Scribd Logo
Upload

Welcome to Scribd!

  • TH C Hành Khai Thác L H NG Dom Based XSS

    Uploaded by

    Ngọc Phạm Thị Bích
    8 views3 pages
    kiểm thử web

    Original Title

    THỰC HÀNH KHAI THÁC LỖ HỔNG DOM BASED XSS

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    kiểm thử web

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views3 pages

    TH C Hành Khai Thác L H NG Dom Based XSS

    Uploaded by

    Ngọc Phạm Thị Bích
    kiểm thử web

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    VIẾT ỨNG DỤNG DEMO DOM BASED XSS

    Dựa vào minh họa trên cùng một máy như sau để triển khai kịch bản trên hai máy: nạn
    nhân và hacker:
    http://localhost:8080/TestProject/edit?id=2&mesage=’From HomePage’
    Giá trị trong biến message sẽ được lấy từ javascript để hiển thị trong trang
    Code thay đổi trong BookForm.jsp để nhận biến message:
    <%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
    <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
    <html>
    <head>
    <title>Books Store Application</title>
    </head>
    <body>

    <div align="center">
    <h1>Books Management</h1>
    <p id="from"></p>
    <h2><button onclick="show()">Click here</button></h2>
    <h2>

    <a href="new">Add New Book</a> &nbsp;&nbsp;&nbsp; <a


    href="list">List
    All Books</a>

    </h2>
    </div>
    <script>
    var pos = document.URL.indexOf("message=")+8;
    var msg = document.URL.substring(pos, document.URL.length);
    alert(document.getElementById("from"));
    document.getElementById("from").innerHTML= msg;

    function show(){
    alert('Test');
    location.href =
    "http://localhost:8080/TestProject/Wait.jsp?secretInfo='abc'";
    }
    </script>
    <div align="center">
    <c:if test="${book != null}">
    <form action="update" method="post">
    </c:if>
    <c:if test="${book == null}">
    <form action="insert" method="post">
    </c:if>
    <table border="1" cellpadding="5">
    <caption>
    <h2>
    <c:if test="${book != null}">
    Edit Book
    </c:if>
    <c:if test="${book == null}">
    Add New Book
    </c:if>
    </h2>
    </caption>
    <c:if test="${book != null}">
    <input type="hidden" name="id" value="<c:out
    value='${book.id}' />" />
    </c:if>
    <tr>
    <th>Title:</th>
    <td><input type="text" name="title" size="45"
    value="<c:out value='${book.title}' />" /></td>
    </tr>
    <tr>
    <th>Author:</th>
    <td><input type="text" name="author" size="45"
    value="<c:out value='${book.author}' />" /></td>
    </tr>
    <tr>
    <th>Price:</th>
    <td><input type="text" name="price" size="5"
    value="<c:out value='${book.price}' />" /></td>
    </tr>
    <tr>
    <td colspan="2" align="center"><input type="submit"
    value="Save" /></td>
    </tr>
    </table>
    </form>
    </div>
    </body>
    </html>

    Code trang Wait.jsp minh họa việc nhận thông tin nạn nhân gửi về:
    <%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8" isErrorPage="true"%>
    <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
    "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <title>Error</title>
    </head>
    <body>
    <center>
    <h1>Secret Info here:</h1>
    <h2><%=request.getParameter("secretInfo")%><br />
    </h2>
    </center>
    </body>
    </html>

    You might also like