如何检测隐藏字段篡改? [英] How to detect hidden field tampering?

查看:316
本文介绍了如何检测隐藏字段篡改?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在我的网络应用程序的一个窗体中,出于安全考虑,我有一个隐藏字段,需要防止篡改。我试图想出一个解决方案,我可以检测隐藏字段的值是否已更改,并作出适当的反应(即使用通用出错了,请重试错误消息)。解决方案应该足够安全,蛮力攻击是不可行的。我有一个我认为可行的基本解决方案,但我不是安全专家,我可能完全错过了一些东西。



我的想法是渲染两个隐藏的输入:一个名为important_value,包含我需要保护的值,另一个名为important_value_hash,其中包含与常量长随机字符串串联的重要值的SHA哈希值(即每次都使用相同的字符串)。提交表单时,服务器将重新计算SHA哈希值,并与提交的important_value_hash值进行比较。如果它们不相同,那么important_value已被篡改。

我也可以将其他值与SHA的输入字符串(也许是用户的IP地址?)连接起来,但是我不知道这是否真的让我获益。



这会安全吗?任何人都可以了解它是如何被破坏的,以及可以做什么来改进它?

=h2_lin>解决方案

将散列存储在服务器端会更好。 可以想象,攻击者可以改变这个值并且生成他/她自己的SHA-1散列并添加随机字符串(他们可以很容易地通过重复访问页面来判断这一点)。如果散列是在服务器端(可能在某种缓存中),您可以重新计算哈希值并检查它以确保该值不会以任何方式被篡改。



<编辑



我读到关于随机字符串(恒定盐)的问题。但我想最初的观点依然存在。攻击者可以建立一个与隐藏值相对应的哈希值列表。


On a form of my web app, I've got a hidden field that I need to protect from tampering for security reasons. I'm trying to come up with a solution whereby I can detect if the value of the hidden field has been changed, and react appropriately (i.e. with a generic "Something went wrong, please try again" error message). The solution should be secure enough that brute force attacks are infeasible. I've got a basic solution that I think will work, but I'm not security expert and I may be totally missing something here.

My idea is to render two hidden inputs: one named "important_value", containing the value I need to protect, and one named "important_value_hash" containing the SHA hash of the important value concatenated with a constant long random string (i.e. the same string will be used every time). When the form is submitted, the server will re-compute the SHA hash, and compare against the submitted value of important_value_hash. If they are not the same, the important_value has been tampered with.

I could also concatenate additional values with the SHA's input string (maybe the user's IP address?), but I don't know if that really gains me anything.

Will this be secure? Anyone have any insight into how it might be broken, and what could/should be done to improve it?

Thanks!

解决方案

It would be better to store the hash on the server-side. It is conceivable that the attacker can change the value and generate his/her own SHA-1 hash and add the random string (they can easily figure this out from accessing the page repeatedly). If the hash is on the server-side (maybe in some sort of cache), you can recalculate the hash and check it to make sure that the value wasn't tampered with in any way.

EDIT

I read the question wrong regarding the random string (constant salt). But I guess the original point still stands. The attacker can build up a list of hash values that correspond to the hidden value.

这篇关于如何检测隐藏字段篡改?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆