How Cookie injection is generated

Source: Internet
Author: User

Let's take a look at how Cookies can be injected! If you have learned ASP, you should know
Copy codeThe Code is as follows:
Request. QueryString (GET)

Or
Copy codeThe Code is as follows:
Request. Form (POST)

Well, that's right. This is the value that we use to read the specified key that the user sends to the WEB server! Sometimes we write
Copy codeThe Code is as follows:
ID = Request ("ID ")

This method is simple, but the problem is coming ~~~ Let's first look at how the WEB Service reads data. It first retrieves the data in GET, does not retrieve the data in POST, and uses the data in Cookies (dizzy, this is not the case in the book, this is what I know when I talk to xiaogao ~~ It seems that the book is incomplete ~~)

Let's take a look at the anti-injection system. It will detect the data in GET and POST. If there are special characters (here, of course, the characters are injected )! Data submission is prohibited! But he does not detect Cookies! The problem is coming ~~~ How can we test whether there is any cookie injection problem ~ Take a look at the following connection (for example, the connection is not true)
Http://www.xxx.com/1.asp? Id = 123

If we only enter http://www.xxx.com/1.asp, we cannot see the normal data because there are no parameters! We want to know if there is any cookie problem (that is, there is no Request ("XXX") format problem), first use IE input http://www.xxx.com/1.asp

Load the webpage and the page is abnormal (no reason for parameter input). Then enter it in the IE input box.
Javascript: alert (file. cookie = "id =" + escape ("123 "));
Press enter and you will see a dialog box that is displayed: After id = 123, you refresh a Web page.
Request ("ID ")
Collect data in this format ~~~~, In this format, you can try to inject Cookies into the input box.
Javascript: alert (document. cookie = "id =" + escape ("123 and 3 = 3 "));
Refresh the page. If the page is displayed normally, try again. (If the page is not displayed normally, it may be filtered out)
Javascript: alert (document. cookie = "id =" + escape ("123 and 3 = 4 "));
Refresh the page. If the page is not displayed properly, it indicates an injection ~~~ If the programmer is using
Request. QueryString
Or
Request. Form
When collecting data, there is no cookie injection problem, because the service program directly captures data from GET or POST, and the WEB server ignores whether Cookies have data, therefore, Cookies cannot be used for injection! ~

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.