实验室：使用Web消息和JavaScrbeplay体育能用吗ipt URL的DOM XSS

从业者

该实验室演示了一个基于DOM的重定向漏洞，该漏洞是由Web消息传递触发的。beplay体育能用吗要解决该实验室，请在利用此漏洞的利用服务器上构造HTML页面打印（）功能。

访问实验室

解决方案

请注意，主页包含一个AddEventListener（）致电该听beplay体育能用吗网络消息。JavaScript包含一个缺陷指数（）检查琴弦“ HTTP：”或者“ https：”网络消息中的任何地方。beplay体育能用吗它还包含水槽location.href。
转到利用服务器并添加以下内容iframe到身体，记住更换您的LAB-ID使用您的实验室ID：
</code></li> <li>存放利用并将其交付给受害者。</li> </ol> <p>该脚本发送包含任意JavaScript有beplay体育能用吗效载荷的Web消息以及字符串<code>“ HTTP：”</code>。第二个参数指定任何<code>靶向素</code>允许进行Web消息。beplay体育能用吗</p> <p>当。。。的时候<code>iframe</code>负载，<code>Postmessage（）</code>方法将JavaScript有效载荷发送到主页。活动听众发现<code>“ HTTP：”</code>字符串并继续将有效载荷发送到<code>location.href</code>下沉，那里<code>打印（）</code>函数被调用。</p> </div> </div> </div> <div class="rightcol rightcol-boxes"> <input class="hidden" id="trackerpopup" type="checkbox"> <div class="widgetcontainer-box is-twobtns academy-account-status" id="AcademyAccountStatusWidget"> <p class="hidden-when-collapsed">是否想跟踪您的进度并拥有更个性化的学习经验？（免费！）</p> <div class="flex-center"> <a href="//www.muteki-anime.com/users/register" class="btn">注册</a> <a href="//www.muteki-anime.com/users?returnurl=%2fweb-security%2fdom-based%2fcontrolling-the-web-message-source%2flab-dom-xss-using-web-messages-and-a-javascript-url" class="btn">登录</a> </div> </div> <div class="widgetcontainer-box is-linklist"> <h4>在这个主题中</h4> <a href="//www.muteki-anime.com/web-security/dom-based">基于DOM的漏洞</a> <a href="//www.muteki-anime.com/web-security/dom-based/dom-clobbering">Dom Clobbering</a> </div> <div class="widgetcontainer-box is-linklist"> <h4>所有主题</h4> <a href="//www.muteki-anime.com/web-security/sql-injection">SQL注入</a> <a href="//www.muteki-anime.com/web-security/cross-site-scripting">XSS</a> <a href="//www.muteki-anime.com/web-security/csrf">CSRF</a> <a href="//www.muteki-anime.com/web-security/clickjacking">点击劫机</a> <a href="//www.muteki-anime.com/web-security/dom-based">基于DOM</a> <a href="//www.muteki-anime.com/web-security/cors">科尔斯</a> <a href="//www.muteki-anime.com/web-security/xxe">xxe</a> <a href="//www.muteki-anime.com/web-security/ssrf">SSRF</a> <a href="//www.muteki-anime.com/web-security/request-smuggling">要求走私</a> <a href="//www.muteki-anime.com/web-security/os-command-injection">指挥注射</a> <a href="//www.muteki-anime.com/web-security/server-side-template-injection">服务器端模板注入</a> <a href="//www.muteki-anime.com/web-security/deserialization">不安全的挑战</a> <a href="//www.muteki-anime.com/web-security/file-path-traversal">目录遍历</a> <a href="//www.muteki-anime.com/web-security/access-control">访问控制</a> <a href="//www.muteki-anime.com/web-security/authentication">验证</a> <a href="//www.muteki-anime.com/web-security/oauth">OAuth身份验证</a> <a href="//www.muteki-anime.com/web-security/logic-flaws">业务逻辑漏洞</a> <a href="//www.muteki-anime.com/web-security/web-cache-poisoning">beplay体育能用吗网络缓存中毒</a> <a href="//www.muteki-anime.com/web-security/host-header">HTTP主机标头攻击</a> <a href="//www.muteki-anime.com/web-security/websockets">beplay体育能用吗Websocket</a> <a href="//www.muteki-anime.com/web-security/information-disclosure">信息披露</a> <a href="//www.muteki-anime.com/web-security/file-upload">文件上传漏洞</a> </div> <div class="widget-orange"> <img alt="免费尝试Burp Suite" src="//www.muteki-anime.com/content/images/logos/burp-suite-icon.svg"> <h4>使用Burp Suite查找基于DOM的漏洞</h4> <a class="button-white" href="//www.muteki-anime.com/burp">bepaly下载app </a> </div> </div> </div> </section> <div class="section-full-width theme-community-6 text-center"> <h2>免费注册以跟踪您的学习进度</h2> <div class="container-columns-vertically-centered"> <div class="text-right"> <img alt="通过Portswigger的网络安全学院工作的好处beplay官网可以赌beplay体育能用吗" src="//www.muteki-anime.com/burp/community-download-thank-you/images/academy.png"> </div> <div class="text-left"> <ul class="unordered-list-vertical-ticks-small"> <li><p>练习在现实目标上利用漏洞。</p></li> <li><p>记录您从学徒到专家的发展。</p></li> <li><p>看看您在我们的名人堂中排名。</p></li> </ul> <form action="/users/register" class="recaptchaloadingmask text-left" id="RegistrationWidget-684BD160D2488C845794112BA1FC3706" method="post"> <input type="hidden" name="RequestVerificationToken" value="0D9A8A868056E41E80DA43722CAE1C2B639F03780C7F76D987791AA1FC9D9D1D84A5556521390655BCA55BA8EFB1BDD4B5FAB1D3FB6FD2F7A98509B747E3C205"> <div class="form-small disable-no-recaptcha"> <div class="font-small-error hidden"> <span class="icon-alert-white"></span> <span class="font-small-error-text"></span> </div> <label><input name="EmailAddress" placeholder="Enter your email" type="email"><button class="button-orange" type="submit"><span>登记</span></button></label> </div> <div id="Recaptcha-684BD160D2488C845794112BA1FC3706" class="recaptcha-div"> <div class="recaptcha-inner"> <div class="hidden" id="NoRecaptcha-684BD160D2488C845794112BA1FC3706"> <div class="notify-inline no-padding-bottom error"> <div class="notify-logo icon-error"></div> <div class="notify-message"> 当我们使用recaptcha时，您需要能够访问Google的服务器以使用此功能。</div> </div> </div> <input id="RecaptchaToken-684BD160D2488C845794112BA1FC3706" name="RecaptchaToken" type="hidden" value=""> <input type="hidden" id="RecaptchaClientSecret-684BD160D2488C845794112BA1FC3706" value="6LFGVPCUAAAAAMLIC7GC5KN_9OQIZGINUMO8VGHM"> <input type="hidden" id="RecaptchaV2ClientSecret-684BD160D2488C845794112BA1FC3706" value="6leqhpwuaaaaaaj4lai9akvqarvxaimo1eezetj6v"> <div id="RecaptchaRenderLocation-684BD160D2488C845794112BA1FC3706" class="grecaptcha-v2-box"></div> </div> <span class="field-validation-valid Warning" data-valmsg-for="RecaptchaToken" data-valmsg-replace="true"></span> </div> </form> <sup>已经有一个帐户？<a href="//www.muteki-anime.com/users">在此登录</a></sup> </div> </div> </div> <footer class="wrapper"> <div class="container"> <div> <p>Burp Suite</p> <a href="//www.muteki-anime.com/burp/vulnerability-scanner">bepaly下载 </a> <a href="//www.muteki-anime.com/burp">bepaly下载app </a> <a href="//www.muteki-anime.com/burp/releases">发行说明</a> </div> <div> <p>漏洞</p> <a href="//www.muteki-anime.com/web-security/cross-site-scripting">跨站点脚本（XSS）</a> <a href="//www.muteki-anime.com/web-security/sql-injection">SQL注入</a> <a href="//www.muteki-anime.com/web-security/csrf">跨站点伪造</a> <a href="//www.muteki-anime.com/web-security/xxe">XML外部实体注入</a> <a href="//www.muteki-anime.com/web-security/file-path-traversal">目录遍历</a> <a href="//www.muteki-anime.com/web-security/ssrf">服务器端请求伪造</a> </div> <div> <p>顾客</p> <a href="//www.muteki-anime.com/organizations">组织</a> <a href="//www.muteki-anime.com/testers">测试人员</a> <a href="//www.muteki-anime.com/developers">开发人员</a> </div> <div> <p>公司</p> <a href="//www.muteki-anime.com/about">关于</a> <a href="//www.muteki-anime.com/news">beplay官网可以赌Portswigger新闻</a> <a href="//www.muteki-anime.com/careers">职业</a> <a href="//www.muteki-anime.com/about/contact">接触</a> <a href="//www.muteki-anime.com/legal">合法的</a> <a href="//www.muteki-anime.com/privacy">隐私声明</a> </div> <div> <p>见解</p> <a href="//www.muteki-anime.com/web-security">beplay体育能用吗网络安全学院</a> <a href="//www.muteki-anime.com/blog">博客</a> <a href="//www.muteki-anime.com/research">研究</a> <a href="//www.muteki-anime.com/daily-swig">每日swbeplay2018官网ig</a> </div> <div> <a href="//www.muteki-anime.com/"><img src="//www.muteki-anime.com/content/images/logos/portswigger-logo.svg" alt="beplay官网可以赌PortSwigger徽标" class="footer-logo"></a> <a class="button-outline-blue-small camelcase" href="https://twitter.com/Burp_Suite" rel="noreferrer"><span class="icon-twitter"></span>跟着我们</a> <p class="grey">©2022 Pbeplay官网可以赌ortswigger Ltd.</p> </div> </div> </footer> <a href="#top" class="back-to-top"> <svg xmlns="http://www.w3.org/2000/svg" width="26" height="26" viewbox="0 0 26 26"> <polygon points="4.07 14.7 5.03 15.78 12.48 9.13 19.94 15.78 20.9 14.7 12.48 7.2 4.07 14.7" fill="#f63"></polygon> <path d="M13,0A13,13,0,1,0,26,13,13,13,0,0,0,13,0Zm0,24.56A11.56,11.56,0,1,1,24.56,13,11.58,11.58,0,0,1,13,24.56Z" fill="#f63"></path> </svg></a> </body> </html>