The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

clues about hidden server-side content. These may include HTML com-

Download 5,76 Mb.

Pdf ko'rish

bet	129/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 125 126 127 128 129 130 131 132 ... 875

Bog'liq
3794 1008 4334

clues about hidden server-side content. These may include HTML com-

ments relating to protected or unlinked functions, and HTML forms with

disabled

SUBMIT

elements, and the like. Often, comments are automati-

cally generated by the software that has been used to generate web con-

tent, or by the platform on which the application is running. References

to items such as server-side include files are of particular interest —

these files may actually be publicly downloadable and may contain

highly sensitive information such as database connection strings and

passwords. In other cases, developers’ comments may contain all kinds

of useful tidbits, such as database names, references to back-end com-

ponents, SQL query strings, and so on. Thick-client components such as

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 125 126 127 128 129 130 131 132 ... 875