Understanding of xss attacks and attacks csrf

Others 2020-03-23 15:04:51 views: null

CSRF

The basic concept 1.CSRF, the abbreviation stands for

CSRF (Cross-site request forgery): cross-site request forgery.

2.CSRF of Attacks

 

 

 

A user is a registered user of the site and log in, then site A will give the user send cookie.

As can be seen from the figure, to complete a CSRF attack, the victim two necessary conditions must be met:

(1) Log trusted site A, and generates Cookie locally. (If the user is not logged in Site A, then B site in the induction time, when the request for Site A api interface will prompt you to log in)

(2) In the case of A is not out of, access to dangerous websites B (in fact, is the use of loopholes in the site A).

When we talk about CSRF, we must take the above two points clear.

Tips about, cookie can ensure that the user is logged on, but the site B actually get cookie.

3, CSRF how to defend

A method, Token used to verify the most :()

(1) The server sends a token to the client;

Form (2) the client submitted with this token.

(3) If the token is invalid, then the server rejects the request.

Method Two: Hide token:

The token's head hidden in the http header.

Method two methods and a bit like, is not much different in nature, but there are differences on use.

Method three, Referer validation:

Referer refers to the page request source. Means that the site only accepts requests, the server was done in response; if not, they intercept.

XSS

1, the basic concept of XSS

XSS (Cross Site Scripting): cross-domain scripting attacks.

2, XSS attacks principle

The core principle of XSS attacks is: you do not need any login authentication, it (such as in the url input in the comment input box) through legitimate operation, injected script (js might be to your page, hmtl block Wait).

The final result might be:

Cookie theft malicious content damage the normal structure of the page, insert ads and other D-doss attack

3, XSS attacks

(1), a reflection type

When the request, the code appears in the url XSS, submitted to the server as input, parses the response after the server side, with the code content of the response with XSS returned to the browser, the browser parses the last execution XSS code. This process is like a reflex, so called reflective XSS.

(2), the storage-type memory

- storing the difference XSS XSS is reflective and that the server (database, memory, file system, etc.), before submitting the request is not the next target XSS codes stored in the page code submitted.

The precautions XSS (encode + filter)

XSS precautions there are three:

(1) encoding:

The data entered by the user HTML Entity  encoding. Converting characters into an escape character. Encode role is to $ var and some transformed characters, such browser on the final output result is the same. For example, this code:

<script>alert(1)</script>

Without any treatment, the browser will perform the operation js alert achieve XSS injection. After the encoding process, L shows the results in the browser is

<script>alert(1)</script>

$ Var will be realized as plain text output, and does not cause execution of JavaScript.

(2), filter:

To remove a user input properties and events related. As onerror can automatically trigger attacks, as well as onclick and so on. (In summary, the filter out some insecure content) removed Style node user input, Script node, Iframe node. (Especially the Script node, which supports cross-domain but it must be removed).

(3), the correction

Avoid direct HTML Entity decoded. Use DOM the Parse conversion, correction unpaired DOM tab. Note: We should look into DOM Parsethe concept, its role is to parse the text into a DOM structure. The more common practice, the first step in the encoding by converted into text, and then a third step turn into a DOM object, and then filtered through a second step. There is a simple answer:First, encode, if it is rich text, on the white list.

The difference CSRF and XSS

A difference:

CSRF: requires users to visit the website A, get cookie. XSS: does not require login.

Difference between the two principles of difference :()

CSRF: A website is the use of loopholes in itself, to request api website A's. XSS: JS code is injected into the site A, and then execute the JS code, tamper with the content of the website A.

 

 

See the original: https://www.cnblogs.com/lsj-info/p/9479755.html

Guess you like

Origin www.cnblogs.com/art-poet/p/12551936.html
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com