In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-30 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/02 Report--
This article mainly explains "Web network security analysis XFF injection attack principle", interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Next let the editor to take you to learn "Web network security analysis XFF injection attack principle" it!
XFF injection
The test address for the XFF injection attack is http://127.0.0.1/sqli/xff.php.
X-Forwarded-for is abbreviated as XFF header, which represents the real IP of the client. The client IP can be forged by modifying the value of X-Forwarded-for. Through the content of the Burp Suite settlement packet, set the X-Forwarded-for to 11.22.33.44, then visit the modified URL, and the page returns as normal, as shown in figure 62.
Figure 62 XFF header
Set X-Forwarded-for to 11.22.33.44, visit the URL again, and the page returns the error message of MySQL, as shown in figure 63.
Figure 63 visits the results of Xmuri ForwardedFranc forRu 11.22.33.44'
Set X-Forwarded-for to 11.22.33.44 'and 1 and 11.22.33.44' and 1 to 2, respectively, and access the URL again, as shown in figures 64 and 65.
Figure 64 accesses the results of Xmuri ForwardedFlavor for and 11600.
Fig. 65 results of visiting Xmuri ForwardedFranc for and 1century
Through the returned results of the page, you can determine that there is a SQL injection vulnerability in the changed address, and then you can use the number of fields in the order by judgment table, and finally test out that there are four fields in the database, and try to use the Union injection method. The syntax is Xmuri Forwarded for Union 11.22.33.44' union select 1 Magi 2, 3 Magi 4, as shown in figure 66.
Figure 66 using Union injection
Then, the Union injection method is used to complete the injection.
XFF injection Code Analysis
The getenv () function in PHP gets the value of an environment variable, similar to $_ SERVER or $_ ENV, returns the corresponding value of the environment variable, and returns FALSE if the environment variable does not exist.
The client IP address can be obtained using the following code. The program first determines whether the HTTP header parameter HTTP_CLIENT_IP exists, and if it does, it pays $ip. If it does not exist, it determines whether there is a HTTP header parameter HTTP_X_FORWARDED_FOR. If it exists, it assigns it to $ip. If it does not exist, it assigns the HTTP header parameter REMOTE_ADDR to $ip.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.