20 reflective XSS Analysis of DVWA Series 02/04 Update SLTechnology News&Howtos

20 reflective XSS Analysis of DVWA Series

2025-02-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)06/01 Report--

Let's first analyze the reflective XSS. Set the security level to low, then select XSS reflected, enter a user name randomly in the text box, and the submission will be displayed on the page. As you can see from URL, the user name is submitted as GET through the name parameter.

Looking at the low-level web page code, you can see that the name parameters used to receive user data are output directly in the web page without any filtering, resulting in a XSS vulnerability.

Let's enter a basic XSS statement to implement the pop-up box: "alert ('hi')":

At this point, looking at the source file of the web page, you can see that the script we entered is embedded in the web page.

Enter another statement to pop up cookie: "alert ([xss_clean])".

Next, let's take a look at the XSS source code at the medium level. Here, before outputting the data in the name parameter, the str_replace () function is used to process it. The purpose of the processing is to replace it with a null value.

But this filtering process is really too simple. First of all, we can bypass it by using uppercase. Secondly, XSS can not only use JavaScript, but can also cross sites through HTML statements, such as "

"statement.

Is the picture tag in html, this statement means to insert a picture in the web page, "src=1" specifies the URL of the picture file, if the picture does not exist (it certainly does not exist here), then an error prompt box will pop up to achieve the effect of a pop-up box.

Finally, let's take a look at the high-level source code, which uses the htmlspecialchars () function for filtering. This function can escape & (and), "(double quotation marks),'(single quotation marks), (greater than) these sensitive symbols, all cross-site statements basically can not do without these symbols, so only this function is needed to prevent XSS vulnerabilities, so the code defense of cross-site vulnerabilities is relatively simple.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.