在Mac OS X中运行Apache + PHP + MySQL
Posted on | 五月 10, 2010 | No Comments
在Mac OS X中运行Apache + PHP + MySQL Read more
CRLF Injection
Posted on | 五月 4, 2010 | No Comments
CRLF Injection attacks and HTTP Response Splitting
The CRLF Injection Attack (sometimes also referred to as HTTP Response Splitting) is a fairly simple, yet extremely powerful web attack. Hackers are actively exploiting this web application vulnerability to perform a large variety of attacks that include XSS cross-site scripting, cross-user defacement, positioning of client’s web-cache, hijacking of web pages, defacement and a myriad of other related attacks. A number of years ago a number of CRLF injection vulnerabilities were also discovered in Google’s Adwords web interface.
Sounds scary to you? You bet. Are you vulnerable? Quite possibly, and this is why.
CRLF Injection Mechanism
CRLF (Carriage Return and Line Feed) is a very significant sequence of characters for programmers. These two special characters represent the End Of Header marker (EOH) for many Internet protocols, including, but not limited to MIME (e-mail), NTTP (newsgroups) and more importantly HTTP. When programmers write code for web applications they split headers based on where the CRLF is found. If a malicious user is able to inject his own CRLF sequence into an HTTP stream, he is able to maliciously control the way a web application functions.
A simple CRLF Injection example
Suppose you run a vulnerable website that has a member section. An attacker will send an email to one of your members containing a CRLF-crafted link. This link appears to be legitimate; after all it points to your own website. The link might look something like the one below:
http://www.yoursite.com/somepage.php?page=%0d%0aContent-Type: text/html%0d%0aHTTP/1.1 200 OK%0d%0aContent-Type: text/html%0d%0a%0d%0a%3Chtml%3EHacker Content%3C/html%3E
When the victim clicks on the link he will be served with the following HTML page:
<html>Hacker Content</html>
This attack appears to simply show the words “Hacker Content” on the victim’s machine however the danger is that YOUR server has generated this HTML code, so effectively the hacker has injected HTML code into the victims browser via YOUR web server! Ouch. More sophisticated variations of this example can lead to poisioning of the client’s web-cache, cookies, XSS, temporary or permanent defacement of web pages and even information theft.
Example insight
If you look closely at the malicious URL you might notice a few occurences of the pattern %0d%0a. This pattern is the HTTP equivalent of CRLF and is the reason why we call this technique it a CRLF Injection Attack.
Known countermeasures
The only effective countermeasure is to properly sanitize URLs that point to web pages on your site containing any server re-direction code. Finding these holes is not a trivial task; most web applications today are littered with server-side redirects so the location of these vulnerabilities is not always clear, and it is very easy to miss most of them. Normally it can take hundreds of man-hours to test all your web page redirects and therefore it is very common to use an automated tool such as a web vulnerability scanner to find such web vulnerabilities.
Check if your website is vulnerable to CRLF injection
Acunetix Web Vulnerability Scanner ensures website security by automatically checking for CRLF Injection, SQL injection, Cross site scripting attacks and other vulnerabilities. It checks password strength on authentication pages and automatically audits shopping carts, forms, dynamic content and other web applications. As the scan is being completed, the software produces detailed reports that pinpoint where vulnerabilities exist. Take a product tour or download the evaluation version today!
Scanning for XSS vulnerabilities with Acunetix WVS Free Edition!
To check whether your website has cross site scripting vulnerabilities, download the Free Edition from here. This version will scan any website / web application for XSS vulnerabilities and it will also reveal all the essential information related to it, such as the vulnerability location and remediation techniques. Scanning for XSS is normally a quick exercise (depending on the size of the web-site).
c#编译器资源-随笔
Posted on | 五月 4, 2010 | No Comments
http://support.microsoft.com/kb/304655
http://www.microsoft.com/china/msdn/library/langtool/vcsharp/CSharp20ComLine.mspx?mfr=true
http://msdn.microsoft.com/en-us/library/microsoft.csharp.csharpcodeprovider.aspx
换主题-随笔
Posted on | 五月 2, 2010 | No Comments
换了个叫SEO-OF-ELEMENT的主题,突然发现自己越喜欢简介的风格了,找了下没找到舒缓中国风的主题,
上了广告,统计JS,分页等,然后在外婆家的IE6上调试。主页的R-SIDEBAR怎么都FLOAT:RIGHT不上来。悲剧。看我没装FIREFOX欺负我。哼~
引用句名言:IE6 MUST DIE,FLASH MUST DIE
随笔-MD5悲剧-c#
Posted on | 四月 25, 2010 | 3 Comments
图书馆对面的2小情侣给了我动力,终于搞定了课设,今晚又尝试了下MD5加解密文件系统密码,网上找了个MD5类如下,结果就悲剧了 Read more
string和byte[]的相互(C#)
Posted on | 四月 25, 2010 | 1 Comment
string类型转成byte[]:
byte[] byteArray = System.Text.Encoding.Default.GetBytes ( str );
反过来,byte[]转成string:
string str = System.Text.Encoding.Default.GetString ( byteArray ); Read more
app.config-c#读写类
Posted on | 四月 25, 2010 | 2 Comments
一个APP.CONFIG读写类,2个MD5类 Read more
Microsoft Enterprise Library5.0
Posted on | 四月 23, 2010 | No Comments
2010-04-23 10:49 原文链接
What is Enterprise Library ? Read more
jQuery1.4.2新特性
Posted on | 四月 23, 2010 | No Comments
一 下载: Read more
随笔-COPY-LOVE
Posted on | 四月 21, 2010 | 2 Comments
你有地图么?因为我刚在你的眼神中迷失了。
2.Meeting you was fate, and falling in love with you was out of my control.
遇见你是命运的安排而爱上你是我情不自禁。
3.No man or woman is worth your tears and the one who is, won’t make your cry.
没人值得你为ta流泪,真正爱你的人不会让你哭泣。
4.There are two reasons why I wake up in the morning: my alarm clock and you.
我早上醒来的原因有两个: 闹钟和你。
5.You are everything to me, and I was so blessed when god sent you here for me.
你是我的一切,上帝让你来到我身边,我真是太幸运。
6.In spite of you and me and the silly world going to pieces around us, I love you.
哪怕是世界末日,我都会爱你。
7.If I could rearrange the alphabet, I’d put Y and I together.
如果我能重新来排列字母,我要把Y(你)跟I(我)排在一起。
8.It’s not being in love that makes me happy, but is being in love with you.
不是恋爱的感觉让我幸福而是爱上你的感觉让我幸福。
9.There are 4 steps to happiness: 1 you 2 me 3 our hearts 4 together
通往幸福的路有四步:1 你2 我3 我们的心4 在一起。
10.Love you so I don’t wanna go to sleep, for reality is better than a dream.
爱你所以我不愿去睡觉,因为现实比梦境更美好。
