内容发布更新时间 : 2024/5/20 7:55:02星期一 下面是文章的全部内容请认真阅读。

网站安全检测工具

本文介绍了一些目前比较流行的网站安全自动检测工具，对工具的性能和效果给出了评估意见。

HackerTarget.com★★★(对服务器安全性检测较好，网站检测一般)

http://hackertarget.com/free-security-vulnerability-scans/

在线免费安全检测网站HackerTarget.com可以对服务器和网站进行安全检测。使用方法是在线提交检测申请，在检测结束后，检测报告会以邮件方式发送到指定的邮箱。

HackerTarget提供了一些在线扫描检测服务器的工具，其中：

1. Nmap Port Scanner扫描一个IP地址所有打开的端口，以邮件的形式发送检测报告，

以ftsafe.com(IP: 211.157.105.59)为例：

Starting Nmap 5.51 ( http://nmap.org ) at 2012-02-06 02:15 EST Nmap scan report for mail.ftsafe.com (211.157.105.59) Host is up (0.28s latency). Not shown: 992 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 4.5 (protocol 1.99) 25/tcp open smtp Postfix smtpd 80/tcp open http Apache httpd 2.2.19 ((FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8e PHP/5.2.12 with Suhosin-Patch) 81/tcp open http Apache httpd 2.2.19 ((FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8e PHP/5.2.12 with Suhosin-Patch) 143/tcp open imap Courier Imapd (released 2008) 443/tcp open ssl/http Apache httpd 2.2.19 ((FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8e PHP/5.2.12 with Suhosin-Patch) 3306/tcp open mysql MySQL (unauthorized) 8009/tcp open ajp13 Apache Jserv (Protocol v1.3) 报告中列出了服务器打开的端口以及相应的服务。

2. OpenVas Vulnerability Scanner

检测一个指定IP地址服务器，给出可能的安全风险，生成一个比较全面的报告。以ftsafe.com(IP: 211.157.105.59)为例，在提交测试需求之后两小时左右，收到了一份详细的网站安全分析报告。OpenVas是HackerTarget所有检测服务中最有意义的一项。这个检测对于服务器安全性有比较全面的评估。

3. SQL Injection Test Scanner

通过URL中定义参数的方式检测SQL，网址输入需要带参数的形式，如： www.example.com?id=7

4. Nikto Web Server Scan

- Nikto v2.1.4 --------------------------------------------------------------------------- + Target IP: 211.157.105.59 + Target Hostname: ftsafe.com + Target Port: 80 + Start Time: 2012-02-07 02:42:03 --------------------------------------------------------------------------- + Server: Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8e + PHP/5.2.12 with Suhosin-Patch Retrieved x-powered-by header: + PHP/5.2.12 + PHP/5.2.12 appears to be outdated (current is at least 5.3.5) + mod_ssl/2.2.19 appears to be outdated (current is at least 2.8.31) + (may depend on server version) OpenSSL/0.9.8e appears to be outdated (current is at least 1.0.0d). OpenSSL 0.9.8r is also current. + Multiple index files found (note, these may not all be unique): + index.jhtml, index.php, index.htm, index.pl, index.aspx, index.asp, + index.do, index.php3, index.cfm, index.cgi, index.html, index.shtml, + mod_ssl/2.2.19 OpenSSL/0.9.8e PHP/5.2.12 with Suhosin-Patch - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). CVE-2002-0082, OSVDB-756. + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh(VS.80).aspx for details. + OSVDB-877: HTTP TRACE method is active, suggesting the host is + vulnerable to XST + /webmail/: Web based mail package installed. + OSVDB-29786: /admin.php?en_log_id=0&action=config: EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This PHP file should be protected. + OSVDB-29786: /admin.php?en_log_id=0&action=users: EasyNews from http://www.webrc.ca version 4.3 allows remote admin access. This PHP file should be protected. + /admin.php4?reg_login=1: Mon Album from http://www.3dsrc.com version 0.6.2d allows remote admin access. This should be protected. + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings. + OSVDB-12184: /some.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings. + OSVDB-12184: /some.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings. + OSVDB-12184: /some.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings. + OSVDB-3092: /admin.htm: This might be interesting... + OSVDB-3092: /admin.html: This might be interesting... + OSVDB-3092: /admin.php: This might be interesting... + OSVDB-3092: /admin.php3: This might be interesting... + OSVDB-3092: /admin.shtml: This might be interesting... + OSVDB-3092: /admin/: This might be interesting... + OSVDB-3092: /demo/: This might be interesting... + OSVDB-3092: /download/: This might be interesting... + OSVDB-3092: /service/: This might be interesting... + OSVDB-3092: /test/: This might be interesting... + OSVDB-3092: /admin.nsf: This database can be read without authentication, which may reveal sensitive information. + OSVDB-3093: /admin/index.php: This might be interesting... has been seen in web logs from an unknown scanner. + /admin.asp: Admin login page/section found. + /admin/index.asp: Admin login page/section found. + /admin/index.html: Admin login page/section found. + 5478 items checked: 27 error(s) and 31 item(s) reported on remote host + End Time: 2012-02-07 03:20:10 (2287 seconds) --------------------------------------------------------------------------- + 1 host(s) tested 检测一个网站，发现尽可能多的安全隐患。

5. WhatWeb Web Site Analysis

检测一些简单的页面信息，作用不大。

en.ftsafe.com/ [200] http://en.ftsafe.com [200] HTTPServer[nginx/1.0.5], nginx[1.0.5], IP[96.126.111.219], JQuery, PHP[5.3.6-13ubuntu3.3], X-Powered-By[PHP/5.3.6-13ubuntu3.3], Cookies[PHPSESSID], Title[FEITIAN :: HOME] URL : http://en.ftsafe.com Status : 200 Cookies -------------------------------------------------------------------- Description: Display the names of cookies in the HTTP headers. The values are not returned to save on space. String : PHPSESSID HTTPServer ----------------------------------------------------------------- Description: HTTP server header string String : nginx/1.0.5 (from server string) IP ------------------------------------------------------------------------- Description: IP address of the target, if available. String : 96.126.111.219 JQuery --------------------------------------------------------------------- Description: Javascript library PHP ------------------------------------------------------------------------ Description: PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. - homepage: http://www.php.net/ Version : 5.3.6-13ubuntu3.3 Title ---------------------------------------------------------------------- Description: The HTML page title String : FEITIAN :: HOME (from page title) X-Powered-By --------------------------------------------------------------- Description: X-Powered-By HTTP header String : PHP/5.3.6-13ubuntu3.3 (from x-powered-by string) nginx ---------------------------------------------------------------------- Description: Nginx (Engine-X) is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. - Homepage: http://nginx.net/ Version : 1.0.5 6. Drupal Security Scan

针对Drupal架构的网站安全性检测，貌似我们用不到。

7. Joomla Security Scan

针对Joomla架构的网站安全性检测，貌似我们用不到

Netsparker★★★★（网站安全检测工具）

http://www.mavitunasecurity.com/netsparker/

Netsparker是一个付费的全面检测网站安全性的工具，从介绍说明中看，它会扫描所有的页面内容，尝试攻击页面内的表单，URL链接等，并给出分析报告。申请了一个试用版测试了一下。从结果来看，的确是扫描到了站点的页面，生成了site map。然后对每个页面的安全隐患有一个评级，如严重、重要、中等、轻微等等。对于每一个安全问题，报告中有详细的问题说明，解决建议及参考资源等等。看了一两个问题的分析，感觉比较有用。

但是比较不幸的是，Netsparker的价格实在是太高了。但是有Netsparker的社区免费版本，虽然功能少一点，但是检测效果还是不错的。

W3af★★★★☆（网站安全检测工具）

http://w3af.sourceforge.net/

这个软件是免费软件。一个全面检测网站安全性的工具，里面有超过千种的检测方法，包含一些像暴力破解的攻击手段。

对于网站的安全分析主要集中在服务器环境信息泄露和SQL注入攻击上，对交互页面的安全性检查较好。由于软件包含的方法非常多，对网站的检测速度需要几个小时。

Skipfish ★★★☆（基于字典的网站安全检测工具）

http://code.google.com/p/skipfish/

http://lcamtuf.blogspot.com/2010/11/understanding-and-using-skipfish.html

Google推出的网站安全性检测工具，据初步了解，软件使用字典攻击的方式猜测网站下的目录及文件，同时尝试SQL注入方式进行攻击。软件需要在Linux系统下安装运行，运行生成HTML形式的检测结果。

在使用工具是，对字典的选择非常重要。因为字典将用于猜测网站的页面。详细的说明可以看dictionaries\\README-FIRST说明。具体来说，全面检测的话可以直接拷贝一份完全的字典到软件目录即可：

cp dictionaries/complete.wl dictionary.wl ./skipfish -W dictionary.wl [...other options...]

因为Skipfish有自动更新字典的功能，因此建议对于不同的网站，每次检测之前重新生成字典文件。