实验室：jQuery选择器中的DOM XSS使用障碍事件

学徒

这个实验室包含一个基于DOM的跨站点脚本主页上的漏洞。它使用jQuery的$（）选择器函数可以自动滚动到给定的帖子，其标题通过位置财产。

要解决实验室，向受害者提供漏洞打印（）在浏览器中功能。

访问实验室

解决方案

使用BURP或浏览器的DevTools注意主页上的脆弱代码。
从实验室横幅上，打开exploit服务器。
在里面身体部分，添加以下恶意iframe：
</code></li> <li>存储利用，然后单击<strong>查看利用</strong>确认<code>打印（）</code>函数被调用。</li> <li>返回到利用服务器，然后单击<strong>交付给受害者</strong>解决实验室。</li> </ol> </div> </div> </div> <div class="rightcol rightcol-boxes"> <input class="hidden" id="trackerpopup" type="checkbox"> <div class="widgetcontainer-box is-twobtns academy-account-status" id="AcademyAccountStatusWidget"> <p class="hidden-when-collapsed">是否想跟踪您的进度并拥有更个性化的学习经验？（免费！）</p> <div class="flex-center"> <a href="//www.muteki-anime.com/users/register" class="btn">注册</a> <a href="//www.muteki-anime.com/users?returnurl=%2fweb-security%2fcross-site-scripting%2fdom-based%2flab-jquery-selector-hash-change-event" class="btn">登录</a> </div> </div> <div class="widgetcontainer-box is-linklist"> <h4>在这个主题中</h4> <a href="//www.muteki-anime.com/web-security/cross-site-scripting">跨站脚本</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/reflected">反映XSS</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/stored">存储的XSS</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/dom-based">基于DOM的XSS</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/contexts">XSS上下文</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/contexts/angularjs-sandbox">Angularjs沙箱</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/exploiting">利用XSS漏洞</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/content-security-policy">内容安全策略</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/dangling-markup">晃来晃去的标记</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/preventing">防止XSS</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting/cheat-sheet">XSS备忘单</a> </div> <div class="widgetcontainer-box is-linklist"> <h4>所有主题</h4> <a href="//www.muteki-anime.com/web-security/sql-injection">SQL注入</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting">XSS</a> <a href="//www.muteki-anime.com/web-security/csrf">CSRF</a> <a href="//www.muteki-anime.com/web-security/clickjacking">点击劫机</a> <a href="//www.muteki-anime.com/web-security/dom-based">基于DOM</a> <a href="//www.muteki-anime.com/web-security/cors">科尔斯</a> <a href="//www.muteki-anime.com/web-security/xxe">xxe</a> <a href="//www.muteki-anime.com/web-security/ssrf">SSRF</a> <a href="//www.muteki-anime.com/web-security/request-smuggling">要求走私</a> <a href="//www.muteki-anime.com/web-security/os-command-injection">指挥注射</a> <a href="//www.muteki-anime.com/web-security/server-side-template-injection">服务器端模板注入</a> <a href="//www.muteki-anime.com/web-security/deserialization">不安全的挑战</a> <a href="//www.muteki-anime.com/web-security/file-path-traversal">目录遍历</a> <a href="//www.muteki-anime.com/web-security/access-control">访问控制</a> <a href="//www.muteki-anime.com/web-security/authentication">验证</a> <a href="//www.muteki-anime.com/web-security/oauth">OAuth身份验证</a> <a href="//www.muteki-anime.com/web-security/logic-flaws">业务逻辑漏洞</a> <a href="//www.muteki-anime.com/web-security/web-cache-poisoning">beplay体育能用吗网络缓存中毒</a> <a href="//www.muteki-anime.com/web-security/host-header">HTTP主机标头攻击</a> <a href="//www.muteki-anime.com/web-security/websockets">beplay体育能用吗Websocket</a> <a href="//www.muteki-anime.com/web-security/information-disclosure">信息披露</a> <a href="//www.muteki-anime.com/web-security/file-upload">文件上传漏洞</a> </div> <div class="widget-orange"> <img alt="免费尝试Burp Suite" src="//www.muteki-anime.com/content/images/logos/burp-suite-icon.svg"> <h4>使用Burp Suite查找XSS漏洞</h4> <a class="button-white" href="//www.muteki-anime.com/burp">bepaly下载app </a> </div> </div> </div> </section> <div class="section-full-width theme-community-6 text-center"> <h2>免费注册以跟踪您的学习进度</h2> <div class="container-columns-vertically-centered"> <div class="text-right"> <img alt="通过Portswigger的网络安全学院工作的好处beplay官网可以赌beplay体育能用吗" src="//www.muteki-anime.com/burp/community-download-thank-you/images/academy.png"> </div> <div class="text-left"> <ul class="unordered-list-vertical-ticks-small"> <li><p>练习在现实目标上利用漏洞。</p></li> <li><p>记录您从学徒到专家的发展。</p></li> <li><p>看看您在我们的名人堂中排名。</p></li> </ul> <form action="/users/register" class="recaptchaloadingmask text-left" id="RegistrationWidget-41731B6612128100E07CCF404E940CAC" method="post"> <input type="hidden" name="RequestVerificationToken" value="009CBF0683DFBC8436C5C5C6B67EC5806EBC6231B64F82EDD91A0287A59ED64416FE6738AE3C706A6A6A6A6E544DC044DC0ABF962424242181818081999999999.999.99.99.999.99.99.99.anc376.anc379.anc379.anc379.anc379.anc379.anc379.anc379.anc379.anec37apar"> <div class="form-small disable-no-recaptcha"> <div class="font-small-error hidden"> <span class="icon-alert-white"></span> <span class="font-small-error-text"></span> </div> <label><input name="EmailAddress" placeholder="Enter your email" type="email"><button class="button-orange" type="submit"><span>登记</span></button></label> </div> <div id="Recaptcha-41731B6612128100E07CCF404E940CAC" class="recaptcha-div"> <div class="recaptcha-inner"> <div class="hidden" id="NoRecaptcha-41731B6612128100E07CCF404E940CAC"> <div class="notify-inline no-padding-bottom error"> <div class="notify-logo icon-error"></div> <div class="notify-message"> 当我们使用recaptcha时，您需要能够访问Google的服务器以使用此功能。</div> </div> </div> <input id="RecaptchaToken-41731B6612128100E07CCF404E940CAC" name="RecaptchaToken" type="hidden" value=""> <input type="hidden" id="RecaptchaClientSecret-41731B6612128100E07CCF404E940CAC" value="6LFGVPCUAAAAAMLIC7GC5KN_9OQIZGINUMO8VGHM"> <input type="hidden" id="RecaptchaV2ClientSecret-41731B6612128100E07CCF404E940CAC" value="6leqhpwuaaaaaaj4lai9akvqarvxaimo1eezetj6v"> <div id="RecaptchaRenderLocation-41731B6612128100E07CCF404E940CAC" class="grecaptcha-v2-box"></div> </div> <span class="field-validation-valid Warning" data-valmsg-for="RecaptchaToken" data-valmsg-replace="true"></span> </div> </form> <sup>已经有一个帐户？<a href="//www.muteki-anime.com/users">在此登录</a></sup> </div> </div> </div> <footer class="wrapper"> <div class="container"> <div> <p>Burp Suite</p> <a href="//www.muteki-anime.com/burp/vulnerability-scanner">bepaly下载 </a> <a href="//www.muteki-anime.com/burp">bepaly下载app </a> <a href="//www.muteki-anime.com/burp/releases">发行说明</a> </div> <div> <p>漏洞</p> <a href="//www.muteki-anime.com/web-security/cross-site-scripting">跨站点脚本（XSS）</a> <a href="//www.muteki-anime.com/web-security/sql-injection">SQL注入</a> <a href="//www.muteki-anime.com/web-security/csrf">跨站点伪造</a> <a href="//www.muteki-anime.com/web-security/xxe">XML外部实体注入</a> <a href="//www.muteki-anime.com/web-security/file-path-traversal">目录遍历</a> <a href="//www.muteki-anime.com/web-security/ssrf">服务器端请求伪造</a> </div> <div> <p>顾客</p> <a href="//www.muteki-anime.com/organizations">组织</a> <a href="//www.muteki-anime.com/testers">测试人员</a> <a href="//www.muteki-anime.com/developers">开发人员</a> </div> <div> <p>公司</p> <a href="//www.muteki-anime.com/about">关于</a> <a href="//www.muteki-anime.com/news">beplay官网可以赌Portswigger新闻</a> <a href="//www.muteki-anime.com/careers">职业</a> <a href="//www.muteki-anime.com/about/contact">接触</a> <a href="//www.muteki-anime.com/legal">合法的</a> <a href="//www.muteki-anime.com/privacy">隐私声明</a> </div> <div> <p>见解</p> <a href="//www.muteki-anime.com/web-security">beplay体育能用吗网络安全学院</a> <a href="//www.muteki-anime.com/blog">博客</a> <a href="//www.muteki-anime.com/research">研究</a> <a href="//www.muteki-anime.com/daily-swig">每日swbeplay2018官网ig</a> </div> <div> <a href="//www.muteki-anime.com/"><img src="//www.muteki-anime.com/content/images/logos/portswigger-logo.svg" alt="beplay官网可以赌PortSwigger徽标" class="footer-logo"></a> <a class="button-outline-blue-small camelcase" href="https://twitter.com/Burp_Suite" rel="noreferrer"><span class="icon-twitter"></span>跟着我们</a> <p class="grey">©2022 Pbeplay官网可以赌ortswigger Ltd.</p> </div> </div> </footer> <a href="#top" class="back-to-top"> <svg xmlns="http://www.w3.org/2000/svg" width="26" height="26" viewbox="0 0 26 26"> <polygon points="4.07 14.7 5.03 15.78 12.48 9.13 19.94 15.78 20.9 14.7 12.48 7.2 4.07 14.7" fill="#f63"></polygon> <path d="M13,0A13,13,0,1,0,26,13,13,13,0,0,0,13,0Zm0,24.56A11.56,11.56,0,1,1,24.56,13,11.58,11.58,0,0,1,13,24.56Z" fill="#f63"></path> </svg></a> </body> </html>