{"id":479591,"date":"2023-08-09T10:42:24","date_gmt":"2023-08-09T10:42:24","guid":{"rendered":""},"modified":"2023-09-05T11:19:08","modified_gmt":"2023-09-05T11:19:08","slug":"vulnerability","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/cn\/wiki\/vulnerability\/","title":{"rendered":"\u6f0f\u6d1e"},"content":{"rendered":"

\u5728\u8ba1\u7b97\u673a\u5b89\u5168\u7684\u80cc\u666f\u4e0b\uff0c\u6f0f\u6d1e\u662f\u6307\u7cfb\u7edf\u3001\u7f51\u7edc\u6216\u5e94\u7528\u7a0b\u5e8f\u4e2d\u53ef\u80fd\u88ab\u6076\u610f\u884c\u4e3a\u8005\u5229\u7528\u7684\u5f31\u70b9\u6216\u7f3a\u9677\u3002\u5b83\u662f\u7f51\u7edc\u5b89\u5168\u4e2d\u7684\u4e00\u4e2a\u91cd\u8981\u6982\u5ff5\uff0c\u5728\u7406\u89e3\u548c\u51cf\u8f7b\u6f5c\u5728\u5a01\u80c1\u65b9\u9762\u53d1\u6325\u7740\u91cd\u8981\u4f5c\u7528\u3002\u8bc6\u522b\u548c\u89e3\u51b3\u6f0f\u6d1e\u5bf9\u4e8e\u7ef4\u62a4\u7cfb\u7edf\u548c\u6570\u636e\u7684\u5b8c\u6574\u6027\u548c\u5b89\u5168\u6027\u81f3\u5173\u91cd\u8981\u3002<\/p>\n

\u6f0f\u6d1e\u7684\u8d77\u6e90\u548c\u9996\u6b21\u63d0\u53ca\u7684\u5386\u53f2<\/h2>\n

\u8ba1\u7b97\u673a\u7cfb\u7edf\u4e2d\u7684\u6f0f\u6d1e\u6982\u5ff5\u53ef\u4ee5\u8ffd\u6eaf\u5230\u8ba1\u7b97\u7684\u65e9\u671f\uff0c\u5f53\u65f6\u7814\u7a76\u4eba\u5458\u548c\u7a0b\u5e8f\u5458\u5f00\u59cb\u610f\u8bc6\u5230\u8f6f\u4ef6\u548c\u786c\u4ef6\u5bb9\u6613\u53d7\u5230\u5404\u79cd\u95ee\u9898\u7684\u5f71\u54cd\u3002\u9996\u6b21\u6b63\u5f0f\u63d0\u53ca\u5b89\u5168\u80cc\u666f\u4e0b\u7684\u6f0f\u6d1e\u901a\u5e38\u5f52\u529f\u4e8e\u8457\u540d\u7684\u8ba1\u7b97\u673a\u79d1\u5b66\u5bb6\u548c\u5bc6\u7801\u5b66\u5bb6 Willis Ware\u3002\u5728 1967 \u5e74\u53d1\u8868\u7684\u4e00\u4efd\u9898\u4e3a\u201c\u8ba1\u7b97\u673a\u7cfb\u7edf\u7684\u5b89\u5168\u63a7\u5236\u201d\u7684\u62a5\u544a\u4e2d\uff0c\u97e6\u5c14\u8ba8\u8bba\u4e86\u8ba1\u7b97\u673a\u5b89\u5168\u7684\u6f5c\u5728\u5f31\u70b9\u4ee5\u53ca\u91c7\u53d6\u5f3a\u6709\u529b\u7684\u5bf9\u7b56\u7684\u5fc5\u8981\u6027\u3002<\/p>\n

\u6709\u5173\u6f0f\u6d1e\u7684\u8be6\u7ec6\u4fe1\u606f\uff1a\u6269\u5c55\u4e3b\u9898<\/h2>\n

\u6f0f\u6d1e\u53ef\u80fd\u6709\u591a\u79cd\u6765\u6e90\uff0c\u5305\u62ec\u7f16\u7a0b\u9519\u8bef\u3001\u914d\u7f6e\u9519\u8bef\u3001\u8bbe\u8ba1\u7f3a\u9677\uff0c\u751a\u81f3\u4eba\u4e3a\u884c\u4e3a\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e9b\u5f31\u70b9\u6765\u83b7\u5f97\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u3001\u4e2d\u65ad\u670d\u52a1\u3001\u7a83\u53d6\u654f\u611f\u4fe1\u606f\u6216\u5bf9\u76ee\u6807\u7cfb\u7edf\u6216\u6570\u636e\u9020\u6210\u5176\u4ed6\u635f\u5bb3\u3002<\/p>\n

\u6f0f\u6d1e\u7684\u4e25\u91cd\u7a0b\u5ea6\u5404\u4e0d\u76f8\u540c\uff0c\u4ece\u5f71\u54cd\u6700\u5c0f\u7684\u4f4e\u98ce\u9669\u95ee\u9898\u5230\u5bf9\u7528\u6237\u548c\u7ec4\u7ec7\u7684\u5b89\u5168\u548c\u9690\u79c1\u6784\u6210\u91cd\u5927\u5a01\u80c1\u7684\u4e25\u91cd\u7f3a\u9677\u3002\u4e3a\u4e86\u6709\u6548\u5730\u7ba1\u7406\u6f0f\u6d1e\uff0c\u9700\u8981\u91c7\u53d6\u7ed3\u6784\u5316\u548c\u4e3b\u52a8\u7684\u65b9\u6cd5\u3002\u6f0f\u6d1e\u8bc4\u4f30\u548c\u6e17\u900f\u6d4b\u8bd5\u662f\u7528\u4e8e\u8bc6\u522b\u7cfb\u7edf\u5f31\u70b9\u5e76\u786e\u5b9a\u4f18\u5148\u7ea7\u7684\u5e38\u7528\u65b9\u6cd5\u3002<\/p>\n

\u6f0f\u6d1e\u7684\u5185\u90e8\u7ed3\u6784\uff1a\u5b83\u662f\u5982\u4f55\u8fd0\u4f5c\u7684<\/h2>\n

\u6f0f\u6d1e\u53ef\u4ee5\u4ee5\u591a\u79cd\u5f62\u5f0f\u8868\u73b0\u51fa\u6765\uff0c\u4e86\u89e3\u5176\u5185\u90e8\u7ed3\u6784\u5bf9\u4e8e\u6709\u6548\u89e3\u51b3\u8fd9\u4e9b\u6f0f\u6d1e\u81f3\u5173\u91cd\u8981\u3002\u4ee5\u4e0b\u662f\u6f0f\u6d1e\u5982\u4f55\u53d1\u6325\u4f5c\u7528\u7684\u4e00\u4e9b\u5173\u952e\u65b9\u9762\uff1a<\/p>\n

    \n
  1. \n

    \u8f6f\u4ef6\u9519\u8bef\uff1a<\/strong> \u8bb8\u591a\u6f0f\u6d1e\u662f\u7531\u8f6f\u4ef6\u9519\u8bef\u5f15\u8d77\u7684\uff0c\u4f8b\u5982\u7f13\u51b2\u533a\u6ea2\u51fa\u3001SQL \u6ce8\u5165\u6216\u8de8\u7ad9\u70b9\u811a\u672c (XSS)\u3002\u8fd9\u4e9b\u9519\u8bef\u901a\u5e38\u662f\u7531\u4e8e\u7f16\u7801\u9519\u8bef\u800c\u53d1\u751f\u7684\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u5b83\u4eec\u6267\u884c\u6076\u610f\u4ee3\u7801\u6216\u8bbf\u95ee\u654f\u611f\u6570\u636e\u3002<\/p>\n<\/li>\n

  2. \n

    \u914d\u7f6e\u95ee\u9898\uff1a<\/strong> \u8f6f\u4ef6\u3001\u64cd\u4f5c\u7cfb\u7edf\u6216\u7f51\u7edc\u8bbe\u7f6e\u7684\u9519\u8bef\u914d\u7f6e\u53ef\u80fd\u4f1a\u4ea7\u751f\u6f0f\u6d1e\u3002\u4f8b\u5982\uff0c\u4fdd\u7559\u9ed8\u8ba4\u5bc6\u7801\u3001\u4e0d\u5fc5\u8981\u7684\u5f00\u653e\u7aef\u53e3\u6216\u5f31\u52a0\u5bc6\u8bbe\u7f6e\u53ef\u80fd\u4f1a\u4f7f\u7cfb\u7edf\u9762\u4e34\u6f5c\u5728\u7684\u653b\u51fb\u3002<\/p>\n<\/li>\n

  3. \n

    \u8bbe\u8ba1\u7f3a\u9677\uff1a<\/strong> \u6f0f\u6d1e\u4e5f\u53ef\u80fd\u6e90\u4e8e\u7cfb\u7edf\u6216\u5e94\u7528\u7a0b\u5e8f\u8bbe\u8ba1\u4e2d\u7684\u6839\u672c\u7f3a\u9677\u3002\u8fd9\u4e9b\u95ee\u9898\u53ef\u80fd\u5f88\u96be\u89e3\u51b3\uff0c\u56e0\u4e3a\u5b83\u4eec\u901a\u5e38\u9700\u8981\u8fdb\u884c\u91cd\u5927\u7684\u67b6\u6784\u66f4\u6539\u3002<\/p>\n<\/li>\n

  4. \n

    \u793e\u4f1a\u5de5\u7a0b\u5b66\uff1a<\/strong> \u4eba\u7c7b\u884c\u4e3a\u4e5f\u4f1a\u5e26\u6765\u8106\u5f31\u6027\u3002\u7f51\u7edc\u9493\u9c7c\u7b49\u793e\u4f1a\u5de5\u7a0b\u6280\u672f\u53ef\u4ee5\u8bf1\u9a97\u7528\u6237\u6cc4\u9732\u654f\u611f\u4fe1\u606f\u6216\u6388\u4e88\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u6743\u9650\u3002<\/p>\n<\/li>\n<\/ol>\n

    \u6f0f\u6d1e\u5173\u952e\u7279\u5f81\u5206\u6790<\/h2>\n

    \u6f0f\u6d1e\u7684\u4e3b\u8981\u7279\u5f81\u53ef\u6982\u62ec\u5982\u4e0b\uff1a<\/p>\n