Talking about my company for security emergency response-vulnerability warning-the black bar safety net

ID MYHACK58:62201340204
Type myhack58
Reporter 佚名
Modified 2013-08-19T00:00:00


0×0 0 hack to.

Company for hack attacks emergency treatment is still very lacking, that there are security issues, is often the customers are also the victims because the customers found that their data be changed, and then complain to the company that the data what is the malicious changes. Then the company's operation and maintenance personnel will check the database inside information, found that there is JS code through a special processing of the js code is inserted into the database. The company is generallyXSSto attack too much, feeling emergency treatment too passive, the customer if the first sure there can be forgiven, but what if next time, the times are changing, I feel customers are not in love...since I am in the company is do PHP development, so can't really emergency treatment. My next to do thing is to find Reasons for the right medicine to cure it, that is, I'm a PHP Developer the dry.

0×0 1 the hacker's attack methods analysis

Hackers since it has come, we have analyzed that the js code is how to bypass our company arexssfilter in order to make the appropriate repair method, if I don't say that hack is the How to bypassXSSfilter, you must think I this article writes of the boring, bullshit. I would probably say that hacking is how to bypass the html img tag attributes such as src attribute. Yes, I think you should guessed, the hack is to bypass the properties within the double quotes control, thereby increasing an onerror attribute, leading toXSS, in fact, the Company this block is a filter, since there are other portions of the filtered replacement key This is the replacement too crap, and more crap is filtered methods are written in js end- -(write on the service side will die Ah, the Black wide you can see our filtration method, white-box audit under you can find a replacement at the vulnerability, the cause found, then we can carry out a repair.

0×0 2 Summary

1. Operations sector not a good Log Viewer habits that lead to being hacked temporarily do not know. 2. Malicious code filtering method written in the service end of the session, the hacker would not know which filter method, only to slowly test, the testing process will leave a log, so to view the logs or effective. 3. Malicious code from the database to delete

Currently just these, if insufficient, everyone is welcome to Supplement it.