Shulou(Shulou.com)06/01 Report--

XSS has long been listed as the enemy of web security, so what is Xss? Look at the following:

1:

Php page:

Browser test:

a. Normal request:

Browser input: http://localhost/xss/index.php?param=This is an test

The output is normal

b. Browser input: http://localhost/xss/index.php?param=alert(/xss/)

The browser pops up the dialog box directly.

********************

1.1 reflective type:

It means that a malicious person inserts malicious html code into a Web page. When a user browses the page, the html code embedded in the Web will be executed, thus achieving the special purpose of malicious users. You need to click on a malicious connection to be successful. Also known as "non-persistent XSS"

1.2 Storage type:

The XSS code is submitted to the website-> the website SetCookie the XSS code to the browser-> the browser submits the Cookie-- containing the XSS code when the browser requests the website again. > the website takes a variable containing the XSS code from the Cookie and returns the variable to the client as part of the page content-> the client executes the XSS code.

For example: when a malicious code article is published, all visitors will execute the malicious code.

1.3 DOM Based XSS:

The DOM-based XSS vulnerability is based on the document object model (Document Objeet Model,DOM). DOM is an interface independent of platform and programming language, which allows programs or scripts to access and update document content, structure and style dynamically, and the processed results can become part of the display page. There are many objects in DOM, some of which can be manipulated by users, such as uRI, location,refelTer and so on. The script on the client can dynamically check and modify the content of the page through DOM. It does not rely on submitting data to the server, while the data in DOM obtained from the client is executed locally. If the data in DOM is not strictly confirmed, it will produce DOM-based XSS vulnerabilities.

********************

2. DOM Based XSS instance:

Test the code:

Function test () {var str=document.getElementById ("text") .value; document.getElementById ("t") [xss_clean] = "testLink";}

Test:

1. Enter a normal string in the input box

Normal response.

two。 Enter a special code:

Such as:

'onclick = alert (/ xss/) / /

After typing, the page code becomes:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.