跨站脚本攻击(xss)-简单的注入js攻击
2019-04-01 本文已影响0人
AISpider
攻击一个简单的输入评论页面,提交有关js数据后,页面会一直弹出一些信息。
<!DOCTYPE html>
<html>
<head>
<?php
// 提交表单数据到数据库
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "huike";
// 创建连接
$conn = new mysqli($servername, $username, $password, $dbname);
mysqli_query($conn,"SET NAMES UTF8");
if ($conn->connect_error) {
die("连接失败: " . $conn->connect_error);
}
if ($_POST) {
// mysqli_select_db($conn , 'huike');
$title=$_POST['title'];
$content=$_POST['content'];
//准备sql语句
$sql = "insert into comments(title,content) values('$title','$content')";
//发送sql语句
mysqli_query($conn , $sql);
echo "
<script>
window.location.href='http://localhost/huike/';
</script>
";
}
?>
<meta charset="utf-8">
</head>
<script type="text/javascript" src="/js/cookies.js"></script>
<body>
<h1>模拟跨站攻击</h1>
<hr>
<form method="post" action="">
<div style="margin:20px;">
<div style="font-size:16px;font-weight:bold;">Your Comment</div>
<div style="padding:6px;">
Nick Name:
<br/>
<input name="title" type="text" style="width:300px;"/>
</div>
<div style="padding:6px;">
Comment:
<br/>
<textarea name="content" style="height:100px; width:300px;"></textarea>
</div>
<div style="padding-left:230px;">
<input type="submit" value="POST" style="padding:4px 0px; width:80px;"/>
</div>
<div style="border-bottom:solid 1px #fff;margin-top:10px;">
<div style="font-size:16px;font-weight:bold;">Comments</div>
</div>
<?php
$sql = "SELECT * FROM comments";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// 输出数据
while($row = $result->fetch_assoc()) {
echo "<p> 标题: " . $row["title"]. "<br /> 内容:" . $row["content"]. "</p>";
}
} else {
echo "没有任何要显示的内容哦";
}
?>
</div>
</form>
</body>
</html>
页面中所用到的数据库自建。
当输入
<script>alert(1);</script>
提交后,每次刷新页面,都会弹出 1 的对话框!
