYN/ACK
SYN/ACK
ACK
Hnh 8. Attacker gi mo Ip
+ PUSH = ACK Attack: Trong TCP protocol, cc packet c cha trong buffer, khi
buffer y th cc packet ny s c chuyn n ni cn thit. Tuy nhin, bn gi c
th yu cu h thng unload buffer trc khi buffer y bng cch gi mt packet vi
PUSH v ACK mang gi tr l 1. Nhng packet ny lm cho h thng ca nn nhn
unload tt c d liu trong TCP buffer ngay lp tc v gi mt ACK packet tr v khi
thc hin xong iu ny, nu qu trnh c din ra lin tc vi nhiu Agent, h thng
s khng th x l c lng ln packet gi n v s b treo.
ii.b/ Malformed Packet Attack:
- Malformed Packet Attack l cch tn cng dng cc Agent gi cc packet c cu
trc khng ng chun nhm lm cho h thng ca nn nhn b treo.
C hai loi Malformed Packet Attack:
+ IP address attack: dng packet c a ch gi v nhn ging nhau lm cho h iu
hnh ca nn nhn khng x l ni v b treo.
+ IP packet options attack ngu nhin ha vng OPTION trong IP packet v thit lp
tt c cc bit QoS ln 1, iu ny lm cho h thng ca nn nhn phi tn thi gian
phn tch, nu s dng s lng ln Agent c th lm h thng nn nhn ht kh nng
x l.
ii.c/ Mt s c tnh ca cng c DdoS attack:
Trang 26
Agent Setup
OS supported
Comminication
Instalation
Protocol
Encruption Agent
Activation
Unix
Methods
Active
Yes
Passive
No
TCP UDP
Bugged Corrupted
website
Backdoor Trojan
File
Buffer Overlfow
Actively
Poll
Live&wait
ICMP
YES
Agent
IRC
Handlerl
Basedl
Client
Agent
Private/Serect
None
No
Public
Handlerl
Hnh 9. Mt s c
tnh caHandlerl
cng c DdoS attack
Trang 27
Trang 28
Trang 29
Trang 30
Trang 31
Trang 32
Trang 33
=''
OR
''=''
and
Trang 34
Trang 35
Trang 36
Trang 37
Trang 38
Trang 39
Trang 40
next
Trang 41
Trang 42
Trang 43
was
found !');</script>
- V rt c th trnh duyt ca bn s hin ln mt thng bo "XSS was found !". Cc
on m trong th script khng h b gii hn bi chng hon ton c th thay th
bng mt file ngun trn mt server khc thng qua thuc tnh src ca th script. Cng
chnh v l m chng ta cha th lng ht c nguy him ca cc li XSS.
- Nhng nu nh cc k thut tn cng khc c th lm thay i c d liu ngun
ca web server (m ngun, cu trc, c s d liu) th XSS ch gy tn hi i vi
website pha client m nn nhn trc tip l nhng ngi khch duyt site . Tt
nhin i khi cc hacker cng s dng k thut ny deface cc website nhng
vn ch tn cng vo b mt ca website. Tht vy, XSS l nhng Client-Side Script,
nhng on m ny s ch chy bi trnh duyt pha client do XSS khng lm nh
hng n h thng website nm trn server. Mc tiu tn cng ca XSS khng ai
khc chnh l nhng ngi s dng khc ca website, khi h v tnh vo cc trang c
cha cc on m nguy him do cc hacker li h c th b chuyn ti cc website
khc, t li homepage, hay nng hn l mt mt khu, mt cookie thm ch my tnh
bn c th s b ci cc loi virus, backdoor, worm
2.4.1.2. Cch tn cng
i. Scan l hng XSS cua ng dng web
- Cch 1: S dng nhiu chng trnh d qut li ca ng dng web, v d nh
chng trnh Web Vulnerability Scanner d qut li XSS.
- Cch 2: Thc hin 5 bc:
Bc 1: M website cn kim tra
Bc 2: Xc nh cc ch (phn) cn kim tra XSS. 1 Site bt k bao gi cng
c cc phn:
Search, error message, web form. Ch yu li XSS nm phn ny, ni chung
XSS c th xy ra ch no m ngi dng c th nhp d liu vo v sau nhn
c mt ci g . V d chng ta nhp vo chui XSS
Bc 3: Xc minh kh nng site c b li XSS hay khng bng cch xem cc
thng tin tr v. V d chng ta thy th ny: Khng tm thy XSS , hay l Ti
khon XSS khng chnh xc, ng nhp vi XSS khng thnh cng th khi
kh nng ch b dnh XSS l rt cao.
Bc 4: Khi xc nh ch c kh nng b dnh li XSS th chng ta s chn
nhng on code ca chng ta vo th tip, v d nh sau:
Trang 44
Trang 45
Trang 46
Trang 47
Trang 48
Trang 49
NHN XT HNG DN
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
..............................................................................................................................
Tav4 Bkav Forum
Trang 50
Trang 51