PHP reflective XSS, reflective XSS test and repair

Hello everyone , I meet you again , I'm your friend, Quan Jun .

reflective XSS General location , Such as GET Parameters in

test Search function

F12 View source code , Look for... That appears 1111 The location of

The first position is title It's about

Try closing title label , Then test JS Code , Successful pop-up

View source code ,XSS perform

The second position is in the search box , here XSS Unable to execute , Because located value Within the properties , It needs to be closed

Be careful to close the extra double quotation marks when testing ”

And then to XSS Bug source code repair

First of all XSS stay title Location , Search parameters entered ks direct echo Output , There is no escape and other operations

<?php echo input(‘ks’);?>|{

Add filter code strip_tags() operation

The test found that

The second place XSS In the search box , be located index_menu.html in

The same vulnerability , For the input ks There is no filtering operation directly echo Output

Add filter function strip_tags()

<?php echo strip_tags(input(‘ks’));?>

The test found that

However, this repair is not perfect , Bypass exists , take value After the value is closed , Adding an event attribute can still be effective XSS

The best way to filter is to use htmlsepcial Function to filter

<?php echo htmlspecialchars(input(‘ks’));?>

The test again , Double quotation marks are escaped into ”

Unable to trigger XSS, The repair was successful .

Publisher ： Full stack programmer stack length , Reprint please indicate the source ：https://javaforall.cn/130466.html Link to the original text ：https://javaforall.cn