Inputting
would generate the following GET request to the server:
http://publicpages.
university.edu/~someuser/LearningPhp.php?input=
As before, the PHP application simply places the user input back into the response.
This time, the browser thinks the user input is JavaScript instructions, and the browser
believes that the script came from the server (because technically speaking it did) and
executes the JavaScript. Figure 2-3 illustrates what the user would see.
The HTML code for the page illustrated in Figure 2-3 is shown next. The user input
is in boldface.
your input was: "".
Figure 2-3 The result of injecting into http://public-pages.university.edu/
~someuser/LearningPhp.php.
36 Hacking Exposed Web 2.0
This example is a reflected HTML injection because the user sent JavaScript in an HTTP
request and the web application immediately responded (or reflected) the exact same
JavaScript. To execute this script, any user needs only click the following link:
http://publicpages.
university.edu/~someuser/LearningPhp.php?input=
From an attacker??™s perspective, it??™s very important that HTML injection involves a
single-click or many of predictable clicks that can be performed by a malicious web page.
Pages:
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108