Đang chuẩn bị liên kết để tải về tài liệu:
Hardening Apache by Tony Mobily phần 4

Trong chương này, lần đầu tiên tôi sẽ giải thích làm thế nào để cấu hình Apache cho các mục đích khai thác gỗ, làm nổi bật các vấn đề phổ biến nhất. Sau đó tôi sẽ giới thiệu đăng nhập từ xa bằng cách sử dụng syslogd, máy chủ đăng nhập tiêu chuẩn đi kèm với Unix. Cuối cùng, tôi sẽ đề xuất một giải pháp đăng nhập từ xa | Figure 4-2 The output of the message board From a security perspective inserting a big HTML comment is hardly a risk. However it is the symptom of a much bigger problem Special HTML characters are not escaped. This means that a malicious user can insert JavaScript code in the page knowing that such code will be executed by the visiting browser. For example SCRIPT . bad JavaScript code here . SCRIPT Note In this chapter I only discuss embedding malicious client-side code in web pages in terms of JavaScript. Remember that JavaScript is not the only possible option an attacker can use Java applets APPLET tag media file types managed by a plugin EMBED tag or other types of components such as Java components ActiveX controls applets and images OBJECT tag . The fact that a malicious script can be integrated in a public page is a well-known problem and it s relatively easy to fix. You need to change the source code so that the user s input is HTML-escaped. If a user enters H1 This is my comment H1 the string would be converted into this lt H1 gt This is my comment lt H1 gt To do this you only have to change the fwrite function in the PHP code so that it looks like this fwrite fp FROM .htmlentities name . BR COMMENT BR .htmlentities comments . BR HR n Once escaped the comment on the browser should look like the one shown in Figure 4-3. Figure 4-4 The Javascript command executed on the message board This problem highlights that your scripts shouldn t trust anyone not even the user who has allegedly just entered a message. The script is easily corrected print FROM .htmlentities name . BR COMMENT BR .htmlentities comments . BR n Escaping Doesn t Work because of Character Encoding In the previous section I explained that a page could be encoded using any character set. This means that the same character for example can be represented in a number of different ways depending on what character set is being used. This could potentially make HTML escaping very hard. For example the