|
This post was last edited by Chou He Chou on 2016-7-13 10:34 I saw this post in other forums. I thought it was very good, so I shared it to discuss and learn with everyone. Author: jing0102 Original text: Are you worried about how to learn to perform PHP code auditing? 0x01 Introduction to code audit Code audit is a source code analysis technology that aims to find program errors, security holes and violations of program specifications. Our code audit objects include but are not limited to auditing the following languages under Windows and Linux system environments: java, C, C#, ASP, PHP, JSP, .NET. Of course, what is more popular today is PHP code audit, because PHP is also one of the mainstream languages for WEB security development today. 0x02 How to learn PHPcode audit Now that we know the meaning of code audit, we must know that to find loopholes, defects, and errors in the source code of PHP, we must learn the language corresponding to the source code (PHP). ①Understand the general syntax of PHP ②Can initially read PHP code ③Understand the relevant PHP dangerous functions (such as: system() exec()) ④Have a tool that can locate, backtrack, and search (recommended: TommSearch, SeayPHP source code audit tool) ⑤Read more about other people’s analysis process ⑥Carry out actual mining 0x03 How to conduct PHPcode audit① First conduct a local penetration test locally. Once an error is found, you can use TommSearch to locate related files (if it is a framework, the location needs to be very tedious (framework For positioning, you can refer to the article: http://darkm01lym0on.blog.163.com/blog/static/2567990922016019105947508/), but if it is not a frame, you can directly locate it by looking at the URL file) ②Track related codes ③Make corresponding test notes ④Audit ended Now I will go to the webmaster home to download the source code and do a test. Download address:http://down.chinaz.com/soft/33915.htm e.g I just downloaded a PHP guestbook system and took a look at it You can see that it is a fk1.php file. View the source code of this file:
You can also see through the code that it needs to be reviewed, so you can conclude that this can be reviewed in the background. I have now inserted the <script>alert(1)</script>’s payload at the front desk to submit a message: Submission successful: Moving to the background: Go to message management: A pop-up box popped up instantly, and the code was executed smoothly. Through this XSS storage vulnerability, we can perform XSS and attack the COOKIE of the background administrator. -----------------------e.g end----------------------- The above is a simple audit idea, experts should not criticize, novices can learn more! 0x04 Summary of the road to code audit To be honest, I have been on the road of code auditing for a year. I have also tried to give up, but I still persisted. Although I am not technically skilled, I hope my learning experience can help everyone. 1. Stop bragging and look at examples 2. Pay more attention to PHP code functions 3. The most important and difficult thing: persistence I hope everyone can promote each other in the future! Huai Ting! --------This article is reproduced from: i Chunqiu Forum |
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
