Shulou(Shulou.com)06/01 Report--

Jsonp: solving cross-domain problems

Puddle *: quote Baidu encyclopedia to find the weakness of the website frequently visited by the target, first "break" the site and insert the code, once the target visits the site, it will be "hit". To put it simply, if you want to do XX people, you know what websites his people usually go to through the early information collection, and then get the website that they often visit. I will tell you that this is how I XX a foreign company in 12 years.

Today's loophole is mainly to obtain personal information, not targeted at these people, the loophole is ripped off.

Let's talk about what I know about using puddles to cooperate with jsonp.

First of all, you need to log in if you don't log in and can't get it.

Easily get the QQ number of website visitors

Jsonp probe locates the virtual identity information of the target (tracking with cookie, even if you hang up layers of agents to get the information)

A company is wanted by X to locate this person to the person who inserts the js code in the webshell of * to locate.

Defense:

The simplest and laziest way: referer verification (write regular domain names like 126.com.tk can bypass referre and don't write empty referer can be bypassed)

Token

Content-Type strictly uses application/json or callback customization will also show reflective xss.

There are many examples that manufacturers will realize how dangerous it is only when they attract the attention of the public, and there are many examples, just like when the xss,xss blind attack platform did not come out, many people did not pay attention to xss.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.