�ЈD�W

>

��Ϣ��ȫ

�B͸�yԇ��g

��

��] �B͸�yԇ��g

��ߣ��A �� a

��磺��]늳��r�g��2024-04-01

�_�� 16�_ 퓔�� 298

���Σ�Ӌ��C/�W�j�N��

�� D �r:¥69.9(7.0��) ��r ~~¥99.8~~ ��䛺�ɿ��T�r

��ُ��܇ �ղ�

�_��٣� ȫ��]

?�½��س��

��Ǖ��>

>
ȫ��Ӌ��C�ȼ��ԇ��濼�}��ģ�M��Ԕ�⡤��MSOffice�߼��

ȫ��Ӌ��C�ȼ��ԇ��濼�}��ģ�M��Ԕ�⡤��MSOffice�߼��

¥14.4¥45
>
�Q��Мy5000�}(��Z��c��_)

�Q��Мy5000�}(��Z��c��_)

¥44.1¥88
>
ܛ��ܜyԇ.��c�{��`֮·

ܛ��ܜyԇ.��c�{��`֮·

¥56.2¥69
>
��һ�д��aAndroid

��һ�д��aAndroid

¥55.4¥99
>
JAVA��m��

JAVA��m��

¥58.1¥119
>
EXCEL��̿ƕ�(��ȫ��)(ȫ��ӡˢ)

EXCEL��̿ƕ�(��ȫ��)(ȫ��ӡˢ)

¥31.1¥69.9
>
��ȌW��

��ȌW��

¥92.4¥168

��ƷԔ��
��Ʒ�uՓ(0�l)

�ЈD�r:¥69.9 ��ُ��܇

��Ϣ
��ɫ
��ݺ��
Ŀ�
��P�Y��
��ߺ��

�B͸�yԇ��g ��Ϣ

ISBN��9787115635570
�l�δa��9787115635570 ; 978-7-115-63557-0
�b��ƽ�b-�zӆ
�Ԕ��o
��o
��ٷ��
Ӌ��C/�W�j
>
��Ϣ��ȫ

�B͸�yԇ��g ��ɫ

1. ��׶��ÿ�¶��Ŀ��c��x�߳��⼼��c��΄ա�

2. ��{��`�ԣ�ÿ��֪�R�c��΄յ��ʽ�M��v��x��Ⲣ��ֲ��

3. ��l�W��ÿ��΄�ĩβ��ṩ��չ��߃��ݣ��l�x�ߌW��

4. �ṩ��}�𰸣��݁�Դ�挍�̌W��`��ɹ��ߵ�ԺУ�̎��x��̲ġ�

5. ��֮�֣��ԾW�j��ȫһ��S�B͸�yԇ��߂䌍��

�B͸�yԇ��g ��ݺ��

��һ��P�ڝB͸�yԇ��g�Č��ý̲ģ�ּ�ڎ��x��˽�B͸�yԇ�ĺ��ĸ��ͷ��Ա��Ч�ذl�F�ͷ��W�j©��L�U�� ֞��ƪ��21��ĝB͸�yԇ�h����B��Ϣ�ռ��ҊWeb��©��g��©��©��ϵ�y�B͸��B͸�ȡ��΄յ��ʽ�ʬF��Ͳ��ͨ�^��x��x��܉�ȫ��˽�B͸�yԇ��g��ԭ��͑��ã��߾W�j��ȫˮƽ�� m��ߵ�ԺУ�W�j��ȫ��Ϣ��ȫ��P��I�Ľ̲��W�j��ȫ�I��ĳ��W�߿��T��

�B͸�yԇ��g Ŀ�

�� һƪ��B͸�yԇ�h��

�� 1�¡�VMware��̓�M�C�R��İ��b��3

1.1��΄�һ��VMware�İ��b��3

1.2��΄ն��̓�M�C�R��İ��b��7

�ڶ�ƪ��Ϣ�ռ�

�� 2�¡��C��̽�y��19

2.1��΄�һ��ʹ��Nmap�M��C��̽�y��19

2.2��΄ն��ʹ��Metasploit Framework�M��C��̽�y��23

��3�¡��C�˿ڒ��衡29

3.1��΄�һ��ʹ��Nmap�M��C�˿ڒ��衡29

3.2��΄ն��ʹ��Metasploit Framework�M��C�˿ڒ��衡35

��4�¡��Ϣ�ռ��39

4.1��΄�һ��ʹ�Þg�[��M�з��Ϣ�ռ��39

4.2��΄ն��ʹ��WhatWeb�M�з��Ϣ�ռ��46

��5�¡�Web�Y�aĿ䛒��衡50

5.1��΄�һ��ʹ��dirb�M��Web�Y�aĿ䛒��衡50

5.2��΄ն��ʹ��dirsearch�M��Web�Y�aĿ䛒��衡54

��ƪ��Web��©��

��6�¡��Ϳ��©��á�61

6.1��΄�һ��ThinkPHP SQLע��©��á�61

6.2��΄ն��ThinkPHP�h�̴��a��©��á�67

6.3��΄��S2-045�h�̴��a��©��á�72

6.4��΄��ģ�S2-059�h�̴��a��©��á�77

��7�¡��ͽM��©��á�83

7.1��΄�һ��Shiro��л�©��á�83

7.2 �΄ն��Fastjson�h�̴��a��©��á�88

7.3 �΄��JNDIע��©��á�95

��ƪ��g��©��

��8�¡�IIS��Ҋ©��á�107

8.1��΄�һ��IISĿ䛞g�[©��á�107

8.2��΄ն��IIS PUT©��á�109

8.3��΄��IIS��ļ��½�©��á�113

8.4��΄��ģ�IIS 6.0�ļ��©��á�119

��9�¡�Apache��Ҋ©��á�123

9.1��΄�һ��ApacheĿ䛞g�[©��á�123

9.2��΄ն��Apache��Y�ļ��©��á�126

9.3��΄��CVE-2017-15715�Q�н��©��á�128

9.4��΄��ģ�CVE-2021-41773/42013·��Խ©��á�132

�� 10�¡�Nginx��Ҋ©��á�135

10.1��΄�һ��Nginx�ļ��©��á�135

10.2��΄ն��NginxĿ䛞g�[©��á�138

10.3��΄��Nginx·��Խ©��á�141

�� 11�¡�Tomcat��Ҋ©��á�145

11.1��΄�һ��ú��_��war��@ȡ��ޡ�145

11.2��΄ն��CVE-2017-12615�h�̴��a��©��á�152

11.3��΄��CNVD-2020-10487�ļ��xȡ©��á�156

�� 12�¡�JBoss��Ҋ©��á�159

12.1��΄�һ��ú��_��war��@ȡ��ޡ�159

12.2��΄ն��CVE-2017-12149��л�©��á�163

12.3��΄��JBoss JMX Consoleδ�ڙ��L��©��á�166

�� 13�¡�WebLogic��Ҋ©��á�171

13.1��΄�һ��ļ��xȡ©��@ȡWebLogic��_��ܴa��171

13.2��΄ն��ú��_��war��@ȡ��ޡ�175

13.3��΄��CVE-2017-10271��л�©��á�179

13.4��΄��ģ�CVE-2018-2894��ļ��ς�©��á�184

��ƪ��©��

�� 14�¡�Web©��衡191

14.1��΄�һ��ʹ��AWVS�M�оWվ©��衡191

14.2��΄ն��ʹ��xray�M�оWվ©��衡202

�� 15�¡��C©��衡210

��ƪ��ϵ�y�B͸

�� 16�¡��ļ����ն˿ڵ��á�219

16.1��΄�һ��FTP��յ��á�219

16.2��΄ն��Samba��յ��á�223

�� 17�¡��h��B��˿ڵ��á�227

17.1��΄�һ��SSH��յ��á�227

17.2��΄ն��Telnet��յ��á�231

17.3��΄��RDP��յ��á�234

��ƪ��B͸

�� 18�¡�MySQL��Ҋ©��á�241

18.1��΄�һ��MySQL�Ŀ���ơ�241

18.2��΄ն��CVE-2012-2122��J�C�@�^©��á�246

�� 19�¡�SQL Server��Ҋ©��á�252

19.1��΄�һ��SQL Server�Ŀ���ơ�252

19.2��΄ն��SQL Server��xp_cmdshell�M��С�258

19.3��΄��SQL Server��sp_oacreate�M��С�263

�� 20�¡�PostgreSQL��Ҋ©��á�272

20.1��΄�һ��PostgreSQL�Ŀ���ơ�272

20.2��΄ն��CVE-2007-3280�h�̴��a��©��á�278

20.3��΄��CVE-2019-9193�h�̴��a��©��á�284

�� 21�¡�Redis��Ҋ©��á�289

21.1��΄�һ��Redisδ�ڙ�©��á�289

21.2��΄ն��Redis�h��©��á�294

չ�_ȫ��

�B͸�yԇ��g ��P�Y��

�ھW�j��ȫ�΄��څ��ı��£��B͸�yԇ��һ�N��ӷ��ֶ��Խ��Խ�ܵ��ҕ��Փ��ȫ��B�˝B͸�yԇ��P֪�R�ͼ��һ��ǳ��õĝB͸�yԇ��T�̡̳��ͨ��׶��v�ⷽʽ��\��ǳ��m�ϳ��W��x��

��

�㽭��I��W�W�j��g��ȫ�о�ԺԺ�L

��H��B�˝B͸�yԇ��Փ֪�R��߀�ṩ�˴��õĹ��ߺͼ��ּ�ڎ��x��ڶ̕r�g��B͸�yԇ��ܡ��ɞ�һ��B͸�yԇ��̎��Լ��ĝB͸�yԇ��ܣ��ô��]��x��

�OӢ�|

��Ϣ

�B͸�yԇ��g ��ߺ��

��A��F��Ĵ��Ϣ�I��g�WԺ��Ϣ��ȫ��Ϣ��ȫ��Ϣ��ȫ��I��O10��꣬ؓ؟��Ϣ��ȫ��g��B͸�yԇ��g��n��cʡ��Ʒ�n�̺͇��YԴ�콨�O��CISP��ע��Ϣ��ȫ��I�ˆT��C�� ݰ��Ϣ��g�ɷ��޹�˾��в��@��㽭��㽭��깤��Șs�u�Q̖��ж�헇��H��Ȍ��I�J�C��L��ھW�j��ȫ�I��ǰ�،��`��I�Fꠅ��c��·��ش��ϻ�Ӻ;W�j��ȫ��ݾ��@�Ã��ĳɿ��L��g�ɹ��߶��c�D��I�F��_�l��T�W�j��ȫ�ИI�n��c�̲��ИI�͸�У�ľW�j��ȫ�˲��B�� a��F��Ĵ��Ϣ�I��g�WԺ�Wͨ�WԺԺ�L��10��W�j��g��W�j��ȫ��g��v��ֻ��c��헾�Ʒ�ھ��n�̽��O�� F��Ĵ��Ϣ�I��g�WԺ��Ϣ��ȫ��I�̎��Ҫ��Ϣ��ȫ��I�̌W��Г��Ϣ��ȫ��g��A��Ϣ��ȫ��g��Ӗ��ȫ��g�ȶ��T�n�̽̌W��cʡ��Ʒ�n�̺͇��YԴ�콨�O��CISP��ע��Ϣ��ȫ��I�ˆT��C�� F�ΰ��Ϣ�߼��Ӗ��̎��L�ڏ��°�ȫ��պͰ�ȫ��Ӗ��Y��һ��M��n��_�l��v��t�{��B͸�yԇ�� Q��F�ΰ��Ϣ��ȫ��Ӗ��̎��Γ��㽭ʡ��ȫ��ݾ��΅��c��ʡ��ȫ��ݾ��L��g��Web�B͸�yԇ��푑��

��Ʒ�uՓ(0�l)

��u ٍ��

��o�uՓ��

��]

>
��
��
��w��
¥12.2~~¥32.0~~
>
�ҏ�δ��˾��g
�ҏ�δ��˾��g
ʷ�F��/��
¥20.5~~¥49.8~~
>
Ԋ��-��ĸ質
Ԋ��-��ĸ質
��
¥14.5~~¥39.8~~
>
�ͽ��˼�
�ͽ��˼�
�ͽ�
¥15.7~~¥46.0~~
>
��
��
[Ӣ] ��ա��R�� g
¥16.4~~¥48.0~~
>
��ČW��ɾ��--��Ѹ�c��m/�t�T�W�g��(�t�T�W�g��)
��ČW��ɾ��--��Ѹ�c��m/�t�T�W�g��(�t�T�W�g��)
��t
¥9.9~~¥23.0~~
>
�Ї��vʷ��˲�g
�Ї��vʷ��˲�g
��
¥16.7~~¥38.0~~
>
��е��
��е��
��
¥25.7~~¥45.0~~

����N

��w��̎��--�ª��

�ЈD�W

¥12.9~~¥30~~
��w��̎��--��Ⱥ�

�ЈD�W

¥12.9~~¥30~~
��ӡ��ͥ��ⲿ��

�Ƽ{�¡��

¥17.8~~¥56~~
��κ��ʷ(��)

��

¥26.2~~¥70~~
��κ��ʷ(��)

��

¥24.4~~¥65~~
��κ��ʷ(��)

��

¥20.8~~¥55~~

中图网(原中国图书网)：网上书店，尾货特色书店，30万种特价书低至2折！

��] �B͸�yԇ��g

�B͸�yԇ��g ��Ϣ

�B͸�yԇ��g ��ɫ

�B͸�yԇ��g ��ݺ��

�B͸�yԇ��g Ŀ�

�B͸�yԇ��g ��P�Y��

�B͸�yԇ��g ��ߺ��

��

�ҏ�δ��˾��g

Ԋ��-��ĸ質

�ͽ��˼�

��

��ČW��ɾ��--��Ѹ�c��m/�t�T�W�g��(�t�T�W�g��)

�Ї��vʷ��˲�g

��е��

��w��̎��--�ª��

��w��̎��--��Ⱥ�

��ӡ��ͥ��ⲿ��

��κ��ʷ(��)

��κ��ʷ(��)

��κ��ʷ(��)

��_˹��

��:��

��g��ľ

��ꮋ:��Մ

�B��ƪ-��ƪ��Ď�

�r�gֹͣ��һ��

���] �B͸�yԇ���g

�B͸�yԇ���g �����Ϣ

�B͸�yԇ���g ������ɫ

�B͸�yԇ���g ���ݺ���

�B͸�yԇ���g Ŀ�

�B͸�yԇ���g ���P�Y��

�B͸�yԇ���g ���ߺ���

��] �B͸�yԇ��g

�B͸�yԇ��g ��Ϣ

�B͸�yԇ��g ��ɫ

�B͸�yԇ��g ��ݺ��

�B͸�yԇ��g Ŀ�

�B͸�yԇ��g ��P�Y��

�B͸�yԇ��g ��ߺ��