SOA 漏洞

发布于 2024-08-20 10:03:57 字数 218 浏览 6 评论 0 原文

我是一名研究生。我必须写一篇关于 SOA 漏洞(SOA 安全)的硕士学位论文。从某种意义上说,寻找网络服务中的漏洞或寻找现有漏洞的解决方案。在这个方向上,我一直在寻找 SOA 中的漏洞。一旦发现漏洞,我就必须刺激它并向我的向导展示。我在OWASP中相应区域发现的一些攻击有DOS攻击、注入攻击(SQL注入、XPath注入)。我现在无法做出正确的决定,也不知道下一步该做什么。
谁能告诉我怎样才能成功到达目的地?

I am a post graduate student. I have to do a masters thesis on SOA vulnerabilities(SOA security). In the sense, finding vulnerabilities in web services or finding solutions to the existing vulnerabilities. In that direction i have been searching for vulnerabilities in SOA. Once the vulnerability is find i have to stimulate it and show to my guide. Some attacks i found in OWASP in the corresponding areas are DOS attacks, Injection attacks(SQL injection,XPath injection). I could not able to take a proper decision at the moment so as what to do next.

Can anyone please tell me how could i proceed to successfully reach the destination?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

江湖彼岸 2024-08-27 10:03:57

为了帮助您进行研究,我声明了这个网站:

http://www.packetstormsecurity.com

这个网站有很多关于漏洞利用/黑客/修复的信息,以及很多关于跨站点服务器脚本/dos攻击/sql注入等的信息。
如果您确实需要有关各种攻击和修复的更多信息或好文章,您应该认真考虑查看该页面。

To help you out a bit on your research i'm stating this website:

http://www.packetstormsecurity.com

This website has alot of information regarding to exploits / hacks / fixxes and alot of info about cross site server scripting / dos-attacks / sql-injection etc etc etc.
If you really need more info or nice articles about various attacks and fixxes you should seriously consider checking out that page.

梦魇绽荼蘼 2024-08-27 10:03:57

一般来说,你应该与你的导师深入讨论这个问题,而不是一般地在网上询问。

Generally, you should discuss this in depth with your tutor rather than ask the internet in general.

最笨的告白 2024-08-27 10:03:57

计算机安全领域非常广阔,总有一些东西值得探索。这就是我喜欢黑客的原因之一。

目前,我正在开发一项杰作,它将成为我八月份 Blackhat/Defcon 演讲的基础。我认为编写漏洞利用代码对于理解漏洞利用过程至关重要。即使你是最阿里乌斯派的白帽子,你也必须编写漏洞利用程序,否则你将永远落后于攻击的技巧。我喜欢去黑客那里获取安全研究的想法。发现新的攻击也很有帮助。

您没有提到的一些事情是内存操纵攻击,例如缓冲区溢出。现代缓冲区溢出比 Aleph One 为了乐趣和利润而破坏堆栈更难利用。您应该研究现代的 ASLR 绕过方法,例如堆喷射或堆风水。像 jmp2reg(jmp2esp Jump2ebx 等...)这样的攻击对于绕过 ASLR 也很有趣。

攻击 ActiveX 组件很有趣。我使用 HD Moore 的 AxMan 取得了巨大成功。这是我使用 AxMan 发现的远程代码执行漏洞: http://www.milw0rm.com/exploits/ 7910 。以下是我编写的更多漏洞: http://www.milw0rm.com/author/677。迄今为止最好的模糊器是 PeachFuzz,为它编写一些坑文件可能是非常富有成效的研究。

缓冲区溢出和 SQL 注入是最受关注的,但是漏洞有几百个类别,它们由 CWE 号码。它值得探索,我认为 NIST 认为漏洞是什么会让您感到惊讶。

The field of computer security is massive and there is always something to explore. This is one of the reasons why I love hacking.

Currently I am working on a masterpiece exploit that will be the basis for my Blackhat/Defcon talk in august. I think that writing exploit code is vital for understanding the exploitation process. Even if you are the most Arian of white hats, you must write exploit or you will always be behind the attacks in terms of skill. I love going to hacker cons to get now ideas for my security research. It is also helpful to see new attacks.

Some things that you have no mentioned are Memory manipulation attacks such as buffer overflows. Modern buffer overflows are more difficult to exploit than Aleph One's smashing the stack for fun and profit. You should look into modern bypasses to ASLR such as heap spraying or heap feng shui. Attacks like jmp2reg (jmp2esp jump2ebx ect...) are also interesting for bypasses for ASLR.

Attacking ActiveX components is fun. I used H.D. Moore's AxMan with great success. Here is the remote code execution exploit I found using AxMan: http://www.milw0rm.com/exploits/7910 . Here are more exploits that I have written: http://www.milw0rm.com/author/677 . The best fuzzer is by far PeachFuzz, and writing a some pit files for it can be very fruitful research.

Buffer overflows and sql injection are the most talked about, but there are a couple hundred categories for vulnerabilities and they are identified by CWE numbers. Its worth exploring, I think it will surprised you what NIST thinks a vulnerability is.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文