# apachectl -t -D DUMP_MODULES Loaded Modules: core_module (static) mpm_prefork_module (static) http_module (static) :DBMSの詳細確認
MySQL $ mysql --version .... MySQL Client バージョン mysql Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (i386) using readline 5.1 $ mysql -u root -phimitu mysql> select version(); +-----------+ | version() | +-----------+ | 5.0.95 | +-----------+ 1 row in set (0.00 sec)PostgreSQL
$ psql Welcome to psql, the PostgreSQL interactive terminal. Type: \copyright for distribution terms \h for help with SQL commands \? for help on internal slash commands \g or terminate with semicolon to execute query \q to quit test=# SELECT version(); version ------------------------------------------------------------- PostgreSQL 7.1.3 on i686-pc-linux-gnu, compiled by GCC 2.96 (1 row)言語プロセッサの詳細確認
<?php phpinfo(); ?>コマンドラインからは -v / --version オプション
$ php --version PHP 5.1.6 (cli) (built: Jun 27 2012 12:21:16) Copyright (c) 1997-2006 The PHP Group Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend TechnologiesPEAR モジュールのバージョン確認
$ pear list Installed packages, channel pear.php.net: ========================================= Package Version State Archive_Tar 1.3.1 stable Console_Getopt 1.2 stable PEAR 1.4.9 stable XML_RPC 1.5.0 stable * パッケージ php-pear 要
$ perl --version This is perl, v5.8.8 built for i386-linux-thread-multi Copyright 1987-2006, Larry Wall Perl may be copied only under the terms of either the Artistic License or the GNU General Public License, which may be found in the Perl 5 source kit. Complete documentation for Perl, including FAQ lists, should be found on this system using "man perl" or "perldoc perl". If you have access to the Internet, point your browser at http://www.perl.org/, the Perl Home Page.CPAN ライブラリの確認
$ cpan erminal does not support AddHistory. cpan shell -- CPAN exploration and modules installation (v1.7602) ReadLine support available (try 'install Bundle::CPAN') cpan> r CPAN: Storable loaded ok Going to read /home/student/.cpan/Metadata Database was generated on Sun, 05 Aug 2012 21:51:04 GMT Package namespace installed latest in CPAN file AnyDBM_File 1.00 1.01 F/FL/FLORA/perl-5.15.4.tar.gz Apache2::Reload 0.10 0.12 P/PH/PHRED/Apache-Reload-0.12.tar.gz : threads 1.79 1.86 J/JD/JDHEDDEN/threads-1.86.tar.gz threads::shared 0.94 1.40 J/JD/JDHEDDEN/threads-shared-1.40.tar.gz 5 installed modules have a version number of 0 205 installed modules have no parseable version number cpan> quit
$ python -V Python 2.4.3
$ ruby -v # 又は --version ruby 1.8.5 (2006-08-25) [i386-linux]
# tcpdump -l -X -s 3000 -i eth1
:
14:08:18.118627 IP hppc.53511 > vbox1.http: P 1:337(336) ack 1 win 16425
0x0000: 4500 0178 478d 4000 8006 029e c0a8 9701 E..xG.@.........
0x0010: c0a8 9702 d107 0050 f48b 2dcf 63f6 9e87 .......P..-.c...
0x0020: 5018 4029 236e 0000 4745 5420 2f62 6173 P.@)#n..GET./bas
0x0030: 6963 2f20 4854 5450 2f31 2e31 0d0a 486f ic/.HTTP/1.1..Ho
0x0040: 7374 3a20 3139 322e 3136 382e 3135 312e st:.192.168.151.
0x0050: 320d 0a55 7365 722d 4167 656e 743a 204d 2..User-Agent:.M
:
0x0110: 713d 302e 330d 0a41 6363 6570 742d 456e q=0.3..Accept-En
0x0120: 636f 6469 6e67 3a20 677a 6970 2c20 6465 coding:.gzip,.de
0x0130: 666c 6174 650d 0a43 6f6e 6e65 6374 696f flate..Connectio
0x0140: 6e3a 206b 6565 702d 616c 6976 650d 0a41 n:.keep-alive..A
0x0150: 7574 686f 7269 7a61 7469 6f6e 3a20 4261 uthorization:.Ba
0x0160: 7369 6320 6333 5268 5a6d 5936 6147 6c74 sic.c3RhZmY6aGlt
0x0170: 6158 5231 0d0a 0d0a aXR1....
:
$ echo "c3RhZmY6aGltaXR1" | perl -MMIME::Base64 -ne 'print decode_base64($_)."\n"'
staff:himitu
アクセス時にサーバから以下の情報が送信される。
|
→ |
これを受け、クライアント側では以下の値を生成し返信する。
|
--- HTTP/1.1 401 Authorization Required Date: Mon, 06 Aug 2012 08:44:26 GMT Server: Apache WWW-Authenticate: Digest realm="User staff only", nonce="bmyn4pTGBAA=ac87fd122df9e89d805dfa5561a5a4bc6e413ceb", algorithm=MD5, qop="auth" Content-Length: 505 Connection: close Content-Type: text/html; charset=iso-8859-1 -- GET /digest/ HTTP/1.0 Host: 192.168.151.2 Authorization: Digest username="staff", realm="User staff only", nonce="E7w/0pTGBAA=f072f2b77bcf61749a8942bf0abb556a86c87ff2", uri="/digest/", algorithm=MD5, response="93f631a1fb80f472e800d7b19a62e0a4", qop=auth, nc=00000001, cnonce="e79e26e0d17c978d" 補足) R1="staff:User staff only:himitu" = d415be7f72d215007be2011ede6a1b02 R2="GET:/digest/" = 9942091bc79111e32fecde3962416017 response= R1:E7w/0pTGBAA=f072f2b77bcf61749a8942bf0abb556a86c87ff2:00000001:e79e26e0d17c978d:auth:R2 = 93f631a1fb80f472e800d7b19a62e0a4 $ echo -n "staff:User staff only:himitu" | md5sum d415be7f72d215007be2011ede6a1b02 -
httpd.conf: <Directory /home/*/public_html> AllowOverride FileInfo AuthConfig Limit Options=Includes,FollowSymLinks,Indexes </Directory /home/*/public_html> ~/public_html/.htaccess: Options -Includes許可されていない Options を指定すると、エラーとなる。
[Mon Aug 06 20:04:39 2012] [alert] [client 192.168.151.1] /home/student/public_ html/.htaccess: Option ExecCGI not allowed here
# /usr/sbin/suexec -V -D AP_DOC_ROOT="/var/www" -D AP_GID_MIN=100 -D AP_HTTPD_USER="apache" -D AP_LOG_EXEC="/var/log/httpd/suexec.log" -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin" -D AP_UID_MIN=500 -D AP_USERDIR_SUFFIX="public_html" # head /var/log/httpd/suexec.log [2012-07-20 18:14:33]: uid: (500/student) gid: (500/500) cmd: a.cgi [2012-07-20 18:14:33]: directory is writable by others: (/home/student/public_html) [2012-07-20 18:15:46]: uid: (500/student) gid: (500/500) cmd: a.cgi [2012-07-20 18:15:46]: file is writable by others: (/home/student/public_html/a.cgi)