XSS vulnerabilities principle

Others 2019-08-31 19:56:32 views: null

Injection type are the essence of vulnerability server can not tell the user input content data or instruction code, resulting in user input passed to the server execute malicious code.

00x01js execution

Js is the browser executing the language front end, the user can input data in the presence of the latter sites url xss vulnerability partially inserted js language, the server receives this data, considered js code to execute when returned. Thus, an attacker can exploit this vulnerability to insert any site js code to steal user information.

00x02 xss attacks

XSS is a web application often appear in the computer security vulnerability that allows malicious code into web user to provide to the other pages used by the user. For example the code include HTML code and client-side scripting. XSS vulnerabilities exploited by attackers to bypass access control - such as homologous strategy (same origin policy). This type of vulnerability is caused by hackers used to write more harmful phishing (Phishing) attacks become widely known.

For cross-site scripting attack , hackers community consensus is: cross-site scripting attack is a new type of " buffer overflow attacks ", but JavaScript is a new "ShellCode".

00x03 XSS hazard attacks

  • 1, steal all kinds of user accounts , such as the machine login account, users online banking accounts, various types of administrator accounts
  • Capacity 2, control corporate data, including reading, tampering, add, delete sensitive corporate data
  • 3, theft of important company information with commercial value
  • 4, the illegal transfer
  • 5, forced to send e-mail
  • 6, the site linked to horse
  • 7, control the victim machine to attack (redirect statements) to other sites
  • 8, steal the cookie sessionid, posing login.

XSS attacks exploit to the maximum you need to have your own servers used to steal information, but also to take advantage of a little social workers, defraud others to click on a malicious link.

00x04 XSS classification of vulnerabilities

1.  the DOM type (not through the server, using the front end js code):

Local exploit this vulnerability exists in the client page in the script itself. The attack process is as follows:

Alice to Bob to send a maliciously constructed Web's the URL of .

Bob click and view this URL.

Malicious JavaScript in the page has opened a loophole in the HTML page and install it on Bob computers.

It has loopholes HTML page contains JavaScript execution in the local computer Bob.

Alice's malicious script can execute commands under the privileges held by Bob on Bob's computer.

2. Reflector type:

This loophole and type A somewhat similar difference is that Web clients use the Server-side script to generate pages to provide users with data, if unauthenticated user data is contained in the page and without HTML entity code, client code will able to inject into the dynamic page in.

The attack process is as follows:

Alice often visit a Web site, this site is owned by Bob. Alice Bob's site is running with user name / password to log and store sensitive information (such as bank account information).

Charly found Bob's site contains reflective XSS vulnerabilities.

Charly use loopholes to write a URL and send it to Alice posing as a message from Bob.

Alice to Bob after logging site, the browser URL Charly provided.

Embedded in the URL of the malicious script execution in Alice's browser, as it directly from Bob's server is the same. This script steal sensitive information (authorization, credit cards, account information, etc.) and then sends this information to Charly's Web site at Alice full knowledge.

3. Storage type (type long, the greatest harm):

This type is the most widely used and may affect their own Web server security vulnerabilities, hackers will attack the script uploaded to the Web server, so that all users access the pages are facing the possibility of information leakage, which also includes a Web server administrator. The attack process is as follows:

Bob has a Web site that allows users to publish information / browse the published.

Charly noted that Bob's site has the type C XSS vulnerabilities.

Charly released a hot message to attract other users have read.

Bob or any other person, such as Alice browse the information that the session cookies or other information will be Charly stolen.

Type A direct threat to the individual user, and the object type B and type C are threatened by enterprise-class Web applications.

 

Guess you like

Origin www.cnblogs.com/-chenxs/p/11440086.html
xss
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com