CSRF \u5168\u79f0 Cross Site Request Forgery\uff0c\u8de8\u7ad9\u57df\u8bf7\u6c42\u4f2a\u9020\u3002\u8fd9\u79cd\u653b\u51fb\u65b9\u5f0f\u76f8\u5bf9\u4e8e XSS\uff0cSQL\u6ce8\u5165\u7b49\u653b\u51fb\u65b9\u5f0f\u6bd4\u8f83\u665a\u88ab\u53d1\u73b0\uff0c\u4eca\u5929\u5c31\u6765\u8bb2\u89e3\u4e0b\u8fd9\u79cd\u653b\u51fb\u65b9\u5f0f\u4ee5\u53ca\u907f\u514d\u65b9\u5f0f\u3002<\/p>\n
<\/p>\n
http:\/\/www.bank.com<\/code>\/xxxx<\/code> \u6307\u5411\u94f6\u884c\uff0c\u94f6\u884c\u670d\u52a1\u5668\u4f1a\u6839\u636e\u8fd9\u4e2a\u94fe\u63a5\u643a\u5e26\u7684\u53c2\u6570\u4f1a\u8fdb\u884c\u8f6c\u8d26\u64cd\u4f5c\u3002<\/li>\n- \u94f6\u884c\u670d\u52a1\u5668\u5728\u6267\u884c\u8f6c\u8d26\u64cd\u4f5c\u4e4b\u524d\u4f1a\u8fdb\u884c SESSION \u9a8c\u8bc1\u662f\u5426\u767b\u5f55\uff0c\u4f46\u662f\u7531\u4e8e A \u5df2\u7ecf\u767b\u5f55\u4e86\u94f6\u884c\u7f51\u7ad9\uff0c\u653b\u51fb\u8005\u7684\u94fe\u63a5\u4e5f\u662f
www.bank.com<\/code>\u3002\u6240\u4ee5\u653b\u51fb\u7684\u94fe\u63a5\u5c31\u4f1a\u643a\u5e26 session_id \u5230\u94f6\u884c\u670d\u52a1\u5668\u3002<\/li>\n- \u7531\u4e8e session_id \u662f\u6b63\u786e\u7684\uff0c\u6240\u4ee5\u94f6\u884c\u4f1a\u5224\u65ad\u64cd\u4f5c\u662f\u7531\u672c\u4eba\u53d1\u8d77\u7684\uff0c\u6267\u884c\u8f6c\u8d26\u64cd\u4f5c\u3002<\/li>\n<\/ul>\n
\u6f14\u793a<\/h2>\n
\u6839\u636e\u4e0a\u9762\u7684\u8bf4\u660e\uff0c\u6211\u4eec\u6765\u6a21\u62df\u4e00\u4e0b\u653b\u51fb\u7684\u8fc7\u7a0b\u3002<\/p>\n
\n- \u6709
www.bank.com<\/code> \u8ddf www.hacker.com<\/code>\u3002\u7528\u6237 A \u767b\u5f55 www.bank.com<\/code> \u7f51\u7ad9\u4e4b\u540e\u70b9\u51fb\u4e86 www.hacker.com<\/code> \u7684\u70b9\u51fb\u62bd\u5927\u5956\u7684\u8bf1\u9a97\u94fe\u63a5\u3002<\/li>\n- \u6b64\u94fe\u63a5\u4f1a\u5411
www.bank.com<\/code> \u53d1\u8d77\u4e00\u4e2a post \u8bf7\u6c42\u3002\u7531\u4e8e\u8bf7\u6c42\u57df\u540d\u4e3a www.bank.com<\/code>\uff0c\u6240\u4ee5\u8bf7\u6c42\u4f1a\u643a\u5e26 www.bank.com<\/code> \u7684 session_id\u3002<\/li>\n<\/ul>\nwww.hacker.com<\/code>\u7684\u4ee3\u7801<\/p>\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta charset="UTF-8">\n <title>Title<\/title>\n<\/head>\n<body>\n<form method="post" action="http:\/\/<code>www.bank.com<\/code>\/transfer.php">\n <input type="hidden" name="from" value="A">\n <input type="hidden" name="money" value="10000">\n <input type="hidden" name="to" value="hacker">\n <input type="button" onclick="submit()" value="\u70b9\u51fb\u62bd\u5927\u5956">\n<\/form>\n<\/body><\/code><\/pre>\n\u53ef\u4ee5\u53d1\u73b0\uff0cwww.hacker.com<\/code> \u7684\u7f51\u9875\u4e2d\u5305\u542b\u4e86\u4e00\u4e2a\u5411 www.bank.com<\/code> \u53d1\u8d77\u7684post\u8bf7\u6c42\u3002\u5e76\u4e14\u8868\u5355\u90fd\u6ca1\u9690\u85cf\u4e86\uff0c\u53ea\u6709\u4e00\u4e2a\u8bf1\u9a97\u7528\u6237\u70b9\u51fb\u7684\u6309\u94ae\u3002<\/p>\n\u9884\u9632<\/h2>\n
\u4ece\u4e0a\u9762\u7684\u4f8b\u5b50 \u53ef\u4ee5\u770b\u5230 csrf \u653b\u51fb\u8fc7\u7a0b\u4e2d\u9ed1\u5ba2\u4e0d\u80fd\u62ff\u5230 cookie\uff0c\u4e5f\u6ca1\u529e\u6cd5\u5bf9\u670d\u52a1\u5668\u8fd4\u56de\u7684\u5185\u5bb9\u8fdb\u884c\u89e3\u6790\u3002\u552f\u4e00\u80fd\u505a\u7684\u5c31\u662f\u7ed9\u670d\u52a1\u5668\u53d1\u9001\u8bf7\u6c42\u3002\u901a\u8fc7\u53d1\u9001\u8bf7\u6c42\u6539\u53d8\u670d\u52a1\u5668\u4e2d\u7684\u6570\u636e\u3002\u4e0a\u9762\u7684\u4f8b\u5b50\u4e2d\u653b\u51fb\u8005\u8bf1\u5bfc\u7528\u6237\u70b9\u51fb\u94fe\u63a5\u8fdb\u884c\u8f6c\u8d26\u64cd\u4f5c\uff0c\u4f7f\u5f97\u94f6\u884c\u6570\u636e\u5e93\u4e2d\u53d7\u5bb3\u8005\u7684\u91d1\u989d\u53d1\u751f\u4e86\u6539\u53d8\u3002<\/p>\n
\u4e86\u89e3\u4e86csrf\u653b\u51fb\u7684\u539f\u7406\u548c\u76ee\u6807\uff0c\u63d0\u51fa\u4e86\u4e24\u79cd\u9632\u5fa1\u624b\u6bb5<\/p>\n
referer \u9a8c\u8bc1<\/h3>\n
\u6839\u636e HTTP \u534f\u8bae\uff0c\u5728 http \u8bf7\u6c42\u5934\u4e2d\u5305\u542b\u4e00\u4e2a referer \u7684\u5b57\u6bb5\uff0c\u8fd9\u4e2a\u5b57\u6bb5\u8bb0\u5f55\u4e86\u8be5 http \u8bf7\u6c42\u7684\u539f\u5730\u5740\u3002\u901a\u5e38\u60c5\u51b5\u4e0b\uff0c\u6267\u884c\u8f6c\u8d26\u64cd\u4f5c\u7684 post \u8bf7\u6c42 www.bank.com<\/code>\/transfer.php \u5e94\u8be5\u662f\u70b9\u51fb www.bank.com<\/code> \u7f51\u9875\u7684\u6309\u94ae\u6765\u89e6\u53d1\u7684\u64cd\u4f5c\uff0c\u8fd9\u4e2a\u65f6\u5019\u8f6c\u8d26\u8bf7\u6c42\u7684 referer \u5e94\u8be5\u662f www.bank.com<\/code>\u3002\u800c\u5982\u679c\u9ed1\u5ba2\u8981\u8fdb\u884c csrf \u653b\u51fb\uff0c\u53ea\u80fd\u5728\u81ea\u5df1\u7684\u7f51\u7ad9 www.hacker.com<\/code> \u4e0a\u4f2a\u9020\u8bf7\u6c42\u3002\u4f2a\u9020\u8bf7\u6c42\u7684 referer \u662f www.hacker.com<\/code>\u3002\u6240\u4ee5\u6211\u4eec\u901a\u8fc7\u5bf9\u6bd4 post \u8bf7\u6c42\u7684 referer \u662f\u4e0d\u662f www.bank.com<\/code> \u5c31\u53ef\u4ee5\u5224\u65ad\u8bf7\u6c42\u662f\u5426\u5408\u6cd5\u3002<\/p>\n\u8fd9\u79cd\u65b9\u5f0f\u9a8c\u8bc1\u6bd4\u8f83\u7b80\u5355\uff0c\u7f51\u7ad9\u5f00\u53d1\u8005\u53ea\u8981\u5728 post \u8bf7\u6c42\u4e4b\u524d\u68c0\u67e5 referer \u5c31\u53ef\u4ee5\uff0c\u4f46\u662f\u7531\u4e8e referer \u662f\u7531\u6d4f\u89c8\u5668\u63d0\u4f9b\u7684\u3002\u867d\u7136 http \u534f\u8bae\u6709\u8981\u6c42\u4e0d\u80fd\u7be1\u6539 referer \u7684\u503c\u3002\u4f46\u662f\u4e00\u4e2a\u7f51\u7ad9\u7684\u5b89\u5168\u6027\u7edd\u5bf9\u4e0d\u80fd\u4ea4\u7531\u5176\u4ed6\u4eba\u5458\u6765\u4fdd\u8bc1\u3002<\/p>\n
token \u9a8c\u8bc1<\/h3>\n
\u4ece\u4e0a\u9762\u7684\u6837\u5f0f\u53ef\u4ee5\u53d1\u73b0\uff0c\u653b\u51fb\u8005\u4f2a\u9020\u4e86\u8f6c\u8d26\u7684\u8868\u5355\uff0c\u90a3\u4e48\u7f51\u7ad9\u53ef\u4ee5\u5728\u8868\u5355\u4e2d\u52a0\u5165\u4e86\u4e00\u4e2a\u968f\u673a\u7684 token \u6765\u9a8c\u8bc1\u3002token \u968f\u7740\u5176\u4ed6\u8bf7\u6c42\u6570\u636e\u4e00\u8d77\u88ab\u63d0\u4ea4\u5230\u670d\u52a1\u5668\u3002\u670d\u52a1\u5668\u901a\u8fc7\u9a8c\u8bc1 token \u7684\u503c\u6765\u5224\u65ad post \u8bf7\u6c42\u662f\u5426\u5408\u6cd5\u3002\u7531\u4e8e\u653b\u51fb\u8005\u6ca1\u6709\u529e\u6cd5\u83b7\u53d6\u5230\u9875\u9762\u4fe1\u606f\uff0c\u6240\u4ee5\u5b83\u6ca1\u6709\u529e\u6cd5\u77e5\u9053 token \u7684\u503c\u3002\u90a3\u4e48\u4f2a\u9020\u7684\u8868\u5355\u4e2d\u5c31\u6ca1\u6709\u8be5 token \u503c\u3002\u670d\u52a1\u5668\u5c31\u53ef\u4ee5\u5224\u65ad\u51fa\u8fd9\u4e2a\u8bf7\u6c42\u662f\u4f2a\u9020\u7684\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
CSRF \u5168\u79f0 Cross Site Request Forgery\uff0c\u8de8\u7ad9\u57df\u8bf7\u6c42\u4f2a\u9020\u3002\u8fd9\u79cd\u653b\u51fb\u65b9\u5f0f\u76f8\u5bf9\u4e8e XS […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[97],"tags":[169],"class_list":["post-552","post","type-post","status-publish","format-standard","hentry","category-tools-skills","tag-csrf"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/552","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=552"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/552\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=552"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=552"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=552"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}