从而达到恶意 攻击用户的特殊目的。XSS属于被动式的攻击,因为其被动且不好利用,所以许多人常忽略其危害性。
而本文主要讲的是利用XSS得到目标服务器的 shell。
技术虽然是织梦dedecms老技术,但是其思路希望对大家有帮助。 首先打开文件:/include/common.func.PHP 在文件中加入函数
function RemoveXSS($val) { $val = preg_replace('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/','',$val); $search = 'abcdefghijklmnopqrstuvwxyz'; $search .= 'ABCDEFGHIJKLMnopQRSTUVWXYZ'; $search .= '1234567890!@#$%^&*()'; $search .= '~`";:?+/={}[]-_|\'\'; for ($i = 0; $i < strlen($search); $i++) { $val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i',$search[$i],$val); $val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/',$val); } $ra1 = array('JavaScript','vbscript','Expression','applet','Meta','xml','blink','link','style','script','embed','object','iframe','frame','frameset','ilayer','layer','bgsound','Title','base'); $ra2 = array('onabort','onactivate','onafterprint','onafterupdate','onbeforeactivate','onbeforecopy','onbeforecut','onbeforedeactivate','onbeforeeditfocus','onbeforepaste','onbeforeprint','onbeforeunload','onbeforeupdate','onblur','onbounce','oncellchange','onchange','onclick','oncontextmenu','oncontrolselect','oncopy','oncut','ondataavailable','ondatasetchanged','ondatasetcomplete','ondblclick','ondeactivate','ondrag','ondragend','ondragenter','ondragleave','ondragover','ondragstart','ondrop','onerror','onerrorupdate','onfilterchange','onfinish','onfocus','onfocusin','onfocusout','onhelp','onkeydown','onkeypress','onkeyup','onlayoutcomplete','onload','onlosecapture','onmousedown','onmouseenter','onmouseleave','onmousemove','onmouSEOut','onmouSEOver','onmouseup','onmousewheel','onmove','onmoveend','onmovestart','onpaste','onpropertychange','onreadystatechange','onreset','onresize','onresizeend','onresizestart','onrowenter','onrowexit','onrowsdelete','onrowsinserted','onscroll','onselect','onselectionchange','onselectstart','onstart','onstop','onsubmit','onunload'); $ra = array_merge($ra1,$ra2); $found = true; while ($found == true) { $val_before = $val; for ($i = 0; $i < sizeof($ra); $i++) { $pattern = '/'; for ($j = 0; $j < strlen($ra[$i]); $j++) { if ($j > 0) { $pattern .= '('; $pattern .= '(&#[xX]0{0,8}([9ab]);)'; $pattern .= '|'; $pattern .= '|(�{0,8}([9|10|13]);)'; $pattern .= ')*'; } $pattern .= $ra[$i][$j]; } $pattern .= '/i'; $replacement = substr($ra[$i],2).'<x>'.substr($ra[$i],2); $val = preg_replace($pattern,$replacement,$val); if ($val_before == $val) { $found = false; } } } return $val;}<p> |
搜索 <strong >{dede:global name='keyword'
上一篇:dedemcs5.7修改tags单个标签小于12字节的限制
下一篇:DedeCMS系统未绑定畅言账号我们将自动为您分配一个初始账号
总结以上是内存溢出为你收集整理的最模板网分享如何修补XSS跨站脚本攻击全部内容,希望文章能够帮你解决最模板网分享如何修补XSS跨站脚本攻击所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)