Đang chuẩn bị liên kết để tải về tài liệu:
HackNotes Windows Security Portable Reference phần 6

cuối cùng kết thúc với buổi bình minh của Windows 2003, không có nghi ngờ là chủ đề của nhiều cuộc tranh luận nóng bỏng tại Redmond. Tuy nhiên, khi bạn nhìn vào vấn đề từ một quan điểm hỗ trợ sản phẩm, có một số logic với nó. Windows 95 và 98 đã được chấp nhận bởi cộng đồng doanh nghiệp. | Chapter 7 Hacking Internet Information Services 99 Date Sat 10 May 2003 05 12 53 GMT Connection Keep-Alive Content-Length 1270 Content-Type text html Set-Cookie ASPSESSIONIDGQQGQJFC ADAPBPDCAKPLFCKGHCNHNJIK path Cache-control private HTML BODY P Some html data. BR BODY HTML The first line is supplied by the browser specifying the action GET the resource and the HTTP protocol and revision HTTP 1.0 . The browser follows this GET request with two carriage returns which signals the HTTP server that the browser has completed its request. The first line returned by the server is the HTTP response code followed by the HTTP headers and finally the HTML data. Unless certain keep alive options are set the server terminates the connection after it has responded to the request. The example above did not specify any request parameters so our request was limited to a single line. Most browsers will provide significantly more information to the server to indicate the types of content the browser can accept or in the case of forms the data it is supplying. These options follow the initial action and are followed by two carriage returns. In many IIS vulnerabilities the exploit is delivered through these facilities. The following shows an abbreviated POST request POST form.html HTTP 1.1 Accept image gif image x-bitmap image jpeg image pjpeg Content-type application x-www-form-urlencoded Content-length 14 username modea Some basic exploits can be executed entirely within the request URL and can be launched from a standard browser like Internet Explorer. Many exploits require that the attacker have more precise control over their request tuning the parameters normally supplied by the browser. In these cases the attacker needs more precision than most browsers can provide. Speaking HTTP Because HTTP is a simple TCP protocol it is possible to use a standard telnet application to communicate with an HTTP server simply by specifying the HTTP port in the command line. E hacknotes telnet .