{"id":479635,"date":"2023-08-09T10:42:55","date_gmt":"2023-08-09T10:42:55","guid":{"rendered":""},"modified":"2023-09-05T11:19:16","modified_gmt":"2023-09-05T11:19:16","slug":"web-cache-poisoning","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/web-cache-poisoning\/","title":{"rendered":"Ng\u1ed9 \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web"},"content":{"rendered":"

Ng\u1ed9 \u0111\u1ed9c b\u1ed9 nh\u1edb \u0111\u1ec7m web l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng tinh vi nh\u1eb1m khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng trong h\u1ec7 th\u1ed1ng b\u1ed9 nh\u1edb \u0111\u1ec7m web \u0111\u1ec3 \u0111\u01b0a n\u1ed9i dung \u0111\u1ed9c h\u1ea1i v\u00e0o c\u00e1c ph\u1ea3n h\u1ed3i \u0111\u01b0\u1ee3c l\u01b0u trong b\u1ed9 nh\u1edb \u0111\u1ec7m, d\u1eabn \u0111\u1ebfn vi\u1ec7c ph\u00e2n ph\u1ed1i n\u1ed9i dung c\u00f3 h\u1ea1i cho nh\u1eefng ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng nghi ng\u1edd. K\u1ef9 thu\u1eadt n\u00e0y c\u00f3 th\u1ec3 g\u00e2y ra h\u1eadu qu\u1ea3 nghi\u00eam tr\u1ecdng, ch\u1eb3ng h\u1ea1n nh\u01b0 ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i, \u0111\u00e1nh c\u1eafp th\u00f4ng tin nh\u1ea1y c\u1ea3m ho\u1eb7c th\u1eadm ch\u00ed g\u00e2y gi\u00e1n \u0111o\u1ea1n d\u1ecbch v\u1ee5. V\u1edbi t\u01b0 c\u00e1ch l\u00e0 nh\u00e0 cung c\u1ea5p m\u00e1y ch\u1ee7 proxy, OneProxy nh\u1eadn th\u1ea5y t\u1ea7m quan tr\u1ecdng c\u1ee7a vi\u1ec7c gi\u00e1o d\u1ee5c ng\u01b0\u1eddi d\u00f9ng v\u1ec1 m\u1ed1i \u0111e d\u1ecda n\u00e0y \u0111\u1ec3 gi\u00fap h\u1ecd lu\u00f4n \u0111\u01b0\u1ee3c b\u1ea3o v\u1ec7 trong b\u1ed1i c\u1ea3nh k\u1ef9 thu\u1eadt s\u1ed1 ng\u00e0y c\u00e0ng ph\u00e1t tri\u1ec3n.<\/p>\n

L\u1ecbch s\u1eed v\u1ec1 ngu\u1ed3n g\u1ed1c c\u1ee7a ng\u1ed9 \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web v\u00e0 l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u1ec1 c\u1eadp \u0111\u1ebfn n\u00f3<\/h2>\n

K\u1ef9 thu\u1eadt \u0111\u1ea7u \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u01b0\u1ee3c gi\u1edbi thi\u1ec7u trong m\u1ed9t b\u00e0i nghi\u00ean c\u1ee9u c\u00f3 ti\u00eau \u0111\u1ec1 \u201cT\u1ea5n c\u00f4ng c\u1eeda s\u1ed5 tr\u01b0\u1ee3t\u201d \u0111\u01b0\u1ee3c tr\u00ecnh b\u00e0y t\u1ea1i H\u1ed9i ngh\u1ecb M\u0169 \u0111en Ch\u00e2u \u00c2u n\u0103m 2008 b\u1edfi Carlos Bueno v\u00e0 Jeremiah Grossman. C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u \u0111\u00e3 ch\u1ee9ng minh c\u00e1ch h\u1ecd c\u00f3 th\u1ec3 khai th\u00e1c b\u1ed9 \u0111\u1ec7m web \u0111\u1ec3 cung c\u1ea5p n\u1ed9i dung \u0111\u1ed9c h\u1ea1i cho ng\u01b0\u1eddi d\u00f9ng m\u00e0 kh\u00f4ng c\u1ea7n t\u01b0\u01a1ng t\u00e1c tr\u1ef1c ti\u1ebfp v\u1edbi m\u00e1y ch\u1ee7 m\u1ee5c ti\u00eau. K\u1ec3 t\u1eeb \u0111\u00f3, c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng \u0111\u1ea7u \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web \u0111\u00e3 ph\u00e1t tri\u1ec3n, ng\u00e0y c\u00e0ng tinh vi v\u00e0 ph\u1ed5 bi\u1ebfn h\u01a1n trong b\u1ed1i c\u1ea3nh c\u00e1c m\u1ed1i \u0111e d\u1ecda m\u1ea1ng.<\/p>\n

Th\u00f4ng tin chi ti\u1ebft v\u1ec1 ng\u1ed9 \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web. M\u1edf r\u1ed9ng ch\u1ee7 \u0111\u1ec1 Ng\u1ed9 \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web<\/h2>\n

Ng\u1ed9 \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web li\u00ean quan \u0111\u1ebfn vi\u1ec7c thao t\u00fang b\u1ed9 \u0111\u1ec7m web \u0111\u1ec3 l\u01b0u tr\u1eef v\u00e0 ph\u00e2n ph\u00e1t n\u1ed9i dung \u0111\u1ed9c h\u1ea1i thay v\u00ec ph\u1ea3n h\u1ed3i h\u1ee3p ph\u00e1p. N\u00f3 th\u01b0\u1eddng khai th\u00e1c lu\u1ed3ng y\u00eau c\u1ea7u v\u00e0 ph\u1ea3n h\u1ed3i HTTP, l\u1ee3i d\u1ee5ng nhi\u1ec1u l\u1ed7 h\u1ed5ng kh\u00e1c nhau \u0111\u1ec3 s\u1eeda \u0111\u1ed5i c\u00e1c m\u1ee5c trong b\u1ed9 \u0111\u1ec7m. Cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y d\u1ef1a tr\u00ean th\u1ef1c t\u1ebf l\u00e0 b\u1ed9 \u0111\u1ec7m web l\u01b0u tr\u1eef c\u00e1c b\u1ea3n sao c\u1ee7a n\u1ed9i dung \u0111\u01b0\u1ee3c y\u00eau c\u1ea7u th\u01b0\u1eddng xuy\u00ean, gi\u1ea3m t\u1ea3i m\u00e1y ch\u1ee7 v\u00e0 c\u1ea3i thi\u1ec7n th\u1eddi gian t\u1ea3i trang web.<\/p>\n

C\u1ea5u tr\u00fac b\u00ean trong c\u1ee7a v\u1ee5 ng\u1ed9 \u0111\u1ed9c b\u1ed9 nh\u1edb \u0111\u1ec7m Web. C\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a vi\u1ec7c \u0111\u1ea7u \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web<\/h2>\n

C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng \u0111\u1ea7u \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m web th\u01b0\u1eddng th\u1ef1c hi\u1ec7n theo c\u00e1c b\u01b0\u1edbc sau:<\/p>\n

    \n
  1. \n

    Y\u00eau c\u1ea7u bu\u00f4n l\u1eadu<\/strong>: K\u1ebb t\u1ea5n c\u00f4ng g\u1eedi c\u00e1c y\u00eau c\u1ea7u HTTP \u0111\u01b0\u1ee3c t\u1ea1o ra \u0111\u1eb7c bi\u1ec7t \u0111\u1ebfn m\u00e1y ch\u1ee7 m\u1ee5c ti\u00eau, thao t\u00fang c\u00e1c ti\u00eau \u0111\u1ec1 y\u00eau c\u1ea7u v\u00e0 khai th\u00e1c c\u00e1c bi\u1ebfn th\u1ec3 trong c\u00e1ch h\u1ec7 th\u1ed1ng m\u1eb7t tr\u01b0\u1edbc v\u00e0 m\u1eb7t sau di\u1ec5n gi\u1ea3i c\u00e1c ti\u00eau \u0111\u1ec1 n\u00e0y.<\/p>\n<\/li>\n

  2. \n

    \u0110\u1ea7u \u0111\u1ed9c b\u1ed9 \u0111\u1ec7m<\/strong>: B\u1eb1ng c\u00e1ch khai th\u00e1c s\u1ef1 kh\u00f4ng nh\u1ea5t qu\u00e1n trong vi\u1ec7c t\u1ea1o kh\u00f3a b\u1ed9 \u0111\u1ec7m, k\u1ebb t\u1ea5n c\u00f4ng l\u1eeba h\u1ec7 th\u1ed1ng b\u1ed9 \u0111\u1ec7m l\u01b0u tr\u1eef n\u1ed9i dung \u0111\u1ed9c h\u1ea1i c\u00f9ng v\u1edbi c\u00e1c ph\u1ea3n h\u1ed3i h\u1ee3p ph\u00e1p.<\/p>\n<\/li>\n

  3. \n

    Cung c\u1ea5p n\u1ed9i dung \u0111\u1ed9c h\u1ea1i<\/strong>: Khi nh\u1eefng ng\u01b0\u1eddi d\u00f9ng ti\u1ebfp theo y\u00eau c\u1ea7u c\u00f9ng m\u1ed9t n\u1ed9i dung, ph\u1ea3n h\u1ed3i \u0111\u1ed9c h\u1ea1i s\u1ebd \u0111\u01b0\u1ee3c cung c\u1ea5p t\u1eeb b\u1ed9 \u0111\u1ec7m, l\u00e2y nhi\u1ec5m ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i v\u00e0o tr\u00ecnh duy\u1ec7t c\u1ee7a ng\u01b0\u1eddi d\u00f9ng ho\u1eb7c th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i kh\u00e1c.<\/p>\n<\/li>\n<\/ol>\n

    Ph\u00e2n t\u00edch c\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a ng\u1ed9 \u0111\u1ed9c b\u1ed9 nh\u1edb \u0111\u1ec7m Web<\/h2>\n

    C\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a ng\u1ed9 \u0111\u1ed9c b\u1ed9 nh\u1edb \u0111\u1ec7m Web bao g\u1ed3m:<\/p>\n