Analysis of php cross-site attack instances and php cross-instance analysis

Analysis of php cross-site attack instances and php cross-instance analysis

This article describes the principles and defense techniques of php cross-site attacks. Share it with you for your reference. The specific method is analyzed as follows:

Cross-Site attacks take advantage of some program details or bugs. How can we prevent cross-site attacks? The following is an example of how to prevent cross-site attacks.

Copy codeThe Code is as follows: <? Php
# Demo for prevent csrf
/**
* Enc
*/
Function encrypt ($ token_time ){
Return md5 ('! ###$ @ $ # % 43 '. $ token_time );
}
$ Token_time = time ();
$ Token = encrypt ($ token_time );
$ Expire_time = 10;
If ($ _ POST ){
$ _ Token_time = $ _ POST ['token _ time'];
$ _ Token = $ _ POST ['Token'];
If (time ()-$ _ token_time)> $ expire_time ){
Echo "expired token ";
Echo "<br/> ";
}
Echo $ _ token;
Echo "<br/> ";
$ _ Token_real = encrypt ($ _ token_time );
Echo $ _ token_real;
// Compare $ _ token and $ _ token_real
}
?>
<! DOCTYPE html>
<Html>
<Head>
<Meta http-equiv = "content-type" content = "text/html; charset = UTF-8"/>
<Title> test for csrf </title>
<Meta http-equiv = "" content = ""/>
</Head>
<Body>
<Form method = "post" action = "">
<Input type = "text" name = "text" id = "" value = "hello"/>
<Input type = "hidden" name = "token" id = "" value = "<? Php echo $ token?>" />
<Input type = "hidden" name = "token_time" id = "" value = "<? Php echo $ token_time?>" />
<Input type = "submit" name = "submit" id = "" value = "submit"/>
</Form>
</Body>
</Html>
 
By including the verification code in your form, you have actually eliminated the risk of cross-site request forgery. You can use this process in any form that requires an operation.
Of course, it is better to store the token to the session. Here is a simple example.

Simple analysis:

Token attack prevention is also called a token. When a user accesses the page, a random token is generated to save the session and form, if the token we get is different from the session token, you can submit the submitted data again.

I hope this article will help you with php programming.

How can I fix the Cross-Site Scripting Vulnerability Detected in this PHP file ?? Urgent

If ($ rw_uid = intval ($ rws [0]) {$ rw_uid seems to be caused by the cross-site scripting vulnerability.
Example: $ _ GET ['rewrite'] = '2017 _ js ';
The ideal result is $ _ GET ['uid'] = 123; $ _ GET ['do '] = 'js ';

However, if $ _ GET ['rewrite'] = 'js', the result is equivalent to $ _ GET ['do '] = 'js ';

This is because the verification is not strict. If the entry must be in this format, the _ string must be strictly filtered out.

Php websites use websaber to evaluate Cross-Site Scripting Vulnerability

The defense method is also simple:
1. program code vulnerabilities. This requires a security-aware programmer to fix them. Generally, when a trojan is found, the programmer knows where to fix the vulnerability;

2. It can also be solved by security companies. Sinesafe, lumeng, and other security companies in China are also professional.

3. server Directory Permissions such as "read", "write", "execute", and "whether scripts are allowed", use the space of a virtual space provider that has been operating for a long time, this effectively reduces the probability of Trojans.

I am engaged in the IDC industry. These are also common problems in my daily work. I hope my answers will help you.