Chip 2003 April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2003 April / Chip_2003-04_cd1.bin / tema / krypta / articles.php@ID=155 < prev next >

Wrap

Text File | 2003-02-02 | 15KB | 376 lines

<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title>Krypta.cz - Zßkladnφ obrana proti p°evzetφ domΘny na stran∞ klienta</title> <link rel="StyleSheet" href="server/main.css" type="text/css"> <link rel="SHORTCUT ICON" href="server/favicon.ico"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1250"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="robots" content="ALL,FOLLOW"> <meta http-equiv="Content-language" content="cs"> <meta name="description" content="Internetov² bezpeΦnostnφ portßl, zab²vajφcφ se kryptografiφ (Üifrovßnφm), ochranou dat, internetovou bezepeΦnostφ a poΦφtaΦov²mi viry"> <meta name="keywords" content="Üifrovßnφ cryptography pgp des aes rsa dss digital signatures pki linux free bezpeΦnost ochrana hacking cracking virus worm"> <meta name="copyright" content="Copyright (C) 2000-2002 Krypta.cz - <a href=mailto:michal.till@krypta.cz>Michal Till</a> a <a href=mailto:jan.kulveit@krypta.cz>Jan Kulveit</a>.">   <script language="JavaScript">  </script>  <script language="JavaScript" type="text/javascript">  </script> <noscript> <img style="position:absolute; top:0px; left: 0px;" src="../hit.navrcholu.cz/hit@id=00039669;n=1" width="1" height="1" alt="" border="0"> </noscript>  <STYLE Type=text/css> BODY { font-size:110%; background-color: #ffffff; color: #000000; margin: 0px; background-image: url(images/backgr.gif); } .Copyright { color: #000000; } .Copyright A { color: #000000; } </STYLE> </head> <SCRIPT> </SCRIPT><SCRIPT Src=charts.php@version=1621></SCRIPT><SCRIPT> // Nalezeno 1 polozek. var SectionTitles=new Array( "Zßkladnφ obrana proti p°evzetφ domΘny n" ); var SectionURLs=new Array( "155" ); var BrothersNames = new Array("BezpeΦnost a autorizace na WWW I. : protokol HTTP","BezpeΦnost a autorizace na WWW II.","HTML problΘm : cizφ k≤d a formulß°e","PφÜeme bezpeΦnou webovou aplikaci - dφl 1.","K php upload bug zve°ejn∞n exploit, Apache + mod_ssl","Zßkladnφ obrana proti p°evzetφ domΘny na stran∞ klienta",""); var BrothersIDs = new Array("32","33","110","122","154","155",""); //=====INFO====== ItemName='Article155'; InIFrame='No'; TableNum=2; ItemID=155; ArticleType='3'; Action='articles' ItemTitle='Zßkladnφ obrana proti p°evzetφ domΘny na stran∞ klienta'; ItemComment='Zßkladnφ obrana proti p°evzetφ domΘny na stran∞ klienta'; TabName='Articles' Parent1Title='HTTP (WWW) & SSL' ; Parent2Title='BezpeΦnost internetu' ; Parent1ID='43' ; Parent2ID='22' ; ParentTitle='HTTP (WWW) & SSL' ; AuthorName='Michal Till' ; AuthorDesc='' ; AuthorEMail='Michal.Till_40Seznam.cz' ; AuthorID='1' ; ItemDate='6.3.2002'; Views='432' ; Average='1.00' ; Grade='1' ; NumVotes='2' ; SourceName='' ; SourceURL='' ; SourceLink='' ; Ref1URL='' ; Ref2URL='' ; Ref3URL='' ; Ref4URL='' ; Ref5URL='' ; Ref1Link='' ; Ref2Link='' ; Ref3Link='' ; Ref4Link='' ; Ref5Link='' ; Ref1Desc='' ; Ref2Desc='' ; Ref3Desc='' ; Ref4Desc='' ; Ref5Desc='' ; Possible=1 ; Answer1='' ; Answer2='' ; Answer3='' ; Answer4='' ; Answer5='' ; Num1=''; Num2=''; Num3=''; Num4=''; Num5=''; Type= ''; //def WebName='Krypta.cz'; //====ENDINFO====== </SCRIPT> <BODY> </SCRIPT> <SCRIPT Language=JavaScript Src="server/startfeatures.php@Rand=ddd "> </SCRIPT><SCRIPT Language=JavaScript Src="server/features.php"> </SCRIPT> <TABLE cellspacing="0" cellpadding="0" border="0" width="100%"> <tr>  <td width="161" align="center" valign="top"> <img src=space.gif height=1 width=161> <SCRIPT SRC=server/left_js.php@version=1621></SCRIPT></td>   <td width=13 bgcolor="#006792" ><img src="images/spacer.gif" width="13" height="1" border="0" alt=""></td>   <td width=1 bgcolor=#1063A5><img src="images/spacer.gif" width="1" height="1" border="0" alt=""></td>   <td width=10><img src="images/spacer.gif" width="10" height="1" border="0" alt=""></td>   <td align="center" valign="top">   <TABLE cellspacing="0" cellpadding="0" border="0" width="100%" class="hrlista"> <tr>  <td VAlign=Top> <a href="default.htm"><img src="images/logo.gif" style="z-index:100;" vspace=0 cwidth="222" cheight="48" border="0" alt="Krypta.cz - Magazφn o informaΦnφ bezpeΦnosti"></a> </td>  <td align=center> </td></tr></table>   <TABLE Width=100% Border=0><TD><SCRIPT> </SCRIPT><SCRIPT> ArticleHead('Zßkladnφ obrana proti p°evzetφ domΘny na stran∞ klienta', 'Michal Till', 'Michal.Till_40Seznam.cz', '6.3.2002', '00:15:03', 'Nßvod'); Intro('Mo₧nost p°evzetφ domΘny pomocφ DHTML/JavaScriptu spolu se vÜemi bezpeΦnostnφmi mechanismy je jeden z nejΦast∞jÜφch neduh∙ webov²ch aplikacφ. Dnes bych rßd poskytnul Φtenß°∙m knihovnu (PHP) kterß tento problΘm komplexn∞ °eÜφ.'); ArticleBanner_smallres('margin-bottom:10px;margin-top:-3px;'); </SCRIPT> <DIV Class=Article><SCRIPT> AuthorData(); if (Type != 'Pure') if ((ArticleType!=19) && (ArticleType!=20)) ShowSections(); ArticleBanner_bigres('margin-top:12px;margin-bottom:-3px;'); </SCRIPT><FONT Size=2><DIV Align=Justify Class=Paragraph> ProblΘm cross-frame scriptingu byl na tomto serveru diskutovßn ji₧ mnohokrßt. Pravd∞podobn∞ nejlΘpe danΘ tΘma nov²m Φtenß°∙m osv∞tlφ rozsßhl² Φlßnek <a href=articles.php@ID=122>PφÜeme bezpeΦnou webovou aplikaci</a>. Velmi zjednoduÜen∞ jde o problΘm vypisovßnφ cizφho k≤du strßnkou v naÜφ domΘn∞. Takov²to k≤d pak mß p°φstup ke vÜem objekt∙m (cookies, ostatnφ framy) jako p∙vodnφ strßnky. InternetovΘ prohlφ₧eΦe, jako nap°φklad Internet Explorer, pou₧φvajφ p°itom k zabezpeΦenφ koncepci "stejnΘ adresy serveru". Strßnky z jednΘ adresy majφ stejnß bezpeΦnostnφ oprßvn∞nφ, vlo₧enφm k≤du do jednΘ strßnky tedy dojde k "uko°ist∞nφ" celΘ pou₧φvanΘ domΘny. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> N∞kterΘ server-side skripty (resp. jejich interpreti) umo₧≥ujφ implicitn∞ nastavit kontrolu vstupnφch prom∞nn²ch a nahrazenφ n∞kter²ch citliv²ch znak∙. Vlastnφ °eÜenφ mß proti tomuto ale n∞kolik p°ednostφ, p°edevÜφm jde o maximßlnφ kontrolu nad pou₧it²mi mechanizmy, kdy m∙₧eme zabrßnit vstupu nejen jednotliv²ch znak∙, ale i cel²ch slov. N∞kdy je nutnΘ zabrßnit vlo₧enφ nesprßvnΘho SQL p°φkazu (p°ed citlivΘ znaky dßme zp∞tnΘ lomφtko), n∞kdy pot°ebujeme spφÜe zabrßnit v²pisu v∞tÜφtek a menÜφtek (znaky < a > zam∞nφme za &l<b></b>t; a &g<b></b>t; v tomto po°adφ), n∞kdy je nutnΘ provΘst obojφ. Lehkou modifikacφ tohoto skriptu m∙₧eme taktΘ₧ kontrolovat nap°. sprßvnost http Φi e-mailovΘ adresy, po zjiÜt∞nφ chyby m∙₧eme ihned p°esm∞rovat prohlφ₧eΦ na strßnku s chybovou hlßÜkou Φi Üpatnou hodnotu zapsat do logovacφho souboru. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> Äe nenφ velmi praktickΘ v ka₧dΘm skriptu ruΦn∞ oÜet°ovat hodnotu ka₧dΘ prom∞nnΘ, je jasnΘ. Vrhn∞me se tedy do programovßnφ knihovny, kterß tento problΘm °eÜφ komplexn∞. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> <PRE><SPAN Class=CODE>function Change(&$str, $From, $To, $End=""){ global $Changed; $Changed=0; $Str=" ".$str; $UpStr=StrToUpper($Str); $UpFrom=StrToUpper($From); $UpTo=StrToUpper($To); $LenFrom=StrLen($From); while ($i=StrPos($UpStr,$UpFrom)) { $UpStr=SubStr($UpStr,0,$i).$UpTo.SubStr($UpStr, $i+$LenFrom, 65530); $Str = SubStr($Str, 0, $i).$To.SubStr($Str, $i+$LenFrom, 65530); $Changed++; } if ($Changed==0) $End=""; $str=SubStr($Str, 1, 65530).$End; return $str; } </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> </SPAN></PRE> </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> P°edn∞ je nutnΘ ud∞lat vlastφ nahrazovacφ funkci. Ta zde uvedenß nenφ v mnoha ohledech ideßlnφ (nap°. ne°eÜφ problΘm zßm∞ny, kde novß hodnota obsahuje tu starou), nicmΘn∞ pro tyto ·Φely je krßtkß a efektivnφ. Pomocφ tΘ budeme nahrazovat jednotlivΘ nebezpeΦnΘ znaky a °et∞zce. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> <PRE><SPAN Class=CODE>function SafeVal($VarName) { global $$VarName; $SaveVal=$$VarName; if ((Is_Array($$VarName)==false) && (true)) { Change($$VarName,"<","&l<b></b>t;"); Change($$VarName,">","&g<b></b>t;"); Change($$VarName,"'","""); Change($$VarName,"\"","""); } if ($$VarName!=$SaveVal) { // zde by bylo zmi≥ovanΘ p°esm∞rovßnφ // nebo logovßnφ chyby } } </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> </SPAN></PRE> </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> Funkce <SPAN Class=CODE>SafeVal</SPAN> Provede postupnΘ nahrazenφ vÜech znak∙ v jednΘ prom∞nnΘ. V p°φpad∞ nalezenΘho rozdφlu p∙vodnφ a novΘ hodnoty se m∙₧e n∞co provΘst. Funkce musφ oÜet°it, zda prom∞nnß nenφ typu pole, nebo¥ v tomto p°φpad∞ by bylo nutnΘ p°ekonvertovat jednotlivΘ polo₧ky zvlßÜ¥. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> <PRE><SPAN Class=CODE>function MakeSafe(&$VarArray){ $Polozka=""; $Hodnota=""; if(isset($VarArray)): Reset($VarArray); while(List($Polozka, $Hodnota) = each($VarArray)): SafeVal($Polozka); endwhile; endif; } </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> </SPAN></PRE> </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> Nßsleduje pravd∞podobn∞ nejd∙le₧it∞jÜφ funkce. Mß v parametru pole, jeho₧ polo₧ky otestuje, pop°φpad∞ nahradφ. Je nutnΘ postupovat tak, aby se ji₧ nastavenΘ defaultnφ prom∞nnΘ typu $HTTP_USER_AGENT nep°epsaly, proto se nßzvy prom∞nn²ch berou z tohoto asocativnφho pole, ale kontrolujφ se ji₧ nastavenΘ hodnoty. V opaΦnΘm p°φpad∞ by mohl kdokoliv zmi≥ovanΘ prom∞nnΘ p°epsat. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> Nynφ p°ijde ji₧ jen volßnφ kontroly prom∞nn²ch p°edßvan²ch metodami POST, GET a COOKIES. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> <PRE><SPAN Class=CODE> MakeSafe($HTTP_POST_VARS); MakeSafe($HTTP_GET_VARS); MakeSafe($HTTP_COOKIE_VARS); </SPAN></PRE> </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> Na zßv∞r bych rßd podotkl, ₧e toto °eÜenφ je jen jedno z mnoha mo₧n²ch a mß svoje v²hody i nev²hody. N∞kdy je v²hodn∞jÜφ pou₧itφ mechanizm∙ intrerpreta skript∙, Φasto je ale nutnΘ si p°id∞lat vlastnφ oÜet°enφ nad rßmec toho zabudovanΘho. </DIV></FONT></b></i> <FONT Size=2><DIV Align=Justify Class=Paragraph> <UL STYLE="margin-right:50px;" Class=LinkItem><LI><a href="../atiks.ks.cz/~tillda/ai/cfs.php_">Celß knihovna</a><br><a href="../atiks.ks.cz/~tillda/ai/cfs.php_"><SPAN Align=Left Style="overflow:hidden;font-size:90%;"Class=Code>http://atiks.ks.cz/~tillda/ai/cfs.php_ </SPAN></a><br></UL> </DIV></FONT></b></i> </DIV> <SCRIPT> TextEnd('') </SCRIPT><SCRIPT> o('<br>'); hr(''); o('<TABLE '+CP+' '+CS+' style=\'position:relative;top:-'+sw('7','9')+'px;z-index:5\' xAlign=left '+B+'><TR><TD width=10><img HEIGHT=18 WIDTH=14 src=images/downgreyleft.gif hspace=0 vspace=0 '+B+' align=right><TD bgcolor=#E0E0E0><SPAN Style="font-size:12px;color:#000000;font-family:Verdana, Arial, Sans-Serif;position:relative;top:-2px;">Souvisejφcφ člßnky</SPAN><TD width=10><img src=images/downgreyright.gif width=17 height=18 hspace=0 vspace=0 '+B+' '+AL+'></TABLE>'); </SCRIPT><OL Class=None Type=Disc><LI style='margin-left:20px;' class=LinkItem><a href=articles.php@ID=74><SPAN Class=SeeAlso>Microsoftu hackli Passport</SPAN></a><LI style='margin-left:20px;' class=LinkItem><a href=articles.php@ID=80><SPAN Class=SeeAlso>Krademe cookies v Exploreru : krok za krokem</SPAN></a><LI style='margin-left:20px;' class=LinkItem><a href=articles.php@ID=50><SPAN Class=SeeAlso>WebTIP: CookieCentral.com</SPAN></a><LI style='margin-left:20px;' class=LinkItem><a href=articles.php@ID=77><SPAN Class=SeeAlso>Dφra v MSIE umo₧≥uje Φφst cookies</SPAN></a><LI style='margin-left:20px;' class=LinkItem><a href=articles.php@ID=122><SPAN Class=SeeAlso>PφÜeme bezpeΦnou webovou aplikaci - dφl 1.</SPAN></a></OL><SCRIPT> nie('<br>');AdditionalTablesBegin(); CommentsBegin('Zßkladnφ obrana proti p°evzetφ domΘny na stran∞ klienta',0); NoComments() CommentsEnd(); </SCRIPT><SCRIPT> ArticleEnd() </SCRIPT></TABLE>   <td width=5><img src="images/spacer.gif" width="5" height="1" border="0" alt=""></td>   <td width=1 bgcolor=#1063A5><img src="images/spacer.gif" width="1" height="1" border="0" alt=""></td>   <td width=13 bgcolor="#006792" ><img src="images/spacer.gif" width="13" height="1" border="0" alt=""></td>   <td bgcolor=#006792 width="0" align="center" valign="top"> <SCRIPT SRC=server/right_js.php@version=1621></SCRIPT><br> </td>  </tr>  <tr> <td bgcolor=#000000><img src=space.gif height=1 width=1></td> <td bgcolor=#000000></td> <td bgcolor=#000000></td> <td bgcolor=#FFFFFF></td> <td bgcolor=#FFFFFF></td> <td bgcolor=#FFFFFF></td> <td colspan=5 bgcolor=#000000></td> </tr> <tr bgcolor=#FFFFFF> <td><img src=space.gif height=20 width=1></td> <td></td> <td></td> <td></td> <td></td> <td></td> <td colspan=5></td> </tr>  </table>  <SCRIPT> Exec(ToExecute); ToExecute=""; </SCRIPT>   <TABLE cellspacing="0" cellpadding="0" border="0" width="100%" bgcolor=#ffffff> <TR><td colspan=5 align="center" bgcolor=#000000><img src=space.gif height=1 width=1></td></TR> <TR bgcolor=#f0f0f0> <td align="center"> <IMG Src=images/logo2.gif hspace=10 vspace=5> </td> <td> <DIV Style="margin-top:4px;margin-bottom:4px;" Class=Copyright><FONT Face=Arial Size=1> <b><u>Krypta.cz</u></b> - Magazφn o informaΦnφ bezpeΦnosti.<br> Copyright (C) 2000-2002 Krypta.cz - <a href=mailto:michal.till@krypta.cz>Michal Till</a> a <a href=mailto:jan.kulveit@krypta.cz>Jan Kulveit</a>. VÜechna prßva vyhrazena. <br> Tento server dodr₧uje prßvnφ p°edpisy o ochran∞ osobnφch ·daj∙, vΦetn∞ standardu P3P (<a href=server/policy.xml>policy</a>). </FONT></DIV> </td> <td> <IMG Src=geronimo.gif hspace=10 vspace=5> </td> <td> <DIV Style="margin-top:4px;margin-bottom:4px;" Class=Copyright><FONT Face=Arial Size=1> RedakΦnφ systΘm Geronimo<br> Copyright (C) 2001-2002 <a href=mailto:michal.till@krypta.cz>Michal Till</a> </FONT></DIV> </td> </td></tr></table>   </body> </html>