Python Wechat ordering applet course video

https://edu.csdn.net/course/detail/36074

Python Actual quantitative transaction financial management system

https://edu.csdn.net/course/detail/35475

Nodejs Prototype chain pollution analysis

What is? js Prototype ?

Can be js Prototype is understood as other OOP Class in language , But there are still subtle differences .

1. function F(){...}
2. var f = new F();
 analysis ：
1. Create a func F, At the same time, he created a F object （ This object defaults to next Object Prototype chain of , It can be understood as Object Instance object of ）, And will F The constructor of points to function F(), At the same time, set internal properties prototype Point to the object F In itself .
2.  When it comes to objects F Or function F When instantiating , Will create   An instance object , At the same time, the instance object adds one by default __proto__ attribute , Point to F object .

What is? js Prototype chain ？

I see js Prototype , that js The prototype chain should be very clear ...（ The dog's head lives ： After all, it is impossible to tell the truth “ The prototype chain is the chain composed of prototypes ！”

Prototype chain pollution is something ？

Think first ：foo.__proto__ Pointing to Foo Class prototype. that , If we modify foo.__proto__ The value in , Is it possible to modify Foo Class? ？

Pictured , Create an object first a, And instantiate and assign to test1. Create another b object , hold test1 Of __proto__ Point to b object . But there seems to be no change ？？？ Prototype chain pollution is fake ？

see test1 The prototype of the , It has indeed become b ah , Why not b Properties of y Well ？ In fact, this function is equivalent to a constructor , Inside this.y Only in its corresponding instantiated object . Change the chain directly , But this function did not execute , That is why the final display does not y attribute , As long as y Properties adding to b In the object

Pictured , stay b Add a... To the prototype object z attribute ,test1 This attribute can be used in , So as to achieve the purpose of polluting the prototype chain .

How to use prototype chain pollution ？

In the final analysis, it is because of the modification __proto__ Attribute changes the prototype chain of the instance object . So we can see which operations will be modified __proto__ attribute , Generally, the operation attribute can also be in the form of array , Such as : test1[‘proto’] = xxx. Therefore, the most likely cause of prototype chain pollution is inseparable from the functions that operate the array .

There are merge,clone Such as function

Prototype chain pollution in ctf Use of

https://blog.happysec.cn/index/view/328.html
Reference resources P Divine masterpiece

Summary

1. js Data analysis of prototype chain
2. express Framework support according to Content-Type To parse the request Body, So it can be set conveniently payload

• Nodejs Prototype chain pollution analysis

• What is? js Prototype ?

• What is? js Prototype chain ？

• Prototype chain pollution is something ？

• How to use prototype chain pollution ？

• Prototype chain pollution in ctf Use of

• Summary

  __EOF__

  [ Failed to transfer the external chain picture , The origin station may have anti-theft chain mechanism , It is suggested to save the pictures and upload them directly (img-ZSs8vR6i-1644790257071)(https://blog.csdn.net/Aurora-M)]Aur0ra - Link to this article ：https://blog.csdn.net/Aurora-M/p/15890253.html

• About bloggers ： Comments and private messages will be answered as soon as possible . perhaps Direct personal trust I .
• Copyright notice ： All articles in this blog except special statement , All adopt BY-NC-SA license agreement . Reprint please indicate the source ！
• Solidarity bloggers ： If you think the article will help you , You can click the bottom right corner of the article **【[ recommend ](javascript:void(0)】** once .