Ndị ọkachamara nchekwa ịntanetị ekesala ozi na adịghị ike scripting saịtị atọ (XSS) na ngwa mepere emepe na-ewu ewu nke nwere ike ime ka mkpochapụ koodu dịpụrụ adịpụ (RCE).
Mwakpo XSS oge ochie na-enye ohere ka e gbuo koodu JavaScript nke onye na-eme ihe egwu na ihe nchọgharị weebụ onye ọrụ ahụ, nke na-emepe ụzọ maka izu ohi kuki, na-atụgharị gaa na saịtị phishing, na ọtụtụ ndị ọzọ.
Cross-Site Scripting (XSS) bụ otu n'ime mwakpo a na-agbasa na ngwa weebụ Ọ bụrụ na onye na-eme ihe egwu na-etinye koodu javascript na mmepụta ngwa ahụ, ọ bụghị naanị na ọ na-ezu ohi kuki, kamakwa mgbe ụfọdụ na-eduga n'imebi sistemu ahụ kpamkpam.
Njehie mbụ, Evolution CMS V3.1.8, na-enye onye na-agba ọsọ ohere ịmalite mwakpo XSS gosipụtara na ebe dị iche iche na ngalaba nchịkwa. Aleksey Solovev na-ekwu na ọ bụrụ na mwakpo na-aga nke ọma na onye nchịkwa ikike na usoro ahụ, a ga-edegharị faịlụ index.php na koodu nke onye na-awakpo ahụ tinyere na ụgwọ ọrụ.
Ihe ọghọm nke abụọ, nke achọpụtara na FUDForum v3.1.1, nwere ike ikwe ka onye na-agba ọsọ malite mwakpo XSS echekwara. Aleksey Solovev na-ekwu na FUDforum bụ nnukwu mkparịta ụka na-agba ọsọ na scalable. Ọ bụ nke ukwuu ahaziri ma na-akwado ndị otu na-akparaghị ókè, forums, posts, isiokwu, ntuli aka, na mgbakwunye.
Ogwe nchịkwa FUDforum nwere onye njikwa faịlụ na-enye gị ohere bulite faịlụ na ihe nkesa, gụnyere faịlụ nwere ndọtị PHP. Onye mwakpo nwere ike iji XSS echekwabara bulite faịlụ PHP nke nwere ike mebie iwu ọ bụla na sava ahụ.
N'ihe kachasị ọhụrụ, Bitbucket v4.37.1, a chọtara mperi nchekwa nke nwere ike ikwe ka onye na-awakpo malite mwakpo XSS echekwara na ebe dị iche iche. Aleksey Solovev na-ekwu na ịnwe mwakpo XSS echekwara nwere ike ịnwa irigbu ya iji mebie koodu na sava ahụ. Ogwe nchịkwa nwere ngwaọrụ iji mee ajụjụ SQL.
GitBucket na-eji H2 Database Engine na ndabaradefinita. Maka nchekwa data a, enwere nrigbu dị n'ihu ọha iji nweta mkpochapụ koodu dịpụrụ adịpụ. Yabụ, ihe niile onye mwakpo kwesịrị ime bụ imepụta koodu PoC dabere na nrigbu a, bulite ya na ebe nchekwa, wee jiri ya n'oge mwakpo:
Na-emelite ikpo okwu Open Source mgbe niile, wụnye patches ọ bụla na-edozi ozugbo.
Rịọ maka ndụmọdụ, nyocha, atụmatụ maka otu esi echekwa sistemụ gị.
Ọ bụ usoro dị mkpa maka ịlele ọkwa nchekwa nke ụlọ ọrụ gị ugbu a.
Iji mee nke a, ọ dị mkpa itinye aka na Cyber Team akwadoro nke ọma, nwee ike ịme nyocha nke steeti ụlọ ọrụ ahụ na-ahụ onwe ya n'ihe gbasara nchekwa IT.
Enwere ike ịme nyocha ahụ n'otu oge, site na ajụjụ ọnụ nke ndị otu Cyber ma ọ bụ
nakwa asynchronous, site n'imeju akwụkwọ ajụjụ online.
Anyị nwere ike inyere gị aka, kpọtụrụ ndị ọkachamara nke ilwebcreativo.ọ na-ede na info@ilwebcreativo.ya ma ọ bụ site na ịkparịta ụka na whatsapp ozugbo na-eji akara ngosi dị na ala aka nri.
Weebụ gbara ọchịchịrị na-ezo aka na ọdịnaya dị na Webụsaịtị World Wide na ụgbụ ọchịchịrị enwere ike nweta site na ịntanetị site na ngwa ngwa, nhazi na nnweta.
Site na nleba anya Weebụ Nche anyị anyị nwere ike igbochi ma nwee mwakpo cyber, malite na nyocha nke ngalaba ụlọ ọrụ (dịka: ilwebcreativo.it ) na adreesị ozi-e nke ọ bụla.
Kpọtụrụ anyị site na vhatsapp, anyị nwere ike ịkwadebe atụmatụ ndozi iji kewapụ ihe iyi egwu ahụ, gbochie mgbasa ya na defianyị na-eme ihe ndozi dị mkpa. A na-enye ọrụ ahụ 24/XNUMX site na Ịtali
CyberDrive bụ onye njikwa faịlụ igwe ojii nwere ụkpụrụ nchekwa dị elu maka izo ya ezo nke faịlụ niile. Gbaa mbọ hụ na nchekwa nke data ụlọ ọrụ mgbe ị na-arụ ọrụ n'igwe ojii na ịkekọrịta na dezie akwụkwọ na ndị ọrụ ndị ọzọ. Ọ bụrụ na njikọ ahụ efunahụla, ọ nweghị data echekwara na PC onye ọrụ. CyberDrive na-egbochi faịlụ ịla n'iyi n'ihi mmebi mberede ma ọ bụ wepụ ya maka izu ohi, ma ọ bụ anụ ahụ ma ọ bụ dijitalụ.
Nke kacha nta na ike kachasi ike n'ime igbe datacenter na-enye ike mgbakọ na nchekwa site na mmebi anụ ahụ na ezi uche. Emebere ya maka njikwa data na mpaghara ihu na robo, ebe a na-ere ahịa, ụlọ ọrụ ọkachamara, ụlọ ọrụ dịpụrụ adịpụ na obere azụmaahịa ebe ohere, ọnụ ahịa na oriri ike dị mkpa. Ọ dịghị achọ ebe data na igbe igbe. Enwere ike idowe ya n'ụdị ebe ọ bụla na-ekele maka mmetụta aesthetics na-ekwekọ na oghere ọrụ. "Cube" na-etinye teknụzụ ngwanrọ ụlọ ọrụ na ọrụ nke obere azụmaahịa na ọkara.
Iji nyochaa okwu nchekwa, iji dozie adịghị ike, iji chekwaa sistemụ ozi gị, dabere na ndị ọkachamara na ngalaba:
Ercole Palmeri: Innovation riri ahụ
Na
UK CMA enyela ịdọ aka ná ntị gbasara omume Big Tech na ahịa ọgụgụ isi. Ebe ahụ…
Iwu “Case Green”, nke European Union chepụtara iji kwalite nrụpụta ike nke ụlọ, ejirila…
Akwụkwọ akụkọ Casaleggio Associati na-eme kwa afọ na Ecommerce na Italy ewepụtara. Akuko nke isiokwu ya bu “AI-Commerce: the frontiers of Ecommerce with Artificial Intelligence”…
Nsonaazụ nke teknụzụ ọhụrụ na ntinye aka na gburugburu ebe obibi na ọdịmma ndị mmadụ. Bandalux na-enye Airpure®, ụlọikwuu…