从攻击者角度浅析高校Web站点的安全

Analysis on the Security of College Web Sites from Attacker's Viewpoint

先简述了WEB攻击的种类,然后着重从攻击者角度,分别从web程序代码、文件目录权限、系统漏洞、web验证漏洞、CGI参数、SQL注入、跨站点跟踪来浅析高校WEB站点的安全。

In this paper, the category of web attacks is discussed. From attacker＇s viewpoint, the security of college Web sites is analyzed from many respects, such as web process code, permission of document catalog, system leak, validatory leak of web, CGI parameter, SQL injection and cross-site track.