?????????????????web?????????????????????????AppScan??????????к???????????????????????????????鶫???????????
????-----------------------------------------????-------------------------
?????????????
??????ó????????
??????в????
???????????????
???????
????δ???????????????Σ?????????
?????????????
???????????????????????cookie???????????????o???????????????????????????????????????????????
?????????????
?????????????????????????????
?????????
????CERT Advisory CA-2000-02
????Microsoft How To: Prevent Cross-Site Scripting Security Issues (Q252985)
????Microsoft How To: Prevent Cross-Site Scripting in ASP.NET
????Microsoft How To: Protect From Injection Attacks in ASP.NET
????Microsoft How To: Use Regular Expressions to Constrain Input in ASP.NET
????Microsoft .NET Anti-Cross Site Scripting Library
?????????????????????
??????????????
????AppScan ?????ó???δ??????????????????????????????????????????Web ????????С??????????????????????á?
?????????????????????????????(XSS) ???????
????[1] ?????????????Web ??ó??????????Web ????
????[2] Web ??ó?????????????????????????Web ??檔
????[3] ????????????ó??????????????????Web ???????е??????????JavaScript??HTML ????HTML ?????????????Flash ??
????ActiveX??
????[4] ????????Web ??????????????Web ??棬????????????ò????????????????????
????[5] ??????????Web ???????????Web ??棬?????????Web ???????Web ?????????????????????ж???????
????[6] ?????Υ????Web ????????????????????ò?????????????е??????????????????????е?????????????????е???????
????????????????????????????и????????????????????????????????????????????cookie???????????????????????????
??????????????????????????????????Web ?????????????й??????????????????????????????Σ???
???????????????????????????????????????????????????????????Σ??????????Web ??????????????????????Web ???????
???????е????????????????????????????????“·???????”????
??????????????????XSS??
????????1???????XSS??????“??????”??
??????????????HTTP ?????ж????????????????HTTP ???????????????XSS ???????????????????????????????????Web ??ó?????
??????Σ???????????????????????????Web ???????С???????????????????????????????????????????????????????????????
??????????URL ?С???????????URL ???????????????????????????????????????????Σ???????????????????????URL?????
????????????????????????????????????????????и??????
????????2???洢??XSS??????“?????”??
??????ó???????????????????????????????????????????洢???д洢Σ??????????????????Σ?????????????ó???????????????
?????С?????????????????????????????λ????????????????????????????????????????????????????ó????о??н????????
??????????????????????м?????????????н????????????????????ж??????????????????п??????????????????????????????????
??????????????????????????????????磬??????????????????????XSS???????????????????????????????????
????????0??????DOM ??XSS
?????????DOM ??XSS ?У????????н?XSS ???????????????????????У????????????????С?????DOM ??XSS ??????漰????????????
??????????????????????????磬??????????????????н???????Javascript????????????????????????????????????????
????????Web ??棨??????????HTML???????????DOM ??XSS ?п??????????????????????????з?????????????
???????????????GET ?????????????????HTML ??????????з????
[REQUEST]
GET /index.aspx?name=JSmith HTTP/1.1
[RESPONSE]
HTTP/1.1 200 OK
Server: SomeServer
Date: Sun?? 01 Jan 2002 00:31:19 GMT
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 27
<HTML>
Hello JSmith
</HTML>
????????????????????????????????????
[ATTACK REQUEST]
GET /index.aspx?name=>"'><script>alert('PWND')</script> HTTP/1.1
[ATTACK RESPONSE]
HTTP/1.1 200 OK
Server: SomeServer
Date: Sun?? 01 Jan 2002 00:31:19 GMT
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 83
<HTML>
Hello >"'><script>alert('PWND')</script>
</HTML>
??????????????£?JavaScript ?????????????У?>"'> ??????????????????