Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions

Prev | Current Page 99 | Next

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"

Sometimes simple HTML injection test strings like
do not work because the test strings do not appear in the HTML body of the response.
For instance, imagine that a request to http://search.engine.com/search?p=
responded with your HTML injection string placed in
a pre-populated form field, like so:

Unfortunately, the script tags are treated as a string for the form input field and not
executed. Instead, try http://search.engine.com/search?p=???>. This might respond with the HTML:
">
Note that the script tags are no longer locked within the value parameter and can
now be executed.
To illustrate the many different places where user input can be injected and how you
can inject HTML via user input, consider the following HTTP request and response pair
that places user input into 10 different places within the response. Suppose a user made
the following request:
http://somewhere.com/s?a1=USER_INPUT1&a2=USER_INPUT2&a3=USER_INPUT3&
a4=USER_INPUT4&a5=USER_INPUT5&a6=USER_INPUT6&a7=USER_INPUT7&
a8=USER_INPUT8&a9=USER_INPUT9&a10=USER_INPUT10
38 Hacking Exposed Web 2.

Pages:
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111

After the Rain : how the West lost the East (page 313) A History of Indian Philosophy, Volume 1 (page 1037) The Adventures of Tom Sawyer, Part 3. (page 9)

Books for you

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"