扫描器扫描、路径穿越攻击、CC攻击特征学习笔记


这是我学习扫描器扫描路径穿越攻击CC攻击特征的一些笔记。

扫描器扫描特征

常见扫描器(Awvs,Appscan,Webinspect,Rsas(绿盟极光),Nessus,WebReaver,Sqlmap)的特征:

Awvs(Acunetix Web Vulnerability Scanner)

URL信息

acunetix-wvs-test-for-some-inexistent-file
by_wvs
acunetix_wvs_security_test
acunetix
acunetix_wvs
acunetix_test

Headers信息

Acunetix-Aspect-Password:
Cookie: acunetixCookie
Location: acunetix_wvs_security_test
X-Forwarded-Host: acunetix_wvs_security_test
X-Forwarded-For: acunetix_wvs_security_test
Host: acunetix_wvs_security_test
Cookie: acunetix_wvs_security_test
Cookie: acunetix
Accept: acunetix/wvs
Origin: acunetix_wvs_security_test
Referer: acunetix_wvs_security_test
Via: acunetix_wvs_security_test
Accept-Language: acunetix_wvs_security_test
Client-IP: acunetix_wvs_security_test
HTTP_AUTH_PASSWD: acunetix
User-Agent: acunetix_wvs_security_test
Acunetix-Aspect-Queries:任意值
Acunetix-Aspect:任意值

Body(POST信息)

acunetix_wvs_security_test
acunetix

Appscan

URL信息

Appscan

Headers信息

Content-Type: Appscan
Content-Type: AppScanHeader
Accept: Appscan
User-Agent:Appscan

Body(POST信息)

Appscan

Webinspect

URL信息

HP404

Headers信息

User-Agent: HP ASC
Cookie: webinspect
X-WIPP: 任意值
X-Request-Memo: 任意值
X-Scan-Memo: 任意值
Cookie: CustomCookie
X-RequestManager-Memo: 任意值

Body(POST信息)

Webinspect

Rsas(绿盟极光)

URL信息

nsfocus

Headers信息

User-Agent: Rsas

Nessus

URL信息

nessus
Nessus

Headers信息

x_forwarded_for: nessus
referer: nessus
host: nessus

Body(POST信息)

nessus
Nessus

WebReaver

Headers信息

User-Agent: WebReaver

Sqlmap

URL信息

sqlmap

Headers信息

User-Agent: sqlmap+version()

Body(POST信息)

sqlmap

路径穿越攻击特征

举个Wordpress5.0的路径穿越漏洞利用的例子:

POST /wordpress/wp-admin/post.php HTTP/1.1
Host: localhost
Connection: close
⋮
...
&action=editpost
&meta_input[_wp_attached_file]=2019/03/demo.jpeg
#/../../../../themes/twentynineteen/demo.jpeg

可见../这个访问上级目录的特征字符串。

CC攻击特征

同一IP短时间内多次请求一个URI(统一资源标识符)。

声明:物博网|版权所有,违者必究|如未注明,均为原创|本网站采用BY-NC-SA协议进行授权

转载:转载请注明原文链接 - 扫描器扫描、路径穿越攻击、CC攻击特征学习笔记


喜欢安全与WEB开发