Chrome 滲透插件收集


XSS Rays
用於檢測各類型的XSS漏洞
Google Hack Data Base
連接GHDB的擴展程序
Websecurify 是一個強大的跨平台web安全測試工具
HPP Finder
用於發現潛在的HPP攻擊向量
Form Fuzzer
HTML form fuzz tester. 用於做HTML表單的FUZZ
Website Crawler 網站爬蟲
XSS ChEF
Chrome Extension Exploitation Framework一個基於Chrome滲透測試框架,你可以理解成BeEF的chrome版

PHP audit 相關整理

PHP audit 分類

1.include/require/require_once/include_once/file_get_contents
2.exec/system/popen/passthru/proc_open/pcntl_exec/shell_exec
3.eval/preg_replace/assert/call_user_func/call_user_func_array/create_function
4._GET/_POST/_COOKIE/_SERVER/_REQUEST/_ENV/php://input/getenv/
5.session/cookie
6.extract/parse_str/mb_parse_str/import_request_variables/unserialize
7.copy/rmdir/chmod/delete/fwrite/fopen/readfile/fpassthru/move_uploaded_file/
file_put_contents/unlink/upload/opendir/fgetc/fgets/ftruncate/fputs/fputcs
8.select/insert/update/delete/order by/group by/limit/in(/stripslashes/urldecode
9.confirm_phpdoc_compiled/mssql_pconnect/mssql_connect/crack_opendict/
snmpget/ibase_connect
10.echo/print/printf/vprintf/document.write/document.innerHTML/document.innerHtmlText
11.phpinfo/highlight_file/show_source
12.iconv/mb_convert_encoding

php.ini 內安全相關設定

safe_mode = off ( a lot of shit cannot be done with this on )
disabled_functions = N/A ( no one,we want all )
register_globals = on ( we can set variables by request )
allow_url_include = on ( for lfi/rfi )
allow_url_fopen = on ( for lfi/rfi )
magic_quotes_gpc = off ( this will escape ‘ ” and NUL’s with a backslash and we don’t want that )
short_tag_open = on ( some scripts are using short tags,better on )
file_uploads = on ( we want to upload )
display_errors = on ( we want to see the script errors,maybe some undeclared variables? )
open_basedir 限制訪問
display_errors = off 顯示錯誤訊息