Xiaodi network security - Notes (4)

WEB Source Introduction

WEB Source code is a very important source of information in security testing Can be used to audit code vulnerabilities It can also be used to make information breakthroughs
mouth , among WEB There are many technologies in the source code that need concise analysis
such as ： Get some ASP After the source code, the default database is adopted for breakthrough , Get some other script source code for code audit mining or analysis
Other business logic , In short, the acquisition of source code will provide more ideas for later security testing

1、 About WEB Source code

2. Detailed explanation of website directory
(1).admin： Website backstage
(2)data： Data related directories
(3)install： install
(4)member： Member account data
(5)template： Template file
(6)incluclcs： Database configuration file ： Record the configuration file linking the website to the database , With the database configuration file , Can achieve
The communication between the source code of the website and the database
Be careful ： It can be downloaded from index The suffix of the file determines the type of website source code

2、ASP PHP ASPX JSP JAVAWEB And other script type source code security issues

3、 social contact Forum Gateway The third party Blog and other different code mechanisms correspond to vulnerabilities
The functions implemented by the website and the type of website determine the vulnerability of the website

4、 Open source 、 Open source issues 、 frame 、 Non framework problem 、 About CMS Identify problems and follow-up, etc

5、 On the relevant ways to obtain the source code ： Search for 、 Salted fish Taobao 、 Third party source station 、 Corresponding to various industries

6、 summary
Pay attention to the application classification and script type, and estimate the possible vulnerabilities ( The framework class is an exception ), After obtaining the source code, you can conduct local security testing
Or code audit , You can also analyze how its directory works （ Database backup ,bak Documents, etc. ）, The source code that has not been obtained adopts various methods to find ways
obtain

2.ASP PHP Wait for security testing under the source code
1. Platform identification - some CMS No loopholes - Default database
2. Platform identification - some CMS There are loopholes - Exploit

3. Targeted vulnerabilities under the source application category
niushop E-commerce focuses on loopholes - Business logic

4. The brief directory is obtained from identification to source code
（1） Local demo personal blog - Find it by hand CMS- Vulnerability search or download analysis
（2）http://weipan.1016sangshen.cn/ An internally built shooting range
（3） Manual blasting frame - Search for specific URL- Get other matching sites - Vulnerability testing
（4） Search with the help of specific industry source code or idle fish - The local structures, - Code audit or other

5. Resources involved

https://cnmmm.com

https://www.yunsee.cn

https://w.ddosi.workers.dev

http://whatweb.bugscaner.com

https://github.com/Lucifer1993/cmsprint

https://github.com/M4tir/Github-Monitor

https://websec.readthedocs.io/zh/latest/language/index.html