[] On the web security web security of XSS

Others 2019-09-17 16:05:09 views: null

XSS defined

  XSS, namely (Cross Site Scripting), Chinese called cross-site scripting , occurs in the target user's browser on the level, when rendered into a DOM tree process took place not within the expected time JS code execution occurs XSS attacks.

Key cross-site scripting is not 'cross-site' on, but in the 'script'. The main way most XSS attacks is to embed some JS code on the remote or third-party domains. This actually executes this js code under the scope of the target site.

Attacks:

  1. The theft of cookie access to sensitive information

  2. destroy structural insert malicious content page (reflective)

  3. Use flash (understand)

  4.DDOS (strong difficult to defend)

    DDOS: Distributed Denial of Service attack (Distributed Denial of Service), it simply is to send a large number of requests is to make the server to its knees. DDos attacks, the popular understanding of the DOS attack can be based on, dos be singled out, and ddos ​​is gang fights, because lethality development of modern technology, dos attack is reduced, so there DDOS, attack resorted to public networks, will a large number of computer equipment together, to attack one or more targets.

On the technical point of view, DDoS attacks can target layers of network communication protocols, it means roughly: TCP class SYN Flood, ACK Flood, Fraggle UDP class, Trinoo, DNS Query Flood, ICMP Flood, Slowloris class and so on. Usually under the circumstances of the attack target, targeted approach to technology mix, in order to achieve the lowest cost most difficult defense, and can be reasonably rhythm control, protection and hiding attack resources.

Here are some SYN attack TCP protocol.

 Common web attacks summary: https://www.cnblogs.com/morethink/p/8734103.html#DDOS

Attack:

  Reflective

    When the request, XSS code is present in the URL , submitted to the server as an input, the server parses the response , with the code content of the response with XSS returned to the browser, and finally browser parses the code execution XSS . This process would like a reflex, so called reflective XSS

  Storage type (type persistent XSS vulnerabilities)

    Difference storage type XSS and reflective XSS only in that the code is stored on the server side submitted no need to submit XSS codes (databases, memory, file system, etc.), the next page when the request destination

  XSS the DOM
    the DOM XSS attack than directly involved in a reflection type and storage type XSS XSS, the DOM XSS code does not need to parse the response of the server, but is analyzed by the browser-side DOM. This is entirely the client's matter.

  DOM XSS attack code may happen is that we write JS code caused. We know that there is a role eval statement is to convert a string to a real JS statement, so use eval in JS is a very dangerous thing, easily lead to XSS attacks. Avoid using eval statement.

Reflective XSS attack demo

Construction of Node service presentations

  • 1. Create a new folder, enter the command line:

    • express -e ./Use express scaffolding, with ejs as a template engine, executed in the current directory
    • npm installInstallation depends

  • 2. routes / index.js the setting route:

    router.get ( '/', function (REQ, RES, Next) { 
    res.set ( 'X--XSS-Protection', 0); // close the browser of the detection of XSS 
    res.render ( 'index', title {: 'Express' , XSS: req.query.xss}); 
}); // Query search field is acquired express

     

  • 3. In the views / index.ejs the body portion is added:

    <div class = ""> 
    <% -% XSS> <! --'- 'representation allows input html, need to escape -> 
</ div>

     

  • 4. command line:

    npm startTurn on the server

  • 5. http: // localhost: 3000 / Enter

    ?xss=<iframe src="//baidu.com/h.html"></iframe>
    或者?xss=<img src="null" onerror="alert("1")">
    或者?xss=<p onclick="alert("1")">点我</p>

    Imitation XSS radiation type attack. The first effect shown below:

    XSS-WebSecurity

  

 

XSS defenses

  Protection of cookie

    Important cookie settings httpOnly, to prevent the client by document.cookiereading the cookie. The server can set this field.

  For user input

    1. coded: user data inputted encoded HTML Entity

    2. Decoding:

      Avoid direct coding of HTML Entity

      DOM transcoding using the Parse correction unpaired tag DOM

    3. Filter:

      Remove user-uploaded DOM attributes, such as onerror, onclick, etc.

      Remove users to upload Style node, Script node, iframe nodes, etc.

    

Comments XSS code injection defense demo

  1. Text escaped by the server, the client reverse sense, then DomParse, refiltered

  2. Use encode.js and domparse.js third-party libraries to decode the text and DOM parse operation

Project link: https://github.com/ickedesign/XSS_WebSecurity  

Extensions: Other web security knowledge

 

Relevant information:

    

 

Guess you like

Origin www.cnblogs.com/websmile/p/11428911.html
Recommended
Face Wall Intelligence releases the Eurux-8x22B open source large model - it can be called the "science champion"
Kaiyuan Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft’s anxiety and ambition; Haier Electric shuts down the open platform
Ranking
Jianzhi offer interview questions 68-II. The nearest common ancestor of a binary tree (recursive)
jQuery Mobile development 1-UI components
Summary of Kotlin function knowledge
[ZZ] The Naked Truth About Anisotropic Filtering
Diagnosis: record a recovery of abnormal CRASH storage caused the database to be unable to be opened normally
Redis introduction and Linux installation Redis
Experiment 2 Introduction to switches
glances open source command-line system monitoring tools introduced
Use of selector
vue3 handwriting a carousel picture
Daily
More
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)

Code World

© 2018 codetd.com