听说这个时间点是人类这种生物很重要的一个节点 所以这篇文章由于特殊原因 也是看不到的
cross-site scripting
跨站脚本漏洞
类型
存储型(持久)
反射型(非持久)
DOM型
利用
先检测,看我们输入的内容是否有返回以及有无改变
有返回就很大可能有xss,没返回就不怎么可能有
最好的发现工具是burpsuite
抓包,看回显位置
考虑插入语句
xss可利用标签类型
使用警告弹窗语句
使用a标签的href属性和onclick实践
使用img标签
作用
重定向
反弹信息
iframe框架
获取cookie
使用场景
• 直接嵌入html:
• 元素标签事件:
• 图片标签:
• 其他标签:``, <div>, and <link></p> <p>• DOM对象,纂改页面内容</p> </div> <div id="MySignature"></div> <div class="clear"></div> <div id="blog_post_info_block"> <div id="blog_post_info"></div> <div class="clear"></div> <div id="post_next_prev"></div> </div> </div> <div class="postDesc">posted @ <span id="post-date">2020-02-02 20:20</span> <a href="https://www.cnblogs.com/drac4ry/">#君焰</a> 阅读(<span id="post_view_count">...</span>) 评论(<span id="post_comment_count">...</span>) <a href="https://i.cnblogs.com/EditPosts.aspx?postid=12253518" rel="nofollow">编辑</a> <a href="javascript:void(0)" onclick="AddToWz(12253518);return false;">收藏</a></div> </div> </div><!--end: topics 文章、评论容器--> </div> <script src="https://common.cnblogs.com/highlight/9.12.0/highlight.min.js"></script> <script>markdown_highlight();</script> <script> var allowComments = true, cb_blogId = 568260, cb_blogApp = 'drac4ry', cb_blogUserGuid = 'a157c688-b191-4dbd-d432-08d7804a609d'; var cb_entryId = 12253518, cb_entryCreatedDate = '2020-02-02 20:20', cb_postType = 1; loadViewCount(cb_entryId); </script><a name="!comments"></a> <div id="blog-comments-placeholder"></div> <script> var commentManager = new blogCommentManager(); commentManager.renderComments(0); </script> <div id="comment_form" class="commentform"> <a name="commentform"></a> <div id="divCommentShow"></div> <div id="comment_nav"><span id="span_refresh_tips"></span><a href="javascript:void(0);" onclick="return RefreshCommentList();" id="lnk_RefreshComments" runat="server" clientidmode="Static">刷新评论</a><a href="#" onclick="return RefreshPage();">刷新页面</a><a href="#top">返回顶部</a></div> <div id="comment_form_container"></div> <div class="ad_text_commentbox" id="ad_text_under_commentbox"></div> <div id="ad_t2"></div> <div id="opt_under_post"></div> <script async="async" src="https://www.googletagservices.com/tag/js/gpt.js"></script> <script> var googletag = googletag || {}; googletag.cmd = googletag.cmd || []; </script> <script> googletag.cmd.push(function () { googletag.defineSlot("/1090369/C1", [300, 250], "div-gpt-ad-1546353474406-0").addService(googletag.pubads()); googletag.defineSlot("/1090369/C2", [468, 60], "div-gpt-ad-1539008685004-0").addService(googletag.pubads()); googletag.pubads().enableSingleRequest(); googletag.enableServices(); }); </script> <div id="cnblogs_c1" class="c_ad_block"> <div id="div-gpt-ad-1546353474406-0" style="height:250px; width:300px;"></div> </div> <div id="under_post_news"></div> <div id="cnblogs_c2" class="c_ad_block"> <div id="div-gpt-ad-1539008685004-0" style="height:60px; width:468px;"> <script> if (new Date() >= new Date(2018, 9, 13)) { googletag.cmd.push(function () { googletag.display("div-gpt-ad-1539008685004-0"); }); } </script> </div> </div> <div id="under_post_kb"></div> <div id="HistoryToday" class="c_ad_block"></div> <script type="text/javascript"> fixPostBody(); setTimeout(function() { incrementViewCount(cb_entryId); }, 50); deliverAdT2(); deliverAdC1(); deliverAdC2(); loadNewsAndKb(); loadBlogSignature(); LoadPostCategoriesTags(cb_blogId, cb_entryId); LoadPostInfoBlock(cb_blogId, cb_entryId, cb_blogApp, cb_blogUserGuid); GetPrevNextPost(cb_entryId, cb_blogId, cb_entryCreatedDate, cb_postType); loadOptUnderPost(); GetHistoryToday(cb_blogId, cb_blogApp, cb_entryCreatedDate); </script> </div> </div><!--end: forFlow --> </div><!--end: mainContent 主体内容容器--> <div id="sideBar"> <div id="sideBarMain"> <div id="sidebar_news" class="newsItem"> <script>loadBlogNews();</script> </div> <div id="blog-calendar" style="display:none"></div><script>loadBlogDefaultCalendar();</script> <div id="leftcontentcontainer"> <div id="blog-sidecolumn"></div> <script>loadBlogSideColumn();</script> </div> </div><!--end: sideBarMain --> </div><!--end: sideBar 侧边栏容器 --> <div class="clear"></div> </div><!--end: main --> <div class="clear"></div> <div id="footer"> <!--done--> Copyright © 2020 #君焰 <br /><span id="poweredby">Powered by .NET Core 3.1.1 on Linux</span> </div><!--end: footer --> </div><!--end: home 自定义的最大容器 --> </body> </html>