1.最新CMS指纹识别技术
2.phpä¸è½½å®ç½ï¼
最新CMS指纹识别技术
指纹识别
CMS,源码内容管理系统,安装用于网站内容管理,源码包括但不限于DedeCMS、安装仓储配送php源码Discuz、源码PHPWeb等。安装
指纹识别方法包含四类:在线网站识别、源码手动识别、安装工具识别和Chrome浏览器插件识别。源码
在线网站识别方法使用工具如BugScaner、安装云悉指纹识别、源码丽水商城系统源码WhatWeb等进行CMS指纹检测。安装
手动识别方法关注HTTP响应头中的源码X-Powered-By、Cookie字段,安装HTML特征如body、源码title、生产保养计划源码meta标签,以及特定CLASS属性的某些DIV标签。
工具识别利用指纹检测工具如Ehole、Glass、Finger、qq邮箱源码设置WhatWeb快速识别CMS并进行批量检测。
Chrome浏览器插件Wappalyzer可分析目标网站的平台构架、网站环境、服务器配置等,检测CMS类型。爱心编程源码教学
识别结果可能不全面,需综合比较,以选取最可靠、最全面的识别结果。如无CMS指纹,可能需要寻找目标网站的独特特征,如突出代码、目录、文件名或ICO图标文件。
获取相同网站信息后,可进行渗透,适用于目标防控严格时,以曲线方式获取源代码进行审计。同时,可在GitHub搜索特征串或文件名,可能找到二次开发前的CMS源码。
phpä¸è½½å®ç½ï¼
phpwebæä¹ä¸è½½
1ãå¨æµè§å¨ä¸æç´¢PHPï¼è¿å ¥phpå®ç½ã
2ãç¹å»Downloadsé项ï¼è¿å ¥ä¸è½½é¡µé¢ã
3ãéæ©ä¸ä¸ªéåçPHPçæ¬ï¼ç¶åç¹å»é¡µé¢ä¸çWindowsdownloadsã
4ãç¹å»zipæé®ï¼åç¹å»ä¸è½½æé®å³å¯ã
å¦ä½å¨æ¬å°æºä¸çphpåå¤å·¥ä½é¦å è¦ä¸è½½å¦ä¸è½¯ä»¶ï¼æ¨èå°å®ç½ä¸è½½ï¼å¦æä½ æ¯åæä¸æ ·åªæ¯æµè¯ï¼é£ä¹å°skycn.comä¸è½½å§ï¼è¿æ ·æ¯è¾å¿«ã
Apache
ææµè¡çHTTPæå¡å¨è½¯ä»¶ä¹ä¸ãå¿«éãå¯é ãå¯éè¿ç®åçAPIæ©å±ï¼Perl/Python解éå¨å¯è¢«ç¼è¯å°æå¡å¨ä¸ï¼å®å ¨å è´¹ï¼å®å ¨æºä»£ç å¼æ¾ã
æä¸è½½çæ¯forWindowsçæ¬ï¼ç®åææ°çæ¬æ¯ï¼2.0.
PHP
PHPæ¯ä¸ç§HTMLå åµå¼çè¯è¨ãèPHPç¬ç¹çè¯æ³æ··åäºCãJavaãPerl以åPHPå¼çæ°è¯æ³ãå®å¯ä»¥æ¯CGIæè Perlæ´å¿«éçæ§è¡å¨æç½é¡µã
æä¸è½½çæ¯forWindowsçæ¬ï¼ç®åææ°çæ¬æ¯ï¼5.0.4
MySQL
æ¯ä¸ä¸ªå¤çº¿ç¨çï¼ç»æåæ¥è¯¢è¯è¨(SQL)æ°æ®åºæå¡å¨ãSQLå¨ä¸çä¸æ¯ææµè¡çæ°æ®åºè¯è¨ãMySQLçæ§è¡æ§è½é常é«ï¼è¿è¡é度é常快ï¼å¹¶é常容æ使ç¨ã
æä¸è½½çæ¯forWindowsçæ¬ï¼ç®åææ°çæ¬æ¯ï¼5.0.4Beta
phpMyAdmin
phpMyAdminæ¯ä¸ä¸ªç¨PHPç¼åçï¼å¯ä»¥éè¿äºèç½æ§å¶åæä½MySQLãéè¿phpMyAdminå¯ä»¥å®å ¨å¯¹æ°æ®åºè¿è¡æä½ã
æä¸è½½çæ¯forWindowsçæ¬ï¼ç®åææ°çæ¬æ¯ï¼2.6.2-pl1
å®è£ apacheåPHP
ä¸é¢æ¯æçå®è£ è®°å½ï¼
éæ©ç«¯å£ï¼å°apacheå®è£ å¨e:\apacheä¸ã
é ç½®apacheéçmendedï¼éå½å为php.ini并æ·è´å°windowsç®å½ä¸ã
NTFSä¸è®°å¾ç»æå¡å¨å¼PHP.iniç读æéã
æ¥æ¾extension_diråé¢çæ¹ä¸ºe:/php/ext
æ¥æ¾WindowsExtensionsï¼æä¸é¢æä¸æç;extension=php_***.dllçåå·å»æï¼å°±æ¯æ¯æç»ä»¶äºãææextension=php_gd2.dllextension=php_mbstring.dllextension=php_mysql.dllçåå·å»æäºã
php5é»è®¤ä¸æ¯æmysqläº,æ以è¦ä¸ºä»æ·»å æ¯æ,é¤äºextension=php_mysql.dllå»åå·ä¹å¤ï¼å¨phpç®å½éæ个libmysql.dllæ件,æå®å¤å¶å°ç³»ç»çsystemæ件夹ä¸,å¤å¶php.iniå°windowsç®å½ä¸ã
æ¤æ¶PHPç¯å¢åºæ¬å·²ç»é ç½®æå
å¨WEBæ ¹ç®å½é建ä¸ä¸ªå为test.phpçæ件å 容å¦ä¸
echophpinfo();?éæ°å¯å¨apacheæå¡ï¼ç¨æµè§å¨æå¼
å¦æå¯ä»¥çå°phpé ç½®è¾åºä¿¡æ¯å°±æåäº
å®è£ mysql
å°mysqlå®è£ å°æå®ç®å½ï¼ç¶åå®è£ ç¨åºä¼å¼å¯¼ä½ ä¸æ¥æ¥é ç½®ãä¸è¿å¥æªçæ¯æåä»»å¡æ 没æåºç°Mysqlçå¾æ ã
ä¿®æ¹mysqlæ°æ®åºçrootå¯ç
ç¨cmdè¿å ¥å½ä»è¡æ¨¡å¼è¾å ¥å¦ä¸å½ä»¤:(注:d:\mysql为mysqlå®è£ ç®å½)
cdd:\mysql\bin
mysqladmin-uroot-ppassword
å车åºç°
Enterpassword:(注:è¿æ¯å«ä½ è¾å ¥åå¯ç .åå®è£ æ¶å¯ç 为空,æ以ç´æ¥å车å³å¯)
æ¤æ¶mysqlä¸è´¦å·rootçå¯ç 被æ¹ä¸ºå®è£ å®æ¯
é ç½®php.ini并æµè¯mysql
æ¾å°extension_dir=./æ¹ä¸ºextension_dir=e:/php/ext
æ¾å°
;extension=php_mysql.dll
å°';'å»ææ¹ä¸º
extension=php_mysql.dll
æ¾å°
;session.save_path=/tmp
å°';'å»æè®¾ç½®ä½ ä¿åsessionçç®å½ï¼å¦
session.save_path=e:/php/session_temp
éå¯apacheæå¡
å¨Webæ ¹ç®å½ä¸å»ºç«testdb.phpæ件å 容å¦ä¸ï¼
php$link=mysql_connect('localhost','root','');
if(!$link)echofail;
elseechosuccess;
mysql_close();
ç¨æµè§å¨æå¼å¦æè¾åºsuccesså°±OKäº
phpmyadminçå®è£ é ç½®
å°phpMyAdmin-V2.6.2-pl1.zip解åå°WEBæ ¹ç®å½ä¸å»ï¼éå½åæ件夹为phpmyadminæå ¶å®
æå¼phpmyadminç®å½ä¸çconfig.inc.php
æ¾å°
$cfg['Servers'][$i]['user']='root';
$cfg['Servers'][$i]['password']='';
åå«å¡«ä¸ç¨æ·ååå¯ç
linuxphpç½ç«æä¹å®è£
ä¸ãå®è£ Apache2.2.
1ãå°å®ç½ä¸è½½
2ã解å
tar-zxvfpilerfoundin$Path
ç´æ¥è¿è¡yuminstallgccï¼å®è£ Gccå³å¯
第ä¸ä¸ªé®é¢ä¸ºï¼pcre-configforlibpcrenotfound
解å³æ¹æ³å°±æ¯ä¸è½½prceå®è£ å ï¼åAPR类似ï¼å®è£ å°/usr/local/pcreæ件夹ä¸é¢å³å¯ãPS:fedoraä¸å®è£ c++ç¼è¯å¨g++çå½ä»¤ä¸ºï¼yuminstallgcc-c++ã
5ãç¼è¯
make
6ãå®è£
makeinstall
7ãå¯å¨ï¼éå¯ååæ¢ï¼å åæ¢å°å®è£ å®æåçç®å½/usr/local/apache2/bin
./apachectl-kstart
./apachectl-krestart
./apachectl-kstop
8ãé ç½®æ件(满足æåºæ¬çé ç½®)
ç¼è¾/usr/local/apache2/conf/press.Z
AddTypeapplication/x-gzip.gz.tgz
å¨åé¢æ·»å ï¼
AddTypeapplication/x-httpd-php.phpï¼ä½¿Apccheæ¯æPHPï¼
AddTypeapplication/x-httpd-php-source.php5
æ¾å°ï¼
IfModuledir_module
DirectoryIndexindex.html
/IfModule
æ·»å ï¼
IfModuledir_module
DirectoryIndexindex.htmlindex.php
/IfModule
æ¾å°ï¼
ï¼ServerName
ä¿®æ¹ä¸ºï¼
ServerName.0.0.1:æè ServerNamelocalhost:
è®°å¾è¦å»æåé¢çâï¼â
9ãæµè¯
å¨æµè§å¨éè¾å ¥
å¦æåºç°ItWorks!说ææåãè¿æ¯æçæµè¯ç»æ:O(â©_â©)Oåå~
ãä¿®æ¹é»è®¤çWebç«ç¹ç®å½
é»è®¤çç®å½ä¸º"/usr/local/apache2/htdocs"ï¼ä¿®æ¹apacheçé ç½®æ件httpd.confï¼æ¯å¦å¨æ°å»ºä¸ä¸ª/home/gyw/WebSiteçç®å½ä½ä¸ºapacheçç«ç¹ç®å½
æ¾å°DocumentRootè¿ä¸è¡ä¿®æ¹ä¸ºï¼DocumentRoot"/home/gyw/WebSite"
æ¾å°Directoryè¿ä¸è¡ä¿®æ¹ä¸ºï¼Directory"/home/gyw/WebSite"
æµè¯:ä¿®æ¹å°æ件夹åºç°é误:
âYoudon'thavepermissiontoaccess/index.htmlonthisserver.â
解å³æ¹æ³:
æ´æ¹æ件æéï¼chmodindex.html
æå¼apacheé ç½®æ件httpd.confï¼æ¾å°è¿ä¹ä¸æ®µï¼
Directory/
OptionsFollowSymLinks
AllowOverrideNone
Orderdeny,allow
denyfromall
Satisfyall
/Directory
æµè¯ç»æå¦ä¸ï¼
äºãå®è£ PHP
1ãä¸è½½
2ã解å
tar-zxvfphp-5.3..tar.gz
3ã建ç«ç®æ æ件夹
mkdir/usr/local/php
ä¹å°±æ¯è¯´çä¸å®è£ çphpè¦å®è£ å°è¿ä¸ªæ件夹éé¢
4ãé ç½®
åå°åæ¥è§£ååçæ件夹
./configure--prefix=/usr/local/php--with-apxs2=/usr/local/apache/bin/apxs
注æè¿éæä¸ä¸ª-with-apxs2=/usr/local/apache/bin/apxsé项ï¼å ¶ä¸apxsæ¯å¨å®è£ Apacheæ¶äº§ççï¼apxsæ¯ä¸ä¸ªä¸ºApacheHTTPæå¡å¨ç¼è¯åå®è£ æ©å±æ¨¡åçå·¥å ·ï¼ä½¿ä¹å¯ä»¥ç¨ç±mod_soæä¾çLoadModuleæ令å¨è¿è¡æ¶å è½½å°Apacheæå¡å¨ä¸ãæçç解æ¯éè¿è¿ä¸ªå·¥å ·æPHP模åå¨æå è½½å°Apacheä¸
åºç°é误:configure:error:xml2-confignotfound.Pleasecheckyourlibxml2installation.
è¿è¡yuminstalllibxml2ï¼ç¶ååè¿è¡yuminstalllibxml2-develå®è£ å®æ¯åï¼éæ°è¿è¡ä¸é¢ç./configureå½ä»¤ã
5ãç¼è¯
make
6ãæµè¯ç¼è¯
maketest
7ãå®è£
makeinstall
8ãé ç½®æ件
cp/usr/local/src/php-5.3./php.ini-development/usr/local/php/lib/php.ini
æåæ¥ä½äºæºä»£ç éé¢çphp.ini-developmentæ·è´å°/usr/local/php/lib/php.iniä¸ï¼å¹¶ä¸éå½å为php.ini
9.éå¯apache
ãæµè¯
å¨apacheçhtdocsä¸å»ºç«ä¸ä¸ªphpæ件test.phpï¼éé¢çå 容å¦ä¸ï¼
phpphpinfo();
ç¶åå¨æµè§å¨éè¾å ¥
å¦æåºç°phpçç¸å ³é ç½®ï¼æåï¼å¦æä»ä¹é½æ²¡æè¾å ¥ï¼è¯´æ失败ï¼éæ°ä»¥ä¸æ¥éª¤æè æ¥æ¾åå
å¦æå³å®å¨å®è£ åæ¹åé ç½®é项ï¼åªééå¤æåçä¸æ¥configure,make,以åmakeinstallï¼ç¶åéè¦éæ°å¯å¨Apache使æ°æ¨¡åçæãApacheä¸éè¦éæ°ç¼è¯ã
æµè¯ç»æå¦ä¸å¾:
ä¸ãå®è£ MySql
1ãä¸è½½
å°å®ç½ä¸è½½mysql-5.1..tar.gzï¼æ³¨ææ¯æºç å ï¼
2ã解å
tar-zxvfmysql-5.1..tar.gz
3ã建ç«ç®æ æ件夹
mkdir/usr/local/mysql
ä¹å°±æ¯è¯´çä¸å®è£ çmysqlè¦å®è£ å°è¿ä¸ªæ件夹éé¢
4ãé ç½®
./configure--prefix=/usr/local/mysql/
å¨./configureæ¶åºç°é误ï¼error:Nocurses/termcaplibraryfound
ä¸è½½å®è£ ç¸åºè½¯ä»¶å
yumlist|grepncurses
yum-yinstallncurses-devel
yuminstallncurses-devel
5ãç¼è¯
make
6ãå®è£
makeinstall
7ãå¯å¨
MySQLæå¡å¹¶ä¸ä¼èªå¨å¯å¨ï¼è¿éè¦å åå§åMySQLæ°æ®åºï¼æä½å¦ä¸ï¼
cd/usr/local/mysql/bin
sudo./mysql_install_db--user=root
注æï¼è¿éæåçrootæ¯æå¯ä»¥æä½æ°æ®åºçç¨æ·ï¼å¯ä»¥æ¯å½åç¨æ·ï¼ä¹å¯ä»¥æ°å»ºç¨æ·ï¼ä¸linuxä¸çrootç¨æ·æ¯ä¸¤åäºï¼å¯ä»¥èªå·±åä¸ä¸ªåå
./mysqld_safe--user=rootè¿æ¡å½ä»¤è´è´£å¯å¨mysqlæå¡çå®æ¤è¿ç¨ï¼æ¤å¤æåçæ¶å¿ é¡»çï¼å 为å¸æå®æ¤è¿ç¨å¨åå°è¿è¡
è¿éçrootå°±æ¯åæçé£ä¸ª
8ãä¸ºæ ¹ç¨æ·å建å¯ç
./mysqladmin-urootpasswordââ
å¦ærootå·²ç»è®¾ç½®è¿å¯ç ï¼éç¨å¦ä¸æ¹æ³
./mysqladmin-urootpasswordoldpassââ
9ãæµè¯
mysql-uroot-p
ä¼æ示è¾å ¥å¯ç ï¼å°±ç¨åæ设置çå¯ç
å¦æåºç°mysqlï¼è¯´æè¿æ¥æåäº,ä¸é¢éè¿å½ä»¤å建ä¸ä¸ªæ°æ®åºã建ä¸ä¸ªè¡¨ï¼å¢å ä¸æ¡è®°å½ï¼ä¸ºåé¢çæµè¯åå¤
mysqlcreatedatabasegywtest;
mysqlusegywtest;
mysqlcreatetablestudent(idint(4)notnullprimarykeyauto_increment,stunamechar());
mysqlinsertintostudent(stuname)values('Tom');
注ææ¯æ¡å½ä»¤åé¢æ个åå·ï¼å¦æä¸é¢çé½æåï¼åé¢å°±å¯ä»¥ç¨è¿ä¸ªæµè¯ã
åãå°PHPä¸MySqlç»åèµ·æ¥
1ãéæ°é ç½®PHPï¼æ¹åé ç½®é项ï¼åªééå¤PHPå®è£ æ¶çæåçä¸æ¥configure,make,以åmakeinstallï¼ç¶åéè¦éæ°å¯å¨Apache使æ°æ¨¡åçæï¼Apacheä¸éè¦éæ°ç¼è¯ã
2ãé ç½®
./configure--prefix=/usr/local/php--with-apxs2=/usr/local/apache2/bin/apxs--with-mysqli=/usr/local/mysql/bin/mysql_config注æmysql_configçè·¯å¾
3ãç¼è¯make
4ãå®è£ makeinstalle
5ãæµè¯åä¸ä¸ªé¡µé¢test.php,æ¾å¨apacheçwebç®å½ä¸ï¼æµè¯ä¸é¢ç¨å½ä»¤å建çæ°æ®åº
php$mysqli=newmysqli();
$mysqli-connect('localhost','root','','gywtest');
//å建æ¥è¯¢
$sqlstr='select*fromstudent';
//åéæ¥è¯¢ç»MySql
$result=$mysqli-query($sqlstr);
while($row=$result-fetch_object())
{
$name=$row-stuname;
echo$name;
}
Fatalerror:Class'mysqli'notfoundin/home/lufangtao/Project/DB.phponline3
解å³æ¹æ³ï¼
/usr/local/php/bin/phpizeè¿éå车è¿è¡
åºéï¼
Cannotfindconfig.m4.
Makesurethatyourun'./phpize'inthetoplevelsourcedirectoryofthemodule
解å³æ¹æ³ï¼
PHPæºç å æ件夹ä¸çEXTæ件夹就æ¯æ¾ç½®çç®åçæ¬çå¯ç¨æ©å±ï¼CDè¿å»ççé½æåªäºä½ éè¦çï¼åºè¯¥çå°mysqliæ件夹äºå§~~~
å¨å½åç®å½ä¸æ§è¡phpize
[root@localhostmysqli]#/usr/local/php/bin/phpize
Configuringfor:
PHPApiVersion:
ZendModeuleApiNo:
ZendExtensionApiNo:
Cannotfindautoconf.Pleasecheckyourautoconfinstallationandthe
$PHP_AUTOCONFenvironmentvariable.Then,rerunthisscript.
解å³æ¹æ³ï¼
yuminstallautoconfå次è¿è¡ä¸é¢çå½ä»¤å³å¯ã
[root@localhostmysqli]#./configureâprefix=/opt/mysqliâwith-php-config=/opt/php/bin/php-configâwith-mysqli=/opt/mysql/bin/mysql_config
[root@localhostmysqli]#make
[root@localhostmysqli]#makeinstall
å®è£ å®æåä¼ææ示æ©å±æå¨ç®å½è·¯å¾ï¼å¦ï¼
/opt/php/lib/php/extensions/no-debug-zts-php
æéçmysqli.so便ä¼å¨æ¤ç®å½ä¸ï¼æ¥ä¸æ¥ä¿®æ¹/opt/php/etc/ä¸çphp.iniæ件ï¼å å ¥mysqliæ©å±ï¼å³å å ¥å¦ä¸ä¸è¡ï¼
extension=/opt/php/lib/php/extensions/no-debug-zts-/mysqli.so
è¿éè¿æ¯ååºç°é误ï¼
åèå客
解å³ä¸ç¨æ©å±è¿æ¥MySQLçæ¹æ³ã
æç»