XSS cross-site scripting attack 1 in the cybersecurity Series

Cross site scripting (XSS) refers to a malicious attacker inserting malicious script code into a web page. When a user browses this page, the script code embedded in the Web is executed to attack users maliciously.

To distinguish it from the CSS abbreviation of Cascading Style Sheet, cross-site scripting attacks are usually abbreviated as XSS.

To better understand XSS attacks, we need to build a PHP environment. Here we still recommend using npmserv, software: http://down.51cto.com/data/1886128.

First, compile a simple PHP script file info. php:

650) This. width = 650; "Title =" 1.jpg" src = "http://s3.51cto.com/wyfs02/M00/4D/C1/wKioL1RZa5rSzC1kAABkfTZ2FIo797.jpg" alt = "wkiol1rza5rszc1kaabkftz2fio797.jpg"/>

This Code indicates that the get method assigns the value of the parameter name to the variable username, and then outputs the value of the variable username.

Put the file in the WWW directory under npmserv, and then access the file on the client:

650) This. width = 650; "Title =" 2.jpg" src = "http://s3.51cto.com/wyfs02/M00/4D/C2/wKiom1RZa0OT4MnzAADLpCyrZco577.jpg" alt = "wkiom1rza0ot4mnzaadlpcyrzco577.jpg"/>

Under normal circumstances, the user will submit the parameter name value in the URL as his name, and then the data content will be displayed on the page through the above Code, if the name submitted by the user is "Zhang San ":

650) This. width = 650; "Title =" 3.jpg" src = "http://s3.51cto.com/wyfs02/M01/4D/C1/wKioL1RZa7CiqsVFAADUKI0WyRI846.jpg" alt = "wkiol1rza7ciqsvfaaduki0wyri846.jpg"/>

However, if the data submitted by the user contains code that may be executed by the Web server, it constitutes an XSS attack. If the name value submitted by the user is <SCRIPT> alert (/My name is James/) </SCRIPT>:

650) This. width = 650; "Title =" 4.jpg" src = "http://s3.51cto.com/wyfs02/M01/4D/C2/wKiom1RZa1mzUkOnAAEpqfaFCM0432.jpg" alt = "wkiom1rza1mzukonaaepqfafcm0432.jpg"/>

<SCRIPT> ...... </SCRIPT> is a tag used to execute the Javascript language in HTML. Therefore, as long as hackers carefully construct some JavaScript statements, they can achieve the corresponding attack purpose.

Compared with SQL injection, XSS attack principles and implementation methods are more complex. XSS is classified based on attack methods, mainly including reflection and storage.

The reflected type (external attack type) only takes effect for the current link. You need to click a malicious website to run malicious scripts;

650) This. width = 650; "Title =" 5.jpg" src = "http://s3.51cto.com/wyfs02/M02/4D/C2/wKiom1RZa26g-HnpAAGMroPrTBg757.jpg" alt = "wKiom1RZa26g-HnpAAGMroPrTBg757.jpg"/>

Stored (internal attack) web page program XSS vulnerability, as long as the user requests this web page will be affected.

650) This. width = 650; "Title =" 6.jpg" src = "http://s3.51cto.com/wyfs02/M00/4D/C1/wKioL1RZa9vQKSoaAAFm1Z_ChWg100.jpg" alt = "wkiol1rza9vqksoaaafm1z_chwg100.jpg"/>

The reflected type usually needs to be triggered by the user. For example, the XSS attack we just launched is a reflection type. In addition, hackers can send constructed URL links to normal users as shown in the figure, so that these users can execute XSS to obtain information about these users, such as cookies.

The storage type directly inserts the XSS statement into the normal page of the website (usually the message board), and then the XSS statement is automatically executed as long as the user accesses these pages.

The storage-type cross-site will be introduced in the next blog.

This article is from the "one pot of turbidity wine" blog. For more information, please contact the author!

XSS cross-site scripting attack 1 in the cybersecurity Series