PHP代码审计中你不晓得的牛叉技术点
<div style="color: black; text-align: left; margin-bottom: 10px;">
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><span style="color: black;">1、</span>前言</h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">php代码审计如字面意思,对php源代码进行审查,理解代码的<span style="color: black;">规律</span>,<span style="color: black;">发掘</span>其中的安全漏洞。如审计代码中<span style="color: black;">是不是</span>存在sql注入,则<span style="color: black;">检测</span>代码中sql语句到数据库的传输 和调用过程。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">入门php代码审计<span style="color: black;">实质</span>并无什么门槛<span style="color: black;">需求</span>,只需要理解<span style="color: black;">基本</span>的php语法规则,以及理解<span style="color: black;">各样</span>类型漏洞的<span style="color: black;">显现</span><span style="color: black;">原由</span>则<span style="color: black;">能够</span><span style="color: black;">起始</span>尝试审计php源代码。<span style="color: black;">一般</span>的漏洞演示中sql语句会直接传入php自带的函数传入数据库执行,但在<span style="color: black;">实质</span>的软件项目中,<span style="color: black;">一般</span>以面向对象的思想进行编程,则会<span style="color: black;">触及</span><span style="color: black;">各样</span>形式的封装,调用,以及<span style="color: black;">区别</span>风格的框架,在这个<span style="color: black;">要求</span>下,只需要保持耐心跟踪其调用过程<span style="color: black;">就可</span>。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">另一</span>关于代码审计的思路而言,一种是通读代码逐行分析<span style="color: black;">规律</span>,<span style="color: black;">另一</span>一种是<span style="color: black;">经过</span>正则快速定位<span style="color: black;">有些</span>问题函数,再反向定位调用过程。这两种方式<span style="color: black;">亦</span>对应代码审计的工具主流的实现思路,一种是<span style="color: black;">经过</span>语法分析的过程<span style="color: black;">发掘</span>漏洞,另一者是定位问题函数实现。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">不管什么方式,重点还是实战阅读代码,累积经验。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">以上为个人观点,<span style="color: black;">小心</span>吸收。</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><span style="color: black;">2、</span><span style="color: black;">基本</span>知识<span style="color: black;">需求</span></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">PHP语法</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">主流漏洞原理</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><span style="color: black;">3、</span>入门阅读 & 参考</h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">《代码审计入门总结》:</p>http://bbs.ichunqiu.com/thread-8954-1-1.html
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">《php手册》:http://php.net/manual/zh/</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">《代码审计:企业级Web代码安全架构》:</p>https://read.douban.com/ebook/16642056/
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><span style="color: black;">4、</span>审计实战</h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;">基本</span>系列</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">基本</span>系列中的4篇<span style="color: black;">文案</span>基本是<span style="color: black;">经过</span><span style="color: black;">有些</span>直观的小案例来让人理解从用户的交互到代码的执行这个过程中漏洞是以什么形式存在的,又是<span style="color: black;">怎样</span>被利用的,初学者阅读这几篇<span style="color: black;">文案</span><span style="color: black;">能够</span>让人更加快速的理解代码审计的过程,以及基本的审计思路。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">平常</span>WEB漏洞原理分析及利用方式——SQL注入篇 :</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-12694-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">平常</span>WEB漏洞代码层原理分析及利用方式——文件操作漏洞篇 :</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-13008-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">平常</span>WEB漏洞代码层原理分析及利用方式之Php代码执行篇 :</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-13465-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">平常</span>WEB漏洞代码层原理分析及利用方式——文件操作 :</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-13408-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">高级系列</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">高级系列的几篇其实就代码审计的<span style="color: black;">全部</span>大的<span style="color: black;">行业</span><span style="color: black;">来讲</span>并不算高级,<span style="color: black;">然则</span>都有其<span style="color: black;">特殊</span>,并且大部分是从真实的软件项目<span style="color: black;">起始</span>讲解,<span style="color: black;">能够</span>让初学者理解实战中可能会遇到的<span style="color: black;">有些</span>问题,以及实战中的思考过程。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计之绕过后台权限限制,继续sql注入:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-10102-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计之突破路径限制删除文件:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-8979-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计之任意用户<span style="color: black;">秘码</span>找回漏洞:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-10497-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计之伪全局机制<span style="color: black;">运用</span><span style="color: black;">欠妥</span><span style="color: black;">引起</span>的致命后果:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-11390-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计之绕过addslashes总结:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-10899-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">mel 和 bees系列都<span style="color: black;">指的是</span>定了对某个<span style="color: black;">实质</span>软件项目的审计,初学者<span style="color: black;">能够</span>跟随作者的脚步进行挖掘,联系,其他的类型则是<span style="color: black;">有些</span>杂乱的<span style="color: black;">文案</span>。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">Melcms分析集合</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计就该这么来 Mlecms Getshell:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-13703-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计就该这么来2 Mlecms 注入:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-13714-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">{代码审计思路} (通读+审计) Mlecms(中危漏洞/不简单):</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-11510-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">beescms分析集合</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">【代码审计初探】beescms v4.0_R SQL:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-12635-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">对Beescms SQL注入漏洞的进一步思考:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-13606-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">代码审计就该这么来3 beescms getshell:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-13977-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">Beecms任意文件删除:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-14540-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">其他</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">PHP代码审计:Null 字符问题:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-4349-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">一个CMS案例实战讲解PHP代码审计入门:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-16775-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">PHP代码审计储存XSS形成防御加利用篇:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-10532-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">ZZCMS的代码审计:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-14684-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">另一</span>要提的一点是,<span style="color: black;">区别</span>语言编写的web应用其实都有<span style="color: black;">类似</span>性,当你<span style="color: black;">熟悉</span><span style="color: black;">认识</span>一门语言的代码审计过程后其实便<span style="color: black;">能够</span>进一步扩展到别的语言。你会<span style="color: black;">发掘</span>基本原理是<span style="color: black;">类似</span>的,当然<span style="color: black;">区别</span>还是存在的,<span style="color: black;">例如</span>其中的addslashes和null的<span style="color: black;">文案</span>便是如此,它是php这门语言独有的问题,其他还有的<span style="color: black;">有些</span>差异在<span style="color: black;">这儿</span>不细说明。</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><span style="color: black;">5、</span>i春秋课程<span style="color: black;">举荐</span></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">PHP代码审计实战:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://www.ichunqiu.com/course/54473</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><span style="color: black;">6、</span>代码审计工具<span style="color: black;">举荐</span></h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">RIPS</strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">它能<span style="color: black;">检测</span>出XSS ,sql注入,<span style="color: black;">敏锐</span>信息泄漏,文件<span style="color: black;">包括</span>等<span style="color: black;">平常</span>漏洞;能够采用正则方式扫描代码<span style="color: black;">发掘</span>漏洞;<span style="color: black;">亦</span><span style="color: black;">能够</span>采用自定义的语法扫描代码<span style="color: black;">发掘</span>问题。</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">下载链接:</p>http://rips-scanner.sourceforge.net/
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">参考<span style="color: black;">文案</span></strong></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">工具<span style="color: black;">举荐</span>:三款自动化代码审计工具:</p>http://bbs.ichunqiu.com/thread-16776-1-1.html
<h1 style="color: black; text-align: left; margin-bottom: 10px;"><span style="color: black;">7、</span><span style="color: black;">相关</span>阅读</h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">Mybatis框架下SQL注入漏洞面面观:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-12574-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">怎样</span>用grep对PHP进行代码审计:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-16779-1-1.html</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">python 安全编码&代码审计:</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">http://bbs.ichunqiu.com/thread-16770-1-1.html</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;">结语</h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">本帖旨在<span style="color: black;">帮忙</span><span style="color: black;">大众</span>更好更系统的学习代码审计,<span style="color: black;">大众</span>有任何<span style="color: black;">意见</span>望不吝赐教,</p>
<h1 style="color: black; text-align: left; margin-bottom: 10px;">下期技术专题调研:</h1>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">咱们</span>将在这两天确定下周的技术专题,<span style="color: black;">大众</span>有想学习的指定的技术<span style="color: black;">能够</span>留言申请,<span style="color: black;">咱们</span>会<span style="color: black;">按照</span><span style="color: black;">需要</span>来<span style="color: black;">调节</span>策划专题,感谢<span style="color: black;">大众</span>支持啦!</p>
</div>
页:
[1]