Explain the common network attack methods:XSS attack, SQL injection, CSRF attack, DDOS attack and DNS hijacking.
XSS Attack
Full name cross-site scripting attack Cross Site Scripting
In order to distinguish it from the overlapping style sheet CSS
, another abbreviation name was changed to XSS
XSS
Attackers tamper with web pages and inject malicious HTML
scripts, usually javascript
. When users browse web pages, they control the user’s browser to perform malicious actions. An attack method that operates
XSS
attacks are often used in forums, blogs and other applications. Attackers can steal users’ Cookie
, passwords and other important data, and then forge transactions, steal user property, steal intelligence and other private information
Just like the picture above, if the user enters not normal text in the comment box, but a javascript
script, and the user’s data is not processed in the background and is directly stored in the database, then When other users come to visit this page, the browser will inevitably execute this script.
Of course, this is just a bad taste, and real hackers will not only satisfy such bad taste, but may also want to obtain your personal information
through these injection scripts
, even your account password and other information
As can be seen from the above picture, the user actually introduced a third-party script when commenting. In this script, the cookie
information of your browser is obtained and sent to the specified interface for saving and processing. In this way, you information has been leaked
//Logic in attack.js var uname = $.cookie('username'); // Get account var pwd = $.cookie('password'); // Get password // send request $('body').appendTo('');
In the above logic, the script obtains your personal information and sends your personal information to the back-end php
file for processing and saving. In this way, your personal information has been leaked, so avoid xss attack
is very important in network security
Therefore, the backend should never trust the data submitted by the user. When receiving the information submitted by the user, it must perform disinfection
That is to say, filter some special characters, such as <>
in the javascript
script, transfer <>
and then store it, so that it can be effectively performed xss
attack prevention
In addition, if the HttpOnly
attribute is set in cookie
, then the cookie
information cannot be read through the js
script, so It can also effectively prevent XSS
attacks from stealing cookie
content.
SQL injection
SQL injection
attack refers to the attacker injecting malicious SQL
commands into the HTTP
request, and the server uses the request parameters to construct the database SQL
command, malicious SQL
is constructed together and executed in the database in order to obtain interesting data in the database or perform sensitive operations such as reading, modifying, deleting, and inserting on the database. This results in data being tampered with at will.
However, SQL injection
attacks require the attacker to have some knowledge of the database tables. For example, if your project is open source
and you accidentally disclose the database account and password; in addition, you If the website is online without Turn off debugging mode
, interested people can guess the table structure based on the error echo of the website; in addition, there is blind injection
, which means many interested people will know Blindly guess the data table structure, but this is the most difficult
SQL injection
can be prevented through pre-compilation. Binding parameters is the best way to prevent SQL
injection. Nowadays, popular frameworks basically implement SQL pre-compilation
and parameter binding
. Maliciously attacked SQL
will be treated as SQL
code> parameters instead of the SQL
command is executed
# SQL to obtain user information normally select * from users where id=1 # If 1 or 1=1 is injected into sql, all data in the user table can be found, leading to data leakage. select * from users where id=1 or 1=1
CSRF attacks
CSRF
stands for Cross Site Request Forgery
. Attackers use cross-site requests to perform illegal operations as legitimate users, such as transferring money, posting comments, etc. Its core is to use the browser Cookie
or the server’s Session
policy to steal the user’s identity information.
When opening A website
, open another Tab page
and open the malicious Website B
. At this time, on B page
With malicious intent
, the browser initiates a HTTP
request to Website A
Because A website
has been opened before, the browser stores Cookie
or other information used for identity authentication in A website
. This time it is Requests with malicious intentions
will automatically carry this information, which will lead to identity hijacking and result in operation results that are not intended by the user.
The defense strategies corresponding to CSRF attack
include: form token
, Verification code
, Referer detection
, etc.
DDOS Attack
DDOS
stands for Distributed Denial of Service, distributed denial of service attack
. It is an upgraded version of the denial of service attack. Denial of service attack is actually to prevent your service from providing services to users normally. DDOS
stands for Distributed Denial of Service, distributed denial of service attack
. It is an upgraded version of the denial of service attack. A denial of service attack actually means that your service cannot provide services to users normally.
It is very easy to initiate a DoS attack
in the early stage. You only need to write a program to overload the service and have no time to provide normal services. That is, requesting the service multiple times in one second will overwhelm the target server. memory run
Later, with the development of technology, today’s servers are all distributed, and there is no single server providing services. There are countless CDN nodes
behind a service, and there are countless Web server
. Trying to attack this kind of distributed network with a single server is tantamount to attacking a rock with an egg
, and many DDOS attacks
are not free now, so it is easy to steal the chicken. Eclipse rice
Defense methods: With the development of technology today, it is not possible to completely prevent the occurrence of such attacks, and can only be mitigated through technology. These include: Traffic Cleaning
, SYN Cookie
, etc.
DNS Hijacking
In today’s Internet traffic, the traffic generated by Web services
, mainly HTTP/HTTPS
, accounts for the vast majority
The development of Web services
is in full swing, and an unknown contributor behind it is the domain name resolution system. DNS
provides the ability to convert domain names into ip addresses
service, each domain name resolution must go through DNS
, so you can see its importance
Precisely because of its importance, DNS hijacking
can easily be exploited by people with ulterior motives.
In the early days, security was not considered too much, so DNS
was easily hijacked.
If an attacker tamperes with the DNS resolution
settings and points the domain name from a normal IP
to an illegal IP
controlled by the attacker, it will cause us to access the domain name. is not the corresponding website, but a fake or website with ulterior motives. This attack method is DNS hijacking
If an attacker tamperes with the DNS resolution
settings and points the domain name from a normal IP
to an illegal IP
controlled by the attacker, it will cause us to access the domain name. is not the corresponding website, but a fake or website with ulterior motives. This attack method is DNS hijacking
If an attacker tamperes with the DNS resolution
settings and points the domain name from a normal IP
to an illegal IP
controlled by the attacker, it will cause us to access the domain name. is not the corresponding website, but a fake or website with ulterior motives. This attack method is DNS hijacking
You can also install an SSL certificate
. The SSL certificate has a server identity authentication function, which can enable connection errors caused by DNS hijacking to be discovered and terminated in a timely manner
Reposted from: Understanding XSS attacks, SQL injection, CSRF attacks, DDOS attacks and DNS hijacking in one article – Zhihu
The knowledge points of the article match the official knowledge files, and you can further learn relevant knowledge. MySQL entry skill treeSQL advanced skillsCTE and recursive query 75586 people are learning the system