CRLF注入和HTTP响应拆分

您好,Khabrovites!期望从“ Web应用程序安全性”专业课程的最近组中开始上课,我们为您准备了另一本有用的翻译。








什么是CRLF?



-, , HTTP- , . HTTP- HTML- ( ) , (carriage return) (line feed). CRLF.



- CRLF, , HTTP- . CRLF - , . CRLF – HTTP/1.1, -, Apache, Microsoft IIS .





CRLF-?



CRLF- , , - , , , . , CRLF- , HTTP- (HTTP Response Splitting).



CRLF- -



- CRLF- , , . , -. CRLF- - , OWASP Top 10. , , .



CRLF-



IP — – , :



123.123.123.123 - 08:15 - /index.php?page=home


CRLF- HTTP-, . - - :



/index.php?page=home&%0d%0a127.0.0.1 - 08:15 - /index.php?page=home&restrictedaction=edit


%0d %0a – URL CR LF. , , , :



IP — –



123.123.123.123 - 08:15 - /index.php?page=home&
127.0.0.1 - 08:15 - /index.php?page=home&restrictedaction=edit


, CRLF-, , . hijacking . , , restrictedaction, .



, , IP restrictedaction, , - . , localhost (, , , -, , , ), .



, %0d%0a . & restrictedaction, , . , , :



/index.php?page=home&restrictedaction=edit


HTTP Response Splitting





HTTP- CRLF, . CRLFCRLF , . , HTML-. .



HTTP Response Splitting, XSS



, , :



X-Your-Name: Bob


GET- «name». URL- , CRLFCRLF, . , , XSS:



?name=Bob%0d%0a%0d%0a<script>alert(document.domain)</script>


.



HTTP-





CRLF-, HTTP-, , XSS- (same-origin-policy). , CSRF-. cookie, (XSS).



HTTP-



HTTP-, CORS (Cross Origin Resource Sharing), javascript , SOP (Same Origin Policy), .



CRLF-



CRLF- XSS . , XSS Same Origin Policy , .



CRLF/HTTP- -



– . , CRLF. – , CR LF , HTTP-.










« -»







All Articles