XSS????????(???

???????? ???????[ 2017/7/6 10:11:03 ] ???????????簲? ??? XSS

????1?????
????????????cross site script?????????????css?????????????XSS??
????XSS??????????????web????е????????????????web???????????????????????XSS???
????XSS????????????????????ж???????????????崦???????????????????????Щ???????web????????????????????????????????????
?????????????????????????????????????????????????в???????????????????
????XSS??????Σ????????
????1??????????????????????????????????????????????????
????2?????????????????????????????????????????????????
????3?????????????????????????????
????4????????
????5??????????????
????6?????????
????7?????????????????????????????
????2????????
?????????????????ο?????????????
??????????????????κο????????????????????????????????????????????????????????????????????
?????????????????
???????????????????????????????????????????????????????????????????Σ????????в????Щ???????javascript?????????Щ????????????????е????????????????????????????????????????
???????????????????????κο?????????????????
????3??XSS????????
?????????????????????XSS??????????????????????????
????3.1????????xss????
????????????????????????????????????????XSS?????????????????????????????????????С??????????????XSS?????????XSS??????????????(????ι?????????????)??
??????????
?????????????????
????http://www.test.com/message.php?send=Hello??World??
????????????????????????Hello??Word
???????????????????
????http://www.test.com/message.php?send=<script>alert(‘foolish!’)</script>??
???????????????????????????????洰??
????3.2????????xss????
??????????????????????????????XSS????????(????XSS????????)?洢?????????????????汻????????????С?????????????????????С?????XSS????????XSS????Σ????????????????????棬?????????????????С?????orkut?????????XSS??
???????????
???????????????洢??XSS????????????????????????У???????????????Щ?????????????????
????????????е?????<input type=“text” name=“content” value=“???????????д??????”>
??????????????
?????????????????????????????洢??????????????????????壬??????????????
????????????????
????????????value??д<script>alert(‘foolish!’)</script>??????html???????????????????????????ι??????????
??????????洢????????У?
???????????????????????????????????Щ?????????
????3.3??DOMBasedXSS??????dom??????????????
????????DOM??XSS???????type0XSS?????????????????????????????е?DOM(DocumentObjectModel)??????????????????п?????????????????Ч?????????????????XSS??
??????????????DOM????γ??XSS??????DOMBasedXSS??
??????????????????????????HTML?????ò??????????document.location ??document.URL ?? document.referrer?????????????κ???????????????????????
???????????
????1 <HTML>
????2 <TITLE>Welcome!</TITLE>
????3 Hi
????4 <SCRIPT>
????5 var pos=document.URL.indexOf("name=")+5;
????6 document.write(document.URL.substring(pos??document.URL.length));
????7 </SCRIPT>
????8 <BR>
????9 Welcome to our system
????10 …
????11 </HTML>
???????????????????棬name????URL??get??????name????
??????????????
????http://www.vulnerable.site/welcome.html?name=Joe
????????????????
????http://www.vulnerable.site/welcome.html?name=<script>alert(document.cookie)</script>
??????????xss????????????????????????????????????????????????HTTP????www.vulnerable.site?????????????HTML????????????????????????HTML?DOM??DOM????????????document??document?????и?URL?????????????????????????URL??????????????javascript???????????????????????HTML??檔???????????????document.URL?????????????????????????????HTML?У??????????????????javascript????????(alert(…))???????????????????????????xss????????
???????:
????1. ??????????????κ???????????????????μ?HTML??棨????????????xss??????????
????2.???????????????????????URL?????????á? ??url?????????????????Mozilla.??????????document.URL?????<??>??????%3C ?? %3E????????????????????????????????????IE6????????<??>??????????????????????
???????????????HTML?????????????????к?????????????<??>????????Mozilla??????????????Щ???????
????4??XSS???????????
??????1????XSS????
???????????????javascript
?????и??????<input type=“text” name=“content” value=“???????????д??????”>
????1???????????д???????<script>alert('foolish!')</script>??????<script type="text/javascript" src="./xss.js"></script>??
????2?????????????foolish???洰????????????????????
????3????????????????????????????????????????????????й?????????????????foolish???洰???
??????????????html??????й?????????????????????????????????????
??????2?????cookie
????1??????????????www.test88.com????????????????www.linuxtest.com
????2??test88.com?е?????xss.html
????1 <!DOCTYPE html>
????2 <html>
????3 <head>
????4 <title>xss????</title>
????5 <meta charset="utf-8">
????6 </head>
????7 <body>
????8
????9 <form action="./test99.php" method="post">
????10 ?????<input type="text" name="content" value=""><br/>
????11 <input type="submit" name="" value='??'>
????12 </form>
????13 <br/>????????<br/>
????14 </body>
????15 </html>