|
|
- 2015
Joomla内容管理系统漏洞利用技术
|
Abstract:
摘要 设计并实现Joomla的漏洞利用工具JoomHack,使用针对Joomla CMS的特点精心构造成的攻击向量组建在线共享更新的漏洞检测库,遍历攻击向量来进行漏洞测试利用,以漏洞库中的攻击向量作为种子,扩展成新的攻击向量,大大提高了漏洞利用成功率.使用该工具和Joomscan以及其他通用渗透测试工具对不同版本的Joomla CMS进行漏洞扫描,结果证明该工具对于Joomla CMS的漏洞利用具有更高的优越性.JoomHack可以有效地对Joomla站点进行漏洞扫描利用以及风险评估,为漏洞修复等安全工作打下基础,是一种效果好成本低的Web应用安全防护方案.
| [1] | <p> IBM. IBM Internet Security Systems X-Force 2013 mid-year trend statistics[EB/OL]. (2013-10-19)[2014-07-20]. http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&appname=SWGE_WG_WG_USEN&htmlfid=WGL03036USEN&attachment=WGL03036USEN.PDF. |
| [2] | CERT Australia. Cyber crime and security survey report[EB/OL]. (2013-09-19)[2014-07-20]. http://www.canberra.edu.au/cis/storage/Cyber%20Crime%20and%20Security%20Survey%20Report%202012.pdf. |
| [3] | Fong E, Okun V. Web application scanners:definitions and functions[C]//System Sciences, IEEE International Conference, 2007:280-287. |
| [4] | Yeo J. Using penetration testing to enhance your company's security[J]. Computer Fraud & Security, 2013(4):17-20. |
| [5] | W3techs. Historical trends in the usage of content management systems for websites[EB/OL]. (2013-07-31)[2014-07-20]. http://w3techs.com/technologies/history_overview/content_management/all. |
| [6] | Patel S K, Rathod V R, Parikh S. Joomla, Drupal and WordPress:a statistical comparison of open source CMS[C]//Trends in Information Sciences and Computing (TISC), IEEE International Conference on, 2011:182-187. |
| [7] | Patel S K, Rathod V R, Prajapati J B. Performance analysis of content management systems:Joomla, Drupal and WordPress[J]. International Journal of Computer Applications, 2011(4):39-43. |
| [8] | Jensen T, Pedersen H, Olesen M C, et al. THAPS:automated vulnerability scanning of PHP applications[M]//Secure IT Systems, Springer Berlin Heidelberg, 2012:31-46. |
| [9] | Rahmel D. Joomla database administration and configuration[M].Advanced Joomla!, Apress, 2013:185-210. |
| [10] | Rahmel D. Joomla security administration[M]. Advanced Joomla!, Apress, 2013:159-183. |
| [11] | Joomla. What is Joomla?[EB/OL]. (2013-04-09)[2014-07-30]. http://www.joomla.org/about-joomla.html. |
| [12] | OWASP. Category:OWASP top ten project[EB/OL]. (2013-05-02)[2014-07-30]. https://www.owasp.org/index.php/Cate gory:OWASP_Top_Ten_Project. |
| [13] | NVD. National vulnerability database[EB/OL]. (2013-05-23)[2014-07-30]. http://nvd.nist.gov/. |
| [14] | EDB. The exploit database[EB/OL]. (2013-05-23)[2014-07-20]. http://www.exploit-db.com/. |
| [15] | Kieyzun A, Guo P J, Jayaraman K, et al. Automatic creation of SQL injection and cross-site scripting attacks[C]//Software Engineering, IEEE 31st International Conference, 2009:199-209. |
| [16] | Hoebel V. The Joomla hacking compendium[EB/OL]. (2013-05-03)[2014-07-20]. http://www.exploit-db.com/papers/15780/. |
| [17] | Farooq A, Javed F, Hussain M, et al. Open source content management systems:a canvass[J]. International Journal of Multidisciplinary Sciences and Engineering, 2012(3):38-43. |
| [18] | W3techs. World wide web technology surveys[EB/OL]. (2013-03-23)[2014-07-20]. http://w3techs.com. |
| [19] | OpenSource CMS. CMS demos & information[EB/OL]. (2013-03-27)[2014-07-20]. http://www.opensourcecms.com/. |
| [20] | Rahmel D. Joomla and web services[M]. Advanced Joomla!, Apress, 2013:131-157. |
| [21] | Rahmel D. Customizing Joomla with widgets[M]. Advanced Joomla!, Apress, 2013:25-43. |
| [22] | Lam M S, Martin M, Livshits B, et al. Securing web applications with static and dynamic information flow tracking[C]//Proceedings of the 2008 on Partial evaluation and semantics-based program manipulation, ACM Sigplan symposium, 2008:3-12. |
| [23] | Patel S K, Rathod V R, Prajapati J B. Comparative analysis of web security in open source content management system[C]//Intelligent Systems and Signal Processing (ISSP), IEEE International Conference, 2013:344-349. |
| [24] | Walden J, Doyle M, Welch G A, et al. Security of open source web applications[C]//Proceedings of the 20093rd International Symposium on Empirical Software Engineering and Measurement, IEEE Computer Society, 2009:545-553. |
| [25] | Bau J, Bursztein E, Gupta D, et al. State of the art:automated black-box web application vulnerability testing[C]//Security and Privacy (SP), IEEE Symposium, 2010:332-345. |
| [26] | Mavituna Security. What is Netsparker?[EB/OL]. (2013-03-29)[2014-07-30]. https://www.mavitunasecurity.com/netsparker/. |
| [27] | Janusec. WebCruiser|Web Vulnerability Scanner, SQL Injection Tool![EB/OL]. (2013-03-31)[2014-07-30]. http://sec4app.com/. |
| [28] | Acunetix. Audit your website security with acunetix web vulnerability scanner[EB/OL]. (2013-03-39)[2014-07-30]. http://www.acunetix.com/vulnerability-scanner/. |
| [29] | Sense Post. Wikto[EB/OL]. (2013-04-20)[2014-07-30].http://research.sensepost.com/tools/web/wikto. |
| [30] | Joomla. What is Joomla?[EB/OL]. (2013-03-27)[2014-07-20]. http://www.joomla.org/about-joomla.html. |
| [31] | 2011 Open source awards[EB/OL]. (2013-03-28)[2014-07-30]. http://www.packtpub.com/open-source-awards-home. |
| [32] | Jovanovic N, Kruegel C, Kirda E. Pixy:a static analysis tool for detecting web application vulnerabilities[C]//Security and Privacy, IEEE Symposium, 2006. |
| [33] | Wassermann G, Su Z. Sound and precise analysis of web applications for injection vulnerabilities[C]//Sigplan Notices, ACM, 2007:32-41. |
| [34] | Kals S, Kirda E, Kruegel C, et al. Secubat:a web vulnerability scanner[C]//Proceedings of the 15th international conference on World Wide Web, ACM, 2006:247-256. |
| [35] | Huang Y W, Huang S K, Lin T P, et al. Web application security assessment by fault injection and behavior monitoring[C]//Proceedings of the 12th international conference on World Wide Web, ACM, 2003:148-159. |
| [36] | IBM. Appscan[EB/OL]. (2013-04-03)[2014-07-30].http://www-03.ibm.com/software/products/us/en/appscan/. |
| [37] | OWASP. ZAP[EB/OL]. (2013-03-10)[2014-07-30].https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project.</p> |
