Python yordamida veb-server zaifliklarini aniqlash

Quyida Python yordamida veb-server zaifliklarini aniqlash bo‘yicha to‘liq qo‘llanma taqdim etilgan. Ushbu qo‘llanma veb-serverlardagi zaifliklarni tahlil qilish, ularni aniqlash, va asosiy zaifliklardan himoyalanishni o‘rganishga yordam beradi. Bu yondashuvda biz birinchi navbatda zaifliklarni aniqlash texnikasini, so‘ngra real misollar bilan ularni qanday qilib tahlil qilish mumkinligini ko‘rib chiqamiz.

Python’da veb-server zaifliklarini tahlil qilish uchun quyidagi asosiy zaifliklar misolida ish olib boramiz:

Portlar va ochiq xizmatlarni aniqlash.
Xavfsiz HTTP sarlavhalarni tekshirish.
SQL injection, XSS va boshqa asosiy zaifliklarni tahlil qilish.

Buning uchun requests, socket, va nmap kabi kutubxonalardan foydalanamiz.

1 Zarur Kutubxonalarni O‘rnatish

Tahlil va skanerlashni amalga oshirish uchun requests va python-nmap kutubxonalarini o‘rnating.

pip install requests python-nmap

requests – bu HTTP so‘rovlarni yuborish uchun keng qo‘llaniladigan kutubxona. python-nmap – nmap orqali port skanerlash uchun foydalaniladi.

2 Portlarni Skanerlash va Xizmatlarni Tekshirish

Birinchi qadam – veb-serverdagi ochiq portlarni va xizmatlarni aniqlash. nmap yordamida ochiq portlarni tekshirib, serverda qaysi xizmatlar ishlayotganini bilib olishimiz mumkin. Bu xizmatlar orqali xavfsizlik zaifliklarini aniqlash uchun ma’lumot olish imkoniyatiga ega bo‘lamiz.

import nmap

def scan_ports(host):
    """
    Berilgan hostda ochiq portlarni va xizmatlarni aniqlash.
    """
    nm = nmap.PortScanner()
    nm.scan(host, '1-1024')  # Asosan foydalaniladigan portlarni tekshiradi (1-1024)

    print(f"\nHost: {host} uchun ochiq portlar:")
    for port in nm[host].all_tcp():
        print(f"Port: {port}, Xizmat: {nm[host]['tcp'][port]['name']}, Holat: {nm[host]['tcp'][port]['state']}")

# Sinov uchun host
scan_ports("example.com")

Tushuntirishi:

nmap.PortScanner() – nmap obyekti yaratadi, bu orqali portlarni skanerlash mumkin.
nm.scan(host, '1-1024') – Asosiy (tez-tez ishlatiladigan) portlarni 1 dan 1024 gacha skanerlash uchun sozlanadi.
nm[host].all_tcp() – Berilgan hostdagi TCP protokoli bo‘yicha ochiq portlarni aniqlaydi.

3 Xavfsiz HTTP Sarlavhalarni Tekshirish

Xavfsiz HTTP sarlavhalarini o‘rganish orqali serverni himoya qilish mumkin. Quyidagi sarlavhalar veb-saytlarda keng tarqalgan xavfsizlik zaifliklaridan himoyalanishda yordam beradi:

X-Content-Type-Options: Resurslar noto‘g‘ri MIME tiplarida ishlamasligi uchun qo‘shimcha tekshiruv.
X-Frame-Options: Sahifa boshqa saytlarda iframe orqali ko‘rsatilmasligi uchun.
Strict-Transport-Security (HSTS): HTTPS orqali yuborilayotgan barcha so‘rovlarni xavfsiz saqlash.

import requests

def check_security_headers(url):
    """
    URL uchun xavfsizlik HTTP sarlavhalarini tekshirish.
    """
    try:
        response = requests.get(url)
        headers = response.headers
        
        # X-Content-Type-Options sarlavhasini tekshirish
        if 'X-Content-Type-Options' in headers:
            print("X-Content-Type-Options sarlavhasi mavjud:", headers['X-Content-Type-Options'])
        else:
            print("X-Content-Type-Options sarlavhasi mavjud emas.")
        
        # X-Frame-Options sarlavhasini tekshirish
        if 'X-Frame-Options' in headers:
            print("X-Frame-Options sarlavhasi mavjud:", headers['X-Frame-Options'])
        else:
            print("X-Frame-Options sarlavhasi mavjud emas.")
        
        # Strict-Transport-Security sarlavhasini tekshirish
        if 'Strict-Transport-Security' in headers:
            print("Strict-Transport-Security sarlavhasi mavjud:", headers['Strict-Transport-Security'])
        else:
            print("Strict-Transport-Security sarlavhasi mavjud emas.")
    
    except requests.RequestException as e:
        print(f"So'rovda xatolik yuz berdi: {e}")

# Sinov uchun URL
check_security_headers("https://example.com")

Tushuntirishi:

X-Content-Type-Options: Server noto‘g‘ri MIME turini almashtirishining oldini oladi.
X-Frame-Options: Clickjacking hujumidan himoyalanish uchun sahifani iframe orqali boshqa domenda ko‘rsatishni taqiqlaydi.
Strict-Transport-Security: HTTPSni majburlab o‘rnatadi va himoyani kuchaytiradi.

4 SQL Injection Zaifligini Tekshirish

SQL Injection hujumi foydalanuvchi tomonidan kiritilgan so‘rov orqali SQL buyruqlarini ishlatish imkonini beradi. URL’da parametrlar yordamida tahlil qilinadigan ma’lumotlarni yuborish orqali zaiflikni sinab ko‘ramiz.

def test_sql_injection(url):
    """
    SQL injection zaifligini tekshirish funksiyasi.
    """
    # SQL injection test qiymatlari
    payloads = ["'", "' OR 1=1 --", "'; DROP TABLE users --"]
    
    for payload in payloads:
        test_url = f"{url}{payload}"
        try:
            response = requests.get(test_url)
            if "error" in response.text or "SQL syntax" in response.text:
                print(f"Zaiflik topildi: {test_url}")
            else:
                print(f"Zaiflik topilmadi: {test_url}")
        except requests.RequestException as e:
            print(f"So'rovda xatolik yuz berdi: {e}")

# Sinov uchun URL
test_sql_injection("https://example.com/page?id=")

Tushuntirishi:

payloads: SQL Injection test qiymatlari, ularni URL oxirida yuborish orqali zaiflikni tekshiramiz.
test_url = f"{url}{payload}": Har bir test qiymatini URL oxiriga qo‘shib, yangi so‘rov hosil qilinadi.
if "error" in response.text or "SQL syntax" in response.text: Agar javob matnida xato yoki SQL sintaksis xatosi bo‘lsa, bu zaiflik mavjudligini ko‘rsatadi.

5 XSS (Cross-Site Scripting) Zaifligini Tekshirish

XSS zaifligi foydalanuvchining sahifasiga zararli JavaScript kodlarini kiritishga imkon beradi. Zaiflikni sinab ko‘rish uchun HTML yoki JavaScript kodlarni URL orqali kiritamiz.

def test_xss(url):
    """
    XSS zaifligini tekshirish funksiyasi.
    """
    payloads = ['<script>alert("XSS")</script>', '<img src=x onerror=alert("XSS")>']
    
    for payload in payloads:
        test_url = f"{url}{payload}"
        try:
            response = requests.get(test_url)
            if payload in response.text:
                print(f"XSS zaifligi topildi: {test_url}")
            else:
                print(f"XSS zaifligi topilmadi: {test_url}")
        except requests.RequestException as e:
            print(f"So'rovda xatolik yuz berdi: {e}")

# Sinov uchun URL
test_xss("https://example.com/search?q=")

Tushuntirishi:

payloads: XSS zaifligini sinash uchun turli zararli kod namunalarini o‘z ichiga oladi.
test_url = f"{url}{payload}": Har bir XSS qiymatini URL oxiriga qo‘shib, yangi so‘rov hosil qilinadi.
if payload in response.text: Agar kiritilgan kod javob sahifasida paydo bo‘lsa, bu XSS zaifligi mavjudligini bildiradi.

6 To‘liq Zaiflikni Tahlil Qilish Dasturi

Quyida yuqoridagi barcha funksiyalarni birlashtirib, veb-server zaifliklarini aniqlash bo‘yicha to‘liq dastur berilgan.

import requests
import nmap

def scan_ports(host):
    nm = nmap.PortScanner()
    nm.scan(host, '1-1024')
    print(f"\nHost: {host} uchun ochiq portlar:")
    for port in nm[host].all_tcp():
        print(f"Port: {port}, Xizmat: {nm[host]['tcp'][port]['name']}, Holat: {nm[host]['tcp'][port]['state']}")

def check_security_headers(url):
    try:
        response = requests.get(url)
        headers = response.headers
        if 'X-Content-Type-Options' in headers:
            print("X-Content-Type-Options:", headers['X-Content-Type-Options'])
        else:
            print("X-Content-Type-Options sarlavhasi mavjud emas.")
        if 'X-Frame-Options' in headers:
            print("X-Frame-Options:", headers['X-Frame-Options'])
        else:
            print("X-Frame-Options sarlavhasi mavjud emas.")
        if 'Strict-Transport-Security' in headers:
            print("Strict-Transport-Security:", headers['Strict-Transport-Security'])
        else:
            print("Strict-Transport-Security sarlavhasi mavjud emas.")
    except requests.RequestException as e:
        print(f"So'rovda xatolik yuz berdi: {e}")

def test_sql_injection(url):
    payloads = ["'", "' OR 1=1 --", "'; DROP TABLE users --"]
    for payload in payloads:
        test_url = f"{url}{payload}"
        try:
            response = requests.get(test_url)
            if "error" in response.text or "SQL syntax" in response.text:
                print(f"SQL Injection zaifligi topildi: {test_url}")
            else:
                print(f"SQL Injection topilmadi: {test_url}")
        except requests.RequestException as e:
            print(f"So'rovda xatolik yuz berdi: {e}")

def test_xss(url):
    payloads = ['<script>alert("XSS")</script>', '<img src=x onerror=alert("XSS")>']
    for payload in payloads:
        test_url = f"{url}{payload}"
        try:
            response = requests.get(test_url)
            if payload in response.text:
                print(f"XSS zaifligi topildi: {test_url}")
            else:
                print(f"XSS zaifligi topilmadi: {test_url}")
        except requests.RequestException as e:
            print(f"So'rovda xatolik yuz berdi: {e}")

# Barcha zaifliklarni tekshirish uchun asosiy funksiyani chaqirish
base_url = "https://example.com"
scan_ports(base_url)
check_security_headers(base_url)
test_sql_injection(f"{base_url}/page?id=")
test_xss(f"{base_url}/search?q=")

Natija:

Yuqoridagi dastur orqali siz veb-sayt va server zaifliklarini aniqlashingiz mumkin:

Ochiq portlar va xizmatlar
Xavfsizlikka oid HTTP sarlavhalar
SQL Injection va XSS zaifliklari

PreviousPython yordamida Veb-sayt Texnologiyalarini Aniqlash NextPython yordamida HTTP so'rovlarini skanerlash

Last updated 1 day ago

import nmap def scan_ports(host): """ Berilgan hostda ochiq portlarni va xizmatlarni aniqlash. """ nm = nmap.PortScanner() nm.scan(host, '1-1024') # Asosan foydalaniladigan portlarni tekshiradi (1-1024) print(f"\nHost: {host} uchun ochiq portlar:") for port in nm[host].all_tcp(): print(f"Port: {port}, Xizmat: {nm[host]['tcp'][port]['name']}, Holat: {nm[host]['tcp'][port]['state']}") # Sinov uchun host scan_ports("example.com")

import requests def check_security_headers(url): """ URL uchun xavfsizlik HTTP sarlavhalarini tekshirish. """ try: response = requests.get(url) headers = response.headers # X-Content-Type-Options sarlavhasini tekshirish if 'X-Content-Type-Options' in headers: print("X-Content-Type-Options sarlavhasi mavjud:", headers['X-Content-Type-Options']) else: print("X-Content-Type-Options sarlavhasi mavjud emas.") # X-Frame-Options sarlavhasini tekshirish if 'X-Frame-Options' in headers: print("X-Frame-Options sarlavhasi mavjud:", headers['X-Frame-Options']) else: print("X-Frame-Options sarlavhasi mavjud emas.") # Strict-Transport-Security sarlavhasini tekshirish if 'Strict-Transport-Security' in headers: print("Strict-Transport-Security sarlavhasi mavjud:", headers['Strict-Transport-Security']) else: print("Strict-Transport-Security sarlavhasi mavjud emas.") except requests.RequestException as e: print(f"So'rovda xatolik yuz berdi: {e}") # Sinov uchun URL check_security_headers("https://example.com")

def test_sql_injection(url): """ SQL injection zaifligini tekshirish funksiyasi. """ # SQL injection test qiymatlari payloads = ["'", "' OR 1=1 --", "'; DROP TABLE users --"] for payload in payloads: test_url = f"{url}{payload}" try: response = requests.get(test_url) if "error" in response.text or "SQL syntax" in response.text: print(f"Zaiflik topildi: {test_url}") else: print(f"Zaiflik topilmadi: {test_url}") except requests.RequestException as e: print(f"So'rovda xatolik yuz berdi: {e}") # Sinov uchun URL test_sql_injection("https://example.com/page?id=")

def test_xss(url): """ XSS zaifligini tekshirish funksiyasi. """ payloads = ['<script>alert("XSS")</script>', '<img src=x onerror=alert("XSS")>'] for payload in payloads: test_url = f"{url}{payload}" try: response = requests.get(test_url) if payload in response.text: print(f"XSS zaifligi topildi: {test_url}") else: print(f"XSS zaifligi topilmadi: {test_url}") except requests.RequestException as e: print(f"So'rovda xatolik yuz berdi: {e}") # Sinov uchun URL test_xss("https://example.com/search?q=")

import requests import nmap def scan_ports(host): nm = nmap.PortScanner() nm.scan(host, '1-1024') print(f"\nHost: {host} uchun ochiq portlar:") for port in nm[host].all_tcp(): print(f"Port: {port}, Xizmat: {nm[host]['tcp'][port]['name']}, Holat: {nm[host]['tcp'][port]['state']}") def check_security_headers(url): try: response = requests.get(url) headers = response.headers if 'X-Content-Type-Options' in headers: print("X-Content-Type-Options:", headers['X-Content-Type-Options']) else: print("X-Content-Type-Options sarlavhasi mavjud emas.") if 'X-Frame-Options' in headers: print("X-Frame-Options:", headers['X-Frame-Options']) else: print("X-Frame-Options sarlavhasi mavjud emas.") if 'Strict-Transport-Security' in headers: print("Strict-Transport-Security:", headers['Strict-Transport-Security']) else: print("Strict-Transport-Security sarlavhasi mavjud emas.") except requests.RequestException as e: print(f"So'rovda xatolik yuz berdi: {e}") def test_sql_injection(url): payloads = ["'", "' OR 1=1 --", "'; DROP TABLE users --"] for payload in payloads: test_url = f"{url}{payload}" try: response = requests.get(test_url) if "error" in response.text or "SQL syntax" in response.text: print(f"SQL Injection zaifligi topildi: {test_url}") else: print(f"SQL Injection topilmadi: {test_url}") except requests.RequestException as e: print(f"So'rovda xatolik yuz berdi: {e}") def test_xss(url): payloads = ['<script>alert("XSS")</script>', '<img src=x onerror=alert("XSS")>'] for payload in payloads: test_url = f"{url}{payload}" try: response = requests.get(test_url) if payload in response.text: print(f"XSS zaifligi topildi: {test_url}") else: print(f"XSS zaifligi topilmadi: {test_url}") except requests.RequestException as e: print(f"So'rovda xatolik yuz berdi: {e}") # Barcha zaifliklarni tekshirish uchun asosiy funksiyani chaqirish base_url = "https://example.com" scan_ports(base_url) check_security_headers(base_url) test_sql_injection(f"{base_url}/page?id=") test_xss(f"{base_url}/search?q=")