不要小看注释掉的JS
Posted by adminMay 15
HTTP Response Splitting 攻击主要说明的是两个问题
一个是header插入问题。
另一个是\r\n问题。
我们来看这样一段代码:
Java代码
<script> //alert('<%=request.getParameter("username")%>'); </script>
大家都能看到,这好像有个漏洞,但是已经被补上了,注释掉了。
那既然注释掉了,就不该有问题了么?
不是的。
再看这个URL
http://localhost/index.jsp?username=kxlzx%0d%0a%0d%0aalert('kxlzx
很无奈吧?
生成了如下代码:
XML/HTML代码
<script> //alert('kxlzx alert('kxlzx '); </script>
注释掉的JS,也执行了。
所以,不要把没用的代码,注释掉的JS等,扔到html里。
代码审核是个细活,任何疏漏之处都值得注意。
转自:http://www.inbreak.net/show-136-1.html
116 comments
Trackback by Xanax drug test. on April 15, 2010 at 5:26 pm
Xanax 2mg no prescription....
Buy xanax. Xanax online. Cheap xanax. Xanax. Buy xanax without prescription in usa....
Trackback by Buy xanax. on April 16, 2010 at 12:53 pm
Buy xanax....
Buy xanax....
Trackback by Vicodin. on April 17, 2010 at 11:16 am
Effect of vicodin....
Vicodin. Dangers of vicodin. Vicodin detox. No prescription needed vicodin. Vicodin and hydroxyzine. Vicodin withdrawal....
Trackback by Keflex. on April 17, 2010 at 4:31 pm
Keflex administered iv....
Keflex drug toothache. Keflex. Keflex 500mg....
Trackback by Free porn movies. on April 17, 2010 at 11:41 pm
Free porn videos....
Free porn videos. Free porn trailers. Free porn....
Trackback by Animal sex. on April 18, 2010 at 6:01 am
Animal sex....
Animal sex....
Trackback by Horse sex. on April 18, 2010 at 1:20 pm
Horse sex....
Male and male horse sex. Sex with a horse. Gay sex horse. Kinky horse sex. Sex with horse. Horse having sex. Horse sex....
Trackback by Oxycodone. on April 19, 2010 at 9:33 am
Oxycodone er....
Oxycodone addiction. Free oxycodone. Difference between oxycodone and morphine. What is oxycodone. Oxycodone extraction. What is better oxycodone or hydrocodone. Oxycodone....
Trackback by Online casino online gambling. on April 25, 2010 at 5:10 pm
Online casino gambling bonuses....
Online gambling casino. Casino free money online results gambling play. Best casino gambling online player resource. Online casino gambling poker slot. Online casino gambling guide at gambling win com. Online casino gambling poker slots roulette win....
Trackback by Adipex dangers. on April 25, 2010 at 11:36 pm
Adipex....
Adipex without prescription....
Trackback by Animal sex pictures. on April 26, 2010 at 5:31 pm
Sex with animal....
Farm animal and girl sex. Animal sex stories free. Free animal sex http free animal sex pics net. Free mpeg animal sex movies....
Trackback by Cialis soft tabs. on April 27, 2010 at 5:33 pm
Cialis versus levitra....
Cialis....
Trackback by Perocet. on April 28, 2010 at 8:29 am
Perocet....
Can you crush a perocet and inject it. Perocet. Generic perocet....
Trackback by Oxycontin. on April 28, 2010 at 12:34 pm
Discontinued oxycontin....
Oxycontin pill. Oxycontin side effects. Buy oxycontin. Oxycontin. Current reports on oxycontin. Oxycontin mg 210....
Trackback by Carisoprodol. on April 29, 2010 at 12:52 am
Buy carisoprodol online lowest price guarantee....
Carisoprodol soma drug test. Carisoprodol pharmacy. Carisoprodol....
Trackback by Buy meridia online information buy meridia online. on May 5, 2010 at 1:21 pm
Buy cheap meridia....
Meridia. Meridia generic....
Trackback by Tramadol 180 free shipping. on May 7, 2010 at 1:53 am
Tramadol dog....
Buy tramadol online cod. Tramadol....
Trackback by Zolpidem tartrate. on May 7, 2010 at 7:55 pm
Zolpidem tartrate....
Zolpidem tartrate. Zolpidem. Zolpidem heumann....
Trackback by Blowjob. on May 8, 2010 at 3:27 am
Horse blowjob....
Free blowjob. Blowjob. How to give a blowjob. Amateur blowjob. Blowjob videos....
Trackback by Vicodin without a prescription. on July 9, 2010 at 11:05 pm
Vicodin online....
Vicodin interaction with metropolol. Vicodin....
Trackback by Animals and women and sex. on July 10, 2010 at 8:18 am
Animals sex....
Girls having sex with animals. Sex animals. Human sex with animals. Having sex with animals....
Trackback by Blowjob. on July 10, 2010 at 6:47 pm
Blowjob....
Blowjob video free. Blowjob video. Blowjob. How to give a blowjob. Blowjob mpeg. Sample blowjob video....
Trackback by Vicodin. on July 11, 2010 at 7:52 am
Vicodin without prescription....
Vicodin with no membership fees. Vicodin. Pharmacy online no prescription vicodin. Vicodin dependence. Vicodin no prior prescription....
Trackback by Buy xanax. on July 13, 2010 at 9:59 am
Xanax....
Buy xanax. Xanax. Xanax 2mg....
Trackback by Viagra. on July 14, 2010 at 1:09 am
Story comparison viagra....
Viagra. Cheap viagra. Generic viagra. Free viagra. Viagra for order lamisil viagra. Free sample viagra....
Trackback by Ambien sex. on July 14, 2010 at 5:08 pm
Ambien online....
Will ambien show up in a urine test. Ambien next day delivery where us. Does ambien interrupt the menstrual cycle. Addiction to ambien. Ambien....
Trackback by Percocet. on July 14, 2010 at 11:29 pm
Percocet....
Percocet. Percocet vs vicodon. Percocet dependency. Percocet vs. lortabs....
Trackback by Tramadol. on July 15, 2010 at 9:58 am
Tramadol 93....
Tramadol 180. Tramadol fda. Buy tramadol. Tramadol....
Trackback by Ptsd and meridia. on July 15, 2010 at 8:30 pm
Buy meridia cheap....
Meridia....
Trackback by Xanax. on July 16, 2010 at 3:56 am
Pharmacy order generic xanax....
Xanax valium. Purchashing xanax with mastercard. Xanax. Buy xanax online without a prescription....
Trackback by Phentermine. on July 16, 2010 at 8:09 am
Phentermine 37.5....
Phentermine free shipping. Phentermine. Phentermine ionamin. Phentermine obesity....
Trackback by Tramadol. on July 16, 2010 at 11:24 am
Tramadol side effects....
Tramadol side effects. Tramadol....
Trackback by Buy cialis. on July 16, 2010 at 7:44 pm
Cialis....
Taking viagra with cialis. Cialis. Cheap cialis....
Trackback by Cialis best price buy online. on July 16, 2010 at 10:03 pm
Cialis....
Cialis....
Trackback by Levitra. on July 17, 2010 at 10:02 am
Levitra....
Levitra attorneys. Levitra preguntas frecuentes. Why would he have levitra.. Levitra....
Trackback by Xanax prescription. on July 17, 2010 at 11:11 am
Xanax....
How long does xanax stay in your system. Buy xanax. Xanax side effects. Generic xanax 2 mg no prescription. Lethal blood levels of xanax. Xanax no prescription. Xanax. Xanax 180 pills. Buy xanax online....
Trackback by Percocet addiction. on July 17, 2010 at 10:28 pm
Buy percocet online....
Percocet. Percocet addiction. Buy percocet online....
Trackback by Long term percocet withdrawal symptoms. on July 18, 2010 at 8:28 am
Long term percocet withdrawal symptoms....
Prescription meds percocet. Percocet. Long term use of percocet. Compare brand name and generic percocet....
Trackback by Buy cialis. on July 18, 2010 at 1:18 pm
Cialis free sample....
Buy cialis. Cheapest generic cialis. Cialis. Cialis st....
Trackback by Buy generic xanax information. on July 18, 2010 at 2:04 pm
Buy xanax without prescription in usa....
Xanax....
Trackback by Ephedrine products. on July 18, 2010 at 10:18 pm
Ephedrine....
Ephedrine in mexico. Ephedrine. Ephedrine pills. Ephedrine effects....
Trackback by Carisoprodol. on July 19, 2010 at 12:28 am
Certificated online pharmacy search results carisoprodol....
Soma carisoprodol. Carisoprodol....
Trackback by Vicodin. on July 19, 2010 at 10:58 am
Vicodin online....
Signs of vicodin addictio. Vicodin. Vicodin no prescription. Vicodin and no consults and no prescription. Vicodin at overseas pharmacies....
Trackback by Snorting concerta adderall. on July 19, 2010 at 2:19 pm
Adderall idiopathic edema....
Adderall xr. Adderall....
Trackback by Cialis without prescription. on July 19, 2010 at 10:15 pm
Buy cialis....
Generic cialis tadalafil. Cialis online. Cialis. Cialis vs viagra. Cheapest cialis....
Trackback by Cialis prescription. on July 19, 2010 at 10:45 pm
Cialis....
Buy cialis. Cialis. Discount cialis....
Trackback by How to extract acitaminiaphine from percocet. on July 20, 2010 at 12:20 pm
Long term use of percocet....
Percocet online. Percocet....
Trackback by Buy viagra online. on July 20, 2010 at 9:29 pm
Cheap viagra....
Buy viagra online. Story comparison viagra. Best price on viagra. Cialis with viagra. Try viagra for free. Viagra generic....
Trackback by Phentermine diet. on July 21, 2010 at 12:07 am
Effects phentermine....
Order phentermine uk. Phentermine for sale....
Trackback by Fashion bug. on July 21, 2010 at 2:12 am
Fashion modeling....
Fashion designer. Fashion games for girls. 1980s fashion....
Trackback by Oxycodone. on July 21, 2010 at 6:21 am
Oxycodone hci cr....
Withdrawl symptoms from oxycodone. Generic oxycodone. Oxycodone cr amnesia. Oxycodone extraction iv. Fentanyl vs oxycodone. Oxycodone insomnia adverse effects sponsored. Oxycodone. Oxycodone breastfeeding....
Trackback by Viagra uk. on July 21, 2010 at 1:37 pm
Viagra....
Viagra prescription price....
Trackback by Levitra. on July 21, 2010 at 2:53 pm
Levitra....
Levitra....
Trackback by Order phentermine uk. on July 22, 2010 at 2:23 am
Phentermine no prescription....
Discount phentermine....
Trackback by Cialis. on July 22, 2010 at 5:10 pm
Cialis....
Buy cialis. Buy viagra online uk cialis levitra. Cialis. Cheapest cialis. Generic cialis....
Trackback by Cheapest generic cialis. on July 22, 2010 at 9:43 pm
Cialis....
Cialis and addiction. Cialis best price buy online. Taking viagra with cialis. Cialis....
Trackback by Generic viagra. on July 23, 2010 at 1:32 am
Viagra online stores....
Viagra attorneys. Viagra....
Trackback by Vicodin. on July 23, 2010 at 7:45 pm
Vicodin no prescription....
Vicodin. Buy vicodin online without a prescription....
Trackback by Vicodin without prescription. on July 23, 2010 at 9:13 pm
Vicodin....
Signs of vicodin addiction. Vicodin. Vicodin detox. No prescription needed vicodin....
Trackback by Soma to florida. on July 24, 2010 at 7:31 am
Soma....
Diabetes one and soma. Soma next day delievery. Cheap soma. Soma. Suicide with soma....
Trackback by Adipex testimonials. on July 24, 2010 at 12:46 pm
Adipex online....
Adipex. Adipex without a prescription....
Trackback by Viagra. on July 24, 2010 at 1:40 pm
Mexican viagra....
Viagra. Cheap viagra. Re viagra cello. Discount viagra....
Trackback by Pictures of percocet. on July 24, 2010 at 8:53 pm
Percocet....
Does percocet work. Percocet without prescription. Percocet 7.5 generic. How do i get off percocet. Percocet for anxiety. How long is percocet in your system....
Trackback by Vicodin. on July 25, 2010 at 8:03 am
Vicodin military urinalysis....
Vicodin. Buy vicodin no prescription. Symptoms vicodin addiction. Effects of taking vicodin. Snort a vicodin. Vicodin no rx. Buy vicodin....
Trackback by Cialis vs viagra. on July 25, 2010 at 2:05 pm
Cheap cialis....
Buy cialis phentermine. Cialis with viagra. Taking viagra with cialis....
Trackback by Pussy torture. on July 25, 2010 at 8:39 pm
Pussy torture....
Torture methods. Tit torture bdsm. Penis torture. Bondage torture. Torture. Torture sex....
Trackback by Percocet. on July 25, 2010 at 9:54 pm
Percocet....
Prescription meds percocet. Percocet. Percocet 93-490 10 mg....
Trackback by Anal sex. on July 26, 2010 at 7:51 am
Forced anal....
Anal teen. Anal masturbation. Hardcore teen anal. Anal creampie. Anal sex. Anal....
Trackback by Vicodin. on July 26, 2010 at 7:52 am
Buying vicodin online....
Signs of vicodin addiction. Vicodin side effects. Vicodin. Dangers of vicodin. Symptoms vicodin addiction....
Trackback by Soma ironman. on July 26, 2010 at 10:51 am
Soma juice....
Soma next day delievery. Soma labs serogen....
Trackback by Viagra vs cialis. on July 26, 2010 at 7:29 pm
Cialis....
Order cialis online. Cialis discount american pharmacy. Purchase cialis. Cialis best price buy online. Cialis....
Trackback by Animals having sex. on July 27, 2010 at 3:09 am
Sex with animals....
Women having sex with animals. Men having sex with animals. Sex with farm animals....
Trackback by Sex animal. on July 27, 2010 at 11:04 am
Animal sex....
Animal sex galleries. Animal sex pictures. Sex animal sex. Animal sex. Free animal sex movies....
Trackback by Ambien online no prescription overnight delivery. on July 27, 2010 at 12:01 pm
Will ambien show up in a urine test....
Ambien online. Ambien 10mg doseage. Ambien overnight....
Trackback by Where can i buy ambien for next day delivery. on July 27, 2010 at 7:31 pm
Generic ambien....
Ambien online. What is ambien....
Trackback by Cheap zolpidem. on July 28, 2010 at 7:15 am
Zolpidem....
Buy zolpidem. Zolpidem overdose. Zolpidem....
Trackback by Vicodin. on July 28, 2010 at 1:42 pm
Vicodin withdrawal....
Buy vicodin without script. Vicodin at overseas pharmacies. Buy vicodin online without a prescription. Signs of vicodin addictio. Vicodin without prescription....
Trackback by Buy phentermine. on July 28, 2010 at 5:58 pm
Phentermine....
Discount phentermine....
Trackback by Roche xenical. on July 29, 2010 at 9:21 am
Xenical hgh phentermine quit smoking detox....
Xenical no prescription. Xenical hgh phentermine quit smoking detox. Xenical....
Trackback by Diflucan. on July 29, 2010 at 11:56 am
Diflucan and pregnancy....
Diflucan without a prescription. Diflucan prescribing information. Diflucan dosage. Cost of diflucan. Buy diflucan. Side effects of diflucan pills. Diflucan....
Trackback by Diflucan and nystatin. on July 30, 2010 at 11:34 pm
Diflucan....
Diflucan rebate. Diflucan....
Trackback by Britney spears with no underwear. on July 31, 2010 at 2:23 pm
Gay mens underwear....
Men s underwear. Britney spears underwear. Britney spears no underwear. Male underwear....
Trackback by Xanax. on July 31, 2010 at 6:27 pm
Xanax....
Xanax side effects....
Trackback by Britney spears underwear picture. on August 1, 2010 at 12:30 am
Girls in underwear....
Britney spears underwear....
Trackback by Valium 5mg how long in system. on August 1, 2010 at 3:12 am
Internet-rx.com valium....
Valium....
Trackback by Class action lawsuits effexor. on August 1, 2010 at 5:19 pm
Dosage amounts to discontinue effexor....
Effexor. Effexor side effects sweating....
Trackback by Britney spears underwear picture. on August 2, 2010 at 7:46 pm
Britney spears underwear....
Boys underwear. Britney spears without underwear....
Trackback by Burberry prorsum. on August 3, 2010 at 7:40 am
Burberry cuff links....
Burberry purse. Burberry brit. Burberry handbag. Burberry. Burberry bags....
Trackback by Cialis drug contraindications. on August 3, 2010 at 10:16 am
Cheapest cialis....
Cialis 20mg. Cialis online. Cialis forum. Cialis best price buy online. Cialis. Combined cialis viagra....
Trackback by Acomplia. on August 3, 2010 at 2:18 pm
Acomplia....
Acomplia. Buy acomplia online. Obese online pharmacy getpharma acomplia. About diet pill acomplia directory. Best pharmacy to buy acomplia....
Trackback by Britney spears no underwear. on August 3, 2010 at 6:15 pm
Lindsay lohan no underwear....
Gay underwear. Gay men in underwear. Brittany spears underwear. Mens underwear. Brittney spears underwear. Britney spears no underwear....
Trackback by Brittney spears underwear. on August 3, 2010 at 10:07 pm
N2n underwear....
Britney spears no underwear photos. Young girls in underwear. Teenage boys in underwear. Britney without underwear....
Trackback by Mens sexy underwear. on August 4, 2010 at 4:50 am
Mens sexy see through underwear....
Mens underwear....
Trackback by Cialis and addiction. on August 4, 2010 at 9:56 am
Cialis effects....
How cialis works. Cialis best price buy online. Taking viagra with cialis. Cheap cialis. Cialis....
Trackback by Cialis. on August 4, 2010 at 4:28 pm
Cialis....
Buy cialis. Cialis best price buy online. Cialis....
Trackback by Boys tiger print underwear. on August 4, 2010 at 5:43 pm
Tiger underwear....
Tiger underwear store. Boys tiger print underwear. Tiger tattoo underwear model. Tiger underwear....
Trackback by Britney spears underwear. on August 5, 2010 at 4:14 pm
Brittney spears underwear....
Britney spears underwear. Britney spears no underwear. Men sexy underwear. Brittany spears underwear. Gay underwear. Brittney spears underwear. Britney spears without underwear....
Trackback by Xenical hgh phentermine quit smoking detox. on August 5, 2010 at 6:05 pm
Xenical hgh phentermine quit smoking detox....
Xenical canadian. Using xenical phentermine same time. Xenical. Xenical success stories. Xenical hgh phentermine quit smoking detox. Buy xenical not from canada without rx....
Trackback by Potty training underwear for boys. on August 5, 2010 at 7:11 pm
Gay boys in underwear....
Boys in underwear....
Trackback by Britney spears in her underwear. on August 6, 2010 at 2:39 am
Britney spears underwear....
Male underwear. Britany spears no underwear....
Trackback by Men underwear. on August 6, 2010 at 1:03 pm
Men underwear....
Men underwear....
Trackback by Lipitor vytorin heart attack. on August 6, 2010 at 6:30 pm
Lipitor....
Alternatives for lipitor. Lipitor generic. Lipitor....
Trackback by Brittney spears no underwear. on August 7, 2010 at 3:03 am
Britney spears no underwear photo....
Teen underwear. Underwear. Britney spears underwear. Britney spears no underwear....
Trackback by Cheap xanax. on August 7, 2010 at 11:54 am
Xanax....
Xanax xr crushed. Xanax 2 mg 180 pills. Xanax. Effects of xanax. No prescription xanax....
Trackback by Britney spears no underwear. on August 8, 2010 at 1:53 am
Britney spears no underwear pics....
Britney spears without underwear. Underwear. Britney spears no underwear....
Trackback by Boys in underwear. on August 8, 2010 at 8:12 am
Women underwear....
Underwear....
Trackback by What is tramadol. on August 10, 2010 at 2:07 pm
Tramadol 93....
Tramadol discussion. Tramadol....
Trackback by Purchase vicodin. on August 11, 2010 at 5:40 pm
Vicodin....
Vicodin....
Trackback by Britney spears underwear. on August 12, 2010 at 12:09 am
Britney spears no underwear....
Britney spears underwear. Britney spears no underwear picture. Jockey underwear. Long underwear....
Trackback by See thru underwear. on August 12, 2010 at 11:49 am
Underwear....
Britney no underwear....
Trackback by Jockey underwear. on August 12, 2010 at 9:03 pm
Bulge in men underwear....
Britney spears no underwear. Bulging underwear....
Trackback by Britney spears no underwear. on August 13, 2010 at 2:54 am
Brittney spears underwear....
Britney spears no underwear photo. Britney spears underwear. Underwear. Gay underwear fetish. Britney spears no underwear. Male underwear....
Trackback by Information about vicodin. on August 14, 2010 at 6:35 pm
Vicodin....
Buy vicodin online. Effect of vicodin. Purchase vicodin. Vicodin no prescription. Vicodin without prescription. Vicodin m357....
Trackback by Italian designer shoes at a bargain. on August 27, 2010 at 4:43 pm
Designer replica shoes....
Coach designer shoes online catalog. Designer shoes. Designer womens shoes....
Trackback by Fashion accessories fashion accessories. on August 28, 2010 at 6:12 pm
Indian fashion accessories....
Hair accessories fashion way have. Lefashionista fashion accessories....
Trackback by Gay teen in underwear. on September 1, 2010 at 11:37 am
Men's bulging underwear....
Britney spears no underwear. Mens underwear. Mens bikini underwear. Men underwear gallery. Women in underwear. Mens sexy underwear. Men's underwear....
You must be logged in to post a comment.