Web security/penetration test--30--link or framework injection

1, vulnerability description:

A framework injection attack is a GUI-based browser attack, which includes any code such as JavaScript, VBScript ( ActivX), Flash, AJAX (html+js+py). The code is injected because the script did not properly validate them, and the attacker could inject a frame or iframe tag containing malicious content. "Link injection" is the act of modifying the content of a site by embedding the URL of the external site or embedding the URL of a script in a vulnerable site. By embedding the URL in a vulnerable site, an attacker can use it as a platform to launch attacks against other sites and attack the vulnerable site itself.

2, detection conditions:

The website under test has interactive function modules, which involve parameter get and post submission, etc.

3, detection method

If the application uses the framework, check the main The HTML source code of the browser window, which should contain the code for the frameset. Through the frame or link injection of the parameters in the url submitted by the get in the website, the effect is injected into the parameter id:


The effect is as follows:


4, the repair plan

All of the following characters:

| (vertical symbol)& (& symbol)
; (semicolon)
$ (dollar sign)
% (percent symbol)
@ (at symbol)
' (single quote) " (quotation mark)\' (backslash escape single quote)
\\" (backslash escape quotation marks)<> (angle brackets)
() (brackets)
+ (plus sign)
CR (carriage return, ASCII0x0d)
LF (line feed, ASCII0x0a)
, (comma)
\ (backslash)

For detailed filtering solutions, please refer to the XSS cross-site vulnerability fix.