Home > Internet > Online Trends

The scene is important.

Source: Internet
Author: User
Keywords Very important this attack we
Tags .mall apt business cookies example operating system security site
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

1.6 scenes are important.

Often hear someone say: "XSS is not harmful, very few people to pay attention to." "In fact, the person who said this may have omitted the context, for example, for those small business sites that do not update for half a year, there is little use for XSS vulnerabilities."

Hanging a horse? Almost never happens, who would use XSS to lure a horse to a site without influence?

Stealing administrator cookies? Six months does not update the site, this probability is very low.

If someone really went to the apt (persistent threat) attack, just stare at this site for half a year, an XSS steals cookies to use first half a year, the administrator may not be lured to view this XSS link, even if viewed, if it is a reflective xss,ie 8/ie 9/ Chome directly to intercept. Let's see ... Can we say how much this XSS is harmful? Harm can be almost ignored. But so spread, wildfire, a lot of people are beginning to feel that XSS is chicken ribs, the conclusion is more and more irresponsible, in their eyes only that kind of ms08-067 remote operating system privileges of the systematic level of vulnerability is kingly, we do not deny that this is very handsome, but the front-end hacker attack object is Web application, is not an operating system and is not inherently comparable. In many scenarios, the front-end attack of XSS, etc. is kingly.

For example, in all kinds of SNS, mail system, open source popular Web application scenarios, front-end attacks are widely implemented and concerned. No attack can be separated from the specific scene, about a lot of wonderful use, you will see in this book.

1.7 Summary

By reading this chapter, you should be able to understand that security research can have a big starting point, most of which are generic and not limited to web security. Understanding the key points of security, readers of our follow-up research is more analogy, we hope to teach the fishing, rigorous treatment of each safety point.

Start hacking into the content of our Web front-end hackers!

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
why is unix important when talking about the internet what is the most important feature of java why the use of databases is important in healthcare what is the correct html element to define important text what is the use of important in css why java is important why is javascript important
Related Article
Getting Started with CDN
Front-end Must Learn: CDN Acceleration Principle
Elements of CDN Network
Cloud Security Issues Derived from the Development of Cloud C...
8 New Types of Attacks Facing the Cloud Environment

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Hot Article
Hot Tags
computing conference access forum computer class data get http html applications
Popular Keywords
direct digital landing development documentation data user director of marketing deploy it ddos how to description of products and services ddos information data website domain to dns

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More