Professional Documents
Culture Documents
URL
ﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﻣﻘﺪﻣﻪ
ﺩﺭ ﺑﻴﻦ ﺗﻤﺎﻣﻲ ﺗﻜﻨﻴﻜﻬﺎﻱ ﻫﻚ ،ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﻳﻜﻲ ﺍﺯ ﺯﻳﺒﺎﺗﺮﻳﻦ ﺗﻜﻨﻴﻚ ﻫﺎ ﻣﻲ ﺑﺎﺷﺪ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﺩﺳﺘﻮﺭﺍﺕ ﺍﺟﺮﺍﻳﻲ ﺍﺯ ﻃﺮﻳﻖ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺣﻤﻼﺕ ﺧﺮﺍﺑﻜﺎﺭﺍﻧﻪ ﭘﺮ ﺍﺯ ﺭﻳﺰﻩ ﻛﺎﺭﻳﻬﺎﻱ ﻧﺎﺏ ﻭ
ﺩﺭﺧﺸﺎﻥ ﺍﺳﺖ .ﺩﺭ ﻣﻘﺎﺑﻞ ﺗﻤﺎﻣﻲ ﺗﻜﻨﻴﻚ ﻫﺎﻱ ﭘﻴﭽﻴﺪﻩ ﻭ ﻣﺸﻜﻞ ﻫﻚ ،ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﺳﺎﺩﻩ ﻭ ﺟﺰﻳﻲ
ﻣﻲ ﺑﺎﺷﺪ .ﺑﻪ ﻋﻨﻮﺍﻥ ﻳﻚ ﻣﺜﺎﻝ ﺳﺎﺩﻩ ﺁﻳﺎ ﺷﻤﺎ ﻣﻲ ﺩﺍﻧﻴﺪ ﻛﻪ ﻓﻘﻂ ﺑﺎ ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﻳﻚ “ ”%%ﻣﻲ ﺗﻮﺍﻥ ﺍﻣﻨﻴﺖ
ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭﺏ ﺷﻤﺎ ﺭﺍ ﺑﻪ ﺧﻄﺮ ﺍﻧﺪﺍﺧﺖ؟!
ﻣﻲ ﺗﻮﺍﻥ ﺍﻳﻨﮕﻮﻧﻪ ﻓﺮﺽ ﻛﺮﺩ ﻛﻪ ﻫﻚ ﻛﺮﺩﻥ ﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﻣﺎﻧﻨﺪ ﻳﻚ ﻋﻤﻞ ﺟﺮﺍﺣﻲ ﻛﻮﭼﻚ ﺍﺯ ﻃﺮﻳﻖ ﻓﻘﻂ ﻳﻚ
ﺳﻮﺭﺍﺥ ﺭﻳﺰ ﻣﻲ ﺑﺎﺷﺪ .ﺩﺭ ﺍﺑﺘﺪﺍ ﺧﻴﻠﻲ ﻇﺮﻳﻒ ﻭ ﻛﻮﭼﻚ ﺍﺳﺖ ﻭﻟﻲ ﺩﺭ ﻋﻤﻖ ﻛﺎﺭ ﺟﺰﻭ ﻋﻤﻴﻖ ﺗﺮﻳﻦ ﻭ ﭘﻴﭽﻴﺪﻩ
ﺗﺮﻳﻦ ﺳﻴﺴﺘﻢ ﻫﺎ ﻣﻲ ﺑﺎﺷﺪ.
URLﺑﻌﻀﻲ ﻣﻮﺍﻗﻊ ﻓﻘﻂ ﺗﻨﻬﺎ ﺭﺍﻩ ﺍﺭﺗﺒﺎﻃﻲ ﺑﺎ ﺳﻴﺴﺘﻢ ﻫﺎﻱ ﺑﺰﺭﮒ ﻭ ﭘﻴﭽﻴﺪﻩ ﺍﻱ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺍﺭﺍﻱ ﺍﻣﻦ
ﺗﺮﻳﻦ ﺩﻳﻮﺍﺭ ﻫﺎﻱ ﺁﺗﺶ ﻣﻲ ﺑﺎﺷﻨﺪ! ﺩﺭ ﺍﻳﻦ ﻣﻘﺎﻟﻪ ﻓﻘﻂ ﻗﺼﺪ ﺁﻥ ﺭﺍ ﺩﺍﺭﻡ ﻛﻪ ﺩﺭﺑﺎﺭﻩ URLﺑﺤﺚ ﻛﻨﻢ ﻭ ﺍﻳﻨﻜﻪ ﺑﻪ
ﻃﻮﺭ ﻛﻠﻲ URLﭼﻴﺴﺖ ؟ ﻭ ﭼﮕﻮﻧﻪ ﺑﻪ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻛﻤﻚ ﻣﻲ ﻛﻨﺪ؟ ﻭ ﻳﺎ ﺑﺪ ﺑﻪ ﻛﺎﺭ ﺑﺮﺩﻥ ﺁﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﭼﻪ
ﺧﺼﺎﺭﺗﻬﺎﻱ ﺑﻪ ﺳﻴﺴﺘﻢ ﻭﺍﺭﺩ ﺷﻮﺩ؟
ﺑﺎ ﻣﺜﺎﻟﻬﺎﻱ ﻇﺮﻳﻔﻲ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻣﺒﺤﺚ ﺯﺩﻩ ﻣﻲ ﺷﻮﺩ ﺗﻮﻟﻴﺪ ﻛﻨﻨﺪﮔﺎﻥ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻭﺏ ﻭ ﮔﺮﻭﻫﻬﺎﻱ ﻛﻪ ﺩﺭ ﺯﻣﻴﻨﻪ
ﺗﻜﻨﻮﻟﻮﮊﻱ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭ ﻣﻲ ﻛﻨﻨﺪ ﺑﻪ ﺧﻄﺮﻱ ﻛﻪ ﺗﺎ ﺣﺪﻱ ﺁﻧﻬﺎ ﺭﺍ ﺗﻬﺪﻳﺪ ﻣﻲ ﻛﻨﺪ ﭘﻲ ﻣﻲ ﺑﺮﻧﺪ.
ﺍﻛﺜﺮ ﺣﻤﻼﺕ ﻭﺏ ﺑﺴﻴﺎﺭ ﻇﺮﻳﻒ ﺍﺳﺖ .ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﺎ ﻗﺪﻣﻬﺎﻱ ﻛﻮﭼﻚ ﺷﺮﻭﻉ ﻣﻲ ﻛﻨﻨﺪ ﻣﺎﻧﻨﺪ ﺍﻳﻨﻜﻪ ﺳﺎﻳﺖ ﻭﺏ
ﭼﮕﻮﻧﻪ ﻭ ﺑﺮﺍﻱ ﭼﻪ ﺳﺎﺧﺘﻪ ﺷﺪﻩ ﺍﺳﺖ .ﻫﺮ ﺗﺤﻘﻴﻖ ﻭ ﺟﺴﺘﺠﻮﻱ ﺑﻴﺸﺘﺮ ﺩﺭ ﺳﺎﻳﺖ ،ﻧﻔﻮﺫﮔﺮ ﺭﺍ ﺑﻪ ﻗﺴﻤﺘﻬﺎﻱ
ﻋﻤﻴﻖ ﺗﺮ ﺩﺍﺧﻠﻲ ﻫﺪﺍﻳﺖ ﻣﻲ ﻛﻨﺪ .ﻇﺮﺍﻓﺖ ﺍﻳﻨﮕﻮﻧﻪ ﺣﻤﻼﺕ ﺑﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﻔﻮﺫﮔﺮ ﻓﻘﻂ ﺑﻪ ﻳﻚ ﺍﺑﺰﺍﺭ ﺍﺣﺘﻴﺎﺝ
ﺩﺍﺭﺩ :ﻳﻚ ﻣﺮﻭﺭﮔﺮ ﻭﺏ !
ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺩﺭ ﺍﻳﻨﺠﺎ ﻗﺼﺪ ﺗﻮﺿﻴﺢ ﺁﻥ ﺭﺍ ﺩﺍﺭﻳﻢ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﺳﺎﺧﺘﻤﺎﻥ URL -
ﺭﻣﺰﮔﺬﺍﺭﻱ URL -
ﻛﺪﻫﺎﻱ ﺍﺳﻜﻲ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﻫﮕﺰﺍ ﺩﺳﻴﻤﺎﻝ ﻭ ﻳﻮﻧﻲ ﻛﺪ -
Meta-characterﻫﺎ ﻭ ﺗﺎﺛﻴﺮﺍﺕ ﺁﻧﻬﺎ ﺑﺮ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ -
ﻓﺮﻣﻬﺎﻱ HTMLﻭ ﺍﺭﺟﺎﻉ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ -
ﺩﺭ ﺍﻳﻨﺠﺎ ﻓﺮﺽ ﺑﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻋﺰﻳﺰ ﺑﺎ ﭘﺮﻭﺗﻜﻞ HTTPﻭ HTMLﺁﺷﻨﺎ ﻣﻲ ﺑﺎﺷﻨﺪ.
ﺳﺎﺧﺘﻤﺎﻥ URL
1 WWW.WebSecurityMgz.com
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
URLﺩﺭ ﺍﺻﻞ ﻣﻜﺎﻧﻴﺰﻣﻲ ﺑﺮﺍﻱ ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﻣﻨﺎﺑﻊ ﺍﻳﻨﺘﺮﻧﺖ ﺭﻭﻱ ﻭﺏ ﻭ ﻳﺎ ﺳﺮﻭﺭﻫﺎﻱ FTPﻫﺴﺘﻨﺪ ﻭ
ﺷﺎﻣﻞ ﻻﻳﻪ ﭘﺮﻭﺗﻜﻞ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻣﻲ ﺑﺎﺷﻨﺪ ﻛﻪ ﻫﺮ ﻛﺪﺍﻡ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻳﻲ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﺳﺮﻭﺭ ﻭﺏ ﻣﻲ
ﺳﺎﺯﻧﺪ.
ﺍﻳﻦ ﺳﺎﺧﺘﻤﺎﻥ ﻋﻤﻮﻣﻲ ﻳﻚ URLﺍﺳﺖ:
Protocol://Server/Path/to/resource?parameter
Protocol
ﭘﺮﻭﺗﻜﻞ ﻻﻳﻪ .Applicationﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﺍﺳﺘﻔﺎﺩﻩ URLﻫﺎ ﺩﺭ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻣﻨﺎﺑﻊ ﺍﺯ ﺳﺮﻭﺭﻫﺎﻱ ﻭﺏ ﻣﻲ
ﺑﺎﺷﺪ ( HTTP Server ) .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻋﻤﻮﻣﻲ ﺗﺮﻳﻦ ﭘﺮﻭﺗﻜﻞ HTTPﻣﻲ ﺑﺎﺷﺪ ﻭ ﺑﻘﻴﻪ ﭘﺮﻭﺗﻜﻠﻬﺎ ﻣﺎﻧﻨﺪ ، https
pop3 ، telnet ، ldap ، ftpﻭ ﻏﻴﺮﻩ ﺑﺴﺘﮕﻲ ﺑﻪ ﺁﻥ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﺮﻭﮔﺮ ﻭ ﻳﺎ ﺳﺮﻭﺭ ﭼﻪ ﭼﻴﺰﻱ ﺭﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲ
ﻛﻨﺪ.
Server
ﻧﺎﻡ ﺣﻮﺯﻩ ، DNSﻧﺎﻡ Netbiosﻳﺎ ﺁﺩﺭﺱ IPﻳﻚ ﻣﻴﺰﺑﺎﻥ ﻭ ﻳﺎ ﻳﻚ ﺷﺒﻜﻪ
Path/to/resource
ﻣﺴﻴﺮ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ،ﺷﺎﻣﻞ ﻧﺎﻡ ﻣﻨﺎﺑﻌﻲ ﻛﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﻧﺪ ﻭ ﺍﻳﻦ ﻣﻨﺎﺑﻊ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﻳﻚ ﻓﺎﻳﻞ ﺍﻳﺴﺘﺎ ﺑﺎﺷﻨﺪ
ﻭ ﻳﺎ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﭘﻮﻳﺎ ﺧﺮﻭﺟﻲ ﺭﺍ ﺗﻮﻟﻴﺪ ﻣﻲ ﻛﻨﻨﺪ.
Parameters
ﺑﻪ ﺻﻮﺭﺕ ﻋﻤﻠﻲ ،ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﻫﻨﮕﺎﻣﻲ ﺑﻪ ﻳﻚ ﻣﻨﺒﻊ ﺍﺭﺟﺎﻉ ﺩﺍﺩﻩ ﻣﻲ ﺷﻮﻧﺪ ﻛﻪ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻳﺎ ﻳﻚ
ﺑﺮﻧﺎﻣﻪ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺑﻪ ﺻﻮﺭﺕ ﭘﻮﻳﺎ ﺧﺮﻭﺟﻲ ﺗﻮﻟﻴﺪ ﻛﻨﺪ.
ﺷﻜﻞ ١ﺍﻧﻮﺍﻉ URLﺭﺍ ﻧﺸﺎﻥ ﻣﻲ ﺩﻫﺪ URL .ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺍﻟﻒ ﺧﻴﻠﻲ ﻭﺍﺿﺢ ﻭ ﺭﻭﺷﻦ
ﺍﺳﺖ .ﻓﺎﻳﻞ Monalisa.htmlﻳﻚ ﺩﺭﺧﻮﺍﺳﺘﻲ ﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺍﺯ ﺳﺮﻭﺭﻱ ﺑﻪ ﻧﺎﻡ www.blueballoon.com
www.blueballoon.comﻣﺴﻴﺮ ﺷﺪﻩ ﺍﺳﺖ .ﻣﻮﻗﻌﻴﺖ ﻓﺎﻳﻞ Monalsia.htmlﺩﺭ ﻭﺏ ﺳﺎﻳﺖ
/pictures/davinchiﻣﻲ ﺑﺎﺷﺪ URL .ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -١ﺏ ﻣﺜﺎﻟﻲ ﺍﺯ ﻳﻚ ﭘﺮﻭﺗﻜﻞ ﺩﻳﮕﺮ ﻣﻲ
ﺑﺎﺷﺪ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺑﺎﻋﺚ ﻣﻲ ﺷﻮﺩ ﻛﻪ ﻛﺎﺭﺑﺮ ﻳﻚ ﺍﺭﺗﺒﺎﻁ FTPﺑﺮﺍﻱ ﻳﻚ ﻛﺎﺭﺑﺮ anonymousﺑﺎ ﺳﺮﻭﺭ
www.blueballoon.comﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ ﻭ ﻓﺎﻳﻞ img_viewer.exeﺭﺍ ﺍﺯ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ /pub/ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ.
URLﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﺩﺭ ﺷﻜﻞ -٢ﺝ ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﺩﺭﺧﻮﺍﺳﺘﻲ ﺭﺍ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ
View.aspﻣﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ Newsﻗﺮﺍﺭ ﺩﺍﺭﺩ .ﻳﻚ ﭘﺎﺭﺍﻣﺘﺮ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﺍﺭﺟﺎﻉ ﻣﻲ ﺷﻮﺩ ID .ﻛﻪ
ﻣﺤﺘﻮﻱ ﻳﻚ ﺭﻗﻢ 820620ﻣﻲ ﺑﺎﺷﺪ.
http:// www.blueballoon.com/pictures/davinchi/monalisa.html
Protocol Server Name ﻣﺴﻴﺮ ﻓﺎﻳﻠﻲ ﻛﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ ﺍﺳﺖ
ﺍﻟﻒ
ftp:// 192.168.17.33/pub/img_viewer.exe
Protocol ﻧﺎﻡ ﺳﺮﻭﺭ ﻣﺴﻴﺮ ﻓﺎﻳﻞ ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ
ﺏ
http:// www.ITIran.com/News/View.asp?ID=820620
Protocol ﻧﺎﻡ ﺳﺮﻭﺭ ﻣﺴﻴﺮ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﭘﺎﺭﺍﻣﺘﺮ ﺍﺭﺟﺎﻉ ﺷﺪﻩ ﺑﻪ ﺑﺮﻧﺎﻣﻪ
View.aspﻛﺎﺭﺑﺮﺩﻱ
2 ﺩﺭﺧﻮﺍﺳﺖ ﺷﺪﻩ WWW.WebSecurityMgz.com
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺣﺎﻝ ﺍﺟﺎﺯﻩ ﺑﺪﻫﻴﺪ ﻛﻪ ﺑﻪ ﭼﮕﻮﻧﮕﻲ ﺍﺭﺟﺎﻉ ﭘﺎﺭﺍﻣﺘﺮﻫﺎ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻧﮕﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ.
3 WWW.WebSecurityMgz.com
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﻛﻪ ﻧﺸﺎﻧﮕﺮ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﺍﺳﺖ ﻛﻪ ﺧﺒﺮ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺑﺮﺍﻱ ﺳﺎﻝ ٨٢ﻭ ﻣﺎﻩ ٠٦ﻳﻌﻨﻲ ﺷﻬﺮﻳﻮﺭ ﻭ ﺭﻭﺯ ٢٠
ﻣﻲ ﺑﺎﺷﺪ!
ﺍﻣﺎ ﺟﺰﻳﻴﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺍﻳﻦ ﭘﺎﺭﺍﻣﺘﺮ ﻫﺎ ﻓﻬﻤﻴﺪ ﻭ ﻣﺎ ﺩﺭ ﺁﻳﻨﺪﻩ ،ﺑﻴﺸﺘﺮ ﺭﻭﻱ ﺗﻜﻨﻴﻚ ﻫﺎﻱ ﻧﻘﺸﻪ
ﺑﺮﺩﺍﺭﻱ ﺍﺯ ﭘﺎﻳﻴﻦ ﺑﻪ ﺑﺎﻻ ﺑﺤﺚ ﻣﻲ ﻛﻨﻴﻢ.
4 WWW.WebSecurityMgz.com
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
5 WWW.WebSecurityMgz.com
URLﺷﻤﺸﻴﺮ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺏ
ﺗﻬﻴﻪ ﻛﻨﻨﺪﻩ:
ﺍﻣﻴﺮ ﺣﺴﻴﻦ ﺷﺮﻳﻔﻲ websecuritymgz@websecuritymgz.com ،
٢٧ﻣﻬﺮﻣﺎﻩ ١٣٨٢
ﻣﻨﺒﻊ:
Web Hacking , Stuart McClure,Saumil Shah , Shreeraj Shah -١
1
- Query
6 WWW.WebSecurityMgz.com