[B! xss] tridentfieldã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

tridentfield id:tridentfield

xssã«é–¢ã™ã‚‹tridentfieldã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (7)

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

${{author_name}}$

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

IDEA * IDEA
ãƒ‰ãƒƒãƒˆã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ä»£è¡¨ã®ãƒ©ã‚¤ãƒ•ãƒãƒƒã‚¯ãƒ–ãƒã‚°
tridentfield 2014/05/30
xss

security
ãƒªãƒ³ã‚¯
DOM based XSS Prevention - OWASP Cheat Sheet Series
Introduction Index Alphabetical Index ASVS Index MASVS Index Proactive Controls Index Top 10 Cheatsheets DOM based XSS Prevention Cheat SheetÂ¶ IntroductionÂ¶ When looking at XSS (Cross-Site Scripting), there are three generally recognized forms of XSS: Reflected or Stored DOM Based XSS. The XSS Prevention Cheatsheet does an excellent job of addressing Reflected and Stored XSS. This cheatsheet addre
tridentfield 2012/08/06
xss

security

javascript
ãƒªãƒ³ã‚¯
ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®çµ‚äº†æ—¥ã‚’2020å¹´1æœˆ31æ—¥(é‡‘)ã«æ±ºå®šã—ã¾ã—ãŸ - ã¯ã¦ãªã®å‘ŠçŸ¥
ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®çµ‚äº†æ—¥ã‚’2020å¹´1æœˆ31æ—¥(é‡‘)ã«æ±ºå®šã—ã¾ã—ãŸ ä»¥ä¸‹ã®ã‚¨ãƒ³ãƒˆãƒªã®é€šã‚Šã€ä»Šå¹´æœ«ã‚’ç›®å‡¦ã«ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã‚’çµ‚äº†äºˆå®šã§ã‚ã‚‹æ—¨ã‚’ãŠçŸ¥ã‚‰ã›ã—ã¦ãŠã‚Šã¾ã—ãŸã€‚ 2019å¹´æœ«ã‚’ç›®å‡¦ã«ã€ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®æä¾›ã‚’çµ‚äº†ã™ã‚‹äºˆå®šã§ã™ - ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—æ—¥è¨˜ ã“ã®ãŸã³ã€æ£å¼ã«çµ‚äº†æ—¥ã‚’æ±ºå®šã„ãŸã—ã¾ã—ãŸã®ã§ã€ä»¥ä¸‹ã®é€šã‚Šã”ç¢ºèªãã ã•ã„ã€‚ çµ‚äº†æ—¥: 2020å¹´1æœˆ31æ—¥(é‡‘) ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆå¸Œæœ›ç”³è«‹æœŸé™:2020å¹´1æœˆ31æ—¥(é‡‘) çµ‚äº†æ—¥ä»¥é™ã¯ã€ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®é–²è¦§ãŠã‚ˆã³æŠ•ç¨¿ã¯è¡Œãˆã¾ã›ã‚“ã€‚æ—¥è¨˜ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆãŒå¿…è¦ãªæ–¹ã¯ä»¥ä¸‹ã®è¨˜äº‹ã«ã—ãŸãŒã£ã¦æ‰‹ç¶šãã‚’ã—ã¦ãã ã•ã„ã€‚ ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã«æŠ•ç¨¿ã•ã‚ŒãŸæ—¥è¨˜ãƒ‡ãƒ¼ã‚¿ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«ã¤ã„ã¦ - ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—æ—¥è¨˜ ã”åˆ©ç”¨ã®ã¿ãªã•ã¾ã«ã¯ã”è¿·æƒ‘ã‚’ãŠã‹ã‘ã„ãŸã—ã¾ã™ãŒã€ã©ã†ãžã‚ˆã‚ã—ããŠé¡˜ã„ã„ãŸã—ã¾ã™ã€‚ 2020-06-25 è¿½è¨˜ ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—æ—¥è¨˜ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆãƒ‡ãƒ¼ã‚¿ã¯2020å¹´2æœˆ28
tridentfield 2012/08/06
Javascript

xss

security
ãƒªãƒ³ã‚¯
DOM APIã¨innerHTMLã¯ç‰ä¾¡ã§ã¯ãªã„
æœ€è¿‘ã€å¾³ä¸¸æœ¬ã‚’ã˜ã‚ã˜ã‚èªã‚“ã§ã„ã‚‹ã®ã§ã™ãŒã€DOM based XSSã®è©±ãŒæ›¸ã„ã¦ã‚ã£ãŸã®ã§ã€å°‘ã—è¨€åŠã—ã¦ãŠã“ã†ã¨æ€ã„ã¾ã™ã€‚ å¾³ä¸¸æœ¬ã‹ã‚‰å¼•ç”¨ DOM based XSSã¨å‘¼ã°ã‚Œã‚‹XSSãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã€JavaScriptã«ã‚ˆã‚Šã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§è¡¨ç¤ºå‡¦ç†ã™ã‚‹ç®‡æ‰€ãŒã‚ã‚Šã€ãã“ã«è„†å¼±æ€§ãŒã‚ã‚‹å ´åˆã®XSSã§ã™ã€‚ ã‚µãƒ³ãƒ—ãƒ«æ›¸ã„ã¦ã¿ã¾ã—ãŸã€‚ <script> document.write(unescape(location.href)); </script> ã“ã„ã¤ã‚’é©å½“ãªãƒ•ã‚¡ã‚¤ãƒ«åã§ä¿å˜ã—ã¦ã€domxss.html#<script>alert("hello")<script>ãªã©ã®URLã§ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹ã¨alertãŒè¡¨ç¤ºã•ã‚Œã‚‹ã¯ãšã§ã™ã€‚ä»»æ„ã®ã‚¹ã‚¯ãƒªãƒ—ãƒˆãŒå®Ÿè¡Œå¯èƒ½ãªçŠ¶æ…‹ã£ã¦ã“ã¨ã§ã™ãã€‚ä»»æ„ã®ã‚¹ã‚¯ãƒªãƒ—ãƒˆãŒå®Ÿè¡Œå¯èƒ½ã£ã¦ã“ã¨ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚¯ãƒƒã‚ãƒ¼ç›—ã¿æ”¾é¡Œã§ã€ä»–äººã«æˆã‚Šæ¸ˆã¾ã—ã¦è²·ã„ç‰©ã§ãã¡ã‚ƒã£ãŸã‚Šã™ã‚‹ãƒ¬ãƒ™ãƒ«ã§ã™
tridentfield 2011/06/21
xss

javascript
ãƒªãƒ³ã‚¯
ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®çµ‚äº†æ—¥ã‚’2020å¹´1æœˆ31æ—¥(é‡‘)ã«æ±ºå®šã—ã¾ã—ãŸ - ã¯ã¦ãªã®å‘ŠçŸ¥
ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®çµ‚äº†æ—¥ã‚’2020å¹´1æœˆ31æ—¥(é‡‘)ã«æ±ºå®šã—ã¾ã—ãŸ ä»¥ä¸‹ã®ã‚¨ãƒ³ãƒˆãƒªã®é€šã‚Šã€ä»Šå¹´æœ«ã‚’ç›®å‡¦ã«ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã‚’çµ‚äº†äºˆå®šã§ã‚ã‚‹æ—¨ã‚’ãŠçŸ¥ã‚‰ã›ã—ã¦ãŠã‚Šã¾ã—ãŸã€‚ 2019å¹´æœ«ã‚’ç›®å‡¦ã«ã€ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®æä¾›ã‚’çµ‚äº†ã™ã‚‹äºˆå®šã§ã™ - ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—æ—¥è¨˜ ã“ã®ãŸã³ã€æ£å¼ã«çµ‚äº†æ—¥ã‚’æ±ºå®šã„ãŸã—ã¾ã—ãŸã®ã§ã€ä»¥ä¸‹ã®é€šã‚Šã”ç¢ºèªãã ã•ã„ã€‚ çµ‚äº†æ—¥: 2020å¹´1æœˆ31æ—¥(é‡‘) ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆå¸Œæœ›ç”³è«‹æœŸé™:2020å¹´1æœˆ31æ—¥(é‡‘) çµ‚äº†æ—¥ä»¥é™ã¯ã€ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã®é–²è¦§ãŠã‚ˆã³æŠ•ç¨¿ã¯è¡Œãˆã¾ã›ã‚“ã€‚æ—¥è¨˜ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆãŒå¿…è¦ãªæ–¹ã¯ä»¥ä¸‹ã®è¨˜äº‹ã«ã—ãŸãŒã£ã¦æ‰‹ç¶šãã‚’ã—ã¦ãã ã•ã„ã€‚ ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—ã«æŠ•ç¨¿ã•ã‚ŒãŸæ—¥è¨˜ãƒ‡ãƒ¼ã‚¿ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«ã¤ã„ã¦ - ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—æ—¥è¨˜ ã”åˆ©ç”¨ã®ã¿ãªã•ã¾ã«ã¯ã”è¿·æƒ‘ã‚’ãŠã‹ã‘ã„ãŸã—ã¾ã™ãŒã€ã©ã†ãžã‚ˆã‚ã—ããŠé¡˜ã„ã„ãŸã—ã¾ã™ã€‚ 2020-06-25 è¿½è¨˜ ã¯ã¦ãªã‚°ãƒ«ãƒ¼ãƒ—æ—¥è¨˜ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆãƒ‡ãƒ¼ã‚¿ã¯2020å¹´2æœˆ28
tridentfield 2011/05/01
iphone

security

xss

mala
ãƒªãƒ³ã‚¯
ï¼»æŸ”è»Ÿã™ãŽã‚‹ï¼½IEã®CSSè§£é‡ˆã§èµ·ã“ã‚‹XSS
ï¼»æŸ”è»Ÿã™ãŽã‚‹ï¼½IEã®CSSè§£é‡ˆã§èµ·ã“ã‚‹XSSï¼šæ•™ç§‘æ›¸ã«è¼‰ã‚‰ãªã„Webã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ï¼ˆ3ï¼‰ï¼ˆ1/3 ãƒšãƒ¼ã‚¸ï¼‰ XSSã«CSRFã«SQLã‚¤ãƒ³ã‚¸ã‚§ã‚¯ã‚·ãƒ§ãƒ³ã«ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒˆãƒ©ãƒãƒ¼ã‚µãƒ«â€¦â€¦Webã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®ãƒ—ãƒã‚°ãƒ©ãƒžãŒçŸ¥ã£ã¦ãŠãã¹ãè„†å¼±æ€§ã¯ã„ã£ã±ã„ã‚ã‚Šã¾ã™ã€‚ãã“ã§æœ¬é€£è¼‰ã§ã¯ã€ãã®ã‚ˆã†ãªãƒ¡ã‚¸ãƒ£ãƒ¼ãªã‚‚ã®â€œä»¥å¤–â€ã‚‚æŽ˜ã‚Šä¸‹ã’ã¦ã„ãã¾ã™ ï¼ˆç·¨é›†éƒ¨ï¼‰ ãªãœã‹å¥¥æ·±ã„IEã®XSSã®è©± çš†ã•ã‚“ã“ã‚“ã«ã¡ã¯ã€ã¯ã›ãŒã‚ã‚ˆã†ã™ã‘ã§ã™ã€‚ ç¬¬1å›žã€Œï¼»ã“ã‚Œã¯ã²ã©ã„ï¼½IEã®å¼•ç”¨ç¬¦ã®è§£é‡ˆã€ã¨ç¬¬2å›žã€Œï¼»ç„¡è¦–ã§ããªã„ï¼½IEã®Content-Typeç„¡è¦–ã€ã§Internet Explorer(IE)ã®ç‹¬è‡ªã®æ©Ÿèƒ½ãŒã‚¯ãƒã‚¹ã‚µã‚¤ãƒˆã‚¹ã‚¯ãƒªãƒ—ãƒ†ã‚£ãƒ³ã‚°ï¼ˆXSSï¼šcross-site scriptingï¼‰ã‚’å¼•ãèµ·ã“ã™å¯èƒ½æ€§ãŒã‚ã‚‹ã¨ã„ã†ã“ã¨ã«ã¤ã„ã¦èª¬æ˜Žã—ã¦ãã¾ã—ãŸã€‚ ç¬¬3å›žã§ã‚‚å¼•ãç¶šãã€IEç‰¹æœ‰ã®æ©Ÿèƒ½ãŒXSSã‚’å¼•ãèµ·ã“ã™ä¾‹ã¨ã„ã†ã“ã¨ã§ã€
tridentfield 2010/06/20
xss

browser

ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£
ãƒªãƒ³ã‚¯
XSSã®æ”»æ’ƒæ‰‹æ³•ã„ã‚ã„ã‚ - ã†ãªã®æ—¥è¨˜
html5securityã®ã‚µã‚¤ãƒˆã«ã€XSSã®å„ç¨®æ”»æ’ƒæ‰‹æ³•ãŒã¾ã¨ã‚ã‚‰ã‚Œã¦ã„ã‚‹ã®ã‚’ç™ºè¦‹ã›ã‚Š!ã¨ã„ã†ã“ã¨ã§ã€å€‹äººçš„ã«ã€ŒãŠ!ã€ã¨æ€ã£ãŸæ”»æ’ƒã‚’ã‚µãƒ³ãƒ—ãƒ«ã¤ãã§ã”ç´¹ä»‹ã—ã¾ã™ã€‚ 1. CSS Expression IE7ä»¥å‰ã«ã¯ã€ŒCSS Expressionsã€ã¨ã„ã†æ‹¡å¼µæ©Ÿèƒ½ãŒã‚ã‚Šã€CSSå†…ã§JavaScriptã‚’å®Ÿè¡Œã§ããŸã‚Šã—ã¾ã™ã€‚ <div style="color:expression(alert('XSS'));">a</div> ç¢ºèª @IT -ï¼»æŸ”è»Ÿã™ãŽã‚‹ï¼½IEã®CSSè§£é‡ˆã§èµ·ã“ã‚‹XSS ã§è©³ã—ãè§£èª¬ã•ã‚Œã¦ã„ã¾ã™ãŒã€CSSã®è§£é‡ˆãŒæŸ”è»Ÿãªã“ã¨ã¨ã‚‚ã‚ã„ã¾ã£ã¦è‡ªå‰ã§ç„¡å®³åŒ–ã™ã‚‹ã®ã¯ãªã‹ãªã‹å›°é›£ã€‚ä»¥ä¸‹ã®ã‚ˆã†ãªã‚³ãƒ¼ãƒ‰ã§ã‚‚ã‚¹ã‚¯ãƒªãƒ—ãƒˆãŒå®Ÿè¡Œã•ã‚Œã¦ã—ã¾ã„ã¾ã™ã€‚ <div style="color:expr/* ã‚³ãƒ¡ãƒ³ãƒˆã®æŒ¿å…¥ */ession(alert('XSS'));">a</div> ç¢ºèª <div s
tridentfield 2010/06/19
javascript

xss
ãƒªãƒ³ã‚¯
1