ProHoster > Блог > wararka internetka > Waa maxay maskaxda ardayga wax ka baranaya adduunka kombayuutarka oo awood u leh?

Waa maxay maskaxda ardayga wax ka baranaya adduunka kombayuutarka oo awood u leh?

Maalin wacan.

Markii aan dhammeeyey qoraal kale oo Bash ah, waxaan ogaaday in wax walba ay tahay in ay gebi ahaanba ka duwanaadaan, laakiin wax walbaa waa shaqeeyeen. Waxaan rabaa in aan idin tuso waxa foolxumada iyo birta ah ee aan qoray si aan u xalliyo dhibaatada, laakiin aan weli haysan gaadhi aqoon. Si kale haddii loo dhigo, caricature of programming.

Ujeeddo


Wax baa lagama maarmaan noqday:

  • Soo bandhigay heeso badan oo ereyga ah, marka laga reebo afar geesoodka
  • Ka gudubtay hal-ku-dhegyadii badnaa ee laba kelmadood

Maxay? Hagaag, taasi waa - waana taas.
Yaa aan garanayn, qaafiyad labajibbaaran (sida caadiga ah - labajibbaaran) waa laba kelmadood oo labada xaraf ee u dambeeya ee higgaadda isku mid yihiin, kuwaas oo (inta badan, tani waa waxa kaliya) oo ka dhigaya heeso. Tusaale ahaan, ubaxyadu waa baraf; taayir - baabuur. Isticmaalka labajibbaaran ee kala-soocidda casriga ah si gaar ah uma oggola dadku, sababtoo ah hore-u-yeelkooda.

go'aanka


Waxa ay ii muuqatay in xalka ugu fududi uu ahaa in Bash lagu qoro qoraal isticmaalaya hal-abuure qaafiyad hore u jiray - HOST, kaas oo marka hore lagu soo xulo shibbane, ee aan ku dooranayn higgaad. Waa maxay nooca HOST Sababtoo ah haddii aad sheegto magaca dhabta ah ee goobta, waxay odhanayaan waa xayeysiis. Waa maxay sababta loo sii wadi waayay isticmaalkeeda? Marka hore, inkastoo uu faa'iido u leeyahay doorashada qaafiyad ku salaysan shibbane, haddana wuxuu inta badan soo saaraa labajibbaaran. Marka labaad, waa inaad weli maskaxdaada ka fikirtaa, wakhti ku lumisaa beddelashada tabsyada, iyo tamarta xafidida erayada soo noqnoqda ee liisaska si aad u heshid qaafiyad laba eray.

Helitaanka heeso adag

Maxaan ogahay? Waan ogahay wax ku saabsan utility wget, kaas oo soo dejinaya bogga URL-ka la cayimay. Hagaag, aan fulino codsiga - waxaan helnaa bog HTML ah oo ku jira fayl lagu magacaabo eray qaafiya. Tusaale ahaan, aan ka raadino ereyga "halkan":

wget https://HOST/rifma/здесь

Laakiin waxaan kaliya u baahanahay liis erayo ah, sidee baan uga takhalusi karaa wax kasta oo kale? Waxaynu eegnaa oo aragnaa in liiska ereyadu habaysan yihiin, haba la yaabban yihiine, qaab liis ah, ereyaduna tags. Hagaag, waxaan haynaa utility weyn. sed - aan u qorno sidan:

cat $word | grep '<li>' | sed -e "s%<li>%%" | sed -e "s%</li>%%" | sed -e "s/ //g" | sed -e "/^$/d" 1> $word

Marka hore, waxaan ka dooranaa xarriiqyo faylka ereyga oo ka kooban tag - waxaan helnaa farabadan tags maran iyo xarriiqyo ereyo leh. Waxaan meesha ka saarnay summada lafteeda iyo midkeeda xidhitaankeeda - halkan boqolleyda calaamadaha ayaa la isticmaalaa halkii la jarjaray sababtoo ah ta lafteeda ayaa horeba u lahaa dharbaaxo, taas oo ah sababta sed xoogaa kuma fahmin. Wax walbana waa ku fiican yihiin xiisaha. Waxaan ka saareynaa dhammaan boosaska faylka, ka saar khadadka madhan. Voila - liiska erayada diyaarsan.

Si aad meesha uga saarto ereyada qaafiyada isticmaalaya xarfaha ugu dambeeya, ka dooro labada xaraf ee ugu dambeeya ereyga asalka ah oo nadiifi liiska:

squad=${word:((${#word}-2)):2}
cat $word | sed -e "/.$squad$/d" 1> $word

Waan eegnaa, waan isku daynaa - wax walba way shaqeeyaan... haddaba, halkee ku yaal liiska ereyga "ciyaar"? Iyo ereyga "waan tegayaa"? Faylku waa madhan yahay! Oo waxaas oo dhan waa sababta oo ah erayadani waa fal, oo aynu ognahay waxa ay ku sameeyaan kuwa ku qaafiyad falka. Qaafiyadda falku way ka sii daran tahay xitaa qaafiyad labajibbaaran, waayo luqadda Ruushku waxay leedahay shaqallada ugu badan, dhammaantoodna waxay leeyihiin dhammaad isku mid ah, waana sababta aysan ugu jirin faylka ugu dambeeya ka dib markay hubiyaan dhammaadka.

Si kastaba ha ahaatee, kuma degdegno. Erey kasta ma jiro qaafiyad oo keliya, laakiin sidoo kale assonances, kuwaas oo mararka qaarkood aad uga fiican heesaha - waa sababta ay u yihiin assonances (Faransiiska assonance, oo ka soo jeeda Latin assono - waxaan u dhawaaqaa laxan).

Waxaan helnaa assonances

Tani waa halka madadaalada ay ka bilaabato: assonances waxay ka muuqdaan URL gaar ah, iyo isla bogga, adoo fulinaya qoraal, diraya codsi HTTP oo helaya jawaab. Sideen u dhihi karaa wget‘Ma riixdaa badhan? Laakin maya. Murugo.

Anigoo ogaanaya in URL-ka xariiqa uu si uun isu beddelayo, waxaan koobiyeeyay wixii meesha yaallay ka dib markii aan u beddelay assonances oo aan ku dhejiyay tab browser cusub - heeso xooggan ayaa furmay. Taasi maaha.

Asal ahaan, waxaan u maleeyay, in aysan waxba ku ahayn server-ka haddii qoraalka u soo diraya codsiga la fuliyay, ama haddii qofku gacanta ku qoray. Haddaba? Yaa og, aan tagno ee iska hubi.

Xagee loo diraa? Maxaa loo diri? Codsiga HTTP ee server-ka IP, waxaa jira wax la mid ah GET ... markaa waxaa jira wax HTTP / 1.1 ... Waxaan u baahanahay inaan aragno waxa browserku soo diro iyo meesha. Ku rakib wireshark, eeg taraafikada:

0040 37 5d a3 84 27 e7 fb 13 6d 93 ed cd 56 04 9d 82 7]£.'çû.m.íÍV...
0050 32 7c fb 67 46 71 dd 36 4d 42 3d f3 62 1b e0 ad 2|ûgFqÝ6MB=ób.à.
0060 ef 87 be 05 6a f9 e1 01 41 fc 25 5b c0 77 d3 94 ï.¾.jùá.Aü%[ÀwÓ.
Um... waa maxay? Haa, waxaan haynaa HTTPS. Maxaa la sameeyaa? Ku bilow weerar MITM naftaada? Sida habboon, dhibbanaha laftiisa ayaa na caawin doona.

Guud ahaan, markii aan go'aansaday in aan dhex galo browserka, waxaan ugu dambeyntii helay codsiga laftiisa iyo ciwaanka. Tag:

Wadahadal lala yeesho terminalka

telnet IP PORT
Trying IP...
Connected to IP.
Escape character is '^]'.
GET /rifma/%D0%BC%D0%B0%D1%82%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
Accept-Language: en-US,en;q=0.5
X-Requested-With: XMLHttpRequest
Connection: close

HTTP/1.1 400 Bad Request
Server: nginx/1.8.0
Date: Sun, 03 Nov 2019 20:06:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 270
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
Connection closed by foreign host.

haye Hehehe. Runtii, taasi waa waxa aan filayo markii aan codsi HTTP qaawan u dirayo dekedda HTTPS. Miyaynu hadda sirno? Waxaas oo dhami waxay la socdaan furayaasha RSA, ka dibna SHA256. Waa maxay sababta, waxaa jira OpenSSL waxyaalahaas oo kale. Hagaag, waxaan horeyba u naqaanay waxa aan sameyno, kaliya waxaan ka saari doonaa tixraacaha iyo goobaha kukiyada marka hore - waxaan u maleynayaa inaysan saameyn ku yeelan doonin arinta:

Wadahadal lala yeesho terminalka

openssl s_client -connect IP:PORT
{Всякие ключи, сертификаты}
GET /rifma/%D0%B7%D0%B4%D0%B5%D1%81%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: text/javascript,text/html,application/xml,text/xml,*/*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Date: Sun, 03 Nov 2019 20:34:33 GMT
Set-Cookie: COOKIE
X-Powered-By: Phusion Passenger 5.0.16
Server: nginx/1.8.0 + Phusion Passenger 5.0.16
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: block-all-mixed-content
Content-Encoding: gzip

Waa maxay maskaxda ardayga wax ka baranaya adduunka kombayuutarka oo awood u leh?

Waa maxay waxani, ku dhaaranaysaa serverka? Hagaag, ugu yaraan waxay iigu jawaabeen 200 OK, taasoo la macno ah in buskudka iyo soo gudbinuhu aanay waxba saamaynaynin. Cadaadisku waa gzip, laakiin marka la koobiyaynayo, ASCII jilayaasha waa la koobiyay. Sida saxda ah, waxaad ka saari kartaa khadka Aqbal-ku dhejinta. Wax walba waa fiican yihiin - waxaan helnaa dukumeenti HTML ah, hadda oo leh assonances. Laakiin halkan waxaa ah laba su'aalood: sida loo socodsiiyo OpenSSL oo loogu wareejiyo xogta iyadoo la adeegsanayo qoraal? Iyo sida loo akhriyo wax soo saarka haddii ka dib markaan helno jawaabta aan ku sii jirno, sida ay ahayd, "Qofka" OpenSSL? Haddii aad wax la iman karto kan labaad, laakiin kan ugu horreeya...

Way fiicantahay in uu jiro Habrhalkaas oo aan ka akhriyey wax ku saabsan utility filan, kaas oo otomaatig u ah habka la falgalka barnaamijyada laga filayo isdhexgalka aadanaha. Inaad haysato koox waa ka sii soo jiidasho badan is-filasho, dhalin filan qoraal ku salaysan falalkaaga. Hagaag, waanu bilownay, waxan oo dhan samee oo halkan waa qoraalkii dhamaaday. Kaliya isagu waa mid aad u weyn, iyo dhammaan sababtoo ah OpenSSL soo bandhigaya shahaadooyin, furayaal, iyo filan waxa ay sugaysaa wax soo saarka waxan oo dhan. Ma u baahanahay tan? Maya Waxaan meesha ka saarnay dhammaan deg degga koowaad, anagoo ka tagayna kaliya xariiqda u dambeeya ee 'r'. Waxaan sidoo kale ka saarnaa Wakiilka-Isticmaalka oo Aqbal meelaha codsigayaga - waxba ma saameeyaan. Markaa, aynu bilowno. Qoraalka waa la fuliyay, laakiin aaway dukumeenti HTML ah ee qaaliga ah? Filo cunay. Si aad uga dhigto inuu soo tufo, waxaad u baahan tahay inaad geliso:

set results $expect_out(buffer)

ka hor dhamaadka qoraalka - sidan ayaa loo qori doonaa wax soo saarka fulinta filan'om amarka oo lagu soo bandhigay shaashadda. Marka la soo koobo, wax sidan oo kale ah:

filasho qoraal ah

#!/usr/bin/expect -f

set timeout -1
spawn openssl s_client -connect IP:PORT
match_max 100000
expect -exact "
---r
"
send -- "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1rHost: HOSTrAccept-Language: en-US,en;q=0.5rX-Requested-With: XMLHttpRequestrConnection: close"
expect -exact "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1r
Host: HOSTr
Accept-Language: en-US,en;q=0.5r
X-Requested-With: XMLHttpRequestr
Connection: close"
send -- "r"
set results $expect_out(buffer)
expect -exact "r
"
send -- "r"
expect eof

Laakiin intaas oo dhan maaha! Sida aad arki karto, dhammaan tusaalooyinka URL codsigu waxa uu ahaa mid taagan, laakiin waa URL ka masuulka ka ah kelmadda lala xidhiidhinayo assonances. Oo sidaas daraaddeed waxay soo baxday inaan si joogto ah u raadin doono ereyga "% d0%b7%d0%b4%d0%b5%d1%81%d1%8c" gudaha ASCII ama "halkan" gudaha UTF-8. Maxaa la sameeyaa? Dabcan, kaliya si fudud u abuur qoraal cusub mar kasta, saaxiibo! Mar dambe maaha is-filasho'om, iyo iyadoo la kaashanayo codso, sababtoo ah In our cusub, waxba isbedelo marka laga reebo erayga. Oo ha noolaato dhibaatada cusub: sidee ayaan si caqli gal ah ugu tarjun karnaa kelmad ka timid Cyrillic qaab URL? Ma jiraan wax u gaar ah terminaalka midkoodna. Hagaag, waa caadi, waan samayn karnaa, sax? Karaa:

Fiiri waxaan samayn karo!

function furl {
furl=$(echo "$word" | sed 's:А:%d0%90:g;s:Б:%d0%91:g;s:В:%d0%92:g;s:Г:%d0%93:g;s:Д:%d0%94:g;s:Е:%d0%95:g;s:Ж:%d0%96:g;s:З:%d0%97:g;s:И:%d0%98:g;s:Й:%d0%99:g;s:К:%d0%9a:g;s:Л:%d0%9b:g;s:М:%d0%9c:g;s:Н:%d0%9d:g;s:О:%d0%9e:g;s:П:%d0%9f:g;s:Р:%d0%a0:g;s:С:%d0%a1:g;s:Т:%d0%a2:g;s:У:%d0%a3:g;s:Ф:%d0%a4:g;s:Х:%d0%a5:g;s:Ц:%d0%a6:g;s:Ч:%d0%a7:g;s:Ш:%d0%a8:g;s:Щ:%d0%a9:g;s:Ъ:%d0%aa:g;s:Ы:%d0%ab:g;s:Ь:%d0%ac:g;s:Э:%d0%ad:g;s:Ю:%d0%ae:g;s:Я:%d0%af:g;s:а:%d0%b0:g;s:б:%d0%b1:g;s:в:%d0%b2:g;s:г:%d0%b3:g;s:д:%d0%b4:g;s:е:%d0%b5:g;s:ж:%d0%b6:g;s:з:%d0%b7:g;s:и:%d0%b8:g;s:й:%d0%b9:g;s:к:%d0%ba:g;s:л:%d0%bb:g;s:м:%d0%bc:g;s:н:%d0%bd:g;s:о:%d0%be:g;s:п:%d0%bf:g;s:р:%d1%80:g;s:с:%d1%81:g;s:т:%d1%82:g;s:у:%d1%83:g;s:ф:%d1%84:g;s:х:%d1%85:g;s:ц:%d1%86:g;s:ч:%d1%87:g;s:ш:%d1%88:g;s:щ:%d1%89:g;s:ъ:%d1%8a:g;s:ы:%d1%8b:g;s:ь:%d1%8c:g;s:э:%d1%8d:g;s:ю:%d1%8e:g;s:я:%d1%8f:g;s:ё:%d1%91:g;s:Ё:%d0%81:g')}

Isku soo wada duuboo, waxaanu haynaa qoraal kelmad u rogaya qoraalka ASCII, isaga oo soo saaraya qoraal kale oo codsanaya bog bog oo leh assonances serferka iyada oo loo sii marayo OpenSSL. Ka dibna waxaan u jihaynaa wax-soo-saarka qoraalka ugu dambeeya faylka oo, qaabkii hore, u gudubno filtarrada afar geeso dheeraad ah oo ku qor faylka.

Isgoyska dad badan. Gunta hoose

Dhab ahaantii, tani waa sababta dhabta ah ee dhibaatooyinka ugu yar. Habraacyada kor ku xusan waxaynu ku fulinaynaa laba kelmadood, ka dib labada liisba waxaynu is barbar dhignay erey kasta oo haddii isbarbardhig la helo waanu soo saarnaa. Hadda waxaan haynaa qoraal laba kelmeed ka soo qaadanaya oo soo bandhigaya liis erayo ah oo labadooduba la jaanqaadi kara, oo xataa xisaabta ku darsannay, intaas oo dhanna iyada oo aan gacanta lagu beddelin afar tabo oo aan xusuusan ereyada "Id" - dhammaan la soo ururiyey, la xisaabiyey. waayo oo si toos ah loo tuuro. Cajiib.

Ujeedada daabacaadan ayaa ahayd in la muujiyo in qofku haddii uu wax u baahdo, uu samayn doono si kastaba. Aan waxtar lahayn, qalloocan, qalloocan, laakiin way shaqayn doontaa.

Source: www.habr.com

Add a comment