Let's study how to inject cookies! If you have learned ASP, you should know
(GET)
or
(POST)
Oh, that's right, this is what we use to read the value in the specified key sent by the user to the WEB server! Sometimes we write it as
ID=Request("ID")
This way of writing is simple, but the problem comes. Let’s first look at how the WEB service reads data. It first retrieves the data in GET, and then does not retrieve the data in POST. It also retrieves the data in cookies (dream, the book doesn’t say that. This is only when I communicated with Xiao Gao. It seems that the book is not completely said~~)
Let’s look at the anti-injection system. It will detect the data in GET and POST. If there are special characters (of course, characters are injected here)! The submission of data is prohibited! But it does not detect the data of cookies! The problem is here~~~How do we test whether there is a problem with Cookies injection? Please look at the connection below first (for example, so the connection is not true)
/?id=123
If we only enter /, we cannot see normal data because there are no parameters! We want to know if there are any cookies problems (that is, whether there are any Request("XXX") format problems), first use IE to enter /
Load the web page and display abnormally (the reason for not entering parameters) and then enter it in the IE input box.
javascript:alert(="123"));
Press Enter and you will see a dialog box pop up. The content is: id=123 After you refresh a web page. If it is displayed normally, it means it is used.
Request("ID")
In this format, you can try to inject cookies into the input box.
javascript:alert(="123 and 3=3"));
Refresh the page. If the display is normal, you can try the next step (if it is not normal, it may also be filtered)
javascript:alert(="123 and 3=4"));
Refresh the page. If it does not display normally, it means that there is injection~~~If the programmer uses it
or
When collecting data, there is no problem with Cookies injection, because the service program directly reads data from GET or POST. Whether the cookies have data is ignored by the WEB server, so it cannot be used to inject Cookies! ~
Copy the codeThe code is as follows:
(GET)
or
Copy the codeThe code is as follows:
(POST)
Oh, that's right, this is what we use to read the value in the specified key sent by the user to the WEB server! Sometimes we write it as
Copy the codeThe code is as follows:
ID=Request("ID")
This way of writing is simple, but the problem comes. Let’s first look at how the WEB service reads data. It first retrieves the data in GET, and then does not retrieve the data in POST. It also retrieves the data in cookies (dream, the book doesn’t say that. This is only when I communicated with Xiao Gao. It seems that the book is not completely said~~)
Let’s look at the anti-injection system. It will detect the data in GET and POST. If there are special characters (of course, characters are injected here)! The submission of data is prohibited! But it does not detect the data of cookies! The problem is here~~~How do we test whether there is a problem with Cookies injection? Please look at the connection below first (for example, so the connection is not true)
/?id=123
If we only enter /, we cannot see normal data because there are no parameters! We want to know if there are any cookies problems (that is, whether there are any Request("XXX") format problems), first use IE to enter /
Load the web page and display abnormally (the reason for not entering parameters) and then enter it in the IE input box.
javascript:alert(="123"));
Press Enter and you will see a dialog box pop up. The content is: id=123 After you refresh a web page. If it is displayed normally, it means it is used.
Request("ID")
In this format, you can try to inject cookies into the input box.
javascript:alert(="123 and 3=3"));
Refresh the page. If the display is normal, you can try the next step (if it is not normal, it may also be filtered)
javascript:alert(="123 and 3=4"));
Refresh the page. If it does not display normally, it means that there is injection~~~If the programmer uses it
or
When collecting data, there is no problem with Cookies injection, because the service program directly reads data from GET or POST. Whether the cookies have data is ignored by the WEB server, so it cannot be used to inject Cookies! ~